Blog Registrarse Temas de Hoy AntiSpywares AntiVirus Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Temas Solucionados
Actualizar se me cierran los programas (Formateo)

         

InfoSpyware sortea una T-Shirts
Participa en el sorteo por una "Camiseta Oficial de InfoSpyware" gracias al amigo Enjuto Mojamuto

Para evitar Virus, Spyware y ventanas emergentes, en InfoSpyware recomendamos navegar con: FIREFOX

Temas Solucionados Casos de HijackThis y Malwares resueltos.
(Solo lectura)

Respuesta
 
Herramientas
  post #1 (permalink)  
Antiguo 11/12/07, 23:09:36
Usuario
  
Registrado: oct 2005
Ubicación: mexico
Mensajes: 7
se me cierran los programas (Formateo)
buenas, tengo un mega problema haber quien me puedo ayudar!
al momento de guardar archivos se me cierran los programas y me marcan error primero fue el photoshop lo desisntale y volvi a instalar y pasa lo mismo, igual con word
aqui esta mi log

de antemano mil gracias!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:40:23 p.m., on 11/12/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Free Download Manager\FUM\fumoei.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\djj\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\djj\Program Files\uTorrent\uTorrent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://mx.rd.yahoo.com/customize/ycomp/defaults/sp/*http://mx.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://es.mx.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.mx.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://mx.rd.yahoo.com/customize/ycomp/defaults/su/*http://mx.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 89.149.227.153 boveda.banamex.com.mx
O1 - Hosts: 89.149.227.153 www.boveda.banamex.com.mx
O1 - Hosts: 89.149.227.153 bancanetempresarial.banamex.com.mx
O1 - Hosts: 89.149.227.153 www.bancanetempresarial.banamex.com.mx
O1 - Hosts: 89.149.227.153 www.banamex.com.mx
O1 - Hosts: 89.149.227.153 banamex.com.mx
O1 - Hosts: 89.149.227.153 www.banamex.com
O1 - Hosts: 89.149.227.153 banamex.com
O1 - Hosts: 89.149.227.153 www.hacktheworld.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: (no name) - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSNPUpldes-mx.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.4.2_15) - http://javadl-esd.sun.com/update/1.4.2/jinstall-1_4-windows-i586.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Servicio de configuración de Atheros (ACS) - Atheros - C:\Windows\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12323 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #2 (permalink)  
Antiguo 13/12/07, 17:47:36
Avatar de GPastor
FS-Admin
  
Registrado: mar 2005
Ubicación: Callao - Perú
Mensajes: 16.413
Re: se me cierran los programas
Hola, sigue estos pasos:

- Desactiva el Tea Timer para que no interfiera en la limpieza.

- Descarga y ejecuta la herramienta Look2meDestroyer

- Descarga el Super Antispyware instálalo y actualízalo luego realiza un escaneo en Modo Seguro

- Pasa el Ccleaner y siguiendo los pasos de su manual utiliza las opciones Limpiador y Registro.

- Reinicia la máquina y realiza un escaneo con Ewido Online, luego pega otro log de Hijackthis y nos cuentas como te fue.

Saludos

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #3 (permalink)  
Antiguo 09/01/08, 00:28:30
Usuario
  
Registrado: oct 2005
Ubicación: mexico
Mensajes: 7
Re: se me cierran los programas
no funciona el look2me-destroyer, lo abro y le pongo minimas to task y dice que se abrirar en 1 min pero nunca se abra ni en modo seguro ni nada :S y sigo con el problema y no puedo formatear la lap ahorita porque traigo varios proyectos :S:S:S:S
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #4 (permalink)  
Antiguo 09/01/08, 12:30:30
Avatar de GPastor
FS-Admin
  
Registrado: mar 2005
Ubicación: Callao - Perú
Mensajes: 16.413
Re: se me cierran los programas
Sigue estos pasos:

- Descarga y ejecuta la herramienta Ccleaner y siguiendo los pasos de su manual utiliza las opciones Limpiador y Registro.

