Blog Registrarse Temas de Hoy AntiSpywares AntiVirus Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Temas Solucionados
Actualizar Se abren pestañas de publicidad en el Internet explorer (solucionado)
        
Para evitar Virus, Spyware y ventanas emergentes, en InfoSpyware recomendamos navegar con: FIREFOX

Temas Solucionados Casos de HijackThis y Malwares resueltos.
(Solo lectura)

Respuesta
 
Herramientas
  post #1 (permalink)  
Antiguo 20/09/08, 17:55:57
Avatar de HsR
HsR HsR está offline
Usuario
  
Registrado: sep 2008
Ubicación: Alcala de Henares
Mensajes: 7
Se abren pestañas de publicidad en el Internet explorer (solucionado)
Cuando estoi navegando por internet me salen automaticamente pestañas de publicidad variada, el internet va lento y frecuentemente se bloquea ( no responde ). Tengo programas como Ccleaner, spyware doctor, tuneUp utilities y spywareblaster y ninguno detecta el problema de mi portatil. Aqui os dejo el hijack log, aber si podeis hacer algo y gracias de antemano:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:33:55, on 20/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.es
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.es
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [egoww] "c:\users\alvaro\appdata\local\egoww.exe" egoww
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Compra, vende y diviértete - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4 (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrvx86.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PskSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10587 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #2 (permalink)  
Antiguo 20/09/08, 21:01:02
Avatar de axl456
Moderador
  
Registrado: mar 2007
Ubicación: South Park
Mensajes: 6.680
Re: Se abren pestañas de publicidad en el Internet explorer
Bienvenido al foro..


Paso 1- Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


Paso 2- Descarga estas herramientas pero no las ejecutes aun:Paso 3- Reinicia eh inicia en "Modo a prueba de fallos" (modo seguro)

Paso 4- Con todos los programas cerrados ejecuta HijackThis y dale a estas entradas:


O4 - HKCU\..\Run: [egoww] "c:\users\alvaro\appdata\local\egoww.exe" egoww



Paso 5- Ejecuta Combofix de la siguiente manera:
  • Desactiva temporalmente el Antivirus y/o Antispyware.
  • Cierra todas las ventanas abiertas.
  • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
  • Cuando termine, generara un registro en C:\ComboFix.txt.
    • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
    • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
Cita:
Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.



Reinicia y nos contas los resultados junto a un nuevo reporte de HJT, y Combofix.
Linux User Registered #453948
Ubuntu User #20783

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Última edición por axl456 fecha: 20/09/08 a las 22:51:28.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #3 (permalink)  
Antiguo 21/09/08, 10:57:02
Avatar de HsR
HsR HsR está offline
Usuario
  
Registrado: sep 2008
Ubicación: Alcala de Henares
Mensajes: 7
Re: Se abren pestañas de publicidad en el Internet explorer
He realizado los pasos correctamente, pero me quedan dudas aun en el paso cinco pues nose si lo ice bien aunque el combo fix si genero un archivo en C:/ y de momento nose si definitivamente esta superado es te problema de las pestañas de publicidad porque no e navegado casi nada, t dejo el hijack log para que me lo veas aber si ai algo raro y tmb el reporte de combofix a continuacion:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:09, on 21/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.es
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.es
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Compra, vende y diviértete - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4 (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrvx86.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PskSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10466 bytes


ComboFix 08-09-20.05 - Alvaro 2008-09-21 15:52:33.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.3082.18.692 [GMT 2:00]
Se ejecuta desde: C:\Users\Alvaro\Downloads\ComboFix.exe
* Creado un nuevo punto de restauración
.
/wow section No ha completado

(((((((((((((((((( Archivos creados desde 2008-08-21 - 2008-09-21 )))))))))))))))))))))))))))))))))
.

