Hola, antetodo felices fiestas
Recientemente he estado teniendo los fastidiosos pop ups del cid en mi laptop(con el aun mas fastidioso windows vista) he intentado todo lo q dicen en este foro y nada para resultar permanentemente. Al scannear mi equipo con el superantispyware, dicho programa detecta cookies de adware, los popups se van , pero al prender la lap al dia siguiente, vuelven.

Se q muchos foristas tenemos el mismo problema, por eso agradezco de antemano a kien me pueda brindar ayuda en este asunto

He aki mi log del hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:26 a.m., on 12/30/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hassan\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espndeportes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\4295\SiteAv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [Hide-The-IP] "C:\Program Files\Hide The IP\HideTheIP.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hassan\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [Media Math] "C:\ProgramData\MeowVcVc.1gjqpe"
O4 - HKCU\..\Run: [Bags Else Hole Lite] "C:\ProgramData\plan book coal.nomq7"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8598 bytes


tambien vi unos logs sobre el combo fix, aqui lo tengo por si hace falta
Combo fix log:
ComboFix 07-12-28.1 - Hassan 2007-12-29 23:26:35.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.391 [GMT -5:00]
Running from: C:\Users\Hassan\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\x64

.
((((((((((((((((((((((((( Files Created from 2007-11-28 to 2007-12-30 )))))))))))))))))))))))))))))))
.

