ATAQUES MASIVOS A MI ORDENADOR.

Cerrado
Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por msc hotline sat » 03 Sep 2015, 07:57

Pues prueba lo que indican en este video: (despues de la publicidad, claro !)





http://www.youtube.com/watch?v=Y9jDX7pcwPY





Espero que te sirva.



saludos



ms, 3-9-2015

Avatar de Usuario
flacoroo
Mensajes: 6289
Registrado: 09 Mar 2004, 20:32
Ubicación: Paso del Macho,Ver.México

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por flacoroo » 03 Sep 2015, 16:35

bajate la nueva versión de [url=https://toolslib.net/downloads/viewdownload/1-adwcleaner/]adwcleaner[/url] y lo ejecutas encendiendo tu compu en modo seguro.



Ademas tambien bajate este programa [url=https://www.sophos.com/en-us/products/free-tools/virus-removal-tool.aspx]Sophos virus removal tools[/url] lo instalas y lo ejecutas en modo seguro, tarda en escanear pero muy efectivo.



Saludos
:lol: :lol: La vida es hermosa....para que complicarnosla :lol: :lol:

Renata
Mensajes: 183
Registrado: 02 Jun 2008, 02:10

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por Renata » 03 Sep 2015, 20:52

Buenas tardes, agradecida por su apoyo y sintiéndome liberada de tanto bicho.



Lo primero fue pasar el limpiador, me detectó 8 virus, archivos dañados y muchas cosas malas en el pc. Después pasé descargué el antivirus BULA-Shopos, lo dejé escaneando mientras salí a almorzar y ahora, al regresar, encuentro el pc como una sedita, suave, terso y vivo. Pude desinstalar el BroBrowser de programas y por lo que veo, los problemas están superados.

Ahora mi pregunta es: ¿Puedo dejar el Shopos como mi antivirus único? o.. activo el que siempre he tenido.



Enviaré la MUESTRA que encontré en el archivo.



Mil y mil gracias, Dios les pague, ustedes son los aliados que necesitamos en cualquier parte del mundo.



Con todo cariño y gratitud, abrazo para toda la familia SATINFO y zona virus. Se los quiere mucho desde el otro lado del mundo. :D :roll: :D



Renata-



2015-09-03 16:57:07.047 Sophos Virus Removal Tool version 2.5.4

2015-09-03 16:57:07.047 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.



2015-09-03 16:57:07.047 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.



2015-09-03 16:57:07.047 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64

2015-09-03 16:57:07.047 Checking for updates...

2015-09-03 16:57:10.542 Update progress: proxy server not available

2015-09-03 16:57:38.546 Option all = no

2015-09-03 16:57:38.546 Option recurse = yes

2015-09-03 16:57:38.546 Option archive = no

2015-09-03 16:57:38.546 Option service = yes

2015-09-03 16:57:38.546 Option confirm = yes

2015-09-03 16:57:38.546 Option sxl = yes

2015-09-03 16:57:38.546 Option max-data-age = 35

2015-09-03 16:57:38.546 Option EnableSafeClean = yes

2015-09-03 16:57:40.590 Option vdl-logging = yes

2015-09-03 16:57:40.605 Customer ID: 094260ca9b3af99f9d4a3909fc47a743

2015-09-03 16:57:40.605 Machine ID: 8c1a3f8d20d2494f8086cb4dadaeb316

2015-09-03 16:57:40.605 Component SVRTcli.exe version 2.5.4

2015-09-03 16:57:40.605 Component control.dll version 2.5.4

2015-09-03 16:57:40.605 Component SVRTservice.exe version 2.5.4

2015-09-03 16:57:40.621 Component engine\osdp.dll version 1.44.1.2210

2015-09-03 16:57:40.621 Component engine\veex.dll version 3.61.0.2210

2015-09-03 16:57:40.621 Component engine\savi.dll version 8.1.8.2210

2015-09-03 16:57:40.621 Component rkdisk.dll version 1.5.30.0

2015-09-03 16:57:40.621 Version info: Product version 2.5.4

2015-09-03 16:57:40.621 Version info: Detection engine 3.61.0

2015-09-03 16:57:40.621 Version info: Detection data 5.18

2015-09-03 16:57:40.621 Version info: Build date 18/08/2015

2015-09-03 16:57:40.621 Version info: Data files added 292

2015-09-03 16:57:40.621 Version info: Last successful update (not yet updated)

2015-09-03 16:58:28.435 Downloading updates...

2015-09-03 16:58:28.454 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0

2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement SAVIW32 LATEST

2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE519 LATEST

2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE520 LATEST

2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE521 LATEST

2015-09-03 16:58:28.454 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1

2015-09-03 16:58:28.454 Update progress: [I19463] Syncing product SAVIW32 59

2015-09-03 16:58:34.509 Update progress: [I19463] Syncing product IDE519 196

2015-09-03 16:58:36.178 Installing updates...