2008-09-20 17:17 . 2008-09-20 17:17 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-20 17:15 . 2008-09-20 17:35 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-09-20 16:31 . 2008-09-20 16:33 <DIR> d-------- C:\Users\All Users\Lavasoft
2008-09-20 16:31 . 2008-09-20 16:33 <DIR> d-------- C:\ProgramData\Lavasoft
2008-09-20 16:31 . 2008-09-20 16:31 <DIR> d-------- C:\Program Files\Lavasoft
2008-09-18 15:05 . 2008-09-18 15:05 <DIR> d-------- C:\Users\Alvaro\AppData\Roaming\PC Tools
2008-09-18 15:05 . 2008-09-21 15:52 <DIR> d-a------ C:\Users\All Users\TEMP
2008-09-18 15:05 . 2008-09-21 15:52 <DIR> d-a------ C:\ProgramData\TEMP
2008-09-18 15:05 . 2008-09-21 15:52 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-09-18 15:05 . 2008-08-25 11:36 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
2008-09-18 15:05 . 2008-08-25 11:36 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
2008-09-18 15:05 . 2008-08-25 11:36 40,840 --a------ C:\Windows\System32\drivers\ikfilesec.sys
2008-09-18 15:05 . 2008-06-02 15:19 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
2008-09-17 18:20 . 2008-09-17 18:20 <DIR> d-------- C:\Users\All Users\Yahoo! Companion
2008-09-17 18:20 . 2008-09-17 18:20 <DIR> d-------- C:\ProgramData\Yahoo! Companion
2008-09-17 17:08 . 2008-09-17 17:08 <DIR> d-------- C:\Program Files\Yahoo!
2008-09-17 17:08 . 2008-09-17 17:08 <DIR> d-------- C:\Program Files\CCleaner
2008-09-10 17:35 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-10 17:35 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-10 17:35 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-10 17:35 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-10 17:35 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-10 17:35 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-10 17:35 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-10 17:35 . 2008-08-02 05:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-10 17:35 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-07 19:45 . 2008-09-07 19:49 <DIR> d-------- C:\Users\Alvaro\AppData\Roaming\Apple Computer
2008-09-07 19:45 . 2008-09-07 19:45 <DIR> d-------- C:\Program Files\Apple Software Update
2008-09-07 19:44 . 2008-09-07 19:44 <DIR> d-------- C:\Program Files\iTunes
2008-09-07 19:44 . 2008-09-07 19:44 <DIR> d-------- C:\Program Files\iPod
2008-09-07 19:43 . 2008-09-07 19:43 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-09-07 19:37 . 2008-09-07 19:38 <DIR> d-------- C:\Program Files\Safari
2008-08-25 21:12 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-25 21:12 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-25 21:12 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-25 21:12 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-25 21:12 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-25 21:12 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-25 21:12 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-25 21:11 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-25 21:11 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-09-20 15:30 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-18 00:12 --------- d-----w C:\Users\Alvaro\AppData\Roaming\myphotobook
2008-09-10 15:58 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-07 17:44 --------- d-----w C:\ProgramData\Apple Computer
2008-09-07 17:44 --------- d-----w C:\Program Files\Bonjour
2008-08-19 20:42 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-14 23:24 --------- d-----w C:\Program Files\Windows Mail
2008-08-13 23:13 --------- d-----w C:\Users\Alvaro\AppData\Roaming\ppstream
2008-08-06 17:06 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_ 00_00.Wdf
2008-08-06 00:32 --------- d-----w C:\Users\Alvaro\AppData\Roaming\Sony
2008-08-06 00:32 --------- d-----w C:\ProgramData\Sony
2008-08-06 00:30 --------- d-----w C:\Program Files\Sony Ericsson
2008-08-06 00:30 --------- d-----w C:\Program Files\Sony
2008-08-06 00:24 --------- d-----w C:\Program Files\Avanquest update
2008-08-06 00:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-06 00:21 --------- d-----w C:\ProgramData\BVRP Software
2008-08-06 00:02 --------- d-----w C:\Users\Alvaro\AppData\Roaming\InstallShield
2008-08-06 00:02 --------- d-----w C:\ProgramData\Sony Ericsson
2008-07-31 19:26 --------- d-----w C:\Program Files\Common Files\Panda Software
2008-07-31 19:23 38,968 ----a-w C:\Windows\system32\drivers\ShlDrv51.sys
2008-07-31 19:23 178,872 ----a-w C:\Windows\system32\drivers\PavProc.sys
2008-07-31 19:16 --------- d-----w C:\ProgramData\sentinel
2008-07-31 19:15 --------- d-----w C:\Program Files\Panda Security
2008-07-31 19:10 --------- d-----w C:\ProgramData\McAfee
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-28 10:22 --------- d-----w C:\Program Files\Java
2008-07-23 21:18 --------- d--h--w C:\Program Files\FX Uninstall Information
2008-07-18 18:39 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-07-09 12:45 354,560 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-06-27 12:23 0 ----a-w C:\Users\Alvaro\AppData\Roaming\wklnhst.dat
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 125952]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 360448]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 C:\Windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-01-25 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-01-25 154136]
"Persistence"="C:\Windows\system32\igfxpers.ex e" [2008-01-25 129560]
"Desktop SMS"="C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe" [2007-07-23 1507328]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2006-12-06 366400]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-19 1836544]
"topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="C:\Program Files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe " [2007-05-04 571024]
"Toshiba TEMPO"="C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-07-07 413696]
"APVXDWIN"="C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" [2007-10-04 455984]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-08-25 1168264]
"NDSTray.exe"="NDSTray.exe" [BU]

