• Registrarse
  • Iniciar sesión


  • Resultados 1 al 4 de 4

    Se abren páginas solas cuando navego en internet!

    Buenas, mi problema es que cuando navego por Internet de la nada se abren pop-ups de páginas XXX. Esto muy incómodo y molesto, porque puede prestarse para malos entendidos Quisiera que me ayudaran a solucionar ...

    1. #1
      Usuario Avatar de Diegox159
      Registrado
      ago 2010
      Ubicación
      Chile
      Mensajes
      18

      Atención Se abren páginas solas cuando navego en internet!

      Buenas, mi problema es que cuando navego por Internet de la nada se abren pop-ups de páginas XXX.
      Esto muy incómodo y molesto, porque puede prestarse para malos entendidos

      Quisiera que me ayudaran a solucionar mi problema, esperando respuestas.

      Diego

    2. #2
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Se abren páginas solas cuando navego en internet!

      Buenas

      Realiza el siguiente procedimiento:


      Paso 1

      Descarga a tu escritorio:




      Paso 2


      Ejecuta en orden:


      AT - Destroyer


      • Ejecuta la herramienta como administrador.
      • (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Aparecerá el Disclaimer de la herramienta. Presiona .
      • Presiona sobre la opción 1 (Buscar y Destruir)
      • La herramienta desconectará el escritorio moméntaneamente.
      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.
      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta.


      Ccleaner


      • En su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos..
      • En su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

      ComboFix


      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas y programas
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones. Si pide actualizar "Update" aceptas.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación, de no ser así lo reinicias manualmente.
        • Al finalizar el trabajo Comobofix generara un registro en C:\ComboFix.txt.






      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.




      *Nota* Si este procedimiento Falla, Intenta ingresar en Modo Seguro con funciones de red y Ejecutas las herramientas siguiendo las mismas instrucciones.


      Paso 3


      En Tu próxima respuesta, debes poner los reportes de AT - Destroyer y ComboFix, que se encuentra en C:\ComboFix.txt Y Comentarnos Como funciona el sistema el relación al problema inicial.



      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Diegox159
      Registrado
      ago 2010
      Ubicación
      Chile
      Mensajes
      18

      Re: Se abren páginas solas cuando navego en internet!

      Hola, muchas gracias por responder... hice todo lo que dijiste y a continuación adjunto los informes:

      AT-Destroyer

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 13:57:11 \\\ 29/01/2013
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:18.0.1.4764
      Google Chrome:24.0.1312.56
      Privilegios: Diego - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: DIEGO-PC
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:Diego
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Program Files (x86)\Conduit\Community Alerts 92
      C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll 92
      C:\Program Files (x86)\Conduit 92


      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {D4027C7F-154A-4066-A1AD-4243D8127440}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-1472468573-3129760702-893437190-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<

      user_pref("aol_toolbar.default.homepage.check", false);
      user_pref("browser.startup.homepage", "http://www.google.cl/");
      user_pref("browser.startup.homepage_override.buildID", "20130116073211");
      user_pref("browser.startup.homepage_override.mstone", "18.0.1");
      user_pref("pref.browser.homepage.disable_button.current_page", false);
      user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      C:\Program Files (x86)\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      C:\Program Files (x86)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
      C:\Program Files (x86)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@raidcall.en/RCplugin

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\6
      C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
      C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhpgolofjlpnkdafbgejgnclbjnpgfee
      C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
      C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp

      ======== Listado ===========

      [01-05-2012 14:51] [01-05-2012 13:15] [DI] C:\Users\Diego\AppData\Roaming\AeroRainbow
      [20-06-2012 18:34] [01-05-2012 16:46] [DI] C:\Users\Diego\AppData\Roaming\ArcSoft
      [24-01-2013 22:10] [16-01-2013 16:36] [DI] C:\Users\Diego\AppData\Roaming\BitTorrent
      [24-01-2013 16:02] [07-07-2012 20:56] [DI] C:\Users\Diego\AppData\Roaming\DAEMON Tools Lite
      [04-11-2012 14:06] [04-11-2012 13:59] [DI] C:\Users\Diego\AppData\Roaming\DivX
      [02-11-2012 20:02] [02-11-2012 10:56] [DI] C:\Users\Diego\AppData\Roaming\DMCache
      [10-07-2012 19:00] [10-07-2012 19:00] [DI] C:\Users\Diego\AppData\Roaming\FreeAudioPack
      [26-10-2012 15:22] [26-10-2012 15:22] [DI] C:\Users\Diego\AppData\Roaming\GameRanger
      [ 01-05-2012 5:10] [ 01-05-2012 5:10] [DI] C:\Users\Diego\AppData\Roaming\Identities
      [01-05-2012 16:47] [01-05-2012 16:47] [DI] C:\Users\Diego\AppData\Roaming\InstallShield
      [01-05-2012 14:19] [01-05-2012 14:19] [DI] C:\Users\Diego\AppData\Roaming\Macromedia
      [24-01-2013 14:30] [24-01-2013 14:30] [DI] C:\Users\Diego\AppData\Roaming\Malwarebytes
      [ 14-07-2009 6:10] [ 01-05-2012 5:09] [DI] C:\Users\Diego\AppData\Roaming\Media Center Programs
      [24-01-2013 16:02] [10-01-2013 15:17] [DI] C:\Users\Diego\AppData\Roaming\Media Player Classic
      [06-12-2012 16:15] [01-05-2012 5:09] [SDI] C:\Users\Diego\AppData\Roaming\Microsoft
      [02-11-2012 19:50] [02-11-2012 19:46] [DI] C:\Users\Diego\AppData\Roaming\Mipony
      [17-01-2013 18:44] [29-06-2012 18:30] [DI] C:\Users\Diego\AppData\Roaming\Mozilla
      [22-09-2012 16:52] [22-09-2012 16:52] [DI] C:\Users\Diego\AppData\Roaming\mp3DirectCut
      [28-01-2013 23:08] [01-05-2012 18:27] [DI] C:\Users\Diego\AppData\Roaming\Mp3tag
      [ 06-05-2012 0:29] [ 06-05-2012 0:27] [DI] C:\Users\Diego\AppData\Roaming\Nero
      [19-09-2012 13:09] [17-09-2012 17:17] [DI] C:\Users\Diego\AppData\Roaming\Nokia
      [19-09-2012 13:09] [17-09-2012 17:17] [DI] C:\Users\Diego\AppData\Roaming\Nokia Suite
      [24-01-2013 14:41] [24-01-2013 14:41] [DI] C:\Users\Diego\AppData\Roaming\Panda Security
      [18-09-2012 17:57] [17-09-2012 13:52] [DI] C:\Users\Diego\AppData\Roaming\PC Suite
      [02-01-2013 12:34] [02-01-2013 12:34] [DI] C:\Users\Diego\AppData\Roaming\raidcall
      [24-11-2012 13:39] [24-11-2012 13:39] [DI] C:\Users\Diego\AppData\Roaming\RCKR
      [10-12-2012 23:43] [10-12-2012 23:43] [DI] C:\Users\Diego\AppData\Roaming\SendSpace
      [17-11-2012 18:36] [17-11-2012 18:36] [DI] C:\Users\Diego\AppData\Roaming\Stardock
      C:\Users\Diego\AppData\Roaming\Stardockfences_debug_snapshot.dat [AI] 0 bytes ( )
      [12-08-2012 20:40] [12-08-2012 20:11] [DI] C:\Users\Diego\AppData\Roaming\Steinberg
      [11-10-2012 16:17] [11-10-2012 16:17] [DI] C:\Users\Diego\AppData\Roaming\Thunderbird
      [05-08-2012 18:37] [05-08-2012 18:15] [DI] C:\Users\Diego\AppData\Roaming\Uniblue
      [12-08-2012 20:40] [12-08-2012 20:40] [DI] C:\Users\Diego\AppData\Roaming\VST3 Presets