2015-09-03 16:58:37.613 Error level 1

2015-09-03 16:58:37.880 Update progress: [I19463] Syncing product IDE520 98

2015-09-03 16:58:37.880 Update progress: [I19463] Syncing product IDE521 1

2015-09-03 16:59:08.529 Update successful

2015-09-03 16:59:34.509 Option all = no

2015-09-03 16:59:34.509 Option recurse = yes

2015-09-03 16:59:34.509 Option archive = no

2015-09-03 16:59:34.509 Option service = yes

2015-09-03 16:59:34.509 Option confirm = yes

2015-09-03 16:59:34.509 Option sxl = yes

2015-09-03 16:59:34.509 Option max-data-age = 35

2015-09-03 16:59:34.509 Option EnableSafeClean = yes

2015-09-03 16:59:34.619 Option vdl-logging = yes

2015-09-03 16:59:34.619 Customer ID: 094260ca9b3af99f9d4a3909fc47a743

2015-09-03 16:59:34.619 Machine ID: 8c1a3f8d20d2494f8086cb4dadaeb316

2015-09-03 16:59:34.635 Component SVRTcli.exe version 2.5.4

2015-09-03 16:59:34.635 Component control.dll version 2.5.4

2015-09-03 16:59:34.635 Component SVRTservice.exe version 2.5.4

2015-09-03 16:59:34.635 Component engine\osdp.dll version 1.44.1.2210

2015-09-03 16:59:34.635 Component engine\veex.dll version 3.61.0.2210

2015-09-03 16:59:34.635 Component engine\savi.dll version 8.1.8.2210

2015-09-03 16:59:34.635 Component rkdisk.dll version 1.5.30.0

2015-09-03 16:59:34.635 Version info: Product version 2.5.4

2015-09-03 16:59:34.635 Version info: Detection engine 3.61.0

2015-09-03 16:59:34.635 Version info: Detection data 5.18G

2015-09-03 16:59:34.635 Version info: Build date 18/08/2015

2015-09-03 16:59:34.635 Version info: Data files added 292

2015-09-03 16:59:34.635 Version info: Last successful update 03/09/2015 11:59:08 a.m.



2015-09-03 17:09:30.259 Could not open C:\hiberfil.sys

2015-09-03 17:09:32.552 Could not open C:\pagefile.sys

2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{4b770cf6-4115-11e5-aee9-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{4b770cfb-4115-11e5-aee9-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{5fdb67c9-4b52-11e5-84dc-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{5fdb67ed-4b52-11e5-84dc-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300a9-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300ad-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300b1-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300b5-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{6577b558-4102-11e5-8520-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{7c38d3f7-5259-11e5-9300-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{9785b60c-4100-11e5-895f-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{e974c966-4b50-11e5-9974-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe

2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin

2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin

2015-09-03 17:22:29.010 Could not open C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Current Session

2015-09-03 17:22:29.010 Could not open C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Current Tabs

2015-09-03 17:22:29.057 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)

2015-09-03 17:22:32.832 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK (virus scan failed)

2015-09-03 17:22:33.222 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\LOCK (virus scan failed)

2015-09-03 17:22:35.017 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOCK (virus scan failed)

2015-09-03 17:22:35.049 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)

2015-09-03 17:26:39.926 Could not check C:\Users\AlvaroNiño\Pictures\FOTOS Yuyo\Pausas power point\Pausa Agosto 2004.ppt (corrupt)

2015-09-03 17:37:08.902 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb

2015-09-03 17:37:08.902 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\DEFAULT

2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\SAM

2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\SECURITY

2015-09-03 17:37:16.926 Could not open C:\Windows\System32\config\RegBack\SOFTWARE

2015-09-03 17:37:16.926 Could not open C:\Windows\System32\config\RegBack\SYSTEM

2015-09-03 18:05:58.346 The following items will be cleaned up:

2015-09-03 18:05:58.346 Troj/Inject-BFS

2015-09-03 18:18:47.381 Threat 'Troj/Inject-BFS' has been cleaned up.

2015-09-03 18:18:47.397 File "C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe" belongs to 'Troj/Inject-BFS'.

2015-09-03 18:18:47.397 File "C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe" has been cleaned up.

2015-09-03 18:18:47.397 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" belongs to 'Troj/Inject-BFS'.

2015-09-03 18:18:47.397 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" has been cleaned up.

2015-09-03 18:18:47.397 Removal successful

2015-09-03 18:18:47.459 Contents of SafeClean bin directory:

2015-09-03 18:18:47.459 {

2015-09-03 18:18:47.459 RecordID : "0000000000000001",

2015-09-03 18:18:47.459 ItemType : "1",

2015-09-03 18:18:47.459 Location : "C:\Users\AlvaroNiño\AppData\Local\",

2015-09-03 18:18:47.459 FileName : "2050601dsisetup20545952.exe",

2015-09-03 18:18:47.459 ThreatName : "Troj/Inject-BFS",

2015-09-03 18:18:47.459 Checksum : "a32d53c5558c207584b977ebc89e768e9345fad3eb87d0d2ea34faee02d87fd1",

2015-09-03 18:18:47.459 TimeStamp : "Thu Sep 03 13:18:34 2015"

2015-09-03 18:18:47.459 }

2015-09-03 18:18:48.582 Error level 0

Renata
Mensajes: 183
Registrado: 02 Jun 2008, 02:10

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por Renata » 03 Sep 2015, 22:03

[quote="Renata"]Buenas tardes, agradecida por su apoyo y sintiéndome liberada de tanto bicho.



Lo primero fue pasar el limpiador, me detectó 8 virus, archivos dañados y muchas cosas malas en el pc. Después pasé descargué el antivirus BULA-Shopos, lo dejé escaneando mientras salí a almorzar y ahora, al regresar, encuentro el pc como una sedita, suave, terso y vivo. Pude desinstalar el BroBrowser de programas y por lo que veo, los problemas están superados.

Ahora mi pregunta es: ¿Puedo dejar el Shopos como mi antivirus único? o.. activo el que siempre he tenido.



Enviaré la MUESTRA que encontré en el archivo.



Mil y mil gracias, Dios les pague, ustedes son los aliados que necesitamos en cualquier parte del mundo.



Con todo cariño y gratitud, abrazo para toda la familia SATINFO y zona virus. Se los quiere mucho desde el otro lado del mundo. :D :roll: :D



Renata-



2015-09-03 16:57:07.047 Sophos Virus Removal Tool version 2.5.4

2015-09-03 16:57:07.047 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.



2015-09-03 16:57:07.047 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.



2015-09-03 16:57:07.047 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64

2015-09-03 16:57:07.047 Checking for updates...

