• Registrarse
  • Iniciar sesión


  • Resultados 1 al 4 de 4

    COMBOFIX REPORTE Y problema de publicidad, adds molestos, spyware y java

    Hola Buenas noches, tengo un problema con mi ordenador, desde hace algun tiempo que cada pagina que abro sale publicidad viral con ruido, como en you tube no puedo esuchar los videos por una publicidad ...

    1. #1
      Usuario Avatar de almendraquijano
      Registrado
      mar 2013
      Ubicación
      mexico
      Mensajes
      2

      Alegria COMBOFIX REPORTE Y problema de publicidad, adds molestos, spyware y java

      Hola Buenas noches, tengo un problema con mi ordenador, desde hace algun tiempo que cada pagina que abro sale publicidad viral con ruido, como en you tube no puedo esuchar los videos por una publicidad de un satelite es super molesto, igual abro una pagina y salen las pop ups, ya no las aguanto, no se mucho de computadoras pero estuve leyendo y segun son spyware o malware, y encontre una pagina donde me recomendaron el COMBOFIX y lo baje inmediatamente pero luego me puse a investigar y se que hace un escaneo de toda la computadora, luego genera un reporte y que lo tenia que poner aqui para que me ayuden a solucionarlo con los expertos, espero que sean de ayuda ya que desinstale mis antivirus, tengo el avast y baje tambien el addaware y ese no funciono, espero que me ayuden por favor, saludos y que les vaya bonito.

      TENGO UNA DUDA SOBRE LA SEGURIDADM TENGO QUE MANDAR EL REPORTE AQUI?????
      PORQUE TIENE UNOS NUMEROS E INFORMACION DE MI COMPUTADORA, NO VAYA SER INFO PERSONAL DE MI COMPU Y LA HACKEN, LA VERDAD NOSE MUCHO DE ESTO, AVISEN, GRACIAS!

    2. #2
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: COMBOFIX REPORTE Y problema de publicidad, adds molestos, spyware y java

      Hola almendraquijano

      al Foro.

      Consejos para antes de publicar un nuevo mensaje

      Políticas del Foro de InfoSpyware

      Políticas Foro Oficial de HijackThis en español
      --------------------------------------------------


      Pega los reportes en tu próxima respuesta.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de almendraquijano
      Registrado
      mar 2013
      Ubicación
      mexico
      Mensajes
      2

      Re: COMBOFIX REPORTE Y problema de publicidad, adds molestos, spyware y java

      HOLA BUENOS DIAS, TE MANDO EL REPORTE QUE SE GENERO DEL COMBOFIX ESPERO SU RESPUESTA Y MUCHAS GRACIAS!!!!