      [01-05-2012 14:20] [01-05-2012 13:39] [DI] C:\Users\Diego\AppData\Roaming\WinRAR
      [17-10-2012 20:50] [17-10-2012 20:50] [DI] C:\Users\Diego\AppData\Roaming\Xilisoft
      [30-11-2012 16:04] [30-11-2012 16:04] [D] C:\Program Files (x86)\Adobe
      [01-05-2012 16:45] [01-05-2012 16:43] [D] C:\Program Files (x86)\ArcSoft
      [01-05-2012 13:23] [01-05-2012 13:23] [D] C:\Program Files (x86)\Ares
      [16-01-2013 16:37] [16-01-2013 16:37] [D] C:\Program Files (x86)\BitTorrent
      [16-01-2013 16:38] [16-01-2013 16:38] [D] C:\Program Files (x86)\BittorrentBar_ES
      [10-01-2013 15:17] [10-01-2013 15:17] [D] C:\Program Files (x86)\Combined Community Codec Pack
      [13-01-2013 13:48] [13-07-2009 23:20] [D] C:\Program Files (x86)\Common Files
      [07-07-2012 20:56] [07-07-2012 20:56] [D] C:\Program Files (x86)\DAEMON Tools Lite
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [12-08-2012 22:15] [12-08-2012 22:15] [D] C:\Program Files (x86)\DigiTech
      [22-11-2012 18:40] [04-11-2012 13:56] [D] C:\Program Files (x86)\DivX
      [06-12-2012 15:51] [01-05-2012 15:40] [D] C:\Program Files (x86)\DsNET Corp
      [22-11-2012 18:40] [10-07-2012 19:00] [D] C:\Program Files (x86)\Easy Audio Mp3 Wma Ogg Cutter
      [20-01-2013 22:56] [20-01-2013 22:56] [D] C:\Program Files (x86)\Easy MP3 Cutter
      [12-08-2012 20:18] [12-08-2012 20:09] [D] C:\Program Files (x86)\eLicenser
      [01-05-2012 15:29] [01-05-2012 15:29] [D] C:\Program Files (x86)\FileZilla FTP Client
      [10-10-2012 22:20] [12-07-2012 14:09] [D] C:\Program Files (x86)\Google
      [01-05-2012 13:08] [01-05-2012 13:08] [D] C:\Program Files (x86)\Guitar Pro 5
      [23-10-2012 14:48] [23-10-2012 14:47] [D] C:\Program Files (x86)\Halo Custom Edition
      [01-05-2012 16:47] [01-05-2012 16:47] [D] C:\Program Files (x86)\HP Button Manager
      [16-11-2012 23:53] [01-05-2012 16:20] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [11-12-2012 18:24] [13-07-2009 23:20] [D] C:\Program Files (x86)\Internet Explorer
      [16-10-2012 22:07] [16-06-2012 20:35] [D] C:\Program Files (x86)\Java
      [28-01-2013 21:14] [01-05-2012 13:34] [D] C:\Program Files (x86)\JDownloader
      [25-01-2013 22:31] [16-07-2012 20:06] [D] C:\Program Files (x86)\Last.fm
      [01-05-2012 14:28] [01-05-2012 14:28] [D] C:\Program Files (x86)\Microsoft Analysis Services
      [13-01-2013 14:21] [22-10-2012 19:38] [D] C:\Program Files (x86)\Microsoft Games
      [01-05-2012 14:27] [01-05-2012 14:27] [D] C:\Program Files (x86)\Microsoft Office
      [09-05-2012 19:12] [09-05-2012 19:12] [D] C:\Program Files (x86)\Microsoft Silverlight
      [01-05-2012 14:30] [01-05-2012 14:30] [D] C:\Program Files (x86)\Microsoft Visual Studio 8
      [10-11-2012 18:00] [10-11-2012 18:00] [D] C:\Program Files (x86)\Microsoft XNA
      [01-05-2012 18:26] [01-05-2012 15:19] [D] C:\Program Files (x86)\Microsoft.NET
      [10-12-2012 23:43] [10-12-2012 23:43] [D] C:\Program Files (x86)\MocaFlix
