• Registrarse
  • Iniciar sesión


  • Resultados 1 al 10 de 10

    Se cierra solo el explorer internet. (Solucionado)

    Resumen del tema: Se cierra solo el explorer internet. (Solucionado) - HOLA QUE TAL, BUENO MI PROBLEMA ES QUE EL EXPLORER INTERNET SE CIERRA SOLO CUANDO ABRO MAS DE 2 PAGINAS, Y ASTA EL DIA DE HOY SE ME CIERRA TAMBIEN UN VIDEO JUEGO. APARTE SE ...

      
    1. #1
      Usuario Avatar de raqetas
      Registrado
      jun 2009
      Ubicación
      mex
      Mensajes
      5

      Atención Se cierra solo el explorer internet. (Solucionado)

      HOLA QUE TAL, BUENO MI PROBLEMA ES QUE EL EXPLORER INTERNET SE CIERRA SOLO CUANDO ABRO MAS DE 2 PAGINAS, Y ASTA EL DIA DE HOY SE ME CIERRA TAMBIEN UN VIDEO JUEGO. APARTE SE VOLVIO UN POCO MAS LENTA LA PC.

      NO SE SI PUEDADN AYUDARME.


      ESTE ES EL REPORTE DEL HIJACKTHIS



      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 09:13:05 a.m., on 30/06/2009
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\LEXBCES.EXE
      C:\WINDOWS\system32\LEXPPS.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Documents and Settings\All Users\Application Data\SeekService\seekservice113.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\SeekService\seekservice.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
      C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
      C:\WINDOWS\system32\SVOHOST.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\WINDOWS\system32\temp1.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\HPQ\SHARED\HPQWMI.exe
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mx.yahoo.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      F3 - REG:win.ini: load=C:\WINDOWS\svchost.exe
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
      O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\UpMedia\ContentTool.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
      O3 - Toolbar: Vista de HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
      O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
      O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
      O4 - HKLM\..\Run: [SoundMam] C:\WINDOWS\system32\SVOHOST.exe
      O4 - HKLM\..\Run: [bios] C:\WINDOWS\system32\bios.exe
      O4 - HKLM\..\Run: [ExAlien] C:\Arquivos de programas\ExAlien.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [slide.exe] c:\program files\slide\slide.exe
      O4 - HKCU\..\Run: [Shell] "C:\WINDOWS\system32\Rundll32.exe" "C:\WINDOWS\system32\shell32.dll",Control_RunDLL "C:\DOCUME~1\ISMAEL~1\LOCALS~1\Temp\dat18.tmp"
      O4 - HKCU\..\Run: [AbacastDistributedOnDemand:11] C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe -r:11 -x:1
      O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
      O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
      O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
      O4 - Startup: Herramienta de búsqueda de soportes de Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
      O8 - Extra context menu item: &Search - http://kq.bar.need2find.com/KQ/menusearch.html?p=KQ
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-MX/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244759544343
      O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O18 - Protocol: x-cnote - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
      O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
      O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: SeekService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekService\seekservice113.exe
      O24 - Desktop Component 0: (no name) - http://recursos.cnice.mec.es/biosfera/profesor/videos/adn_t.jpg

      --
      End of file - 9103 bytes

    2. #2
      Ex-Colaborador Avatar de GPastor
      Registrado
      mar 2005
      Ubicación
      Perú
      Mensajes
      23.116

      Re: Se cierra solo el explorer internet.

      Hola, te doy la bienvenida al Foro de InfoSpyware.

      ForoSpyware lo mantenemos voluntarios que tenemos nuestros trabajos y obligaciones fuera, por lo que no estamos 24/7, a lo que te pedimos paciencia en el análisis y respuesta de tu caso. Si 48hrs después de dejarnos un nuevo log de HijackThis no recibes una respuesta me puedes enviar un Mensaje Privado de recordatorio.