2007-12-28 22:32 . 2007-12-28 22:32 <DIR> d-------- C:\Program Files\FileASSASSIN
2007-12-28 21:20 . 2007-12-28 22:19 <DIR> d-------- C:\Program Files\DelPSGuard
2007-12-28 21:00 . 2007-12-28 21:00 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-26 21:17 . 2007-12-26 21:18 <DIR> d-------- C:\Program Files\VirtualDJ
2007-12-26 20:48 . 2007-12-26 20:48 <DIR> d-------- C:\Program Files\Real
2007-12-26 20:48 . 2007-12-26 20:48 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-12-26 20:48 . 2007-12-26 20:48 <DIR> d-------- C:\Program Files\Common Files\Real
2007-12-26 19:12 . 2004-05-27 14:49 16,032 --a------ C:\Windows\System32\drivers\P2k.sys
2007-12-26 17:16 . 2007-12-26 17:16 <DIR> d-------- C:\Users\Hassan\AppData\Roaming\InstallShield
2007-12-26 17:12 . 2007-12-26 17:16 <DIR> d-------- C:\Program Files\Avanquest update
2007-12-26 17:10 . 2007-12-26 18:22 <DIR> d-------- C:\Users\All Users\BVRP Software
2007-12-26 17:10 . 2007-12-26 18:22 <DIR> d-------- C:\ProgramData\BVRP Software
2007-12-26 02:20 . 2007-12-26 02:20 <DIR> d-------- C:\Users\Hassan\AppData\Roaming\SUPERAntiSpyware.c om
2007-12-26 02:20 . 2007-12-26 02:20 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2007-12-26 02:20 . 2007-12-26 02:20 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
2007-12-26 02:20 . 2007-12-29 23:23 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-12-26 02:20 . 2007-12-26 02:20 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-26 02:06 . 2007-12-26 02:06 <DIR> d-------- C:\Program Files\CCleaner
2007-12-26 01:10 . 2007-12-26 01:10 268 --ah----- C:\sqmdata00.sqm
2007-12-26 01:10 . 2007-12-26 01:10 244 --ah----- C:\sqmnoopt00.sqm
2007-12-26 00:43 . 2007-08-24 19:30 188,416 --a------ C:\Windows\System32\igfxres.dll
2007-12-24 02:32 . 2007-12-26 01:19 <DIR> d-------- C:\Users\All Users\Iso Web Bags Else
2007-12-24 02:32 . 2007-12-26 01:19 <DIR> d-------- C:\Users\All Users\Glue Keep Test
2007-12-24 02:32 . 2007-12-26 01:19 <DIR> d-------- C:\ProgramData\Iso Web Bags Else
2007-12-24 02:32 . 2007-12-26 01:19 <DIR> d-------- C:\ProgramData\Glue Keep Test
2007-12-24 02:31 . 2007-12-24 02:31 <DIR> d-------- C:\Program Files\Circle Developement
2007-12-19 15:14 . 2007-12-19 15:14 <DIR> d-------- C:\Program Files\EA GAMES
2007-12-17 12:18 . 2007-12-17 12:18 <DIR> d-------- C:\Program Files\Roger Wilco
2007-12-17 12:18 . 2007-12-24 03:14 <DIR> d-------- C:\Program Files\GameSpy Arcade
2007-12-11 22:59 . 2007-12-11 22:59 1,327,104 --a------ C:\Windows\System32\quartz.dll
2007-12-11 22:59 . 2007-12-11 22:59 223,232 --a------ C:\Windows\System32\WMASF.DLL
2007-12-11 22:59 . 2007-12-11 22:59 9,728 --a------ C:\Windows\System32\LAPRXY.DLL
2007-12-11 22:59 . 2007-12-11 22:59 2,048 --a------ C:\Windows\System32\asferror.dll
2007-12-11 22:57 . 2007-12-11 22:57 130,048 --a------ C:\Windows\System32\drivers\srv2.sys
2007-12-11 22:57 . 2007-12-11 22:57 101,888 --a------ C:\Windows\System32\drivers\mrxsmb.sys
2007-12-11 22:57 . 2007-12-11 22:57 84,992 --a------ C:\Windows\System32\drivers\srvnet.sys
2007-12-11 22:57 . 2007-12-11 22:57 58,368 --a------ C:\Windows\System32\drivers\mrxsmb20.sys
2007-12-11 22:57 . 2007-12-11 22:57 56,320 --a------ C:\Windows\System32\iesetup.dll
2007-12-11 22:57 . 2007-12-11 22:57 26,624 --a------ C:\Windows\System32\ieUnatt.exe
2007-12-11 22:55 . 2007-12-11 22:55 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe
2007-12-11 22:55 . 2007-12-11 22:55 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe
2007-12-11 22:55 . 2007-12-11 22:55 2,048 --a------ C:\Windows\System32\tzres.dll
2007-11-26 21:57 . 2007-12-22 13:09 <DIR> d-------- C:\Program Files\Electronic Arts
2007-11-17 15:59 . 2007-11-17 15:59 1,244,672 --a------ C:\Windows\System32\mcmde.dll
2007-11-16 23:09 . 2007-11-16 23:09 <DIR> d-------- C:\Program Files\Handmark
2007-11-15 21:57 . 2007-11-15 21:57 <DIR> d-------- C:\Program Files\Common Files\Logitech
2007-11-15 21:57 . 2005-04-12 19:09 159,744 --a------ C:\Windows\System32\WmJoyFrc.dll
2007-11-15 21:57 . 1998-06-17 19:08 57,344 --a------ C:\Windows\System32\Mfc42loc.dll
2007-11-15 21:57 . 2005-04-12 19:21 45,504 --a------ C:\Windows\System32\drivers\WmXlCore.sys
2007-11-15 21:57 . 2005-04-12 19:21 22,240 --a------ C:\Windows\System32\drivers\WmFilter.sys
2007-11-15 21:57 . 2005-04-12 19:21 10,144 --a------ C:\Windows\System32\drivers\WmBEnum.sys
2007-11-15 21:57 . 2005-04-12 19:21 5,600 --a------ C:\Windows\System32\drivers\WmVirHid.sys
2007-11-15 11:53 . 2007-11-15 11:53 <DIR> d-------- C:\Program Files\New Wave Concepts
2007-11-14 21:31 . 2007-11-14 21:31 <DIR> d-------- C:\Users\Hassan\AppData\Roaming\InstallShield Installation Information
2007-11-13 18:55 . 2007-11-13 18:55 224,768 --a------ C:\Windows\System32\drivers\usbport.sys
2007-11-13 18:55 . 2007-11-13 18:55 192,000 --a------ C:\Windows\System32\drivers\usbhub.sys
2007-11-13 18:55 . 2007-11-13 18:55 73,216 --a------ C:\Windows\System32\drivers\usbccgp.sys
2007-11-13 18:55 . 2007-11-13 18:55 38,400 --a------ C:\Windows\System32\drivers\usbehci.sys
2007-11-13 18:55 . 2007-11-13 18:55 23,040 --a------ C:\Windows\System32\drivers\usbuhci.sys
2007-11-13 18:55 . 2007-11-13 18:55 8,704 --a------ C:\Windows\System32\hcrstco.dll
2007-11-13 18:55 . 2007-11-13 18:55 8,704 --a------ C:\Windows\System32\hccoin.dll
2007-11-13 18:55 . 2007-11-13 18:55 5,888 --a------ C:\Windows\System32\drivers\usbd.sys
2007-11-11 20:14 . 2007-11-11 20:14 0 --a------ C:\Windows\nsreg.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2007-12-30 04:26 262,144 ----a-w C:\ProgramData\ntuser.dat
2007-12-30 04:26 --------- d-----w C:\Users\Hassan\AppData\Roaming\BitTorrent DNA
2007-12-28 01:26 --------- d-----w C:\Users\Hassan\AppData\Roaming\BitTorrent
2007-12-26 23:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-24 07:31 --------- d-----w C:\Program Files\MSN Messenger
2007-12-24 07:31 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-22 21:00 --------- d-----w C:\Program Files\TVUPlayer
2007-12-22 18:15 --------- d-----w C:\Program Files\Microsoft Games
2007-12-22 18:05 --------- d-----w C:\Program Files\Ahead
2007-12-19 18:57 --------- d-----w C:\Users\Hassan\AppData\Roaming\SopCast
2007-12-14 03:14 --------- d-----w C:\Program Files\LucasArts