      ComboFix 13-03-21.01 - estrella 21/03/2013 16:25:27.1.2 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.1033.18.3003.1743 [GMT -6:00]
      Running from: c:\users\estrella\Downloads\ComboFix.exe
      AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
      FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
      SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      C:\install.exe
      c:\program files (x86)\BrowserCompanion
      c:\program files (x86)\BrowserCompanion\BCHelper.exe
      c:\program files (x86)\BrowserCompanion\blabbers-ch.crx
      c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi
      c:\program files (x86)\BrowserCompanion\jsloader.dll
      c:\program files (x86)\BrowserCompanion\logo.ico
      c:\program files (x86)\BrowserCompanion\sqlite3.dll
      c:\program files (x86)\BrowserCompanion\tdataprotocol.dll
      c:\program files (x86)\BrowserCompanion\toolbar.dll
      c:\program files (x86)\BrowserCompanion\uninstall.exe
      c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll
      c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_1
      c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_2
      c:\program files (x86)\BrowserCompanion\updater.ini
      c:\program files (x86)\BrowserCompanion\widgetserv.exe
      c:\program files (x86)\facemoods.com
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.8\facemoods.crx
      c:\program files (x86)\facemoods.com\facemoods\1.4.17.8\facemoods.png
      c:\program files (x86)\HappyLyrics\hpPYlrc.dll
      c:\users\estrella\AppData\Roaming\Microsoft\Windows\Recent\photo.php.url
      c:\users\estrella\Documents\~WRL2060.tmp
      c:\users\estrella\Documents\~WRL2142.tmp
      c:\windows\SysWow64\tempdir
      c:\windows\SysWow64\tempdir\tinypdf.chm
      c:\windows\SysWow64\tempdir\tinypdf.dll
      c:\windows\SysWow64\tempdir\tinypdf1.dll
      c:\windows\SysWow64\tempdir\tinypdf2.dll
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-02-21 to 2013-03-21 )))))))))))))))))))))))))))))))
      .
      .
      2013-03-21 22:38 . 2013-03-21 22:38 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-03-21 21:33 . 2013-03-21 21:33 -------- d-s---w- c:\windows\SysWow64\Microsoft
      2013-03-20 06:36 . 2013-03-20 06:36 -------- d-----w- c:\users\estrella\AppData\Roaming\LavasoftStatistics
      2013-03-20 06:36 . 2013-03-20 06:36 -------- d-----w- c:\programdata\Ad-Aware Antivirus
      2013-03-20 06:30 . 2013-03-20 06:30 -------- d-----w- c:\programdata\Lavasoft
      2013-03-20 06:30 . 2013-03-20 06:36 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
      2013-03-20 06:28 . 2013-03-20 06:28 -------- d-----w- c:\programdata\Downloaded Installations
      2013-03-20 06:28 . 2013-03-20 06:28 -------- d-----w- c:\programdata\Search Protection
      2013-03-20 06:28 . 2013-03-20 06:28 -------- d-----w- c:\users\estrella\AppData\Local\adawarebp
      2013-03-20 06:28 . 2013-03-20 06:28 -------- d-----w- c:\programdata\blekko toolbars
      2013-03-20 06:28 . 2013-03-20 06:28 -------- d-----w- c:\programdata\adawaretb
      2013-03-20 06:28 . 2013-03-20 06:28 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
      2013-03-20 06:28 . 2013-03-20 06:28 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
      2013-03-20 06:27 . 2013-03-20 06:28 -------- d-----w- c:\program files (x86)\adawaretb
      2013-03-20 06:23 . 2013-03-20 06:23 47496 ----a-w- c:\windows\system32\sbbd.exe
      2013-03-20 06:23 . 2013-03-20 06:23 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
      2013-03-20 06:23 . 2013-03-20 06:40 -------- d-----w- c:\users\estrella\AppData\Roaming\Ad-Aware Antivirus
      2013-03-19 19:54 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{27D37423-FB56-40CD-B831-60EDE0DEA85B}\mpengine.dll
      2013-03-18 01:59 . 2013-03-18 01:59 -------- d-----w- c:\program files (x86)\FLV Media Player
      2013-03-18 01:58 . 2013-03-21 22:37 -------- d-----w- c:\program files (x86)\HappyLyrics
      2013-03-13 18:06 . 2013-02-02 07:31 17815040 ----a-w- c:\windows\system32\mshtml.dll
      2013-03-13 18:06 . 2013-02-02 06:58 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2013-03-13 17:24 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
      2013-03-13 15:31 . 2013-03-13 15:31 -------- d-----w- c:\programdata\PopCap Games
      2013-03-13 15:30 . 2013-03-13 15:30 -------- d-----w- c:\program files (x86)\Plantas Contra Zombis
      2013-02-27 05:38 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
      2013-02-27 05:38 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
      2013-02-27 05:38 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
      2013-02-27 05:38 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-03-21 22:39 . 2012-08-26 19:45 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
      2013-03-13 18:11 . 2010-09-09 14:00 72013344 ----a-w- c:\windows\system32\MRT.exe
      2013-03-13 03:09 . 2012-11-15 05:17 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-03-13 03:09 . 2011-07-31 05:28 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-03-06 23:32 . 2011-01-15 06:11 287840 ----a-w- c:\windows\system32\aswBoot.exe
      2013-02-12 05:45 . 2013-03-13 15:28 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
      2013-02-12 05:45 . 2013-03-13 15:28 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
      2013-02-12 05:45 . 2013-03-13 15:28 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
      2013-02-12 05:45 . 2013-03-13 15:28 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
      2013-02-12 04:48 . 2013-03-13 15:28 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
      2013-02-12 04:48 . 2013-03-13 15:28 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
      2013-01-17 07:28 . 2010-09-27 03:23 273840 ------w- c:\windows\system32\MpSigStub.exe
      2013-01-05 05:53 . 2013-02-14 20:19 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-01-05 05:00 . 2013-02-14 20:19 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2013-01-05 05:00 . 2013-02-14 20:19 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2013-01-04 05:46 . 2013-02-14 20:18 215040 ----a-w- c:\windows\system32\winsrv.dll
      2013-01-04 04:51 . 2013-02-14 20:18 5120 ----a-w- c:\windows\SysWow64\wow32.dll
      2013-01-04 04:43 . 2013-02-14 20:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2013-01-04 03:26 . 2013-02-14 20:18 3153408 ----a-w- c:\windows\system32\win32k.sys
      2013-01-04 02:47 . 2013-02-14 20:18 25600 ----a-w- c:\windows\SysWow64\setup16.exe
      2013-01-04 02:47 . 2013-02-14 20:18 7680 ----a-w- c:\windows\SysWow64\instnm.exe
      2013-01-04 02:47 . 2013-02-14 20:18 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-01-04 02:47 . 2013-02-14 20:18 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
      2013-01-03 06:00 . 2013-02-14 20:17 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-01-03 06:00 . 2013-02-14 20:17 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-12-23 19:39 . 2012-12-23 19:39 95184 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-12-23 19:39 . 2012-08-23 21:14 859072 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-12-23 19:39 . 2010-09-09 14:04 779704 ----a-w- c:\windows\SysWow64\deployJava1.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
      2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
      2013-02-11 10:47 87464 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
      2012-12-11 01:32 1520840 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-11 1520840]
      "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2013-02-11 87464]
      .
      [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