      Vamos a comenzar por estos pasos:

      • Paso 1- Descarga, instala y actualiza las siguientes herramientas:

      • Paso 2- Ejecuta CCleaner para hacerle una limpieza de cookies, archivos temporales e innecesarios para mejorar el rendimiento de tu equipo y generar reportes mas limpios.(NO necesitamos este reporte)
      • Paso 3- Ejecuta Malwarebytes' Anti-Malware (MBAM) y selecciona todo lo que este encuentre para luego presionar el botón de "Quitar lo Seleccionado" y así mandarlo a cuarentena.
      • Paso 4- Reinicia tu PC, y vuelve a generar un nuevo reporte de HijackThis 2.0.2 para pegarlo junto con el reporte de MBAM en este mismo mensaje contándonos si hubiera habido alguna mejora en el problema o rendimiento del equipo.


      Por ultimo te recomiendo suscribirte al feed de nuestro Blog de InfoSpyware para estar al tanto de las nuevas amenazas que circulan por la red y así en un futuro puedas prevenirlas.

      No te olvides de volver a dejarnos los reportes para continuar con el tema....

      Saludos

    3. #3
      Usuario Avatar de raqetas
      Registrado
      jun 2009
      Ubicación
      mex
      Mensajes
      5

      Atención Re: Se cierra solo el explorer internet.

      Cita Originalmente publicado por GPastor Ver Mensaje
      Hola, te doy la bienvenida al Foro de InfoSpyware.

      ForoSpyware lo mantenemos voluntarios que tenemos nuestros trabajos y obligaciones fuera, por lo que no estamos 24/7, a lo que te pedimos paciencia en el análisis y respuesta de tu caso. Si 48hrs después de dejarnos un nuevo log de HijackThis no recibes una respuesta me puedes enviar un Mensaje Privado de recordatorio.

      Vamos a comenzar por estos pasos:

      • Paso 1- Descarga, instala y actualiza las siguientes herramientas:

      • Paso 2- Ejecuta CCleaner para hacerle una limpieza de cookies, archivos temporales e innecesarios para mejorar el rendimiento de tu equipo y generar reportes mas limpios.(NO necesitamos este reporte)
      • Paso 3- Ejecuta Malwarebytes' Anti-Malware (MBAM) y selecciona todo lo que este encuentre para luego presionar el botón de "Quitar lo Seleccionado" y así mandarlo a cuarentena.
      • Paso 4- Reinicia tu PC, y vuelve a generar un nuevo reporte de HijackThis 2.0.2 para pegarlo junto con el reporte de MBAM en este mismo mensaje contándonos si hubiera habido alguna mejora en el problema o rendimiento del equipo.


      Por ultimo te recomiendo suscribirte al feed de nuestro Blog de InfoSpyware para estar al tanto de las nuevas amenazas que circulan por la red y así en un futuro puedas prevenirlas.

      No te olvides de volver a dejarnos los reportes para continuar con el tema....

      Saludos



      ESTE ES EL REPORTE DEL HIJACKTHIS





      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 11:12:19 p.m., on 02/07/2009
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\LEXBCES.EXE
      C:\WINDOWS\system32\LEXPPS.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Documents and Settings\All Users\Application Data\SeekService\seekservice115.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\SeekService\seekservice.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      C:\Program Files\HPQ\SHARED\HPQWMI.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\ARES\Ares.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mx.yahoo.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
      O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
      O3 - Toolbar: Vista de HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
      O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
      O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [ExAlien] C:\Arquivos de programas\ExAlien.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [AbacastDistributedOnDemand:11] C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe -r:11 -x:1
      O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
      O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
      O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
      O4 - Startup: Herramienta de búsqueda de soportes de Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
      O4 - Global Startup: ExAlien.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
      O8 - Extra context menu item: &Search - http://kq.bar.need2find.com/KQ/menusearch.html?p=KQ
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-MX/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244759544343
      O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O18 - Protocol: x-cnote - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
      O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
      O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: SeekService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekService\seekservice115.exe
      O24 - Desktop Component 0: (no name) - http://recursos.cnice.mec.es/biosfera/profesor/videos/adn_t.jpg

      --
      End of file - 7385 bytes





      Y ESTE ES EL DEL MBAM





      Malwarebytes' Anti-Malware 1.38
      Versión de la Base de Datos: 2365
      Windows 5.1.2600 Service Pack 2

