Tema: problemas con firefox
Ver Mensaje Individual
  post #3 (permalink)  
Antiguo 13/04/08, 20:44:23
Danielbta Danielbta está offline
Usuario
  
Registrado: may 2006
Ubicación: Colombia
Mensajes: 3
Re: problemas con firefox
Cita:
Originalmente publicado por ElPiedra Ver Mensaje
Hola Danielbta, te doy la bienvenida al Foro de InfoSpyware.

Tu log de HijackThis esta libre de Malwares por lo que sugiero realizar lo siguiente:

Descarga, actualiza y ejecuta el programa:
Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
  • Desactiva temporalmente el Antivirus y/o Antispyware.
  • Cierra todas las ventanas abiertas.
  • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
  • Cuando termine, generara un registro en C:\ComboFix.txt.
    • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
    • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.


  • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.



Salu2





Bueno aca esta el analisis de lo que me dijo, ojala de aca se pueda saber que es porque ahora no es solo el firefox, muchos programas se me cierran, siempre lo mismo de que ha encontrado un error y debe cerrarse, tambien con el messenger cuando inicio sesion me aparecen un monton de invitaciones para aceptar pero que furon invitaciones de hace mucho tiempo, no se porque vuelven a aparecer, oaja me puedas ayudar, esta situacion me esta molestando mucho, el analisis es el siguente:



ComboFix 08-04-13.1 - user 2008-04-13 19:23:51.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1413 [GMT -5:00]
Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\Cache
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-03-14 to 2008-04-14 )))))))))))))))))))))))))))))))
.

2008-04-13 17:49 . 2008-04-13 17:49 <DIR> d-------- C:\Documents and Settings\user\Application Data\Malwarebytes
2008-04-13 17:45 . 2008-04-13 17:45 <DIR> d-------- C:\Program Files\CCleaner
2008-04-13 17:44 . 2008-04-13 17:44 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-13 17:44 . 2008-04-13 17:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-13 17:31 . 2008-04-13 17:31 <DIR> d-------- C:\spoolerlogs
2008-04-13 12:56 . 2008-04-13 12:56 <DIR> d-------- C:\WINDOWS\Start Menu
2008-04-11 11:48 . 2008-04-11 11:48 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-06 23:15 . 2008-04-06 23:15 <DIR> d-------- C:\Program Files\Panda Security
2008-04-06 22:04 . 2008-04-06 22:04 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-04-06 22:03 . 2008-04-06 22:03 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2008-04-06 21:35 . 2008-04-06 21:35 <DIR> d-------- C:\Program Files\Lavasoft
2008-04-06 18:14 . 2008-04-06 18:14 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-30 15:25 . 2008-03-30 15:25 <DIR> d-------- C:\Documents and Settings\user\Application Data\Mathsoft
2008-03-30 15:20 . 2008-03-30 15:20 <DIR> d-------- C:\Program Files\Mathcad
2008-03-25 17:07 . 2008-03-25 17:07 <DIR> d-------- C:\Program Files\Labcenter Electronics
2008-03-25 17:07 . 2008-03-25 17:07 <DIR> d-------- C:\Program Files\Common Files\Labcenter Electronics
2008-03-25 17:00 . 2008-03-25 17:00 <DIR> d-------- C:\Documents and Settings\user\Application Data\InstallShield
2008-03-17 16:52 . 2008-03-17 16:52 0 --a------ C:\WINDOWS\mngui.INI
2008-03-17 12:59 . 2008-03-17 12:59 <DIR> d-------- C:\Program Files\KONAMI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-04-13 17:14 --------- d-----w C:\Documents and Settings\user\Application Data\AVG7
2008-04-07 07:02 --------- d-----w C:\Program Files\DIGStream
2008-04-07 02:40 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-07 02:40 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-07 02:40 --------- d-----w C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
2008-04-07 02:35 --------- d-----w C:\Documents and Settings\user\Application Data\Lavasoft
2008-04-04 15:09 --------- d-----w C:\Program Files\CircuitMaker 2000
2008-04-02 02:55 --------- d-----w C:\Program Files\Java
2008-03-25 22:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-25 21:25 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-02-22 18:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\lic
2008-02-19 02:31 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-17 23:10 --------- d-----w C:\Program Files\Ares
.