C:\Users\Alvaro\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\
TRDCReminder.lnk - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe [2007-07-27 389120]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-15 20:02 50736 C:\Windows\System32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~ 1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\PskSvcRetail]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{C3AD6679-EB07-4597-B0BC-F9896683B4B2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{35E00C46-693F-443A-94A0-F33FCE1E02B8}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{220525B7-197C-4499-AEF6-6425D50E96EB}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E9DE150A-86F0-4C99-BAC0-0573DA31DB0E}"= UDP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.1
"{04288FCC-A302-4629-8DF0-03D78C846D1C}"= TCP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.1
"TCP Query User{401258F8-1281-44AD-B1A5-E6525B43255D}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{952DD03F-D8F2-4E9A-84C2-EB8E23E3F1FB}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{A8D19D28-96F9-46F2-BB27-97667EA98B99}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{BABC30A7-DAE7-44DE-80D3-ED68CAA6492B}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{57DD6637-1433-491D-B032-55722CE89FC7}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{AABEDDDF-9B4F-442F-AD0C-0611D730AD6B}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\PPStream\\PPStream.exe"= C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ
"C:\\Program Files\\PPStream\\PPSAP.exe"= C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷

R1 ShldDrv;Panda File Shield Driver;C:\Windows\system32\DRIVERS\ShlDrv51.sys [2008-07-31 38968]
R2 AmFSM;AmFSM;C:\Windows\system32\DRIVERS\amm8660.sy s [2007-09-28 46648]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 PavProc;Panda Process Protection Driver;C:\Windows\system32\DRIVERS\PavProc.sys [2008-07-31 178872]
R2 PskSvcRetail;Panda PSK service;C:\Program Files\Panda Security\Panda Antivirus 2008\PskSvc.exe [2007-03-21 27696]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UxTuneUp;TuneUp Ampliación del thema;C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;C:\Windows\system32\drivers\CHDART.sys [2008-02-01 187904]
R3 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2medi a.sys [2008-01-15 48472]
R3 QIOMem;Generic IO & Memory Access;C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;C:\Windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.ex e [2008-07-09 354560]
S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.s ys [2008-01-21 386616]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenido de carpeta 'Tareas Programadas'
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.es/
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/keyword/%s
O8 -: E&xportar a Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 -: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4
O9 -: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home
O9 -: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4 -
O9 -: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home -
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 15:53:07
Windows 6.0.6001 Service Pack 1 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...


************************************************** ************************
.
Tiempo completado: 2008-09-21 15:55:46
ComboFix-quarantined-files.txt 2008-09-21 13:55:44

Pre-Run: 100,097,138,688 bytes libres
Post-Run: 100,063,784,960 bytes libres

203 --- E O F --- 2008-09-19 08:29:38
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #4 (permalink)  
Antiguo 21/09/08, 16:48:09
Avatar de axl456
Moderador
  
Registrado: mar 2007
Ubicación: South Park
Mensajes: 6.680
Re: Se abren pestañas de publicidad en el Internet explorer
Inicia el equipo en Modo normal y ejecuta nuevamente Combofix y Hijackthis (en ese orden) y me colocas los nuevos reportes..