2015-09-03 16:57:10.542 Update progress: proxy server not available

2015-09-03 16:57:38.546 Option all = no

2015-09-03 16:57:38.546 Option recurse = yes

2015-09-03 16:57:38.546 Option archive = no

2015-09-03 16:57:38.546 Option service = yes

2015-09-03 16:57:38.546 Option confirm = yes

2015-09-03 16:57:38.546 Option sxl = yes

2015-09-03 16:57:38.546 Option max-data-age = 35

2015-09-03 16:57:38.546 Option EnableSafeClean = yes

2015-09-03 16:57:40.590 Option vdl-logging = yes

2015-09-03 16:57:40.605 Customer ID: 094260ca9b3af99f9d4a3909fc47a743

2015-09-03 16:57:40.605 Machine ID: 8c1a3f8d20d2494f8086cb4dadaeb316

2015-09-03 16:57:40.605 Component SVRTcli.exe version 2.5.4

2015-09-03 16:57:40.605 Component control.dll version 2.5.4

2015-09-03 16:57:40.605 Component SVRTservice.exe version 2.5.4

2015-09-03 16:57:40.621 Component engine\osdp.dll version 1.44.1.2210

2015-09-03 16:57:40.621 Component engine\veex.dll version 3.61.0.2210

2015-09-03 16:57:40.621 Component engine\savi.dll version 8.1.8.2210

2015-09-03 16:57:40.621 Component rkdisk.dll version 1.5.30.0

2015-09-03 16:57:40.621 Version info: Product version 2.5.4

2015-09-03 16:57:40.621 Version info: Detection engine 3.61.0

2015-09-03 16:57:40.621 Version info: Detection data 5.18

2015-09-03 16:57:40.621 Version info: Build date 18/08/2015

2015-09-03 16:57:40.621 Version info: Data files added 292

2015-09-03 16:57:40.621 Version info: Last successful update (not yet updated)

2015-09-03 16:58:28.435 Downloading updates...

2015-09-03 16:58:28.454 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0

2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement SAVIW32 LATEST

2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE519 LATEST

2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE520 LATEST

2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE521 LATEST

2015-09-03 16:58:28.454 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1

2015-09-03 16:58:28.454 Update progress: [I19463] Syncing product SAVIW32 59

2015-09-03 16:58:34.509 Update progress: [I19463] Syncing product IDE519 196

2015-09-03 16:58:36.178 Installing updates...

2015-09-03 16:58:37.613 Error level 1

2015-09-03 16:58:37.880 Update progress: [I19463] Syncing product IDE520 98

2015-09-03 16:58:37.880 Update progress: [I19463] Syncing product IDE521 1

2015-09-03 16:59:08.529 Update successful

2015-09-03 16:59:34.509 Option all = no

2015-09-03 16:59:34.509 Option recurse = yes

2015-09-03 16:59:34.509 Option archive = no

2015-09-03 16:59:34.509 Option service = yes

2015-09-03 16:59:34.509 Option confirm = yes

2015-09-03 16:59:34.509 Option sxl = yes

2015-09-03 16:59:34.509 Option max-data-age = 35

2015-09-03 16:59:34.509 Option EnableSafeClean = yes

2015-09-03 16:59:34.619 Option vdl-logging = yes

2015-09-03 16:59:34.619 Customer ID: 094260ca9b3af99f9d4a3909fc47a743

2015-09-03 16:59:34.619 Machine ID: 8c1a3f8d20d2494f8086cb4dadaeb316

2015-09-03 16:59:34.635 Component SVRTcli.exe version 2.5.4

2015-09-03 16:59:34.635 Component control.dll version 2.5.4

2015-09-03 16:59:34.635 Component SVRTservice.exe version 2.5.4

2015-09-03 16:59:34.635 Component engine\osdp.dll version 1.44.1.2210

2015-09-03 16:59:34.635 Component engine\veex.dll version 3.61.0.2210

2015-09-03 16:59:34.635 Component engine\savi.dll version 8.1.8.2210

2015-09-03 16:59:34.635 Component rkdisk.dll version 1.5.30.0

2015-09-03 16:59:34.635 Version info: Product version 2.5.4

2015-09-03 16:59:34.635 Version info: Detection engine 3.61.0

2015-09-03 16:59:34.635 Version info: Detection data 5.18G

2015-09-03 16:59:34.635 Version info: Build date 18/08/2015

2015-09-03 16:59:34.635 Version info: Data files added 292

2015-09-03 16:59:34.635 Version info: Last successful update 03/09/2015 11:59:08 a.m.



2015-09-03 17:09:30.259 Could not open C:\hiberfil.sys

2015-09-03 17:09:32.552 Could not open C:\pagefile.sys

2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{4b770cf6-4115-11e5-aee9-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{4b770cfb-4115-11e5-aee9-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{5fdb67c9-4b52-11e5-84dc-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{5fdb67ed-4b52-11e5-84dc-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300a9-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300ad-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300b1-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300b5-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{6577b558-4102-11e5-8520-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{7c38d3f7-5259-11e5-9300-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{9785b60c-4100-11e5-895f-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{e974c966-4b50-11e5-9974-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}

2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe

2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin

2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin

2015-09-03 17:22:29.010 Could not open C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Current Session

2015-09-03 17:22:29.010 Could not open C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Current Tabs

2015-09-03 17:22:29.057 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)

2015-09-03 17:22:32.832 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK (virus scan failed)

2015-09-03 17:22:33.222 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\LOCK (virus scan failed)

2015-09-03 17:22:35.017 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOCK (virus scan failed)

2015-09-03 17:22:35.049 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)

2015-09-03 17:26:39.926 Could not check C:\Users\AlvaroNiño\Pictures\FOTOS Yuyo\Pausas power point\Pausa Agosto 2004.ppt (corrupt)

2015-09-03 17:37:08.902 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb

2015-09-03 17:37:08.902 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\DEFAULT

2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\SAM

2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\SECURITY

2015-09-03 17:37:16.926 Could not open C:\Windows\System32\config\RegBack\SOFTWARE

2015-09-03 17:37:16.926 Could not open C:\Windows\System32\config\RegBack\SYSTEM

2015-09-03 18:05:58.346 The following items will be cleaned up:

2015-09-03 18:05:58.346 Troj/Inject-BFS

2015-09-03 18:18:47.381 Threat 'Troj/Inject-BFS' has been cleaned up.