      [18-01-2013 23:49] [18-01-2013 23:49] [D] C:\Program Files (x86)\Mozilla Firefox
      [19-01-2013 11:23] [01-05-2012 12:53] [D] C:\Program Files (x86)\Mozilla Maintenance Service
      [04-11-2012 14:00] [11-10-2012 16:17] [D] C:\Program Files (x86)\Mozilla Thunderbird
      [22-09-2012 16:51] [22-09-2012 16:51] [D] C:\Program Files (x86)\mp3DirectCut
      [01-05-2012 13:39] [01-05-2012 13:39] [D] C:\Program Files (x86)\MP3Gain
      [24-12-2012 18:20] [01-05-2012 18:25] [D] C:\Program Files (x86)\Mp3tag
      [01-05-2012 15:19] [14-07-2009 1:32] [D] C:\Program Files (x86)\MSBuild
      [18-09-2012 12:22] [18-09-2012 12:22] [D] C:\Program Files (x86)\MSXML 4.0
      [06-05-2012 0:27] [06-05-2012 0:27] [D] C:\Program Files (x86)\Nero
      [23-09-2012 0:19] [23-09-2012 0:12] [D] C:\Program Files (x86)\No$GBA 2.6a
      [19-09-2012 13:12] [17-09-2012 13:47] [D] C:\Program Files (x86)\Nokia
      [24-01-2013 19:15] [24-01-2013 14:39] [D] C:\Program Files (x86)\Panda Security
      [02-01-2013 12:37] [24-11-2012 13:39] [D] C:\Program Files (x86)\RaidCall
      [14-07-2009 1:32] [14-07-2009 1:32] [D] C:\Program Files (x86)\Reference Assemblies
      [12-08-2012 20:12] [12-08-2012 20:11] [D] C:\Program Files (x86)\Steinberg
      [12-08-2012 20:09] [12-08-2012 20:09] [D] C:\Program Files (x86)\Syncrosoft
      [17-11-2012 11:48] [24-10-2012 20:55] [D] C:\Program Files (x86)\SystemRequirementsLab
      [23-10-2012 18:11] [05-08-2012 18:14] [D] C:\Program Files (x86)\Uniblue
      [14-07-2009 0:57] [14-07-2009 0:57] [HD] C:\Program Files (x86)\Uninstall Information
      [01-11-2012 20:19] [01-11-2012 20:19] [D] C:\Program Files (x86)\Unlocker
      [27-11-2012 22:03] [27-11-2012 22:02] [D] C:\Program Files (x86)\VBA Link
      [14-07-2009 5:30] [14-07-2009 1:32] [D] C:\Program Files (x86)\Windows Defender
      [01-05-2012 17:48] [13-07-2009 23:20] [D] C:\Program Files (x86)\Windows Mail
      [01-05-2012 17:48] [14-07-2009 1:32] [D] C:\Program Files (x86)\Windows Media Player
      [14-07-2009 1:32] [13-07-2009 23:20] [D] C:\Program Files (x86)\Windows NT
      [01-05-2012 17:48] [14-07-2009 1:32] [D] C:\Program Files (x86)\Windows Photo Viewer
      [01-05-2012 17:48] [14-07-2009 1:32] [D] C:\Program Files (x86)\Windows Portable Devices
      [01-05-2012 17:48] [14-07-2009 1:32] [D] C:\Program Files (x86)\Windows Sidebar
      [17-10-2012 20:49] [17-10-2012 20:49] [D] C:\Program Files (x86)\Xilisoft
      [25-09-2012 21:34] [25-09-2012 21:34] [D] C:\Program Files (x86)\Xiph.Org
      [11-12-2012 15:02] [01-05-2012 21:33] [D] C:\Program Files (x86)\Yuna Software
      [22-11-2012 18:39] [06-07-2012 22:29] [D] C:\Program Files (x86)\Yursoft
      [16-11-2012 23:58] [16-11-2012 23:58] [DI] C:\ProgramData\Age of Empires 3
      [01-05-2012 12:59] [01-05-2012 12:59] [DI] C:\ProgramData\Alwil Software
      [28-09-2012 21:35] [28-09-2012 21:35] [DI] C:\ProgramData\APN
      [14-07-2009 1:08] [14-07-2009 1:08] [HSDLI] C:\ProgramData\Application Data