- Descarga el Super Antispyware instálalo y actualízalo luego realiza un escaneo en Modo Seguro

- Descarga la herramienta ComboFix y guárdala en tu escritorio.
Haz doble clic en el archivo combofix.exe y sigue los avisos.
Cuando termine este generará un reporte que tendrías que pegar en este mismo mensaje.

Nota* Puede que algunos Antivirus como Panda detecten un falso positivo en ComboFix pero no hay que preocuparse por esto.

Reinicia la máquina, pega un nuevo log de Hijackthis y uno de ComboFix, luego nos comentas los resultados.

Saludos

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #5 (permalink)  
Antiguo 09/01/08, 16:44:55
Usuario
  
Registrado: oct 2005
Ubicación: mexico
Mensajes: 7
Re: se me cierran los programas
aqui estan los logs

ComboFix 08-01-09.2 - djj 2008-01-09 13:43:17.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.3082.18.183 [GMT -6:00]
Se ejecuta desde: C:\Downloads\Software\ComboFix.exe
* Creado un nuevo punto de restauración
.

(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\djj\AppData\Roaming\inst.exe

.
(((((((((((((((((( Archivos creados desde 2007-12-09 - 2008-01-09 )))))))))))))))))))))))))))))))))
.

2008-01-09 03:53 . 2008-01-09 03:53 <DIR> d-------- C:\Users\djj\AppData\Roaming\Grisoft
2008-01-09 03:53 . 2008-01-09 03:53 <DIR> d-------- C:\Users\All Users\Grisoft
2008-01-09 03:53 . 2008-01-09 03:53 <DIR> d-------- C:\ProgramData\Grisoft
2008-01-09 03:53 . 2007-05-30 06:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-01-08 23:29 . 2008-01-08 23:29 <DIR> d-------- C:\Users\All Users\Avira
2008-01-08 23:29 . 2008-01-08 23:29 <DIR> d-------- C:\ProgramData\Avira
2008-01-08 23:29 . 2008-01-08 23:29 <DIR> d-------- C:\Program Files\Avira
2008-01-08 22:38 . 2008-01-08 22:38 <DIR> d-------- C:\Users\djj\AppData\Roaming\Consultia
2008-01-08 22:36 . 2008-01-08 22:46 <DIR> d-------- C:\Program Files\CubeDesktop
2008-01-08 06:53 . 2008-01-08 06:53 <DIR> d-------- C:\Users\djj\AppData\Roaming\Palo Alto Software Inc
2008-01-08 06:51 . 2008-01-08 06:51 <DIR> d-------- C:\Program Files\PAS
2008-01-07 16:58 . 2008-01-07 16:58 <DIR> d-------- C:\Program Files\Microsoft Works
2008-01-07 16:56 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-01-07 16:56 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-01-07 16:44 . 2008-01-07 16:44 <DIR> dr-h----- C:\MSOCache
2008-01-07 14:50 . 2008-01-07 14:50 <DIR> d-------- C:\Users\djj\AppData\Roaming\SUPERAntiSpyware.com
2007-12-26 18:39 . 2007-12-26 18:39 54,156 --ah----- C:\Windows\QTFont.qfn
2007-12-26 18:39 . 2007-12-26 18:39 1,409 --a------ C:\Windows\QTFont.for
2007-12-26 15:39 . 2006-12-29 09:57 117,760 --a------ C:\Windows\System32\hpz3l4v2.dll
2007-12-18 17:53 . 2007-12-18 17:53 <DIR> d-------- C:\Users\djj\AppData\Roaming\OtakuSoftware
2007-12-13 11:52 . 2005-05-26 15:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2007-12-13 02:20 . 2000-08-31 08:00 51,200 --a------ C:\Windows\nircmd.exe
2007-12-12 11:12 . 2007-12-12 11:12 1,327,104 --a------ C:\Windows\System32\quartz.dll
2007-12-12 11:12 . 2007-12-12 11:12 223,232 --a------ C:\Windows\System32\WMASF.DLL
2007-12-12 11:12 . 2007-12-12 11:12 9,728 --a------ C:\Windows\System32\LAPRXY.DLL
2007-12-12 11:12 . 2007-12-12 11:12 2,048 --a------ C:\Windows\System32\asferror.dll
2007-12-12 10:32 . 2007-12-12 10:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2007-12-12 10:31 . 2007-12-12 10:31 1,830,912 --a------ C:\Windows\System32\inetcpl.cpl
2007-12-12 10:31 . 2007-12-12 10:31 56,320 --a------ C:\Windows\System32\iesetup.dll
2007-12-12 10:31 . 2007-12-12 10:31 26,624 --a------ C:\Windows\System32\ieUnatt.exe
2007-12-12 10:30 . 2007-12-12 10:30 130,048 --a------ C:\Windows\System32\drivers\srv2.sys
2007-12-12 10:30 . 2007-12-12 10:30 101,888 --a------ C:\Windows\System32\drivers\mrxsmb.sys
2007-12-12 10:30 . 2007-12-12 10:30 84,992 --a------ C:\Windows\System32\drivers\srvnet.sys
2007-12-12 10:30 . 2007-12-12 10:30 58,368 --a------ C:\Windows\System32\drivers\mrxsmb20.sys
2007-12-12 10:26 . 2007-12-12 10:26 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe
2007-12-12 10:26 . 2007-12-12 10:26 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe
2007-12-12 10:25 . 2007-12-12 10:25 2,048 --a------ C:\Windows\System32\tzres.dll
2007-12-11 19:04 . 2007-12-11 19:04 <DIR> d-------- C:\Users\All Users\Lavasoft
2007-12-11 19:04 . 2007-12-11 19:04 <DIR> d-------- C:\ProgramData\Lavasoft
2007-12-11 19:04 . 2007-12-11 19:04 <DIR> d-------- C:\Program Files\Lavasoft
2007-12-11 19:00 . 2008-01-07 13:59 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-11 18:48 . 2007-12-11 18:48 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-09 20:48 . 2008-01-08 20:16 <DIR> d-------- C:\Program Files\SpywareBlaster

