Respuestas de foro creadas
- hace 10 años, 1 mes
Hola Jean. Siiii!!!!! Estaba esperando tener noticias tuyas para avisarte. Mil gracias. Hasta pronto, porque seguro que voy a volver a necesitar de tu ayuda!!!
hace 10 años, 1 mesRapport de ZHPFix 2015.3.18.4 par Nicolas Coolman, Update du 18/03/2015 Fichier d'export Registre : Run by Adriana at 26/03/2015 04:14:40 p.m. High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600) Vaciada papelera de reciclaje ( amn m.s) Prefetcher de reciclaje ========== Claves del registro ========== [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\bitguard.exe]ELIMINA (bitguard.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\bprotect.exe]ELIMINA (bprotect.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\bpsvc.exe]ELIMINA (bpsvc.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\browserdefender.exe]ELIMINA (browserdefender.exe) Base de registros de rama IFEO no infectados. [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\dprotectsvc.exe]ELIMINA (dprotectsvc.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\searchinstaller.exe]ELIMINA (searchinstaller.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\stinst32.exe]ELIMINA (stinst32.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\stinst64.exe]ELIMINA (stinst64.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\websteroids.exe]ELIMINA (websteroids.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\websteroidsservice.exe]ELIMINA (websteroidsservice.exe) ELIMINA: HKLM\Software\Wow6432Node\SafetyNut ELIMINA: HKLM\Software\Wow6432Node\Uniblue ELIMINA:* HKCR\CLSID\{338a754c-b46e-4bf2-8ac8-23de36862ad3} ELIMINA:* HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} ELIMINA:* HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} ELIMINA:* HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} ELIMINA:* HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} ELIMINA:* HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} ELIMINA:* HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} ELIMINA:* HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} ELIMINA:* HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} ELIMINA: HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} ELIMINA:* HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} ELIMINA:* HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} ELIMINA:* HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} ELIMINA:* HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} ELIMINA:* HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} ELIMINA:* HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} ELIMINA:* HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} ELIMINA:* HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} ELIMINA:* HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} ELIMINA:* HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} ELIMINA:* HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} ELIMINA:* HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} ELIMINA:* HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} ELIMINA:* HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} ELIMINA:* HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} ELIMINA:* HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} ELIMINA:* HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} ELIMINA:* HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} ELIMINA:* HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} ELIMINA:* HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} ELIMINA:* HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} ELIMINA:* HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} ELIMINA:* HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} ELIMINA:* HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} ELIMINA:* HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} ELIMINA:* HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} ELIMINA:* HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} ELIMINA:* HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} ELIMINA: HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} ELIMINA:* HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} ELIMINA:* HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} ELIMINA:* HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} ELIMINA:* HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} ELIMINA:* HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} ELIMINA:* HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} ELIMINA:* HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ELIMINA: HKLM\Software\Classes\SpeedUpMyPC ========== Los valores del registro ========== AUSENCIA de valor perfil estándar: FirewallRaz : AUSENCIA de valor Perfil de dominio: FirewallRaz : ELIMINA: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D} ELIMINA: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6} ELIMINA: FirewallRaz (Domain) : NetPres-In-TCP-NoScope ELIMINA: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope ELIMINA: FirewallRaz (None) : NetPres-WSD-In-UDP ELIMINA: FirewallRaz (None) : NetPres-WSD-Out-UDP ELIMINA: FirewallRaz (Public) : NetPres-In-TCP ELIMINA: FirewallRaz (Public) : NetPres-Out-TCP ELIMINA: FirewallRaz (None) : MCX-Prov-Out-TCP ELIMINA: FirewallRaz (None) : MCX-McrMgr-Out-TCP ELIMINA: FirewallRaz (Public) : UDP Query User{FC5422E8-D999-4EC5-8B88-FFEF2D64BE93}C:\users\administrator\documents\pdux64\pdu.exe ELIMINA: FirewallRaz (Public) : TCP Query User{67E5BE8A-573B-4FF7-BB39-0C8B169B57F3}C:\users\administrator\documents\pdux64\pdu.exe ELIMINA: FirewallRaz (Public) : UDP Query User{A3A58EB7-1F1B-4961-9756-228409288B1F}C:\users\administrator\documents\pdux64\pdux86hostusb.exe ELIMINA: FirewallRaz (Public) : TCP Query User{F0E1F4A9-9D98-4D5C-9161-F275D93BE5B7}C:\users\administrator\documents\pdux64\pdux86hostusb.exe ELIMINA: FirewallRaz (Public) : UDP Query User{E81AFBB7-04E3-46E3-A75B-1CF51E6171FF}C:\users\administrator\documents\pdux64\pdux86hostgraphic.exe ELIMINA: FirewallRaz (Public) : TCP Query User{6C23252F-2059-40EA-8524-0390957188B2}C:\users\administrator\documents\pdux64\pdux86hostgraphic.exe ELIMINA: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266} ELIMINA: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD} ========== Carpetas ========== Borra las ventanas temporales (0) ELIMINA las Cookies de flash (0) ELIMINA: c:\users\adriana\appdata\local\apps ELIMINA: c:\users\adriana\appdata\local\webplayer ========== Archivos ========== Borra las ventanas temporales (0) (0 octets) ELIMINA las Cookies de flash (0) (0 octets) ========== Tarea programada ========== ELIMINA: PC Speed Maximizer Schedule ELIMINA: spmonitor ELIMINA: {19653565-B8B5-4925-8A1C-BD7FE1313954} ========== Otros ========== NO TRATADO [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 ========== Resumen ========== 60 : Claves del registro 20 : Los valores del registro 4 : Carpetas 2 : Archivos 3 : Tarea programada 1 : Otros End of clean in amn m.s ========== Ruta de acceso al informe de archivo ========== C:\Users\Adriana\AppData\Roaming\ZHP\ZHPFix[R1].txt - 26/03/2015 04:14:49 p.m. [7861]hace 10 años, 1 mes~ Informe de ZHPDiag v2015.3.23.32 - Nicolas Coolman (23/03/2015) ~ Lanzado por Adriana (26/03/2015 12:00:47 p.m.) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Dirección del forum Web : http://forum.nicolascoolman.fr ~ Traducido por ~ Estado de la versión : Versión actualizada. ~ Lista Bianca : Usuarios con discapacidad ~ Elevación de privilegios : OK ~ Control de cuentas de usuario : Activate by user ---\\ Resumen de detecciones en su estación de trabajo http://www.nicolascoolman.fr/blog/ =>PUP.PCSpeedMaximizer http://www.nicolascoolman.fr/blog/ =>PUP.UniblueSystem http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask http://nicolascoolman.fr/pup-moviestoolbar =>PUP.MoviesToolbar http://nicolascoolman.fr/pup-bitguard =>PUP.BitGuard http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel http://nicolascoolman.fr/trojan-staser =>Trojan.Staser http://nicolascoolman.fr/pup-tubedimmer =>PUP.TubeDimmer http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster http://nicolascoolman.fr/pup-rewardsarcade =>PUP.RewardsArcade http://www.nicolascoolman.fr/blog/ =>PUP.SpeedUpMyPC http://nicolascoolman.fr/pup-tarma =>PUP.Tarma ~ MSI: 12 link(s) detected in amn m.s End of the scan (1166 lines in amn m.s)(0.6)hace 10 años, 1 mesAh, yo tengo avast online security que lo descargué de las aplicaciones de crome, pero no hay ningun escudo que indique protección en tiempo real.
hace 10 años, 1 mesHola Jean. Gracias por tu respuesta. Hice todo tal cual me indicaste, y luego de reiniciar mi pc y abrir una página con google crome oh sorpresa!!! sigue todo igual!!! La página adultyum.info se sigue abriendo!! Hoy, antes de ejecutar tus indicaciones ejecuté Malwarebytes y encontró al trojans y lo puso en cuarentena, pero no hay caso, sigue apareciendo. Otra sugerencia? Gracias