      [20-06-2012 18:34] [01-05-2012 16:44] [DI] C:\ProgramData\ArcSoft
      [01-05-2012 15:40] [01-05-2012 15:40] [DI] C:\ProgramData\Ask
      [09-01-2013 20:24] [10-12-2012 23:42] [DI] C:\ProgramData\Browse2save
      [17-11-2012 18:36] [17-11-2012 18:36] [HD] C:\ProgramData\Common Files
      [07-07-2012 20:58] [07-07-2012 20:55] [DI] C:\ProgramData\DAEMON Tools Lite
      [01-05-2012 5:09] [01-05-2012 5:09] [HSDLI] C:\ProgramData\Datos de programa
      [14-07-2009 1:08] [14-07-2009 1:08] [HSDLI] C:\ProgramData\Desktop
      [22-11-2012 18:41] [04-11-2012 13:54] [DI] C:\ProgramData\DivX
      [01-05-2012 5:09] [01-05-2012 5:09] [HSDLI] C:\ProgramData\Documentos
      [14-07-2009 1:08] [14-07-2009 1:08] [HSDLI] C:\ProgramData\Documents
      [23-06-2012 23:16] [23-06-2012 23:15] [DI] C:\ProgramData\DriverGenius
      [12-08-2012 20:11] [12-08-2012 20:09] [DI] C:\ProgramData\eLicenser
      [01-05-2012 5:09] [01-05-2012 5:09] [HSDLI] C:\ProgramData\Escritorio
      [14-07-2009 1:08] [14-07-2009 1:08] [HSDLI] C:\ProgramData\Favorites
      [01-05-2012 5:09] [01-05-2012 5:09] [HSDLI] C:\ProgramData\Favoritos
      [10-12-2012 23:43] [10-12-2012 23:41] [DI] C:\ProgramData\InstallMate
      [16-07-2012 20:08] [16-07-2012 20:08] [DI] C:\ProgramData\Last.fm
      [24-01-2013 14:30] [24-01-2013 14:30] [DI] C:\ProgramData\Malwarebytes
      [01-05-2012 5:09] [01-05-2012 5:09] [HSDLI] C:\ProgramData\Menú Inicio
      [10-12-2012 21:45] [13-07-2009 23:20] [SDI] C:\ProgramData\Microsoft
      [09-01-2013 13:42] [01-05-2012 14:27] [DI] C:\ProgramData\Microsoft Help
      [01-05-2012 12:53] [01-05-2012 12:53] [DI] C:\ProgramData\Mozilla
      [19-09-2012 13:09] [17-09-2012 13:52] [DI] C:\ProgramData\Nokia
      [17-09-2012 13:47] [17-09-2012 13:47] [DI] C:\ProgramData\NokiaInstallerCache
      [24-01-2013 14:39] [24-01-2013 14:39] [DI] C:\ProgramData\Panda Security
      [17-09-2012 17:19] [17-09-2012 13:52] [DI] C:\ProgramData\PC Suite
      [17-10-2012 21:10] [17-10-2012 21:10] [DI] C:\ProgramData\Pinnacle
      [01-05-2012 5:09] [01-05-2012 5:09] [HSDLI] C:\ProgramData\Plantillas
      [10-12-2012 23:43] [10-12-2012 23:43] [DI] C:\ProgramData\Premium
      [17-11-2012 21:29] [17-11-2012 21:29] [DI] C:\ProgramData\Stardock
      [14-07-2009 1:08] [14-07-2009 1:08] [HSDLI] C:\ProgramData\Start Menu
      [12-08-2012 20:12] [12-08-2012 20:12] [DI] C:\ProgramData\Steinberg
      [01-05-2012 13:37] [01-05-2012 13:37] [DI] C:\ProgramData\Sun
      [12-08-2012 20:11] [12-08-2012 20:11] [DI] C:\ProgramData\Syncrosoft
      [14-07-2009 1:08] [14-07-2009 1:08] [HSDLI] C:\ProgramData\Templates
      [01-05-2012 16:20] [01-05-2012 16:20] [DI] C:\ProgramData\TP-LINK
      [17-10-2012 20:49] [17-10-2012 20:49] [DI] C:\ProgramData\Xilisoft
      [12-08-2012 21:57] [12-08-2012 21:57] [HDC] C:\ProgramData\{BD2649A9-179F-4792-9820-1D7E71B661D9}
      [12-08-2012 22:15] [12-08-2012 22:15] [HDC] C:\ProgramData\{C5EE6DA0-A057-4009-BADC-FB7523A5715F}