2015-09-03 18:18:47.397 File "C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe" belongs to 'Troj/Inject-BFS'.

2015-09-03 18:18:47.397 File "C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe" has been cleaned up.

2015-09-03 18:18:47.397 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" belongs to 'Troj/Inject-BFS'.

2015-09-03 18:18:47.397 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" has been cleaned up.

2015-09-03 18:18:47.397 Removal successful

2015-09-03 18:18:47.459 Contents of SafeClean bin directory:

2015-09-03 18:18:47.459 {

2015-09-03 18:18:47.459 RecordID : "0000000000000001",

2015-09-03 18:18:47.459 ItemType : "1",

2015-09-03 18:18:47.459 Location : "C:\Users\AlvaroNiño\AppData\Local\",

2015-09-03 18:18:47.459 FileName : "2050601dsisetup20545952.exe",

2015-09-03 18:18:47.459 ThreatName : "Troj/Inject-BFS",

2015-09-03 18:18:47.459 Checksum : "a32d53c5558c207584b977ebc89e768e9345fad3eb87d0d2ea34faee02d87fd1",

2015-09-03 18:18:47.459 TimeStamp : "Thu Sep 03 13:18:34 2015"

2015-09-03 18:18:47.459 }

2015-09-03 18:18:48.582 Error level 0[/quote]




Mi felicidad fue efímera... !Regresó con toda sdu tropa¡ Traj con él Any cleaner; cinema plus; y un resto de cosas, pero el programa bobrowser y no se deja ver en el panel de contro/programas determinados, splo aparece en el escritorio y en la barra de abajo... apareció con el nombre de MyBrowser.

La verdad he quedado pálida ante su nuevo ataque, por supuesto, mi antivirus se vuelve loco detectando virus, troyanos, páginas peligrosas etc.

Quedo oendiente de su asesoría.

Mil gracias.

Renata,

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por msc hotline sat » 03 Sep 2015, 22:27

Mira de seguir los pasos que se indican en el video que te sugeria, ya que por lo visto lo que te ha pasado es tipico de este malware, por esto sugieren proceso de eliminacion manual.



Como que esta en castellano, espero que no tengas problemas, aunque no sea un proceso automatico



Ya nos contaras, gracias.



saludos,, 3-9-2015

Avatar de Usuario
flacoroo
Mensajes: 6289
Registrado: 09 Mar 2004, 20:32
Ubicación: Paso del Macho,Ver.México

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por flacoroo » 04 Sep 2015, 15:08

aparte de la sugerencia que te dio MSC, haz lo siguiente, vamos a ver ahora que bicho hace eso:



baja este programa, lo ejecutas y nos pegas el resultado de log que se crea en C:



[url=http://www.zonavirus.com/descargas/sproces.asp]Sproces[/url]



saludos
:lol: :lol: La vida es hermosa....para que complicarnosla :lol: :lol:

Renata
Mensajes: 183
Registrado: 02 Jun 2008, 02:10

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por Renata » 04 Sep 2015, 17:45

[quote="flacoroo"]aparte de la sugerencia que te dio MSC, haz lo siguiente, vamos a ver ahora que bicho hace eso:



baja este programa, lo ejecutas y nos pegas el resultado de log que se crea en C:



[url=http://www.zonavirus.com/descargas/sproces.asp]Sproces[/url]



saludos[/quote]


Buen día de nuevo. Logré desinstalar el MyBrowser ese y reinstalar el Chrome; pero los ataques continúan. Al dar algún cambio en las páginas donde navego, me saca y me abre otras de publicidad de cuanta cosa se imaginen.

El antivirus, se me había desactivado y los iconos del escritorio desaparecen y aparecen como en un juego de niños. Ahora me sale acá abajo un anuncio donde me dicen: recomendado: sE RECOMIENDA QUE ACTUALICES TU REPRODUCTOR DE VIDEO HASTA LA VERSIÓN MÁS RAÍDA DISPONIBLE. y me invita a descargar. Cosa que no he hecho, no sea que los bichos ataquen aún más.

Esta batalla está complicada, se que ustedes me apoyarán para alcanzar la victoria.

Dejo el INFO de SPROCES.

Gracias mil y mil.



(4-9-2015 15:34:25 GMT)

SProces v8.6 (c)2015 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Ultimate (v6.1) (64 bits)

Internet Explorer: (v9.11.9600.17801) 0

Equipo: CONSULTORIOWIN7

Usuario: AlvaroNiño

Sesión de Usuario: AlvaroNiño



78 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTSVC.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\WINDOWS\SYSTEM32\EXPLORER.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AFWSERV.EXE

C:\PROGRAM FILES (X86)\CINEMAPLUS-3.2CV03.09\1C5B1B42-BF41-45A8-86F7-D25C2DF3B322-1-6.EXE

C:\PROGRAM FILES (X86)\CINEMAPLUS-3.2CV03.09\1C5B1B42-BF41-45A8-86F7-D25C2DF3B322-6.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ARM\1.0\ARMSVC.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ADOBE DESKTOP COMMON\ELEVATIONMANAGER\ADOBEUPDATESERVICE.EXE

C:\WINDOWS\SYSTEM32\AERTSR64.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\67E0F8C0-1439573389-11E1-AF26-4C72B99D1B2C\KNSD2ECE.TMP

C:\PROGRAM FILES (X86)\HP\HPBDSSERVICE\HPBDSSERVICE.EXE

C:\PROGRAM FILES (X86)\HP\HPLASERJETSERVICE\HPLASERJETSERVICE.EXE

C:\WINDOWS\SYSTEM32\REIGUARD.EXE

C:\WINDOWS\SYSTEM32\REISYSTEM.EXE

C:\PROGRAM FILES (X86)\SFK\SSFK.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\67E0F8C0-1440688043-11E1-AF26-4C72B99D1B2C\KNSK2C9.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\WINDOWS\SYSTEM32\OSPPSVC.EXE

C:\WINDOWS\SYSTEM32\SFKEX64.EXE

C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE

C:\WINDOWS\SYSTEM32\RTKNGUI64.EXE

C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\AMDUSB3DEVICEDETECTOR\NUSB3MON.EXE

C:\PROGRAM FILES (X86)\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE

C:\PROGRAM FILES (X86)\HP\STATUSALERTS\BIN\HPSTATUSALERTS.EXE

C:\PROGRAM FILES (X86)\ADOBE\ADOBE CREATIVE CLOUD\ACC\CREATIVE CLOUD.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\OOBE\PDAPP\IPC\ADOBEIPCBROKER.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ADOBE DESKTOP COMMON\ADS\ADOBE DESKTOP SERVICE.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ADOBE DESKTOP COMMON\HEX\ADOBE CEF HELPER.EXE

C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE

C:\PROGRAM FILES (X86)\ADOBE\ADOBE CREATIVE CLOUD\CORESYNC\CORESYNC.EXE

C:\WINDOWS\SYSTEM32\UNSECAPP.EXE

C:\PROGRAM FILES (X86)\ADOBE\ADOBE CREATIVE CLOUD\CCLIBRARY\CCLIBRARY.EXE

C:\PROGRAM FILES (X86)\ADOBE\ADOBE CREATIVE CLOUD\CCLIBRARY\LIBS\NODE.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\RICONMAN.EXE

C:\WINDOWS\SYSTEM32\WMPNETWK.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\WINDOWS\SYSTEM32\POWERPNT.EXE

C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE

C:\WINDOWS\SYSWOW64\DLLHOST.EXE

C:\USERS\ALVARO~1\APPDATA\LOCAL\TEMP\6539.EXE

C:\WINDOWS\SYSTEM32\UTILS.EXE

C:\WINDOWS\SYSWOW64\CMD.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\ALVARONIñO\DOWNLOADS\SPROCES\SPROCES.EXE

C:\WINDOWS\SYSTEM32\PING.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

F2 - REG:system.ini: UserInit=userinit.exe (HKLM x86)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO (x86): Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO (x86): Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll

O2 - BHO (x86): avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO (x86): URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO (x86): Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKCU\..\Run: [CrashService] "C:\Users\AlvaroNiño\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window

O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Wow6432Node\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Wow6432Node\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on

O4 - HKLM\..\Wow6432Node\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

O4 - HKLM\..\Wow6432Node\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Wow6432Node\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')

O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: SafeKey Fill Forms - file://C:\Users\AlvaroNiño\AppData\LocalLow\SafeKey\context.html?cmd=fillforms

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (HKLM)

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (HKLM)

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (HKLM x86)

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (HKLM x86)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics (x86)

O16 - DPF (x86): {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://www.ma-config.com/plugins/MaConfig_6_5_1_1.cab

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

O21 - SSODL (x86): WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O22 - ShellExecuteHooks (x86): Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL



Información Adicional:

----------------------

Acceso Rapido ('AlvaroNiño'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1441379420&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=cmi&uid=HitachiXHDS721010CLA630_JP2940N03PS0VV3PS0VVX

Acceso Rapido ('AlvaroNiño'): Launch Internet Explorer Browser.lnk = C:\Program Files (x86)\Internet Explorer\iexplore.exe

Acceso Rapido ('AlvaroNiño'): Shows Desktop.lnk =

Acceso Rapido ('AlvaroNiño'): Window Switcher.lnk =

Ext.Google Chrome. ('AlvaroNiño') Id: gomekmidlodglbbmalcneegieacbdmki

Ext.Google Chrome. ('AlvaroNiño') Id: lccekmodgklaepjeofjdjpbminllajkg

Ext.Google Chrome. ('AlvaroNiño') Id: lmjegmlicamnimmfhcmpkclmigmmcbeh

Ext.Google Chrome. ('AlvaroNiño') Id: nmmhkkegccagdldgiimedpiccmgmieda

Ext.Google Chrome. ('AlvaroNiño') Id: papbadoldddalgcjcicnikcfenodpghp

DataBases Google Chrome. ('AlvaroNiño'): Databases.db

DataBases Google Chrome. ('AlvaroNiño'): Databases.db-journal

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-1.job

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-11.job

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-2.job

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-3.job

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-4.job

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-5.job

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-5_user.job

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-6.job

Tarea Programada: C:\WINDOWS\Tasks\178207b4-5ca3-47d2-ad6f-456f657d5cd6-7.job

Tarea Programada: C:\WINDOWS\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-1-6.job

Tarea Programada: C:\WINDOWS\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-1-7.job

Tarea Programada: C:\WINDOWS\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-10_user.job

Tarea Programada: C:\WINDOWS\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-3.job

Tarea Programada: C:\WINDOWS\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-5.job

Tarea Programada: C:\WINDOWS\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-5_user.job

Tarea Programada: C:\WINDOWS\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-6.job

Tarea Programada: C:\WINDOWS\Tasks\1c5b1b42-bf41-45a8-86f7-d25c2df3b322-7.job

Tarea Programada: C:\WINDOWS\Tasks\3dfede99-9c4d-40eb-9b5c-cab353a417bb.job

Tarea Programada: C:\WINDOWS\Tasks\8043f29d-8472-4a4b-be97-257fb6895b1c-1-6.job

Tarea Programada: C:\WINDOWS\Tasks\8043f29d-8472-4a4b-be97-257fb6895b1c-1-7.job

Tarea Programada: C:\WINDOWS\Tasks\8043f29d-8472-4a4b-be97-257fb6895b1c-10_user.job