2007-12-12 04:00 --------- d-----w C:\ProgramData\Microsoft Help
2007-12-12 03:58 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-11-16 06:46 --------- d-----w C:\Program Files\TOSHIBA Games
2007-11-16 02:57 --------- d-----w C:\Program Files\Logitech
2007-11-15 03:21 --------- d-----w C:\Program Files\CircuitMaker 2000 Trial
2007-11-13 23:57 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-11-13 23:57 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2007-11-13 23:57 542,720 ----a-w C:\Windows\System32\sysmain.dll
2007-11-13 23:57 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2007-11-13 23:57 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2007-11-13 23:57 297,984 ----a-w C:\Windows\System32\wlansec.dll
2007-11-13 23:57 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2007-11-13 23:57 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
2007-11-13 23:57 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2007-11-13 23:57 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2007-11-13 23:57 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
2007-11-13 23:57 2,923,520 ----a-w C:\Windows\explorer.exe
2007-11-13 23:57 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2007-11-13 23:57 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
2007-11-13 23:55 --------- d-----w C:\Program Files\Windows Mail
2007-10-10 19:24 298,104 ----a-w C:\Windows\System32\imon.dll
2007-10-10 03:16 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-10-10 03:16 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-10-10 03:16 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-10-10 03:16 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-10-10 03:06 84,480 ----a-w C:\Windows\System32\INETRES.dll
2007-10-10 03:06 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2007-10-10 03:05 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
2007-09-04 04:00 8,192 ----a-w C:\Windows\System32\riched32.dll
2007-09-04 04:00 77,824 ----a-w C:\Windows\System32\rascfg.dll
2007-09-04 04:00 694,784 ----a-w C:\Windows\System32\localspl.dll
2007-09-04 04:00 52,736 ----a-w C:\Windows\System32\rasdiag.dll
2007-09-04 04:00 384,000 ----a-w C:\Windows\System32\netcfgx.dll
2007-09-04 04:00 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-09-04 04:00 33,280 ----a-w C:\Windows\System32\traffic.dll
2007-09-04 04:00 32,768 ----a-w C:\Windows\System32\rasmxs.dll
2007-09-04 04:00 286,208 ----a-w C:\Windows\System32\ipnathlp.dll
2007-09-04 04:00 22,016 ----a-w C:\Windows\System32\rasser.dll
2007-09-04 04:00 15,360 ----a-w C:\Windows\System32\pacerprf.dll
2007-09-04 04:00 134,656 ----a-w C:\Windows\System32\dps.dll
2007-09-04 04:00 13,824 ----a-w C:\Windows\System32\wshqos.dll
2007-09-04 04:00 13,824 ----a-w C:\Windows\System32\icsunattend.exe
2007-08-30 01:01 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TOSCDSPD"="TOSCDSPD.EXE" []
"BitTorrent DNA"="C:\Users\Hassan\Program Files\BitTorrent_DNA\dna.exe" [2007-09-03 12:57]
"Media Math"="C:\ProgramData\MeowVcVc.1gjqpe" [2007-12-26 01:18]
"Bags Else Hole Lite"="C:\ProgramData\plan book coal.nomq7" [2007-12-26 01:19]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 07:36]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-07-27 06:32]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-27 15:20]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 12:57 C:\Windows\RtHDVCpl.exe]
"NDSTray.exe"="NDSTray.exe" []
"HSON"="C:\Program Files\TOSHIBA\TBS\HSON.exe" [2006-12-07 18:49]
"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2006-12-11 19:45]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 06:00]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-08-24 19:54]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-08-24 19:54]
"Persistence"="C:\Windows\system32\igfxpers.ex e" [2007-08-24 19:54]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-10 14:24]
"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-20 01:16]
"SVPWUTIL"="C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-01-18 18:06]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\4295\SiteAv.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2005-12-16 04:41]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02]
"KeNotify"="C:\Program Files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 19:14]
"HWSetup"="C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" [2006-11-01 10:06]
"Hide-The-IP"="C:\Program Files\Hide The IP\HideTheIP.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2006-12-15 17:59]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-26 20:48]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
DataViz Inc Messenger.lnk - C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe [2007-10-06 02:13:51]
HotSync Manager.lnk - C:\Program Files\Palm\Hotsync.exe [2004-06-09 14:27:34]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-09-02 15:20:00]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R0 LPCFilter;LPC Lower Filter Driver;C:\Windows\system32\DRIVERS\LPCFilter.sys [2006-07-28 18:25]
R2 pinger;pinger;C:\TOSHIBA\IVP\ISM\pinger.exe [2007-01-25 19:47]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-11-01 00:40]
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2007-06-19 06:34]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 19:39]
R3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-06-25 05:37]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 13:50]
S3 GameConsoleService;GameConsoleService;"C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe" [2007-09-18 17:49]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 02:30]
S4 KR10I;KR10I;C:\Windows\system32\drivers\kr10i.sys [2007-02-19 21:12]
S4 KR10N;KR10N;C:\Windows\system32\drivers\kr10n.sys [2007-02-19 21:13]
S4 KR3NPXP;KR3NPXP;C:\Windows\system32\drivers\kr3npx p.sys [2006-09-27 22:06]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{42b829c6-72fe-11dc-86b8-001b383e0df6}]
\shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{59456ec0-41b6-11dc-9fa9-806e6f6e6963}]
\shell\AutoRun\command - D:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7104519e-92cc-11dc-be77-001b383e0df6}]
\shell\Auto\command - MSOCache\doWTP_RESTORE_0.exe -autorun
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MSOCache\doWTP_RESTORE_0.exe -autorun