      02/07/2009 01:22:14 p.m.
      mbam-log-2009-07-02 (13-22-14).txt

      Tipo de examen : Examen Completo (C:\|)
      Objetos examinados: 176235
      Tiempo transcurrido: 34 minute(s), 7 second(s)

      Procesos en Memoria Infectados: 2
      Módulos en Memoria Infectados: 4
      Claves del Registro Infectadas: 43
      Valores del Registro Infectados: 4
      Elementos de Datos del Registro Infectados: 4
      Carpetas Infectadas: 1
      Ficheros Infectados: 26

      Procesos en Memoria Infectados:
      C:\WINDOWS\system32\temp1.exe (Trojan.Downloader) -> Unloaded process successfully.
      C:\WINDOWS\system32\SVOHOST.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.

      Módulos en Memoria Infectados:
      C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Temp\dat19.tmp (Spyware.OnlineGames) -> Delete on reboot.
      C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Temp\dat18.tmp (Spyware.OnlineGames) -> Delete on reboot.
      C:\WINDOWS\system32\UpMedia\ContentTool.dll (Adware.SmartShopper) -> Delete on reboot.
      C:\WINDOWS\system32\winscok.dll (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.

      Claves del Registro Infectadas:
      HKEY_CLASSES_ROOT\CLSID\{e25c29ab-12b9-4523-a53c-324b5fba648c} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\fis.amo (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{5015bf9d-173c-474b-9af3-77d4d23a4135} (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{5ed7d3de-6dbe-4516-8712-01b1b64b7057} (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5ed7d3de-6dbe-4516-8712-01b1b64b7057} (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ed7d3de-6dbe-4516-8712-01b1b64b7057} (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{92c3f342-45da-4511-853a-b3836aaff5f5} (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\fis.amo.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\fis.momo (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\fis.momo.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\fis.ohb (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\fis.ohb.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\gnucdna.core (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\TypeLib\{2850bdc7-2330-4e31-9fa0-88268846539a} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{0be385a3-85a5-4722-b677-68dae891ff21} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{272c0d60-0561-4c83-b3db-eb0a71f9d2eb} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{284477e4-a7cb-4055-9e1b-0ea7cba28945} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{70ca4938-6a0f-4641-a9a9-c936e4c1e7de} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{7468213e-010e-4ec6-a17d-642e909ba7ec} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{89dc33a2-f86f-42a1-8b5f-d4d1943efc9c} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{a916af3c-976d-4358-8736-95bea0b5fd2c} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{b86f4810-19a9-4050-9ac9-b5cf60b5799a} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{bb5b7e14-f8b4-4365-a24d-f4965c33e1ee} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{be45f056-e005-437b-be88-23acf70b0b6a} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{c13d4627-02f5-4b03-897a-bf6a90022dd2} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{c636f1fc-6ae4-4e6a-90ab-6d61d821a0dd} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{cb971ac0-6408-40da-a540-92f9f256f51f} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{d5694dfe-43b6-4e05-aa29-8c556c968973} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{e2032ec2-a9ac-4ed7-9bdb-ebecacf076f2} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{ebab4a71-8c34-461a-b57d-dd041d439555} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{f06fea43-0cc3-4bf6-a85b-5efb1c07aa4b} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{fc94a0f7-9c7c-4ae2-9106-5c212332b209} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{f02c0ae1-d796-42c9-81e1-084d88f79b8e} (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{85e0b171-04fa-11d1-b7da-00a0c90348a7} (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{85e0b171-04fa-11d1-b7da-00a0c90348d7} (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\upmedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Ares Gold (Adware.WhenUSave) -> Quarantined and deleted successfully.

      Valores del Registro Infectados:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e25c29ab-12b9-4523-a53c-324b5fba648c} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\GnucDNA.dll (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\shell (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\soundmam (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

      Elementos de Datos del Registro Infectados:
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Dropper) -> Data: c:\windows\svchost.exe -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

      Carpetas Infectadas:
      C:\WINDOWS\system32\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.