Tarea Programada: C:\WINDOWS\Tasks\8043f29d-8472-4a4b-be97-257fb6895b1c-3.job

Tarea Programada: C:\WINDOWS\Tasks\8043f29d-8472-4a4b-be97-257fb6895b1c-5.job

Tarea Programada: C:\WINDOWS\Tasks\8043f29d-8472-4a4b-be97-257fb6895b1c-5_user.job

Tarea Programada: C:\WINDOWS\Tasks\8043f29d-8472-4a4b-be97-257fb6895b1c-7.job

Tarea Programada: C:\WINDOWS\Tasks\9905619b-e434-4c6b-8784-ae6288796c12.job

Tarea Programada: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

Tarea Programada: C:\WINDOWS\Tasks\APSnotifierPP1.job

Tarea Programada: C:\WINDOWS\Tasks\APSnotifierPP2.job

Tarea Programada: C:\WINDOWS\Tasks\APSnotifierPP3.job

Tarea Programada: C:\WINDOWS\Tasks\BIAvWb90YLcLZ.job

Tarea Programada: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job

Tarea Programada: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job

Tarea Programada: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf9083bb762ad0.job

Tarea Programada: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf9083bccd8277.job

Tarea Programada: C:\WINDOWS\Tasks\PennyBee.job

Tarea Programada: C:\WINDOWS\Tasks\PXLRPT.job

Tarea Programada: C:\WINDOWS\Tasks\R7gdh83SjV8NeRVjIzQ9gHUj3.job

Tarea Programada: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job

Tarea Programada: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job

Tarea Programada: C:\WINDOWS\Tasks\YRW.job



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE

O23 - Service: avast! HardwareID (aswHwid) - AVAST Software - C:\WINDOWS\system32\drivers\aswHwid.sys

O23 - Service: aswMonFlt - AVAST Software - C:\WINDOWS\system32\drivers\aswMonFlt.sys

O23 - Service: aswStm - AVAST Software - C:\WINDOWS\system32\drivers\aswStm.sys

O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe

O23 - Service: Desktop Site (fomeduze) - Unknown owner - C:\Program Files (x86)\67E0F8C0-1439573389-11E1-AF26-4C72B99D1B2C\knsd2ECE.tmp

O23 - Service: Google Update Servicio (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe

O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe

O23 - Service: SSFK - TODO: (lø

) - C:\Program Files (x86)\SFK\SSFK.exe

O23 - Service: Information Watermark (tizejese) - Unknown owner - C:\Program Files (x86)\67E0F8C0-1440688043-11E1-AF26-4C72B99D1B2C\knsk2C9.tmp



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys

O23 - Service: AMD USB 3.0 Hub Driver (amdhub30) - Advanced Micro Devices, INC. - C:\WINDOWS\SYSTEM32\DRIVERS\amdhub30.sys

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\drivers\amdsbs.sys

O23 - Service: AMD USB 3.0 Host Controller Driver (amdxhc) - Advanced Micro Devices, INC. - C:\WINDOWS\SYSTEM32\DRIVERS\amdxhc.sys

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\bxvbda.sys

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltLo.sys

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltUp.sys

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys

O23 - Service: cpuz134 - Unknown owner - C:\Users\ALVARO~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys (file missing)

O23 - Service: driverhardwarev2x64 - CybelSoft - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\evbda.sys

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys

O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys

O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys

O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHD64.sys

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_fc.sys

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas.sys

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas2.sys

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_scsi.sys

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\x64\maconfservice.exe

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\MegaSR.sys

O23 - Service: Driver for Monitor (MonitorFunction) - TeamViewer GmbH - C:\WINDOWS\SYSTEM32\DRIVERS\TVMonitor.sys

O23 - Service: Ralink 802.11n Extensible Wireless Driver (netr28x) - Ralink Technology, Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\netr28x.sys

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys

O23 - Service: Smartphone BlackBerry (RimUsb) - Research In Motion Limited - C:\WINDOWS\SYSTEM32\Drivers\RimUsb_AMD64.sys

O23 - Service: Realtek PCIE CardReader Driver (RSPCIESTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\RtsPStor.sys

O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek - C:\WINDOWS\SYSTEM32\DRIVERS\Rt64win7.sys

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\drivers\SiSRaid2.sys

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\drivers\stexstor.sys

O23 - Service: AMD USB Filter Driver (usbfilter) - Advanced Micro Devices - C:\WINDOWS\SYSTEM32\DRIVERS\usbfilter.sys

O23 - Service: VGPU - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\rdvgkmd.sys (file missing)

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys



Listado de Servicios (Deshabilitados):

--------------------------------------

O23 - Service: Field Data Storage (fimevebo) - Unknown owner - C:\Program Files (x86)\67E0F8C0-1440517833-11E1-AF26-4C72B99D1B2C\hnsfEE94.tmp

O23 - Service: Star Key Compact (guninoce) - Unknown owner - C:\Program Files (x86)\67E0F8C0-1440517833-11E1-AF26-4C72B99D1B2C\knsu67E1.tmp

O23 - Service: Delete Exit (totyseku) - Unknown owner - C:\Program Files (x86)\67E0F8C0-1440688043-11E1-AF26-4C72B99D1B2C\hnst29A0.tmp



73 Servicios.

16 de Carga Automatica.

54 de Carga Manual.

3 Deshabilitados.



Listado de Programas Instalados:

--------------------------------

Reimage Repair -> C:\Program Files\Reimage\Reimage Repair\uninst.exe

WinRAR 5.21 (64-bit) -> C:\Program Files\WinRAR\uninstall.exe

HP Unified IO -> MsiExec.exe /I{30E20E5D-5E4E-4874-A35A-952DB3582C29}

Ma-Config.com (64 bits) -> MsiExec.exe /X{579A9C5C-80D0-47B3-BE42-CB420AD30CCB}

HP LaserJet Pro MFP M127-M128 Fax Driver -> MsiExec.exe /I{65072E52-F51B-4280-9DA6-EA5F1EE72C3A}

Microsoft Silverlight -> MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}" "3082" "0"

Security Update for Microsoft Excel 2010 (KB2965240) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{29B119D7-3C51-4DE2-B84D-A2E0C68A3EC4}" "3082" "0"

Update for Microsoft Visio 2010 (KB2965292) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{5206C5F8-E115-4D17-AF86-F9D241AD75FE}" "3082" "0"

Security Update for Microsoft PowerPoint 2010 (KB2999420) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{547A8337-0686-489C-BE39-9D7A8E2BA3FD}" "3082" "0"

Update for Microsoft Outlook 2010 (KB3015585) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{5C130D63-6D40-4A80-919D-779CE0777449}" "3082" "0"

Security Update for Microsoft Word 2010 (KB2965237) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{606AC9C9-5315-4138-BCC5-4CBCBBD27ED9}" "3082" "0"

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}" "3082" "0"

Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{899F1A18-D860-4C63-B3C8-095B8E537D3D}" "3082" "0"

Update for Microsoft OneNote 2010 (KB2956205) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{A6A2614F-4E2F-4952-8DBF-57CA5241AEE3}" "3082" "0"

Update for Microsoft Access 2010 (KB2837601) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{D926D412-C5D1-411E-9F85-7CCF049E502B}" "3082" "0"

Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}" "3082" "0"

Update for Microsoft Filter Pack 2.0 (KB2881026) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{E51DB3F4-A162-484C-A673-40E18202B10A}" "3082" "0"

Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0C0A-1000-0000000FF1CE}" "{FC2E9312-BC11-415B-815E-F62BFD27C409}" "3082" "0"

Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0C0A-1000-0000000FF1CE}" "{D1414D5F-02BE-49B1-B951-52A2D6BDF624}" "3082" "0"

Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0C0A-1000-0000000FF1CE}" "{FC2E9312-BC11-415B-815E-F62BFD27C409}" "3082" "0"

Update for Microsoft Outlook 2010 (KB2965295) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0C0A-1000-0000000FF1CE}" "{4CB1054C-E27A-4356-8F4F-5C72B983E885}" "3082" "0"

Security Update for Microsoft Word 2010 (KB2553428) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0C0A-1000-0000000FF1CE}" "{5DCD7B94-DCDE-47A9-9A00-1ABF454DBDA8}" "3082" "0"

Security Update for Microsoft Word 2010 (KB2553428) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0C0A-1000-0000000FF1CE}" "{5DCD7B94-DCDE-47A9-9A00-1ABF454DBDA8}" "3082" "0"

Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0C0A-1000-0000000FF1CE}" "{FC2E9312-BC11-415B-815E-F62BFD27C409}" "3082" "0"

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}" "3082" "0"

Update for Microsoft OneNote 2010 (KB2956205) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A6A2614F-4E2F-4952-8DBF-57CA5241AEE3}" "3082" "0"

Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0C0A-1000-0000000FF1CE}" "{06CE23CF-EC68-4F23-89CB-2A22AC45B63A}" "3082" "0"

AMD Catalyst Install Manager -> msiexec /q/x{B1F48088-2632-92BF-799C-16A5141B74EC} REBOOT=ReallySuppress

HP LaserJet Pro MFP M127-M128 Fax -> MsiExec.exe /I{C5835004-643A-4EB6-A280-706F9F62F985}

AMD USB 3.0 Device Detector -> MsiExec.exe /I{CD2F75E2-076F-0BF5-C887-773D90E84639}

Adobe AIR -> C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe Creative Cloud -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"

Adobe Flash Player 14 ActiveX -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe -maintain activex

aTube Catcher -> C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe

Avast Internet Security -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall

CinemaPlus-3.2cV03.09 -> C:\Program Files (x86)\CinemaPlus-3.2cV03.09\Uninstall.exe /fcp=1 /runexe='C:\Program Files (x86)\CinemaPlus-3.2cV03.09\UninstallBrw.exe' /url='http://notif.localgocloud.com/notf_sys/index.html' /brwtype='uni' /onerrorexe='C:\Program Files (x86)\CinemaPlus-3.2cV03.09\utils.exe' /crregname='CinemaPlus-3.2cV03.09' /appid='72893' /srcid='002974' /bic='b32d40d51cc3fa6251caaa451feb1b63IE' /verifier='9fcac93c0d2cd14626c6acb474de2976' /brwshtoms='15000' /installerversion='1_36_01_22' /statsdomain='http://stats.localgocloud.com/utility.gif?' /errorsdomain='http://errors.localgocloud.com/utility.gif?' /monetizationdomain='http://logs.localgocloud.com/monetization.gif?'

Adobe Download Assistant -> msiexec /qb /x {E68EADA6-63A4-F6D3-FE12-968B879F7AD6}

Google Chrome -> "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging

mystartsearch uninstall -> C:\Users\AlvaroNiño\AppData\Roaming\mystartsearch\UninstallManager.exe -ptid=cmi

RegClean-Pro -> "C:\Program Files (x86)\RCP\unins000.exe"

Progeinsa -> C:\Windows\ST5UNST.EXE -n "c:\Program Files\Progeinsa\ST5UNST.LOG"

hppM125LaserJetService -> MsiExec.exe /I{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}

HP Product FWUpdater -> MsiExec.exe /I{1A8F20ED-C9CC-43FD-A678-20970BB83A9E}

Java 8 Update 60 -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218060F0}

HPLJUTM127_128 -> MsiExec.exe /I{2C886751-51BD-4A8C-B33A-B4C513AB5B9A}

HP Update -> MsiExec.exe /X{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}

HP LJ M127128 Scan HP Scan -> MsiExec.exe /I{2F518061-89DB-4AF0-9A7A-2BF73B60E6F0}

