Foro de Spyware - Ver Mensaje Individual - No puedo con las ventanas emergentes (Solucionado)

Tema: No puedo con las ventanas emergentes (Solucionado)

Ver Mensaje Individual

post #3 (permalink)

27/12/07, 16:15:44

petitmaus

Usuario

Registrado: dic 2007

Ubicación: Girona

Mensajes: 2

Re: No puedo con las ventanas emergentes

Muchas grácias ElPiedra, creo que se ha acabado el problema, te comento.
He pasado SUPERAntispyware y me ha detectado un troyano en una carpeta llamada system volumen information la cual debe estar oculta en C porqué no la tengo localizada, el ejecutable se llama A0003022.EXE, el cual lo tengo en cuarentena, supongo que lo tendré que eliminar, correcto?.
Luego he pasado el CCleaner como has indicado y después el Combo fix. Luego he navegado durante una hora y media y no me ha aparecido ninguna ventana emergente cosa rara ya que, antes, en solo dos minutos tenia como cuatro ventanas emergentes. A ver si ahora las hecharé en falta!!! YO creo que podemos decir PROBLEMA SOLUCIONADO. Te adjunto el reporte de Combofix:

ComboFix 07-12-21.4 - xecla 2007-12-27 17:55:29.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.34.1033.18.1423 [GMT 1:00]
Running from: C:\Documents and Settings\xecla\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\xecla\Desktop\sudoplanet.lnk
C:\Documents and Settings\xecla\Start Menu\Programs\SudoPlanet
C:\Documents and Settings\xecla\Start Menu\Programs\SudoPlanet\SudoPlanet.lnk
C:\Documents and Settings\xecla\Start Menu\Programs\SudoPlanet\Website.lnk
C:\Program Files\sudoplanet
C:\Program Files\sudoplanet\SudoPlanet.dll
C:\Program Files\sudoplanet\SudoPlanet.exe
C:\Program Files\sudoplanet\SudoPlanet.url
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\drivers\npf.sys
c:\WINDOWS\system32\iweuvump.dat
c:\windows\system32\iweuvump.exe
C:\WINDOWS\system32\iweuvump_nav.dat
c:\WINDOWS\system32\iweuvump_navps.dat
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\WanPacket.dll
C:\WINDOWS\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\NPF

((((((((((((((((((((((((( Files Created from 2007-11-27 to 2007-12-27 )))))))))))))))))))))))))))))))
.

2007-12-26 21:49 . 2007-12-26 21:49 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-26 17:51 . 2007-12-26 17:51 <DIR> d-------- C:\WINDOWS\system32\HWC HD
2007-12-26 17:51 . 2007-12-26 17:52 <DIR> d-------- C:\WINDOWS\ovtcam
2007-12-26 17:51 . 2007-12-26 17:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-12-26 17:51 . 2006-09-27 17:08 274,816 --a------ C:\WINDOWS\system32\drivers\HDvid.sys
2007-12-26 17:51 . 2005-02-16 18:15 73,728 --a------ C:\WINDOWS\system32\ISUSPM.cpl
2007-12-26 17:51 . 2006-09-26 22:42 53,248 --a------ C:\WINDOWS\system32\HDEXT.DLL
2007-12-26 17:51 . 2006-09-26 22:44 36,864 --a------ C:\WINDOWS\OMNIUNS.EXE
2007-12-26 17:51 . 2006-09-28 00:43 26,624 --a------ C:\WINDOWS\system32\HDExt.ax
2007-12-26 17:51 . 2006-10-03 15:06 22,656 -ra------ C:\WINDOWS\system32\drivers\camfilt.sys
2007-12-16 19:02 . 2007-12-16 19:02 <DIR> d-------- C:\Program Files\SogouInput
2007-12-16 19:02 . 2007-12-16 19:02 <DIR> d-------- C:\Documents and Settings\xecla\Application Data\SogouPY
2007-12-16 18:50 . 2007-12-16 18:50 <DIR> d-------- C:\Documents and Settings\xecla\Application Data\PPLive
2007-12-16 18:49 . 2007-12-16 18:49 <DIR> d-------- C:\Program Files\PPLive
2007-12-15 13:35 . 2007-12-15 13:36 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-12-15 13:01 . 2007-12-15 13:01 <DIR> d-------- C:\Program Files\Enterra
2007-12-13 13:57 . 2007-12-13 13:57 <DIR> d--hs---- C:\FOUND.001
2007-12-07 14:39 . 2007-12-07 14:39 <DIR> d--hs---- C:\FOUND.000
2007-12-02 20:26 . 2007-12-02 20:26 <DIR> d-------- C:\Program Files\Skype
2007-12-02 20:26 . 2007-12-02 20:26 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-11-30 19:39 . 2007-11-30 19:39 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-11-30 19:39 . 2005-10-21 02:47 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-11-30 19:39 . 2005-10-21 02:47 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-03 14:29 --------- d-----w C:\Program Files\BillP Studios
2007-11-03 14:29 --------- d-----w C:\Documents and Settings\xecla\Application Data\WinPatrol
2007-10-30 23:42 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:35 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:35 1,287,680 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-27 16:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-27 16:40 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-10 23:56 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-10 23:56 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-10 23:56 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-10-10 23:56 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-10-10 23:56 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-10-10 23:56 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-10 23:55 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-10-10 23:55 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-10 23:55 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-10 23:55 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-10 23:55 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-10 23:55 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-10-10 23:55 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-10-10 23:55 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-10 23:55 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-10 23:55 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-10 23:55 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-10-10 23:55 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-10 23:55 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-10 23:55 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-10-10 23:55 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-10 23:55 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-10-10 10:59 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-10-10 10:59 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 04:00]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" [2007-04-27 06:50]
"H/PC Connection Agent"="C:\PROGRA~1\MICROS~2\wcescomm.exe" [2006-06-21 01:41]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-06-24 17:43]
"Skype"="C:\Program Files\Skype\\Phone\Skype.exe" [2007-09-24 13:11]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:56]
"preload"="C:\Windows\RUNXMLPL.exe" [2005-05-19 17:09]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 16:32]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 20:51]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 14:50 C:\WINDOWS\AGRSMMSG.exe]
"ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 17:15]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [2004-08-10 04:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScI nst.exe" [2004-08-10 04:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.exe" [2004-08-10 04:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.exe" [2004-08-10 04:00]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 04:00 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-10 04:00 C:\WINDOWS\system32\rundll32.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 17:56 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 19:04 C:\WINDOWS\SkyTel.exe]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 13:36]
"LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2006-04-19 15:08]
"CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe" [2003-09-16 14:28]
"LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2005-07-25 10:45]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-04-20 09:23]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 15:00]
"Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 22:12]
"Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 16:39]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 14:40]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2006-06-23 10:39]
"LogitechCameraAssistant"="C:\Program Files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 15:47]
"LogitechVideo[inspector]"="C:\Program Files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 15:55]
"LogitechCameraService(E)"="C:\WINDOWS\system32\El kCtrl.exe" [2004-11-01 18:22]
"nwiz"="nwiz.exe" [2006-01-19 01:43 C:\WINDOWS\system32\nwiz.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp. exe" [2007-12-04 14:00]
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2007-09-23 18:30]
"Enterra Icon Keeper"="C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe" [2006-08-18 16:32]
"UnlockerAssistant"="C:\PROGRAM FILES\UNLOCKER\UNLOCKERASSISTANT.EXE" [2006-09-07 19:19]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 04:00]

C:\Documents and Settings\xecla\Start Menu\Programs\Startup\
SpywareBlaster.lnk - C:\Program Files\SpywareBlaster\spywareblaster.exe [2007-08-09 18:31:45]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R0 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHe lper.sys [2004-12-17 16:14]
R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.s ys [2003-04-28 11:27]
R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2005-04-22 16:57]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-22 16:57]
R2 int15;int15;C:\WINDOWS\system32\drivers\int15.sys [2006-08-29 16:02]
R2 tvicport;tvicport;C:\WINDOWS\system32\drivers\tvic port.sys [2006-08-29 16:02]
R2 UxTuneUp;TuneUp Ampliación del thema;C:\WINDOWS\System32\svchost.exe -k netsvcs []
R3 lv321av;Logitech USB PC Camera (VC0321);C:\WINDOWS\system32\DRIVERS\lv321av.sys [2006-06-19 04:20]
R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2006-06-23 10:40]
R3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\ps dfilter.sys [2006-04-07 20:17]
R3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdv disk.sys [2006-03-08 17:10]
S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutto n.sys []
S2 Programador de LiveUpdate automático;Programador de LiveUpdate automático;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2007-11-21 22:23:50 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2007-12-27 16:13:28 C:\WINDOWS\Tasks\User_Feed_Synchronization-{20ABA516-0395-482C-965C-1626C8839B9F}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
************************************************** ************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-27 17:59:49
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
-> C:\PROGRAM FILES\UNLOCKER\UnlockerHook.dll
.
Completion time: 2007-12-27 18:01:44 - machine was rebooted
.
2007-12-12 19:48:52 --- E O F ---