      Ficheros Infectados:
      C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Temp\dat19.tmp (Spyware.OnlineGames) -> Delete on reboot.
      C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Temp\dat18.tmp (Spyware.OnlineGames) -> Delete on reboot.
      C:\WINDOWS\system32\temp1.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\UpMedia\ContentTool.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\GnucDNA.dll (Adware.WhenUSave) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\UpMedia\SearchTool.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
      C:\autorun.inf (Worm.Perlovga) -> Quarantined and deleted successfully.
      c:\copy.exe (Worm.Perlovga) -> Quarantined and deleted successfully.
      c:\host.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
      c:\documents and settings\ismael alejandro\local settings\Temp\dat10B.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
      c:\documents and settings\ismael alejandro\local settings\Temp\dat4C.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
      c:\documents and settings\ismael alejandro\local settings\Temp\dat10A.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
      c:\documents and settings\ismael alejandro\local settings\Temp\dat3F.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
      c:\documents and settings\ismael alejandro\local settings\Temp\dat4A.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
      c:\documents and settings\ismael alejandro\local settings\Temp\dat4B.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
      c:\WINDOWS\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
      c:\WINDOWS\1-fe5e180d56ed9c233080898276c260cc.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
      c:\WINDOWS\xcopy.exe (Worm.Perlovga) -> Quarantined and deleted successfully.
      c:\WINDOWS\system32\temp2.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
      c:\WINDOWS\system32\UpMedia\uninstallSE.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
      c:\system1591.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\SVOHOST.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\winscok.dll (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
      c:\END (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      c:\WINDOWS\smdat32a.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
      c:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.






      PUES CON LO QUE HICE SOLO MEJORO UN POCO LA RAPIDEZ DEL PC, PERO SE SIGUE CERRANDO EL WINDOWS INTERNET EXPLORER y el error que me marca es AppName:iexplorer.exe AppVer:6.0.2900.2180 ModName: kernel32.dll ModVer: 5.1.2600.3541 Offset: 00012a6b ..
      Última edición por raqetas fecha: 03/07/09 a las 02:32:43

    4. #4
      Ex-Colaborador Avatar de GPastor
      Registrado
      mar 2005
      Ubicación
      Perú
      Mensajes
      23.116

      Re: Se cierra solo el explorer internet.

      No es necesario que escribas en letras tan grandes, en internet eso equivale a gritar, y a nadie le gusta que le griten ¿verdad?

      Aún hay infecciones en tu sistema sigue estos pasos:

      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Haz doble clic al archivo ComboFix.exe y sigue las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Saludos

    5. #5
      Usuario Avatar de raqetas
      Registrado
      jun 2009
      Ubicación
      mex
      Mensajes
      5

      Atención Re: Se cierra solo el explorer internet.

      Cita Originalmente publicado por GPastor Ver Mensaje
      No es necesario que escribas en letras tan grandes, en internet eso equivale a gritar, y a nadie le gusta que le griten ¿verdad?

      Aún hay infecciones en tu sistema sigue estos pasos:

      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Haz doble clic al archivo ComboFix.exe y sigue las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.


      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Saludos



      que tal, una disculpa por la letra...


      y aqui esta el reporte de combofix....




      ComboFix 09-07-03.03 - ISMAEL ALEJANDRO 03/07/2009 23:12.1 - NTFSx86
      Microsoft Windows XP Home Edition 5.1.2600.2.1252.52.1033.18.510.230 [GMT -7:00]
      Running from: c:\documents and settings\ISMAEL ALEJANDRO\Desktop\ComboFix.exe
      FW: R-Firewall *enabled* {1D63FF81-8D04-4443-9F9F-8693CD79CAE6}

      WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      c:\documents and settings\All Users\Start Menu\Programs\Startup\ExAlien.exe
      c:\program files\Need2Find
      c:\program files\Need2Find\bar\1.bin\N2FFXTBR.JAR
      c:\program files\Need2Find\bar\1.bin\N2NTSTBR.JAR
      c:\program files\Need2Find\bar\1.bin\PARTNER.DAT
      c:\program files\Need2Find\bar\Cache\0002A1A5
      c:\program files\Need2Find\bar\Cache\files.ini
      c:\program files\Need2Find\bar\History\search
      c:\program files\Need2Find\bar\Settings\prevcfg.htm
      c:\windows\autorun.inf
      c:\windows\Installer\1142b3.msp
      c:\windows\Installer\675e4d.msi
      c:\windows\Installer\712574.msp
      c:\windows\Installer\e7ef14.msi
      c:\windows\Installer\fcdaa6.msp
      c:\windows\Installer\fcdaaa.msp
      c:\windows\Installer\fcdaae.msp
      c:\windows\Installer\fcdab2.msp
      c:\windows\Installer\fcdab6.msp
      c:\windows\Installer\fcdaba.msp
      c:\windows\Installer\fcdabe.msp
      c:\windows\Installer\fcdac2.msp
      c:\windows\Installer\fcdac6.msp
      c:\windows\Installer\fcdaca.msp
      c:\windows\Installer\fcdace.msp
      c:\windows\Installer\fcdad2.msp
      c:\windows\Installer\fcdad6.msp
      c:\windows\Installer\fcdada.msp
      c:\windows\Installer\fcdade.msp

      .
      ((((((((((((((((((((((((( Files Created from 2009-06-04 to 2009-07-04 )))))))))))))))))))))))))))))))
      .

      2009-07-02 19:33 . 2009-07-02 19:33 -------- d-----w- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\Malwarebytes
      2009-07-02 19:33 . 2009-06-17 18:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2009-07-02 19:33 . 2009-07-02 19:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2009-07-02 19:33 . 2009-07-02 19:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
      2009-07-02 19:33 . 2009-06-17 18:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
      2009-07-02 18:53 . 2009-07-02 18:53 -------- d-----w- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\Yahoo!
      2009-07-02 18:53 . 2009-07-02 19:28 -------- d-----w- c:\program files\Yahoo!
      2009-07-02 18:53 . 2009-07-02 18:53 -------- d-----w- c:\program files\CCleaner
      2009-07-02 01:31 . 2009-07-02 01:31 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
      2009-07-01 22:11 . 2009-07-01 22:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Frozen Codebase LLC
      2009-07-01 22:10 . 2009-07-01 22:10 -------- d--h--r- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\SecuROM
      2009-07-01 21:56 . 2009-07-02 01:18 -------- d-----w- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\GetRightToGo
      2009-07-01 19:41 . 2009-06-30 19:19 54784 ----a-w- c:\documents and settings\All Users\Application Data\SeekService\seekservice115.exe
      2009-06-30 22:00 . 2009-06-30 22:00 -------- d-----w- c:\program files\18 WoS Pedal to the Metal
      2009-06-30 06:27 . 2009-06-30 06:27 -------- d-----w- C:\!KillBox
      2009-06-30 06:25 . 2009-06-30 06:25 -------- d-----w- c:\program files\Trend Micro
      2009-06-25 03:12 . 2009-07-02 02:50 -------- d-----w- c:\program files\SeekService
      2009-06-25 03:12 . 2009-07-01 19:41 -------- d-----w- c:\documents and settings\All Users\Application Data\SeekService
      2009-06-25 03:07 . 2009-06-25 03:07 3271 ----a-w- c:\windows\system32\SpoonUninstall-dMC File Selector.dat
      2009-06-25 03:07 . 2009-06-25 03:07 164352 ----a-w- c:\windows\system32\SpoonUninstall.exe
      2009-06-22 08:10 . 2009-06-22 08:10 -------- d-----w- c:\documents and settings\angel y sara\Local Settings\Application Data\Adobe
      2009-06-19 19:05 . 2009-06-19 19:05 110040 ----a-w- c:\documents and settings\angel y sara\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2009-06-18 19:07 . 2009-06-19 18:47 -------- d-----w- c:\documents and settings\angel y sara
      2009-06-18 17:19 . 2009-06-18 17:19 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\Mozilla
      2009-06-17 17:10 . 2009-06-17 17:10 -------- d-----w- c:\documents and settings\Guest\Application Data\Sony Corporation
      2009-06-12 18:10 . 2008-10-16 21:06 268648 ----a-w- c:\windows\system32\mucltui.dll
      2009-06-12 04:57 . 2009-06-12 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
      2009-06-12 04:49 . 2009-06-12 04:49 -------- d-----w- c:\program files\Messenger Plus! Live
      2009-06-12 02:34 . 2009-06-12 02:34 -------- d-----w- c:\program files\Windows Live SkyDrive
      2009-06-12 00:59 . 2009-06-12 00:59 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller
      2009-06-12 00:54 . 2009-06-12 00:54 3584 ----a-r- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
      2009-06-12 00:54 . 2009-06-12 00:54 -------- d-----w- c:\program files\Windows Installer Clean Up
      2009-06-12 00:54 . 2009-06-12 00:54 -------- d-----w- c:\program files\MSECACHE
      2009-06-12 00:37 . 2009-06-12 07:06 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
      2009-06-12 00:03 . 2009-06-12 03:06 -------- d--h--w- c:\program files\Windows Live
      2009-06-11 21:26 . 2009-06-11 21:34 -------- d-----w- c:\windows\SxsCaPendDel
      2009-06-11 20:49 . 2009-06-11 20:49 -------- d-----w- c:\documents and settings\ISMAEL ALEJANDRO\Local Settings\Application Data\Windows Live Writer
      2009-06-11 20:49 . 2009-06-11 20:49 -------- d-----w- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\Windows Live Writer
      2009-06-11 20:29 . 2009-06-12 04:33 -------- d-----w- c:\documents and settings\ISMAEL ALEJANDRO\Tracing
      2009-06-11 20:26 . 2009-06-11 20:26 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
      2009-06-11 20:23 . 2006-11-29 20:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
      2009-06-11 20:21 . 2009-06-11 21:22 -------- d-----w- c:\program files\Microsoft
      2009-06-11 20:06 . 2009-06-11 20:06 -------- d-----w- c:\program files\Common Files\Windows Live
      2009-06-10 16:28 . 2007-04-09 20:23 28040 ----a-w- c:\windows\system32\mdimon.dll
      2009-06-10 16:22 . 2009-06-10 16:26 -------- d-----w- c:\windows\SHELLNEW
      2009-06-10 16:22 . 2009-06-10 16:22 -------- d-----w- c:\program files\Microsoft.NET

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2009-07-04 05:52 . 2009-07-04 05:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
      2009-07-02 19:31 . 2007-10-29 02:54 374 ----a-w- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\internaldb6334.dat
      2009-07-02 19:27 . 2007-10-29 02:54 18432 ----a-w- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\internaldb41.dat
      2009-07-02 19:27 . 2007-10-29 02:54 555 ----a-w- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\internaldb8467.dat
      2009-06-18 19:19 . 2009-06-18 19:19 -------- d-----w- c:\documents and settings\angel y sara\Application Data\Sony Corporation
      2009-06-17 21:59 . 2005-09-18 12:33 110040 ----a-w- c:\documents and settings\ISMAEL ALEJANDRO\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2009-06-12 00:41 . 2008-05-26 02:51 -------- d-----w- c:\program files\Microsoft Silverlight
      2009-06-11 21:06 . 2005-05-12 03:37 -------- d--h--w- c:\program files\InstallShield Installation Information
      2009-06-11 21:04 . 2005-09-21 04:49 -------- d-----w- c:\program files\InterActual
      2009-06-04 14:28 . 2007-05-03 02:42 -------- d-----w- c:\documents and settings\ISMAEL ALEJANDRO\Application Data\Slide
      2009-06-04 14:28 . 2007-03-08 03:19 -------- d-----w- c:\program files\Slide
      2009-06-03 16:51 . 2006-12-11 19:01 -------- d-----w- c:\program files\3GP Player
      2009-05-07 15:44 . 2004-08-04 08:00 344064 ----a-w- c:\windows\system32\localspl.dll
      2009-04-29 04:52 . 2004-08-04 08:00 659456 ----a-w- c:\windows\system32\wininet.dll
      2009-04-29 04:52 . 2004-08-04 08:00 81920 ----a-w- c:\windows\system32\ieencode.dll
      2009-04-17 09:58 . 2004-08-04 08:00 1846656 ----a-w- c:\windows\system32\win32k.sys
      2009-04-15 15:11 . 2004-08-04 08:00 584192 ----a-w- c:\windows\system32\rpcrt4.dll
      .

      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
      "AbacastDistributedOnDemand:11"="c:\documents and settings\ISMAEL ALEJANDRO\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe" [2008-09-30 54776]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-23 339968]
      "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
      "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-11 794624]
      "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
      "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
      "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
      "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-02-17 233534]
      "Home Theater SchSvr"="c:\program files\Common Files\InterVideo\SchSvr\SchSvr.exe" [2005-06-14 106496]
      "WINREMOTE"="c:\program files\InterVideo\Common\Bin\WinRemote.exe" [2005-06-14 233472]
      "PrinTray"="c:\windows\System32\spool\DRIVERS\W32X86\2\printray.exe" [2001-01-23 36864]
      "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
      "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
      "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]

      c:\documents and settings\Default User\Start Menu\Programs\Startup\
      AutoTBar.exe [2003-9-30 57344]

      c:\documents and settings\ISMAEL ALEJANDRO\Start Menu\Programs\Startup\
      Herramienta de b£squeda de soportes de Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-8-13 344064]

      c:\documents and settings\All Users\Start Menu\Programs\Startup\
      AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
      HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\Program Files\\ARES\\Ares.exe"=
      "c:\\Documents and Settings\\ISMAEL ALEJANDRO\\Local Settings\\Application Data\\AbacastDistributedOnDemand\\Node\\11\\AbacastDistributedOnDemand.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

      R2 SeekService Service;SeekService Service;c:\documents and settings\All Users\Application Data\SeekService\seekservice115.exe [01/07/2009 12:41 p.m. 54784]
      R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [18/09/2005 06:13 a.m. 200192]
      .
      - - - - ORPHANS REMOVED - - - -

      ShellExecuteHooks-{A93A4625-6216-499C-B360-BBD0A7C0D479} - (no file)


      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com/
      mStart Page = hxxp://mx.yahoo.com
      uInternet Connection Wizard,ShellNext = iexplore
      IE: &Google Search
      IE: &Search - http://kq.bar.need2find.com/KQ/menusearch.html?p=KQ
      IE: Backward Links
      IE: Cached Snapshot of Page
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
      IE: Similar Pages
      IE: Translate into English
      DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
      .

      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-07-03 23:17
      Windows 5.1.2600 Service Pack 2 NTFS

      scanning hidden processes ...

      scanning hidden autostart entries ...

      HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????4?3?3?4??????? ???B?????????????hLC? ??????

      scanning hidden files ...

      scan completed successfully
      hidden files: 0

      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------

      [HKEY_USERS\S-1-5-21-4058407559-1881433432-4057383681-1006\Software\SecuROM\License information*]
      "datasecu"=hex:09,b5,3c,82,2b,61,ab,b7,75,46,c9,fe,4f,cf,db,cd,93,7f,fe,42,df,
      f2,a0,a9,5e,90,74,67,ae,09,c4,16,24,bf,4e,fa,9c,7c,01,24,53,8f,f5,72,fd,56,\
      "rkeysecu"=hex:a0,f6,1e,57,0a,8c,27,20,47,4d,c0,05,ca,6d,9a,02

      [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|ù•A~*]
      "A0C0110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      - - - - - - - > 'winlogon.exe'(640)
      c:\windows\system32\Ati2evxx.dll
      .
      Completion time: 2009-07-04 23:19
      ComboFix-quarantined-files.txt 2009-07-04 06:19

      Pre-Run: 53,028,700,160 bytes free
      Post-Run: 53,155,827,712 bytes free

      198 --- E O F --- 2009-07-01 05:32


      y ahora que hago?

    6. #6
      Ex-Colaborador Avatar de GPastor
      Registrado
      mar 2005
      Ubicación
      Perú
      Mensajes
      23.116

      Re: Se cierra solo el explorer internet.