HPLJUTCore -> MsiExec.exe /I{30DD7187-F392-4D83-8AED-D9A2DC64EF15}

Adobe AIR -> MsiExec.exe /I{31B9D218-FED2-4C6C-B19F-7294FFC130B0}

HP LaserJet Pro MFP M127-M128 -> C:\Program Files (x86)\HP\csiInstaller\3b050369-8d19-413d-9dec-84ff278472eb\Setup.exe /Uninstall

Google Update Helper -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}

HP LaserJet Pro MFP M127-M128 HP Device Toolbox -> MsiExec.exe /I{612631AC-0D84-4116-9D8A-D2D63467B7BF}

hpStatusAlerts -> MsiExec.exe /I{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}

Adobe Photoshop CC 2015 -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{793C2BF7-A4FE-4608-91C9-9282C5801C21}"

Realtek Ethernet Controller Driver -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly

hpStatusAlertsM127-M128 -> MsiExec.exe /I{92374A19-CD4A-498F-92CB-26473EF31FB3}

Adobe Refresh Manager -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824147215}

Adobe Reader XI (11.0.12) - Español -> MsiExec.exe /I{AC76BA86-7AD7-1034-7B44-AB0000000001}

HP Unified IO -> MsiExec.exe /I{B1CB7E99-4685-45CB-867E-2FB58EDA0A39}

Windows Movie Maker 2.6 -> MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}

HPLJProMFPM127M128 -> MsiExec.exe /X{B5409C23-DE0C-4B48-8C8A-50AE38694955}

Sophos Virus Removal Tool -> MsiExec.exe /I{B829E117-D072-41EA-9606-9826A38D34C1}

Realtek PCIE Card Reader -> "C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly

Adobe Download Assistant -> MsiExec.exe /I{E68EADA6-63A4-F6D3-FE12-968B879F7AD6}

Realtek High Definition Audio Driver -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709

HP LaserJet Pro MFP M127-M128 Fax -> MsiExec.exe /I{FAE97B40-E8E2-4B52-9A9E-219C3CCC0107}

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por msc hotline sat » 04 Sep 2015, 21:55

Pero has mirado el video que te indique ?


[quote]Pues prueba lo que indican en este video: (despues de la publicidad, claro !)





http://www.youtube.com/watch?v=Y9jDX7pcwPY





Espero que te sirva.



saludos



ms, 3-9-2015[/quote]


Esta en castellano y muy clarito ...



Respondeme al respecto, gracias



mms, 4-9-2015

Renata
Mensajes: 183
Registrado: 02 Jun 2008, 02:10

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por Renata » 05 Sep 2015, 01:39

Si Señor, claro que he mirado y ejecutado tantas veces las instrucciones del vídeo que no tengo necesidad ya ni de verlo, lo llevo en mi memoria.

Gracias por tu atención.

Renata.

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por msc hotline sat » 05 Sep 2015, 07:52

Al no haber visto mencion anterior al resultado de dichas iinstrucciones y ofrecer explicaciones que concuerdan con lo que nos indicas, cabia la posibilidad de que lo hubieras pasado por alto...



Sugiero que centres tus esfuerzos enn dichas instrucciones, mejorandolas en lo posible, por ejemplo haciendolo en MODO SEGURO , aunque no lo indiquen.



Por ultimo sugiero que con el SPROCES. -> SCAN. , marques las claves de carga del Groove y selecciones ELIMINAR



Dichas claves empiezan por O2 : BHO Groove. ... (Una de ellas indica X86)



---> O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

---> O2 - BHO (x86): Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL





Sino, lanza el REGEDIT busca GROOVE y elimina las entradas que encuentres, si no puedes en MODO NORMAL, hazlo en MODO SEGURO.





Suerte !



ms, 5-9-2015

Renata
Mensajes: 183
Registrado: 02 Jun 2008, 02:10

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por Renata » 08 Sep 2015, 20:50

Buenas tardes desde la Ciudad más Bonita de Colombia.

Realicé todo lo recomendado por ustedes, en este momento siento deslizarse el pc por el mundo virtual y local, "como una sedita". Por ahora, los ataques masivos quedaron en el olvido y en especial, me ha quedado un gran aprendizaje guiada por ustedes, los maestros de Zona Virus.



Todo está en calma y ya no tengo interferencias cuando trabajo en el pc, ni visitas tormentosas que me sacaban de la Web, tuve que instalar de nuevo el Google Chrome y está funcionando de maravilla.



Mil gracias por su asesoría y apoyo, que el Creador de la Vida los conserve por siempre en esta Web ya que son un alivio para muchos en el mundo.



Abrazo y saludos.

Renata

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: ATAQUES MASIVOS A MI ORDENADOR.

Mensaje por msc hotline sat » 09 Sep 2015, 06:16

Pues lo celebramos, Renata, y hablo tambien por flacoroo, que ha colaborado en el Tema.



Que dure la paz en tu vida, que bastante has sufrido ya en todos los sentidos, incluidos los ataques malware, pero mientras se puedan solucionar como ahora, dejalo como una manera de recordar a tus amigos de zonavirus, que ya ves que tanto desde un lado como del otro del charco que nos separa, acudimos en tu ayuda en cuanto nos lo pides...



Y sobre que estas en la ciudad mas bonita de Colombia no lo discuto, aunque no puedo juzgarlo al no haber estado en la tuya, a pesar de haber visitado muchas recientemente, como bien sabes, en mi ultimo viaje a tu pais, pero si tu lo dices, sera verdad !



Y recomendandote que tengas en cuenta los cinco puntos mencionados en:



http://www.zonavirus.com/noticias/2015/recomendaciones-para-control-de-los-ransomwares-recordatorio.asp



damos por solucionado el Tema y procedemos a cerrarlo



Saludos desde España (msc) y Mexico (flacoroo)



ms, 9-9-2015

Cerrado

Volver a “Foro Virus - Cuentanos tu problema”