      ==================== EOF ==================
      ComboFix

      ComboFix 13-01-14.01 - Diego 29-01-2013 14:42:15.1.4 - x64
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.56.3082.18.3839.2610 [GMT -3:00]
      Running from: c:\users\Diego\Desktop\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\windows\7Loader.TAG
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-12-28 to 2013-01-29 )))))))))))))))))))))))))))))))
      .
      .
      2071-07-25 12:13 . 2006-11-21 23:48 203576 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
      2013-01-29 16:56 . 2013-01-29 16:57 -------- d-----w- C:\_AT-Destroyer
      2013-01-29 16:49 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8C6946D6-AA2D-419A-99F1-A324FE59767F}\mpengine.dll
      2013-01-24 17:40 . 2013-01-24 17:40 -------- d-----w- c:\users\Diego\AppData\Roaming\Panda Security
      2013-01-24 17:39 . 2013-01-24 22:15 -------- d-----w- c:\program files (x86)\Panda Security
      2013-01-24 17:39 . 2013-01-24 17:39 -------- d-----w- c:\programdata\Panda Security
      2013-01-24 17:30 . 2013-01-24 17:30 -------- d-----w- c:\users\Diego\AppData\Roaming\Malwarebytes
      2013-01-24 17:30 . 2013-01-24 17:30 -------- d-----w- c:\programdata\Malwarebytes
      2013-01-21 01:56 . 2013-01-21 01:56 -------- d-----w- c:\program files (x86)\Easy MP3 Cutter
      2013-01-16 19:38 . 2013-01-16 19:38 -------- d-----w- c:\users\Diego\AppData\Local\CRE
      2013-01-16 19:38 . 2013-01-16 19:38 -------- d-----w- c:\users\Diego\AppData\Local\Conduit
      2013-01-16 19:38 . 2013-01-16 19:38 -------- d-----w- c:\program files (x86)\BittorrentBar_ES
      2013-01-16 19:37 . 2013-01-16 19:37 -------- d-----w- c:\program files (x86)\BitTorrent
      2013-01-16 19:36 . 2013-01-29 17:37 -------- d-----w- c:\users\Diego\AppData\Roaming\BitTorrent
      2013-01-13 17:21 . 2012-12-18 14:03 105540 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\Games\Forgotten Empires\Data\language_x1_p1.dll
      2013-01-13 17:15 . 2012-12-14 01:57 90513 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\age2_x1\miniupnpc.dll
      2013-01-13 17:05 . 2012-12-29 00:42 372224 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\Resources\installer\fix.exe
      2013-01-13 17:05 . 2012-12-28 19:06 5170858 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\AoFE_Launcher.exe
      2013-01-13 17:05 . 2010-11-18 23:27 587776 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\Resources\installer\7za.exe
      2013-01-13 17:05 . 2009-08-04 11:09 78848 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\Resources\installer\Archive.dll
      2013-01-13 17:05 . 2007-05-28 18:59 43008 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\Resources\installer\39dll.dll
      2013-01-10 18:17 . 2013-01-24 19:02 -------- d-----w- c:\users\Diego\AppData\Roaming\Media Player Classic
      2013-01-10 18:17 . 2013-01-10 18:17 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack
      2013-01-09 16:31 . 2012-11-30 02:44 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-01-09 16:29 . 2012-12-07 11:20 30720 ----a-w- c:\windows\system32\usk.rs
      2013-01-09 16:28 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
      2013-01-09 16:28 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
      2013-01-09 02:02 . 2013-01-09 02:02 44544 ----a-w- c:\windows\SysWow64\aticalcl.dll
      2013-01-09 02:02 . 2013-01-09 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
      2013-01-09 02:02 . 2013-01-09 02:02 13402112 ----a-w- c:\windows\SysWow64\aticaldd.dll
      2013-01-09 02:02 . 2013-01-09 02:02 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
      2013-01-09 02:02 . 2013-01-09 02:02 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
      2013-01-09 02:02 . 2013-01-09 02:02 364544 ----a-w- c:\windows\SysWow64\atiadlxy.dll
      2013-01-09 02:02 . 2013-01-09 02:02 159744 ----a-w- c:\windows\system32\atiapfxx.exe
      2013-01-02 15:34 . 2013-01-02 15:34 -------- d-----w- c:\users\Diego\AppData\Roaming\raidcall
      2013-01-02 15:31 . 2012-12-29 00:42 372224 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\age2_x1\Fix.exe
      2013-01-02 15:31 . 2012-07-13 23:13 778752 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\age2_x1\Xwndmode.dll
      2013-01-02 15:31 . 2012-12-26 17:46 2969600 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\age2_x1\age2_x2.exe
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-01-09 23:14 . 2012-05-01 18:12 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-01-09 23:14 . 2012-05-01 18:12 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-01-09 15:30 . 2012-05-01 17:25 67599240 ----a-w- c:\windows\system32\MRT.exe
      2013-01-09 02:03 . 2012-08-05 22:52 55296 ----a-w- c:\windows\system32\atiuxp64.dll
      2013-01-09 02:03 . 2012-08-05 22:52 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll
      2013-01-09 02:03 . 2012-08-05 22:52 45056 ----a-w- c:\windows\system32\atiu9p64.dll
      2013-01-09 02:03 . 2009-08-18 06:36 514048 ----a-w- c:\windows\system32\atieclxx.exe
      2013-01-09 02:03 . 2009-08-18 06:36 238080 ----a-w- c:\windows\system32\atiesrxx.exe
      2013-01-09 02:03 . 2009-07-13 21:59 7510528 ----a-w- c:\windows\system32\atidxx64.dll
      2013-01-09 02:03 . 2012-08-05 22:51 918528 ----a-w- c:\windows\SysWow64\aticfx32.dll
      2013-01-09 02:03 . 2012-08-05 22:51 6811648 ----a-w- c:\windows\SysWow64\atidxx32.dll
      2013-01-09 02:03 . 2012-08-05 22:51 1081856 ----a-w- c:\windows\system32\aticfx64.dll
      2013-01-09 02:02 . 2009-08-18 05:52 535552 ----a-w- c:\windows\system32\atiadlxx.dll
      2012-12-16 17:11 . 2012-12-23 02:06 46080 ----a-w- c:\windows\system32\atmlib.dll
      2012-12-16 14:45 . 2012-12-23 02:06 367616 ----a-w- c:\windows\system32\atmfd.dll
      2012-12-16 14:13 . 2012-12-23 02:06 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
      2012-12-16 14:13 . 2012-12-23 02:06 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      2012-11-30 19:01 . 2012-11-30 19:01 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
      2012-11-30 19:01 . 2012-11-30 19:01 289768 ----a-w- c:\windows\system32\javaws.exe
      2012-11-30 19:01 . 2012-11-30 19:01 189416 ----a-w- c:\windows\system32\javaw.exe
      2012-11-30 19:01 . 2012-11-30 19:01 188904 ----a-w- c:\windows\system32\java.exe
      2012-11-30 19:01 . 2012-11-30 19:01 916456 ----a-w- c:\windows\system32\deployJava1.dll
      2012-11-30 19:01 . 2012-11-30 19:01 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
      2012-11-30 04:45 . 2013-01-09 16:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-11-22 17:41 . 2012-11-22 17:41 35328 ----a-w- c:\windows\system32\drivers\pmserenum.sys
      2012-11-14 07:06 . 2012-12-11 18:15 17811968 ----a-w- c:\windows\system32\mshtml.dll
      2012-11-14 06:32 . 2012-12-11 18:15 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-11-14 06:11 . 2012-12-11 18:15 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-11-14 06:04 . 2012-12-11 18:15 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-11-14 06:04 . 2012-12-11 18:15 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-11-14 06:02 . 2012-12-11 18:15 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-11-14 06:02 . 2012-12-11 18:15 237056 ----a-w- c:\windows\system32\url.dll
      2012-11-14 05:59 . 2012-12-11 18:15 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-11-14 05:58 . 2012-12-11 18:15 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-11-14 05:57 . 2012-12-11 18:15 599040 ----a-w- c:\windows\system32\vbscript.dll
      2012-11-14 05:57 . 2012-12-11 18:15 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-11-14 05:55 . 2012-12-11 18:15 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-11-14 05:55 . 2012-12-11 18:15 729088 ----a-w- c:\windows\system32\msfeeds.dll
      2012-11-14 05:53 . 2012-12-11 18:15 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-11-14 05:52 . 2012-12-11 18:15 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-11-14 05:46 . 2012-12-11 18:15 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-11-14 02:09 . 2012-12-11 18:15 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-11-14 01:58 . 2012-12-11 18:15 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-11-14 01:57 . 2012-12-11 18:15 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-11-14 01:49 . 2012-12-11 18:15 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-11-14 01:48 . 2012-12-11 18:15 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-11-14 01:44 . 2012-12-11 18:15 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-11-09 05:45 . 2012-12-11 18:12 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-11-09 04:42 . 2012-12-11 18:12 2048 ----a-w- c:\windows\SysWow64\tzres.dll
      2012-11-02 05:59 . 2012-12-11 18:10 478208 ----a-w- c:\windows\system32\dpnet.dll
      2012-11-02 05:11 . 2012-12-11 18:10 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
      .
      .
      ------- Sigcheck -------
      Note: Unsigned files aren't necessarily malware.
      .
      [7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
      [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
      [-] 2012-05-26 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
      .
      [-] 2012-05-26 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
      [7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
      [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
      "{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}"= "c:\program files (x86)\BittorrentBar_ES\prxtbBitt.dll" [2011-05-09 176936]
      .
      [HKEY_CLASSES_ROOT\clsid\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}]
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}]