      ComboFix se encargó de eliminar las infecciones, pero desconozco este programa:

      C:\Program Files\SeekService\seekservice.exe

      ¿Tu mismo lo instalaste? ¿Confías en el funcionameinto de este programa?

      Si no instalaste este programa debes desinstalarlo luego pegas un nuevo log de Hijackthis y nos comentas como va todo.

    7. #7
      Usuario Avatar de raqetas
      Registrado
      jun 2009
      Ubicación
      mex
      Mensajes
      5

      Re: Se cierra solo el explorer internet.

      Cita Originalmente publicado por GPastor Ver Mensaje
      ComboFix se encargó de eliminar las infecciones, pero desconozco este programa:

      C:\Program Files\SeekService\seekservice.exe

      ¿Tu mismo lo instalaste? ¿Confías en el funcionameinto de este programa?

      Si no instalaste este programa debes desinstalarlo luego pegas un nuevo log de Hijackthis y nos comentas como va todo.



      pues no recuerdo averlo instalado.. pero ya lo borre y aqui esta la coopia del hijackthis







      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 07:27:25 p.m., on 04/07/2009
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\LEXBCES.EXE
      C:\WINDOWS\system32\LEXPPS.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\wscntfy.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
      C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
      C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe
      C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      C:\Program Files\HPQ\SHARED\HPQWMI.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\ARES\Ares.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mx.yahoo.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
      O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
      O3 - Toolbar: Vista de HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
      O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
      O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [AbacastDistributedOnDemand:11] C:\Documents and Settings\ISMAEL ALEJANDRO\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe -r:11 -x:1
      O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
      O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
      O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
      O4 - Startup: Herramienta de búsqueda de soportes de Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
      O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
      O8 - Extra context menu item: &Search - http://kq.bar.need2find.com/KQ/menusearch.html?p=KQ
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
      O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-MX/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244759544343
      O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O18 - Protocol: x-cnote - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
      O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O24 - Desktop Component 0: (no name) - http://recursos.cnice.mec.es/biosfera/profesor/videos/adn_t.jpg

      --
      End of file - 8008 bytes



      y poes ahorita no se me a cerrado el internet explorer.. pero lo tendre en obserbacion .. y te sigo escribiendo aber qwe pasa!! ok
      esperemos y si se arregle..

    8. #8
      Ex-Colaborador Avatar de GPastor
      Registrado
      mar 2005
      Ubicación
      Perú
      Mensajes
      23.116

      Re: Se cierra solo el explorer internet.

      El log está limpio, coméntanos como está funcionando el sistema ahora.

    9. #9
      Usuario Avatar de raqetas
      Registrado
      jun 2009
      Ubicación
      mex
      Mensajes
      5

      Bien Re: Se cierra solo el explorer internet.

      Cita Originalmente publicado por GPastor Ver Mensaje
      El log está limpio, coméntanos como está funcionando el sistema ahora.
      wuau!! enberdad esta mejor .. ya no se me cierran las paginas.. ni nada todo esta al cien aora a conseguir algun antivirus. por que el que tenia lo elimine. pero quedo arreglado.. muchisimas gracis gp astor!! te la rifas!!..

    10. #10
      Ex-Colaborador Avatar de GPastor
      Registrado
      mar 2005
      Ubicación
      Perú
      Mensajes
      23.116

      Re: Se cierra solo el explorer internet.

      Para terminar sólo te quedaría quitar CF de la siguiente manera:

      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /u como muestra la imagen debajo:





      Esto realizara las siguientes tareas:


      • Se borraran:
        • ComboFix: sus archivos y carpetas.
        • VundoFix: copias de seguridad (si está presente)
        • La carpeta C:\Deckard (si está presente)
        • La carpeta C: _OtMoveIt (si está presente)
      • Restablece la configuración del reloj.
      • Ocultar extensiones de archivo (si es necesario.)
      • Oculta los archivos que estaban ocultos
      • Reactiva el "Restaurar Sistema"


      Para tener el sistema mas protegido te recomiendo esta configuración