      [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
      [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
      [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
      .
      [HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\estrella\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\estrella\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\estrella\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
      "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-10-13 307768]
      "Facebook Update"="c:\users\estrella\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-14 138096]
      "Spotify Web Helper"="c:\users\estrella\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-12 932528]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
      "Browser Infrastructure Helper"="c:\users\estrella\AppData\Local\Smartbar\Application\Smartbar.exe" [2013-02-27 20272]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
      "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
      "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
      "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
      "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
      "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
      "PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792]
      "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
      "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-08-30 979328]
      "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-12-11 1573576]
      "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-01-31 542632]
      "SearchProtection"="c:\programdata\Search Protection\_run.bat" [2013-03-20 168]
      .
      c:\users\estrella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dropbox.lnk - c:\users\estrella\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
      Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
      @="Ad-Aware Service"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
      @="Service"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
      @="Service"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
      @="Driver"
      .
      S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
      S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-02-21 1236336]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2009-08-20 21:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-03-21 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-15 03:09]
      .
      2013-03-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4239277028-1077529035-1086971393-1000Core.job
      - c:\users\estrella\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-22 18:15]
      .
      2013-03-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4239277028-1077529035-1086971393-1000UA.job
      - c:\users\estrella\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-22 18:15]
      .
      2013-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 14:57]
      .
      2013-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 14:57]
      .
      2013-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4239277028-1077529035-1086971393-1000Core.job
      - c:\users\estrella\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 16:52]
      .
      2013-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4239277028-1077529035-1086971393-1000UA.job
      - c:\users\estrella\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 16:52]
      .
      2013-03-21 c:\windows\Tasks\Happy Lyrics Update.job
      - c:\program files (x86)\HappyLyrics\HLUpdater.exe [2013-02-27 22:28]
      .
      2013-03-14 c:\windows\Tasks\HPCeeScheduleForestrella.job
      - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 04:15]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\estrella\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\estrella\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\estrella\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\estrella\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-07-14 495104]
      "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-01 171520]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 162328]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 386584]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 417304]
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
      FontCache
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=308CB2FEFF6060E17DB5D0514956DD52
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      uSearchAssistant = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=MX&userid=06c55f1f-ee25-4fe7-b2d2-143776d5f10b&sp=addr&q={searchTerms}&t=b0304
      IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 200.79.231.5 200.79.231.6 200.79.231.6
      Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
      Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
      Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
      FF - ProfilePath - c:\users\estrella\AppData\Roaming\Mozilla\Firefox\Profiles\7zk5t2up.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
      FF - prefs.js: browser.search.selectedEngine - SecureSearch
      FF - prefs.js: browser.startup.homepage - hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=308CB2FEFF6060E17DB5D0514956DD52
      FF - prefs.js: keyword.URL - hxxp://lavasoft.blekko.com/ws/?source=f439e2c0&tbp=url&toolbarid=adawaretb&u=308CB2FEFF6060E17DB5D0514956DD52&q=
      FF - prefs.js: network.proxy.type - 0
      FF - ExtSQL: 2013-03-07 08:29; {06c55f1f-ee25-4fe7-b2d2-143776d5f10b}; c:\users\estrella\AppData\Roaming\Mozilla\Firefox\Profiles\7zk5t2up.default\extensions\{06c55f1f-ee25-4fe7-b2d2-143776d5f10b}
      FF - ExtSQL: 2013-03-17 19:58; [email protected]; c:\program files (x86)\HappyLyrics\FF
      FF - ExtSQL: 2013-03-20 00:27; {87934c42-161d-45bc-8cef-ef18abe2a30c}; c:\users\estrella\AppData\Roaming\Mozilla\Firefox\Profiles\7zk5t2up.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
      FF - ExtSQL: 2013-03-20 00:28; [email protected]; c:\users\estrella\AppData\Roaming\Mozilla\Firefox\Profiles\7zk5t2up.default\extensions\[email protected]
      FF - user.js: extensions.autoDisableScopes - 0
      FF - user.js: extensions.shownSelectionUI - true
      .
      - - - - ORPHANS REMOVED - - - -
      .
      BHO-{00cbb66b-1d3b-46d3-9577-323a336acb50} - c:\program files (x86)\BrowserCompanion\jsloader.dll
      BHO-{59C0C5BD-2579-433A-BBB8-AFFD59642BAF} - c:\program files (x86)\HappyLyrics\hppylrc.dll
      Toolbar-10 - (no file)
      Toolbar-!{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
      Wow6432Node-HKCU-Run-HPADVISOR - c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      Wow6432Node-HKCU-Run-ISUSPM - c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
      Wow6432Node-HKLM-Run-Browser companion helper - c:\program files (x86)\BrowserCompanion\BCHelper.exe
      Wow6432Node-HKLM-Run-<NO NAME> - (no file)
      Toolbar-10 - (no file)
      Toolbar-!{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
      WebBrowser-{EE0D8B11-0028-4D51-AD4D-381EFC1D6D1F} - (no file)
      HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
      AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
      AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
      "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2013-03-21 16:50:01
      ComboFix-quarantined-files.txt 2013-03-21 22:50
      .
      Pre-Run: 177,938,350,080 bytes free
      Post-Run: 179,308,826,624 bytes free
      .
      - - End Of File - - 58D4296277C02D659BDF57FE803906CB

    4. #4
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: COMBOFIX REPORTE Y problema de publicidad, adds molestos, spyware y java

      Hola almendraquijano:


      Realiza lo siguiente:

      Desinstala Con Revo Uninstaller seleccionando su Modo Avanzado cuando te lo solicite:

      Lavasoft Ad-Aware

      Manual de Revo Uninstaller


      Luego realizas lo siguiente:

      Paso 1.- Descarga instala y/o actualiza pero no ejecutes aún:




      Paso 2.- Ejecutas en Modo Normal :

      Ccleaner:

      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).
      • No es necesario ese reporte.



      AdwCleaner:

      • Desactive temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierre todos los programas que tenga abiertos.
      • Ejecute Adwcleaner. (Si usa Windows Vista o 7 presione clic derecho y seleccione "Ejecutar como Administrador.")
      • En la ventana del programa pulsar el botón Supresión.
      • Siga las instrucciones, si le pide Reiniciar el Sistema >>> Presione Aceptar.
      • Luego de reiniciar se abrirá un Block de Notas con el reporte, que debe pegar en su próxima respuesta.
      • El mismo se encuentra en C:\AdwCleaner[S1].txt



      Malwarebytes' Anti-Malware:

      • Realizas un Scan Completo.
      • Marcar la opción "Quitar lo Seleccionado".
      • Su Reporte luego de reiniciar lo encuentra en la Pestaña Registro.




      Paso 3.- Luego de reiniciar descarga >> SecurityCheck.exe en el escritorio.

      • Haz doble clic en la herramienta. (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsa una tecla y espera a que se analice el equipo.
      • Cuando termine el proceso se abrirá un informe.


      En tu próximo post pegas los reportes y nos comentas como sigue el equipo.




      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.