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-01-09 19:48 --------- d-----w C:\Users\djj\AppData\Roaming\Free Download Manager
2008-01-09 16:40 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-09 06:29 --------- d-----w C:\Users\djj\AppData\Roaming\Vso
2008-01-09 06:29 --------- d-----w C:\Users\djj\AppData\Roaming\CopyToDvd
2008-01-09 06:02 --------- d-----w C:\Program Files\CCleaner
2008-01-09 04:47 --------- d-----w C:\Program Files\WMR11
2008-01-09 01:22 --------- d-----w C:\Program Files\Winamp
2008-01-08 12:47 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-01-08 05:20 --------- d-----w C:\ProgramData\Microsoft Help
2008-01-07 22:57 --------- d-----w C:\Program Files\MSBuild
2008-01-07 22:29 --------- d-----w C:\Users\djj\AppData\Roaming\BSplayer PRO
2008-01-07 22:29 --------- d-----w C:\Program Files\Webteh
2008-01-07 20:59 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-01-02 00:52 --------- d-----w C:\Users\djj\AppData\Roaming\uTorrent
2007-12-21 08:26 --------- d-----w C:\Program Files\Norton AntiVirus
2007-12-21 06:36 --------- d-----w C:\ProgramData\CyberLink
2007-12-21 06:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-21 06:26 505,392 ----a-w C:\Windows\System32\msvcp71.dll
2007-12-12 16:31 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-11 05:54 --------- d-----w C:\ProgramData\Symantec
2007-12-09 21:06 --------- d-----w C:\Users\djj\AppData\Roaming\DVD Shrink 3.0
2007-12-07 08:33 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-07 06:58 --------- d-----w C:\ProgramData\FLEXnet
2007-12-07 06:14 --------- d-----w C:\Program Files\FileZilla Client
2007-12-07 06:10 --------- d-----w C:\Program Files\Ipswitch
2007-12-06 19:21 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF
2007-12-06 19:21 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS
2007-12-06 19:21 10,740 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT
2007-12-06 19:21 --------- d-----w C:\Program Files\Symantec
2007-12-06 18:29 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-12-05 23:57 --------- d-----w C:\Program Files\Real Desktop
2007-12-04 23:14 --------- d-----w C:\ProgramData\Webroot
2007-12-04 23:14 --------- d-----w C:\Program Files\Common Files\Webroot Shared
2007-12-04 22:42 --------- d-----w C:\Program Files\PowerISO
2007-12-04 20:59 --------- d-----w C:\Program Files\Advanced System Optimizer
2007-12-04 07:34 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-12-04 07:34 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2007-12-04 07:34 542,720 ----a-w C:\Windows\System32\sysmain.dll
2007-12-04 07:34 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2007-12-04 07:34 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2007-12-04 07:34 297,984 ----a-w C:\Windows\System32\wlansec.dll
2007-12-04 07:34 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2007-12-04 07:34 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
2007-12-04 07:34 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2007-12-04 07:34 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2007-12-04 07:34 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
2007-12-04 07:34 2,923,520 ----a-w C:\Windows\explorer.exe
2007-12-04 07:34 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2007-12-04 07:34 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
2007-12-04 07:34 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
2007-12-04 07:32 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-12-04 07:32 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-12-04 07:32 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-12-04 07:32 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-12-04 07:31 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2007-12-04 07:31 8,704 ----a-w C:\Windows\System32\hccoin.dll
2007-12-04 07:31 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys
2007-12-04 07:31 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys
2007-12-04 07:31 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys
2007-12-04 07:31 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys
2007-12-04 07:31 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys
2007-12-04 07:31 19,456 ----a-w C:\Windows\system32\drivers\usbohci.sys
2007-12-04 07:30 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2007-12-04 07:30 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2007-12-04 07:30 39,936 ----a-w C:\Windows\System32\slcinst.dll
2007-12-04 07:30 351,232 ----a-w C:\Windows\System32\SLUI.exe
2007-12-04 07:30 33,280 ----a-w C:\Windows\System32\slwmi.dll
2007-12-04 07:30 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2007-12-04 07:30 223,232 ----a-w C:\Windows\System32\SLC.dll
2007-12-04 07:30 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
2007-12-04 07:30 186,368 ----a-w C:\Windows\System32\SLLUA.exe
2007-12-04 06:55 --------- d-----w C:\Program Files\WinZip Self-Extractor
2007-12-04 05:48 --------- d-----w C:\Users\djj\AppData\Roaming\BitTorrent
2007-12-04 04:36 --------- d-----w C:\Program Files\Eidos
2007-12-04 04:17 --------- d-----w C:\Program Files\Alcohol Soft
2007-12-04 04:10 685,816 ----a-w C:\Windows\system32\drivers\sptd.sys
2007-12-04 02:07 --------- d-----w C:\Program Files\UltraISO
2007-12-03 23:46 --------- d-----w C:\Users\djj\AppData\Roaming\Webroot
2007-12-03 23:46 --------- d-----w C:\Program Files\Webroot
2007-12-03 23:26 --------- d-----w C:\Program Files\eMule
2007-12-03 23:16 --------- d-----w C:\Users\djj\AppData\Roaming\Systweak
2007-12-01 05:57 43,696 ----a-w C:\Windows\system32\drivers\srtspx.sys
2007-12-01 05:57 317,616 ----a-w C:\Windows\system32\drivers\srtspl.sys
2007-12-01 05:57 279,088 ----a-w C:\Windows\system32\drivers\srtsp.sys
2007-12-01 05:57 10,549 ----a-w C:\Windows\system32\drivers\srtspx.cat
2007-12-01 05:57 10,549 ----a-w C:\Windows\system32\drivers\srtspl.cat
2007-12-01 05:57 10,545 ----a-w C:\Windows\system32\drivers\srtsp.cat
2007-12-01 05:57 1,430 ----a-w C:\Windows\system32\drivers\srtspl.inf
2007-12-01 05:57 1,421 ----a-w C:\Windows\system32\drivers\srtspx.inf
2007-12-01 05:57 1,415 ----a-w C:\Windows\system32\drivers\srtsp.inf
2007-11-30 18:01 --------- d-----w C:\Users\djj\AppData\Roaming\UseNeXT
2007-11-27 03:02 --------- d-----w C:\Program Files\DVDFab Platinum 4
2007-11-26 04:06 47,360 ----a-w C:\Windows\system32\drivers\pcouffin.sys
2007-11-26 04:06 47,360 ----a-w C:\Users\djj\AppData\Roaming\pcouffin.sys
2007-11-26 03:42 --------- d-----w C:\Users\djj\AppData\Roaming\DVD Shrink
2007-11-21 22:39 --------- d-----w C:\Program Files\QuickTime
2007-11-21 06:17 --------- d-----w C:\ProgramData\Apple Computer
2007-11-21 06:05 --------- d-----w C:\ProgramData\Apple
2007-11-21 06:05 --------- d-----w C:\Program Files\Apple Software Update
2007-11-20 05:54 --------- d-----w C:\Users\djj\AppData\Roaming\LEGO Company
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2007-12-06 12:27 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 06:35 1196032]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 04:35 90112]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 06:35 125440]
"Free Uploader Oe Integration"="C:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 18:02 40960]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 16:34 213936]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-11-17 09:51 221056]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]
"CubeDesktop"="" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-02 06:34 1004136]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-30 23:37 4186112 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-26 23:50 815104]
"eRecoveryService"="" []
"eDSMSNfix"="C:\Acer\Empowering Technology\eDSMSNfix.exe" [2007-02-08 11:40 13312]
"Acer Product Registration"="C:\Program Files\Acer Registration\ACE1.exe" [2007-02-02 13:24 3383296]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 11:38 35328]
"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [2007-01-09 06:02 483328]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11 49152]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-08-09 21:58 180269]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 16:34 86960]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 16:34 213936]
"ACU"="C:\Program Files\Atheros\ACU.exe" [2006-11-17 10:00 348249]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 14:52 849280]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16 286720]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-08-24 23:07 51048]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 21:01 71216]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2007-03-14 21:01 54832]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-08 23:37 249896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-13 20:44:06]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-03-29 08:00:18]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 20:40:10]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
C:\WINDOWS\system32\drivers\AppleINC.exe

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsd efs\20071218.003\IDSvix86.sys [2007-11-06 10:07]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-09-19 21:37]
R2 ALaunchService;ALaunch Service;C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 06:24]
R2 int15;int15;C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 10:12]
R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" [2007-08-24 23:07]
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 04:57]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot []
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-10-03 09:33]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.s ys [2006-11-28 18:44]
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2007-02-18 21:58]
R3 Cam5607;Acer OrbiCam;C:\Windows\system32\Drivers\BisonC07.sys [2006-12-14 21:45]
R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 14:16]
R3 SymIMMP;SymIMMP;C:\Windows\system32\DRIVERS\SymIM. sys [2007-08-09 18:27]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMN DISV.SYS [2007-08-13 14:50]
S3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mo n.sys [2007-05-29 13:55]
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\Windows\system32\DRIVERS\SymIM.sys [2007-08-09 18:27]
S3 wrssweep;Webroots Volume Access Driver;C:\Program Files\Webroot\Washer\wrssweep.sys [2007-10-03 09:33]
S3 WSIMD;wsimd Service;C:\Windows\system32\DRIVERS\wsimd.sys [2006-07-20 06:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - AVGASCLN
*Newly Created Service* - PROCEXP90
*Newly Created Service* - SSMDRV

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {12BC816B-8F68-CAB4-867E-FA0FEF15FB36} /qb
.
Contenido de carpeta 'Tareas Programadas'
"2007-12-14 01:52:00 C:\Windows\Tasks\At1.job"
- C:\DOWNLO~1\Software\Look2Me-Destroyer.exe
"2008-01-08 13:35:20 C:\Windows\Tasks\At10.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 13:35:24 C:\Windows\Tasks\At11.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 19:29:12 C:\Windows\Tasks\At12.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-09 16:28:22 C:\Windows\Tasks\At13.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-09 19:34:00 C:\Windows\Tasks\At14.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-09 16:28:22 C:\Windows\Tasks\At15.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2007-12-14 15:44:56 C:\Windows\Tasks\At2.job"
- C:\DOWNLO~1\Software\Look2Me-Destroyer.exe
"2008-01-08 11:56:00 C:\Windows\Tasks\At3.job"
- C:\DOWNLO~1\Software\Look2Me-Destroyer.exe
"2008-01-09 16:28:22 C:\Windows\Tasks\At4.job"
- C:\DOWNLO~1\Software\Look2Me-Destroyer.exe
"2008-01-08 12:04:00 C:\Windows\Tasks\At5.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 12:44:00 C:\Windows\Tasks\At6.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 12:46:00 C:\Windows\Tasks\At7.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 13:35:16 C:\Windows\Tasks\At8.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 13:35:13 C:\Windows\Tasks\At9.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 02:03:56 C:\Windows\Tasks\Norton AntiVirus - Run Full System Scan - djj.job"
- C:\Program Files\Norton AntiVirus\Navw32.exeB/TASK:
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-09 13:48:46
Windows 6.0.6000 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
Tiempo completado: 2008-01-09 13:50:44
ComboFix-quarantined-files.txt 2008-01-09 19:50:40
.
2008-01-09 16:42:40 --- E O F ---



y el del hijack this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:09:24 p.m., on 09/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Free Download Manager\FUM\fumoei.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\djj\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://es.mx.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.mx.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://mx.rd.yahoo.com/customize/ycomp/defaults/su/*http://mx.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: (no name) - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSNPUpldes-mx.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.4.2_15) - http://javadl-esd.sun.com/update/1.4.2/jinstall-1_4-windows-i586.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Servicio de configuración de Atheros (ACS) - Atheros - C:\Windows\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12723 bytes



sigo con el problemita :S al querer guardar un archivo si quieor cambiar de carpeta se me cierra, pero ya no tan rapido como antes jaja creo que eso es una ventaja
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #6 (permalink)  
Antiguo 09/01/08, 18:02:07
Avatar de GPastor
FS-Admin
  
Registrado: mar 2005
Ubicación: Callao - Perú
Mensajes: 16.413
Re: se me cierran los programas
Los reportes están limpios por lo que dificilmente este problema es causado por alguna infección.

Te recomiendo descargar y ejecutar la utilidad Advanced WindowsCare, para reparar y optimizar a fondo tu PC.

Saludos

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #7 (permalink)  
Antiguo 29/01/08, 21:38:58
Usuario
  
Registrado: oct 2005
Ubicación: mexico
Mensajes: 7
gracias
muchas gracias! no pude darte las gracias antes, esque no tube de otra que respaldar toda mi info y formatear :S jaja pero gracias me sirvio de mucho tu ayuda para la otra lap
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
Respuesta

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks está desactivado
Pingbacks está desactivado
Refbacks está desactivado




Todas las horas son GMT -4. La hora es 23:22:25.

Contáctanos - Políticas del Foro - InfoSpyware - Archivo - Blog  

Powered by: vBulletin, Versión 3.7.1
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
© Copyright 2005 - 2008 InfoSpyware ® Todos los derechos reservados.
InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66