Al ejecutar Combofix, debes previamente cerrar todas las ventanas o aplicaciones activas y cuando se este ejecutando no muevas el mouse ni realices ninguna accion en el equipo para que no se aborte el analisis..
Linux User Registered #453948
Ubuntu User #20783

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #5 (permalink)  
Antiguo 21/09/08, 19:54:57
Avatar de HsR
HsR HsR está offline
Usuario
  
Registrado: sep 2008
Ubicación: Alcala de Henares
Mensajes: 7
Re: Se abren pestañas de publicidad en el Internet explorer
Aqui t dejo ambos reportes, creo que ya esta solucionado el problema de las pestañas pero el internet va a veces lento y se bloquea, mira los dos reportes haber si encuentras algo raro, muchas gracias por tu ayuda.

Reporte ComboFix:

ComboFix 08-09-20.05 - Alvaro 2008-09-22 0:44:40.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.3082.18.910 [GMT 2:00]
Se ejecuta desde: C:\Users\Alvaro\Downloads\ComboFix.exe
* Creado un nuevo punto de restauración
.
/wow section No ha completado

(((((((((((((((((( Archivos creados desde 2008-08-21 - 2008-09-21 )))))))))))))))))))))))))))))))))
.

2008-09-21 16:10 . 2008-09-21 16:10 <DIR> d-------- C:\Users\All Users\Windows Genuine Advantage
2008-09-20 17:17 . 2008-09-20 17:17 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-20 17:15 . 2008-09-20 17:35 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-09-20 16:31 . 2008-09-20 16:33 <DIR> d-------- C:\Users\All Users\Lavasoft
2008-09-20 16:31 . 2008-09-20 16:33 <DIR> d-------- C:\ProgramData\Lavasoft
2008-09-20 16:31 . 2008-09-20 16:31 <DIR> d-------- C:\Program Files\Lavasoft
2008-09-18 15:05 . 2008-09-18 15:05 <DIR> d-------- C:\Users\Alvaro\AppData\Roaming\PC Tools
2008-09-18 15:05 . 2008-09-22 00:41 <DIR> d-a------ C:\Users\All Users\TEMP
2008-09-18 15:05 . 2008-09-22 00:41 <DIR> d-a------ C:\ProgramData\TEMP
2008-09-18 15:05 . 2008-09-21 15:52 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-09-18 15:05 . 2008-08-25 11:36 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
2008-09-18 15:05 . 2008-08-25 11:36 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
2008-09-18 15:05 . 2008-08-25 11:36 40,840 --a------ C:\Windows\System32\drivers\ikfilesec.sys
2008-09-18 15:05 . 2008-06-02 15:19 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
2008-09-17 18:20 . 2008-09-17 18:20 <DIR> d-------- C:\Users\All Users\Yahoo! Companion
2008-09-17 18:20 . 2008-09-17 18:20 <DIR> d-------- C:\ProgramData\Yahoo! Companion
2008-09-17 17:08 . 2008-09-17 17:08 <DIR> d-------- C:\Program Files\Yahoo!
2008-09-17 17:08 . 2008-09-17 17:08 <DIR> d-------- C:\Program Files\CCleaner
2008-09-10 17:35 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-10 17:35 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-10 17:35 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-10 17:35 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-10 17:35 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-10 17:35 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-10 17:35 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-10 17:35 . 2008-08-02 05:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-10 17:35 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-07 19:45 . 2008-09-07 19:49 <DIR> d-------- C:\Users\Alvaro\AppData\Roaming\Apple Computer
2008-09-07 19:45 . 2008-09-07 19:45 <DIR> d-------- C:\Program Files\Apple Software Update
2008-09-07 19:44 . 2008-09-07 19:44 <DIR> d-------- C:\Program Files\iTunes
2008-09-07 19:44 . 2008-09-07 19:44 <DIR> d-------- C:\Program Files\iPod
2008-09-07 19:43 . 2008-09-07 19:43 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-09-07 19:37 . 2008-09-07 19:38 <DIR> d-------- C:\Program Files\Safari
2008-08-25 21:12 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-25 21:12 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-25 21:12 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-25 21:12 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-25 21:12 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-25 21:12 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-25 21:12 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-25 21:11 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-25 21:11 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-09-20 15:30 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-18 00:12 --------- d-----w C:\Users\Alvaro\AppData\Roaming\myphotobook