((((((((((((((((((((((((((((((((((((((((((((( AWF )))))))))))))))))))))))))))))))))))))))))))))))))) ))))))))
.
----a-w 81,920 2005-08-11 23:30:30 C:\Program Files\Common Files\InstallShield\UpdateService\bak\issch.exe
----a-w 81,920 2004-07-27 21:50:18 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

----a-w 249,856 2005-08-11 23:30:30 C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe
----a-w 221,184 2004-07-27 21:50:42 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

----a-w 40,960 2006-05-30 23:02:12 C:\Program Files\Hewlett-Packard\Default Settings\bak\cpqset.exe

----a-w 49,152 2005-02-17 06:11:42 C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe

----a-w 102,400 2006-07-12 04:55:34 C:\Program Files\HP\QuickPlay\bak\QPService.exe

----a-w 36,975 2005-11-11 04:03:52 C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe

----a-w 31,016 2006-10-27 05:47:42 C:\Program Files\Microsoft Office\Office12\bak\GrooveMonitor.exe

----a-w 761,946 2006-04-01 05:01:48 C:\Program Files\Synaptics\SynTP\bak\SynTPEnh.exe

----a-w 204,800 2006-11-03 15:02:06 C:\Program Files\Windows Media Player\bak\WMPNSCFG.exe

----a-w 643,072 2006-02-09 16:52:14 C:\WINDOWS\CREATOR\bak\Remind_XP.exe

----a-w 64,512 2005-08-06 04:56:34 C:\WINDOWS\ehome\bak\ehtray.exe

----a-w 1,187,840 2005-10-11 17:23:50 C:\WINDOWS\SMINST\bak\RecGuard.exe

----a-w 15,360 2006-03-16 04:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2006-03-15 20:00:00 C:\WINDOWS\system32\ctfmon.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-15 15:00 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 00:58 458752]
"NvCplDaemon"="RUNDLL32.exe" [2006-03-15 23:00 33280 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2006-03-15 23:00 33280 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-08-18 03:00 1617920 C:\WINDOWS\system32\nwiz.exe]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-01 19:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 13:33 163840]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-27 15:02 579072]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-15 15:00 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-11-27 20:18 219136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2006-03-15 23:00 53760 C:\WINDOWS\system32\narrator.exe]

C:\Documents and Settings\user\Start Menu\Programs\Startup\
Recorte de pantalla e Inicio r pido de OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 11:39:30 73728]
Update Scheduler for Proteus Professional 7.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE [2008-03-25 17:07:33 65564]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-05-10 21:19 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=2 (0x2)
"usnjsvc"=3 (0x3)
"SQLWriter"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"mysql"=2 (0x2)
"MSSQL$SQLEXPRESS"=2 (0x2)
"Microsoft Office Groove Audit Service"=3 (0x3)
"MDM"=2 (0x2)
"matlabserver"=2 (0x2)
"LightScribeService"=2 (0x2)
"IDriverT"=3 (0x3)
"hpqwmiex"=2 (0x2)
"GoogleDesktopManager-091907-194040"=3 (0x3)
"Cadence License Manager"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"AresChatServer"=3 (0x3)
"Apache2.2"=2 (0x2)
"AddFiltr"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\mqsvc.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Microprose\\Grand Prix 3\\GP3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\OrCAD\\OrCAD_10.0\\tools\\bin\\cdsNameServer. exe"=
"C:\\OrCAD\\OrCAD_10.0\\tools\\bin\\cdsMsgServer.e xe"=
"C:\\AppServ\\Apache2.2\\bin\\httpd.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=

R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2006-03-15 15:00]
R3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;C:\WINDOWS\system32\Drivers\5U870CAP.sys [2006-06-06 15:39]
R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-05 18:49]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 16:49]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 16:50]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 16:50]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 16:50]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 16:50]
S4 Apache2.2;Apache2.2;"C:\AppServ\Apache2.2\bin\http d.exe" -k runservice []
S4 Cadence License Manager;Cadence License Manager;C:\OrCAD\license_manager\lmgrd.exe [2002-08-09 08:20]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 []
S4 SQLWriter;Escritor VSS de SQL Server;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 02:53]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{fe0c81dc-e795-11db-bb94-001636a8d109}]
\Shell\AutoRun\command - F:\setupSNK.exe

.
************************************************** ************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-13 19:29:12
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\system32\msdtc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
.
************************************************** ************************
.
Completion time: 2008-04-13 19:35:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-14 00:35:20
Pre-Run: 61,856,837,632 bytes free
Post-Run: 61,734,162,432 bytes free
.
2008-04-12 15:07:46 --- E O F ---
Responder Con Cita