      2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\BittorrentBar_ES\prxtbBitt.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}"= "c:\program files (x86)\BittorrentBar_ES\prxtbBitt.dll" [2011-05-09 176936]
      .
      [HKEY_CLASSES_ROOT\clsid\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
      "Powersuite Monitor"="c:\program files (x86)\Uniblue\Powersuite\powersuite_monitor.exe" [2012-09-13 323936]
      "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
      .
      c:\users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      AeroRainbow.lnk - c:\users\Diego\AppData\Roaming\AeroRainbow\AeroRainbow.exe [2011-8-29 576000]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      "AppInit_DLLs"=c:\progra~2\MocaFlix\sprotector.dll
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 KMService;KMService; [x]
      R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
      R3 Synth3dVsc;Synth3dVsc; [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
      R3 tsusbhub;tsusbhub; [x]
      R3 VGPU;VGPU; [x]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1255736]
      S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-10-27 36520]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-08 283200]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-01-09 238080]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
      S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
      S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
      S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [2012-08-05 18832]
      S3 pmserenum;PenMount Serial Device Enumeration Service;c:\windows\system32\DRIVERS\pmserenum.sys [2012-11-22 35328]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-09-18 726160]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-01-23 20:26 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 23:14]
      .
      2013-01-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1472468573-3129760702-893437190-1000Core.job
      - c:\users\Diego\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-18 17:29]
      .
      2013-01-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1472468573-3129760702-893437190-1000UA.job
      - c:\users\Diego\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-18 17:29]
      .
      2013-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-12 18:09]
      .
      2013-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-12 18:09]
      .
      2013-01-29 c:\windows\Tasks\OptimizerProUpdaterTask{34A3AE28-08CE-482C-A454-32EF2D72CE5A}.job
      - c:\programdata\Premium\OptimizerPro\OptimizerPro.exe [2012-12-11 14:50]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-18 12503184]
      "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
      .
      ------- Supplementary Scan -------
      .
      uStart Page = www.google.com
      mStart Page = www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = <local>
      IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
      TCP: DhcpNameServer = 200.28.4.129 200.28.4.130
      FF - ProfilePath - c:\users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\dq9ejf0e.default\
      FF - prefs.js: browser.search.defaulturl - www.Google.com
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
      FF - ExtSQL: 2013-01-11 13:36; {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      FF - ExtSQL: 2013-01-11 13:36; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
      FF - ExtSQL: 2013-01-11 13:36; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
      FF - ExtSQL: 2013-01-17 18:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\dq9ejf0e.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      FF - ExtSQL: 2013-01-20 23:22; {d359add5-fac1-4d59-b2c5-ec5753587cc2}; c:\users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\dq9ejf0e.default\extensions\{d359add5-fac1-4d59-b2c5-ec5753587cc2}
      .
      - - - - ORPHANS REMOVED - - - -
      .
      URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
      WebBrowser-{AD06FB5F-FEF7-4A84-8C58-DCA34F8E3D36} - (no file)
      AddRemove-{10CD364B-FFCC-48BE-B469-B9622A033075} - c:\programdata\{3FEE7452-4825-40BC-8A99-94EF27F43EE8}\FencesInstaller.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\Alwil Software\Avast5\AvastSvc.exe
      c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
      c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      .
      **************************************************************************
      .
      Completion time: 2013-01-29 14:52:22 - machine was rebooted
      ComboFix-quarantined-files.txt 2013-01-29 17:52
      .
      Pre-Run: 713.943.027.712 bytes libres
      Post-Run: 713.538.654.208 bytes libres
      .
      - - End Of File - - 341245CE99FE4D770B31A8345839454B

    4. #4
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Se abren páginas solas cuando navego en internet!

      Buenas, como funciona él navegador?
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.