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{710451aa-92cc-11dc-be77-001b383e0df6}]
\shell\AutoRun\command - F:\*.exe
\shell\explore\Command - F:\*.exe
\shell\open\Command - F:\*.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
************************************************** ************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-29 23:29:27
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2007-12-29 23:30:20
.
2007-12-27 22:54:03 --- E O F ---


Muchas gracias de antemano a los amables foristas q me brinden ayuda

el spysweeper detecto casi 25 tracking cookies de adware, sin embargo no elimina los archivos infectados

Hola badbuay, te doy la bienvenida al Foro de InfoSpyware.

Paso 1- Descargar y actualizar las siguientes herramientas:

• NoLop
• SUPERAntiSpyware
• IniRem 2.0
• CCleaner

Paso 2- Reiniciar en Modo Seguro.

Paso 3- Con todos los programas cerrados ejecuta el HijackThis y dale a estas entradas:

O4 - HKCU\..\Run: [Bags Else Hole Lite] "C:\ProgramData\plan book coal.nomq7"


Paso 4- Sin reiniciar, ejecutar de a una, estas herramientas:

• NoLop.exe (guarda su reporte)
• SUPERAntiSpyware

Nota* Utiliza la herramienta IniRem 2.0 para limpiar tu archivo Host.

Paso 5- Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

Reinicia y nos contas los resultados.

Salu2

muchas gracias a el piedra y demas foristas q respondieron este post

he hecho todo lo q me han dicho en el orden adecuado y por el momento no me ha aparecido nada del CID, aunq es muy pronto para dar el tema por solucionado porque no seria la primera vez q despues de un scan con superantispyware, los popups desaparecen por un tiempo y luego regresan

El No.Lop no me detecto absolutamente nada, no me da ningun reporte ni me manda a hacer reboor, y lo hice correr varias veces(en modo aprueba de fallos porque en modo normal no corre). No se si esto este bien o haya algun problema

salu2 y nuevamente gracias