Respuestas de foro creadas
- hace 10 años
Hola Jean. Siiii!!!!! Estaba esperando tener noticias tuyas para avisarte. Mil gracias. Hasta pronto, porque seguro que voy a volver a necesitar de tu ayuda!!!
hace 10 añosRapport de ZHPFix 2015.3.18.4 par Nicolas Coolman, Update du 18/03/2015 Fichier d'export Registre : Run by Adriana at 26/03/2015 04:14:40 p.m. High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600) Vaciada papelera de reciclaje ( amn m.s) Prefetcher de reciclaje ========== Claves del registro ========== [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\bitguard.exe]ELIMINA (bitguard.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\bprotect.exe]ELIMINA (bprotect.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\bpsvc.exe]ELIMINA (bpsvc.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\browserdefender.exe]ELIMINA (browserdefender.exe) Base de registros de rama IFEO no infectados. [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\dprotectsvc.exe]ELIMINA (dprotectsvc.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\searchinstaller.exe]ELIMINA (searchinstaller.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\stinst32.exe]ELIMINA (stinst32.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\stinst64.exe]ELIMINA (stinst64.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\websteroids.exe]ELIMINA (websteroids.exe) [HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\websteroidsservice.exe]ELIMINA (websteroidsservice.exe) ELIMINA: HKLM\Software\Wow6432Node\SafetyNut ELIMINA: HKLM\Software\Wow6432Node\Uniblue ELIMINA:* HKCR\CLSID\{338a754c-b46e-4bf2-8ac8-23de36862ad3} ELIMINA:* HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} ELIMINA:* HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} ELIMINA:* HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} ELIMINA:* HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} ELIMINA:* HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} ELIMINA:* HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} ELIMINA:* HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} ELIMINA:* HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} ELIMINA: HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} ELIMINA:* HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} ELIMINA:* HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} ELIMINA:* HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} ELIMINA:* HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} ELIMINA:* HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} ELIMINA:* HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} ELIMINA:* HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} ELIMINA:* HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} ELIMINA:* HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} ELIMINA:* HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} ELIMINA:* HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} ELIMINA:* HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} ELIMINA:* HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} ELIMINA:* HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} ELIMINA:* HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} ELIMINA:* HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} ELIMINA:* HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} ELIMINA:* HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} ELIMINA:* HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} ELIMINA:* HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} ELIMINA:* HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} ELIMINA:* HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} ELIMINA:* HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} ELIMINA:* HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} ELIMINA:* HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} ELIMINA:* HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} ELIMINA:* HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} ELIMINA:* HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} ELIMINA: HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} ELIMINA:* HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} ELIMINA:* HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} ELIMINA:* HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} ELIMINA:* HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} ELIMINA:* HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} ELIMINA:* HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} ELIMINA:* HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ELIMINA: HKLM\Software\Classes\SpeedUpMyPC ========== Los valores del registro ========== AUSENCIA de valor perfil estándar: FirewallRaz : AUSENCIA de valor Perfil de dominio: FirewallRaz : ELIMINA: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D} ELIMINA: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6} ELIMINA: FirewallRaz (Domain) : NetPres-In-TCP-NoScope ELIMINA: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope ELIMINA: FirewallRaz (None) : NetPres-WSD-In-UDP ELIMINA: FirewallRaz (None) : NetPres-WSD-Out-UDP ELIMINA: FirewallRaz (Public) : NetPres-In-TCP ELIMINA: FirewallRaz (Public) : NetPres-Out-TCP ELIMINA: FirewallRaz (None) : MCX-Prov-Out-TCP ELIMINA: FirewallRaz (None) : MCX-McrMgr-Out-TCP ELIMINA: FirewallRaz (Public) : UDP Query User{FC5422E8-D999-4EC5-8B88-FFEF2D64BE93}C:\users\administrator\documents\pdux64\pdu.exe ELIMINA: FirewallRaz (Public) : TCP Query User{67E5BE8A-573B-4FF7-BB39-0C8B169B57F3}C:\users\administrator\documents\pdux64\pdu.exe ELIMINA: FirewallRaz (Public) : UDP Query User{A3A58EB7-1F1B-4961-9756-228409288B1F}C:\users\administrator\documents\pdux64\pdux86hostusb.exe ELIMINA: FirewallRaz (Public) : TCP Query User{F0E1F4A9-9D98-4D5C-9161-F275D93BE5B7}C:\users\administrator\documents\pdux64\pdux86hostusb.exe ELIMINA: FirewallRaz (Public) : UDP Query User{E81AFBB7-04E3-46E3-A75B-1CF51E6171FF}C:\users\administrator\documents\pdux64\pdux86hostgraphic.exe ELIMINA: FirewallRaz (Public) : TCP Query User{6C23252F-2059-40EA-8524-0390957188B2}C:\users\administrator\documents\pdux64\pdux86hostgraphic.exe ELIMINA: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266} ELIMINA: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD} ========== Carpetas ========== Borra las ventanas temporales (0) ELIMINA las Cookies de flash (0) ELIMINA: c:\users\adriana\appdata\local\apps ELIMINA: c:\users\adriana\appdata\local\webplayer ========== Archivos ========== Borra las ventanas temporales (0) (0 octets) ELIMINA las Cookies de flash (0) (0 octets) ========== Tarea programada ========== ELIMINA: PC Speed Maximizer Schedule ELIMINA: spmonitor ELIMINA: {19653565-B8B5-4925-8A1C-BD7FE1313954} ========== Otros ========== NO TRATADO [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 ========== Resumen ========== 60 : Claves del registro 20 : Los valores del registro 4 : Carpetas 2 : Archivos 3 : Tarea programada 1 : Otros End of clean in amn m.s ========== Ruta de acceso al informe de archivo ========== C:\Users\Adriana\AppData\Roaming\ZHP\ZHPFix[R1].txt - 26/03/2015 04:14:49 p.m. [7861]hace 10 años~ Informe de ZHPDiag v2015.3.23.32 - Nicolas Coolman (23/03/2015) ~ Lanzado por Adriana (26/03/2015 12:00:47 p.m.) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Dirección del forum Web : http://forum.nicolascoolman.fr ~ Traducido por ~ Estado de la versión : Versión actualizada. ~ Lista Bianca : Usuarios con discapacidad ~ Elevación de privilegios : OK ~ Control de cuentas de usuario : Activate by user ---\\ Resumen de detecciones en su estación de trabajo http://www.nicolascoolman.fr/blog/ =>PUP.PCSpeedMaximizer http://www.nicolascoolman.fr/blog/ =>PUP.UniblueSystem http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask http://nicolascoolman.fr/pup-moviestoolbar =>PUP.MoviesToolbar http://nicolascoolman.fr/pup-bitguard =>PUP.BitGuard http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel http://nicolascoolman.fr/trojan-staser =>Trojan.Staser http://nicolascoolman.fr/pup-tubedimmer =>PUP.TubeDimmer http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster http://nicolascoolman.fr/pup-rewardsarcade =>PUP.RewardsArcade http://www.nicolascoolman.fr/blog/ =>PUP.SpeedUpMyPC http://nicolascoolman.fr/pup-tarma =>PUP.Tarma ~ MSI: 12 link(s) detected in amn m.s End of the scan (1166 lines in amn m.s)(0.6)hace 10 añosAh, yo tengo avast online security que lo descargué de las aplicaciones de crome, pero no hay ningun escudo que indique protección en tiempo real.
hace 10 añosHola Jean. Gracias por tu respuesta. Hice todo tal cual me indicaste, y luego de reiniciar mi pc y abrir una página con google crome oh sorpresa!!! sigue todo igual!!! La página adultyum.info se sigue abriendo!! Hoy, antes de ejecutar tus indicaciones ejecuté Malwarebytes y encontró al trojans y lo puso en cuarentena, pero no hay caso, sigue apareciendo. Otra sugerencia? Gracias