2008-09-10 15:58 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-07 17:44 --------- d-----w C:\ProgramData\Apple Computer
2008-09-07 17:44 --------- d-----w C:\Program Files\Bonjour
2008-08-19 20:42 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-14 23:24 --------- d-----w C:\Program Files\Windows Mail
2008-08-13 23:13 --------- d-----w C:\Users\Alvaro\AppData\Roaming\ppstream
2008-08-06 17:06 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_ 00_00.Wdf
2008-08-06 00:32 --------- d-----w C:\Users\Alvaro\AppData\Roaming\Sony
2008-08-06 00:32 --------- d-----w C:\ProgramData\Sony
2008-08-06 00:30 --------- d-----w C:\Program Files\Sony Ericsson
2008-08-06 00:30 --------- d-----w C:\Program Files\Sony
2008-08-06 00:24 --------- d-----w C:\Program Files\Avanquest update
2008-08-06 00:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-06 00:21 --------- d-----w C:\ProgramData\BVRP Software
2008-08-06 00:02 --------- d-----w C:\Users\Alvaro\AppData\Roaming\InstallShield
2008-08-06 00:02 --------- d-----w C:\ProgramData\Sony Ericsson
2008-07-31 19:26 --------- d-----w C:\Program Files\Common Files\Panda Software
2008-07-31 19:23 38,968 ----a-w C:\Windows\system32\drivers\ShlDrv51.sys
2008-07-31 19:23 178,872 ----a-w C:\Windows\system32\drivers\PavProc.sys
2008-07-31 19:16 --------- d-----w C:\ProgramData\sentinel
2008-07-31 19:15 --------- d-----w C:\Program Files\Panda Security
2008-07-31 19:10 --------- d-----w C:\ProgramData\McAfee
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-28 10:22 --------- d-----w C:\Program Files\Java
2008-07-23 21:18 --------- d--h--w C:\Program Files\FX Uninstall Information
2008-07-18 18:39 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-07-09 12:45 354,560 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-06-27 12:23 0 ----a-w C:\Users\Alvaro\AppData\Roaming\wklnhst.dat
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 125952]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 360448]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 C:\Windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-01-25 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-01-25 154136]
"Persistence"="C:\Windows\system32\igfxpers.ex e" [2008-01-25 129560]
"Desktop SMS"="C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe" [2007-07-23 1507328]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2006-12-06 366400]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-19 1836544]
"topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="C:\Program Files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe " [2007-05-04 571024]
"Toshiba TEMPO"="C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-07-07 413696]
"APVXDWIN"="C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" [2007-10-04 455984]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-08-25 1168264]
"NDSTray.exe"="NDSTray.exe" [BU]

C:\Users\Alvaro\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\
TRDCReminder.lnk - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe [2007-07-27 389120]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-15 20:02 50736 C:\Windows\System32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~ 1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\PskSvcRetail]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{C3AD6679-EB07-4597-B0BC-F9896683B4B2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{35E00C46-693F-443A-94A0-F33FCE1E02B8}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{220525B7-197C-4499-AEF6-6425D50E96EB}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E9DE150A-86F0-4C99-BAC0-0573DA31DB0E}"= UDP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.1
"{04288FCC-A302-4629-8DF0-03D78C846D1C}"= TCP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.1
"TCP Query User{401258F8-1281-44AD-B1A5-E6525B43255D}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{952DD03F-D8F2-4E9A-84C2-EB8E23E3F1FB}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{A8D19D28-96F9-46F2-BB27-97667EA98B99}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{BABC30A7-DAE7-44DE-80D3-ED68CAA6492B}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{57DD6637-1433-491D-B032-55722CE89FC7}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{AABEDDDF-9B4F-442F-AD0C-0611D730AD6B}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\PPStream\\PPStream.exe"= C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ
"C:\\Program Files\\PPStream\\PPSAP.exe"= C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷

R1 ShldDrv;Panda File Shield Driver;C:\Windows\system32\DRIVERS\ShlDrv51.sys [2008-07-31 38968]
R2 AmFSM;AmFSM;C:\Windows\system32\DRIVERS\amm8660.sy s [2007-09-28 46648]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 PavProc;Panda Process Protection Driver;C:\Windows\system32\DRIVERS\PavProc.sys [2008-07-31 178872]
R2 PskSvcRetail;Panda PSK service;C:\Program Files\Panda Security\Panda Antivirus 2008\PskSvc.exe [2007-03-21 27696]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UxTuneUp;TuneUp Ampliación del thema;C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;C:\Windows\system32\drivers\CHDART.sys [2008-02-01 187904]
R3 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2medi a.sys [2008-01-15 48472]
R3 QIOMem;Generic IO & Memory Access;C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;C:\Windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.ex e [2008-07-09 354560]
S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.s ys [2008-01-21 386616]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - CATCHME
.
Contenido de carpeta 'Tareas Programadas'
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.es/
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/keyword/%s
O8 -: E&xportar a Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 -: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4
O9 -: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home
O9 -: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4 -
O9 -: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home -
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-22 00:45:06
Windows 6.0.6001 Service Pack 1 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...


************************************************** ************************
.
Tiempo completado: 2008-09-22 0:47:38
ComboFix-quarantined-files.txt 2008-09-21 22:47:36
ComboFix2.txt 2008-09-21 13:55:47

Pre-Run: 99.491.586.048 bytes libres
Post-Run: 99,459,891,200 bytes libres

204 --- E O F --- 2008-09-19 08:29:38

Reporte de HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:09, on 21/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.es
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.es
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Compra, vende y diviértete - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4 (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrvx86.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PskSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10466 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #6 (permalink)  
Antiguo 21/09/08, 22:13:27
Avatar de axl456
Moderador
  
Registrado: mar 2007
Ubicación: South Park
Mensajes: 6.680
Re: Se abren pestañas de publicidad en el Internet explorer
Ambos reportes estan limpio, realiza lo siguiente para desintalar CF.

  • Ir a Inicio > Ejecutar
  • Escribir lo siguiente: ComboFix /u como muestra la imagen debajo:
  • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")


si no tienes algun otro problema indicame para dar por solucionado el tema..
Linux User Registered #453948
Ubuntu User #20783

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #7 (permalink)  
Antiguo 22/09/08, 11:29:06
Avatar de HsR
HsR HsR está offline
Usuario
  
Registrado: sep 2008
Ubicación: Alcala de Henares
Mensajes: 7
Re: Se abren pestañas de publicidad en el Internet explorer
Perfecto ya e desinstalado el combofix y definitivamente esta solucionado el problema de las ventanas de publicidad asi que muchisimas gracias, lo ultimo que t pido es que me des consejo para que esto no me vuelva a ocurrir mas, para no volver a molestaros.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #8 (permalink)  
Antiguo 22/09/08, 16:22:39
Avatar de axl456
Moderador
  
Registrado: mar 2007
Ubicación: South Park
Mensajes: 6.680
Re: Se abren pestañas de publicidad en el Internet explorer
Para proteger tu equipo debes mantener un antivirus actualizado en tu equipo, asi como un antisyware. En este sector del foro encontraras informacion y opiniones sobre los usuarios e integrantes del foro sobre antivirus, antispywares etc:

Herramientas Anti-Malwares - Foro de Spyware

SI tienes dudas sobre las herramientas puedes consultar alli..

Herramienta que debes tener para evitar infecciones:
SpywareBlaster. Que es y como funciona Spywareblaster

Del resto solo queda recomendarte que utilices un navegador (como Firefox u Opera, no uses IE) seguro a la hora de andar por la red..

Damos el tema por solucionado..
Linux User Registered #453948
Ubuntu User #20783

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita