• Registrarse
  • Iniciar sesión


  • Resultados 1 al 2 de 2

    ya puedo eliminarlo!!!

    ComboFix 17-11-14.01 - USER 21/11/2017 21:57:12.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.51.3082.18.3273.1918 [GMT -5:00] Running from: c:\users\USER\Desktop\combofix-17-5-4-1.exe AV: ESET NOD32 Antivirus *Disabled/Outdated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} SP: ESET NOD32 Antivirus *Disabled/Outdated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ...

    1. #1
      Usuario Avatar de jorgeslash
      Registrado
      nov 2017
      Ubicación
      peru
      Mensajes
      1

      ya puedo eliminarlo!!!

      ComboFix 17-11-14.01 - USER 21/11/2017 21:57:12.1.2 - x64
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.51.3082.18.3273.1918 [GMT -5:00]
      Running from: c:\users\USER\Desktop\combofix-17-5-4-1.exe
      AV: ESET NOD32 Antivirus *Disabled/Outdated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
      SP: ESET NOD32 Antivirus *Disabled/Outdated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\windows\system\bdt52exf.dll
      c:\windows\system\bivbx31.32n
      c:\windows\winhelp.ini
      .
      .
      ((((((((((((((((((((((((( Files Created from 2017-10-22 to 2017-11-22 )))))))))))))))))))))))))))))))
      .
      .
      2017-11-22 03:03 . 2017-11-22 03:03 -------- d-----w- c:\users\Default\AppData\Local\temp
      2017-11-22 02:58 . 2017-11-22 02:58 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0EDEA4A-2B57-4468-B6E7-CA5DDBB6A1A0}\offreg.1724.dll
      2017-11-22 02:46 . 2017-11-22 02:46 -------- d-----w- c:\users\USER\AppData\Local\Diagnostics
      2017-11-22 02:44 . 2017-11-22 02:44 -------- d-----w- c:\program files (x86)\Common Files\Java
      2017-11-22 02:43 . 2017-11-22 02:43 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2017-11-22 02:43 . 2017-10-03 04:21 111016 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
      2017-11-22 02:42 . 2017-11-22 02:42 -------- d-----w- c:\programdata\Oracle
      2017-11-22 01:02 . 2017-11-15 13:59 53008 ----a-w- c:\windows\system32\TURegOpt.exe
      2017-11-22 01:02 . 2017-11-15 13:56 44304 ----a-w- c:\windows\system32\authuitu.dll
      2017-11-22 01:02 . 2017-11-15 13:56 42256 ----a-w- c:\windows\SysWow64\authuitu.dll
      2017-11-22 00:51 . 2017-11-22 01:01 -------- d-----w- c:\program files (x86)\AVG
      2017-11-22 00:50 . 2017-11-22 01:01 -------- d-----w- c:\users\USER\AppData\Local\Avg
      2017-11-22 00:50 . 2017-11-22 01:01 -------- d-----w- c:\programdata\Avg
      2017-11-22 00:50 . 2017-11-22 00:50 -------- d--h--w- c:\programdata\Common Files
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2017-11-22 02:35 . 2016-01-19 19:59 65536 ----a-w- c:\windows\system32\spu_storage.bin
      2017-10-13 21:21 . 2017-10-13 21:21 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0EDEA4A-2B57-4468-B6E7-CA5DDBB6A1A0}\offreg.4872.dll
      2017-10-03 04:21 . 2017-10-03 04:21 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
      2017-10-03 04:21 . 2017-10-03 04:21 313256 ----a-w- c:\windows\system32\javaws.exe
      2017-10-03 04:21 . 2017-10-03 04:21 191400 ----a-w- c:\windows\system32\javaw.exe
      2017-10-03 04:21 . 2017-10-03 04:21 190888 ----a-w- c:\windows\system32\java.exe
      2017-09-26 08:41 . 2017-09-26 08:41 13482976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0EDEA4A-2B57-4468-B6E7-CA5DDBB6A1A0}\mpengine.dll
      .
      .
      ------- Sigcheck -------
      Note: Unsigned files aren't necessarily malware.
      .
      [7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
      [-] 2010-11-21 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
      .
      [-] 2016-01-19 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
      [7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-09-06 587288]
      .
      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2014-02-08 1193352]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux1"=wdmaud.drv
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
      R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
      R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
      R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
      R4 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [x]
      R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
      S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
      S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
      S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
      S1 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
      S2 avgsvc;AVG Service;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe [x]
      S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
      S2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [x]
      S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
      S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
      S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
      S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2017-11-16 01:06 1509208 ----a-w- c:\program files (x86)\Google\Chrome\Application\62.0.3202.94\Installer\chrmstp.exe
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
      2017-08-24 12:10 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2017-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 18:58]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "AvgUi"="c:\program files (x86)\AVG\Framework\Common\avguirna.exe" [2017-10-31 239592]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: &Enviar a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
      Trusted Zone: eset.com\help
      TCP: DhcpNameServer = 192.168.0.1
      .
      - - - - ORPHANS REMOVED - - - -
      .
      ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
      @Denied: (A) (Everyone)
      "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
      @Denied: (A) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
      "Key"="ActionsPane3"
      "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2017-11-21 22:05:00
      ComboFix-quarantined-files.txt 2017-11-22 03:05
      .
      Pre-Run: 190,237,593,600 bytes libres
      Post-Run: 190,265,417,728 bytes libres
      .
      - - End Of File - - E7547E996D9E95D193AD5C98CDC2BB23
      A36C5E4F47E84449FF07ED3517B43A31

    2. #2
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.191

      Re: ya puedo eliminarlo!!!

      Hola jorgeslash , bienvenido a Forospyware.

      ¿Que quieres eliminar?.

      Debes usar el desinstalador de Eset NOD32 para eliminar los restos de ese programa, por cierto.

      Un saludo.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.