• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    Problemas con las tildes (Solucionado)

    Resumen del tema: Problemas con las tildes (Solucionado) - Hola! Bueno, primero comentaros que he visto que ya hay un post sobre este tema, pero no me deja postear en el. He seguido las instrucciones que indican en ese post, pero mi problema continua ...

      
    1. #1
      Usuario Avatar de marinick
      Registrado
      nov 2009
      Ubicación
      Sevilla
      Mensajes
      6

      Triste Problemas con las tildes (Solucionado)

      Hola!
      Bueno, primero comentaros que he visto que ya hay un post sobre este tema, pero no me deja postear en el.
      He seguido las instrucciones que indican en ese post, pero mi problema continua
      Os dejo los logs del Hijackthis y del Malwarebytes

      ---------------------------------------------------------------------------------------------
      ---------------------------------------------------------------------------------------------
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 18:55:56, on 03/11/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16915)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir Desktop\sched.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\ehome\ehtray.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      C:\WINDOWS\arservice.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\WINDOWS\System32\alg.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
      C:\HP\KBD\KBD.EXE
      c:\windows\system\hpsysdrv.exe
      C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=ES_ES&c=64&bd=PAVILION&pf=desktop
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILION&pf=desktop
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILION&pf=desktop
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILION&pf=desktop
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILION&pf=desktop
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILION&pf=desktop
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\mshcxm32.exe,
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
      O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
      O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
      O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
      O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
      O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
      O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
      O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
      O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
      O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
      O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
      O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Ayuda para la conexión - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
      O9 - Extra 'Tools' menuitem: Ayuda para la conexión - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O15 - Trusted Zone: http://*.formaciondigital.com
      O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O20 - AppInit_DLLs: winmm.dll
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
      O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

      --
      End of file - 9749 bytes
      ---------------------------------------------------------------------------------------------
      ---------------------------------------------------------------------------------------------
      Malwarebytes' Anti-Malware 1.41
      Versión de la Base de Datos: 3092
      Windows 5.1.2600 Service Pack 3

      03/11/2009 18:46:49
      mbam-log-2009-11-03 (18-46-49).txt

      Tipo de examen : Examen Completo (C:\|D:\|)
      Objetos examinados: 215901
      Tiempo transcurrido: 51 minute(s), 38 second(s)

      Procesos en Memoria Infectados: 0
      Módulos en Memoria Infectados: 0
      Claves del Registro Infectadas: 6
      Valores del Registro Infectados: 1
      Elementos de Datos del Registro Infectados: 2
      Carpetas Infectadas: 0
      Ficheros Infectados: 0

      Procesos en Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Módulos en Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Claves del Registro Infectadas:
      HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.

      Valores del Registro Infectados:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

      Elementos de Datos del Registro Infectados:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

      Carpetas Infectadas:
      (No se han detectado elementos maliciosos)

      Ficheros Infectados:
      (No se han detectado elementos maliciosos)


      ---------------------------------------------------------------------------------------------
      ---------------------------------------------------------------------------------------------

      Tambien tengo un problema añadido: cuando intento acceder a la banca por internet del Santander (Supernet) me aparece una pagina que no es la del banco, donde me pide la Clave de Transferencias. Lo he probado en otro pc y ese campo no lo pide. La url es la correcta, se accede por https, aparece el candado amarillo, y si le doy me verifica que la web es del gruposantander.
      Si debo abrir un nuevo tema, por favor, decidmelo y disculpad las molestias

      Gracias!

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.089

      Re: Problemas con las tildes ´´

      Hola marinick

      No debes postear un problema de tu pc en donde se esta tratando otro tema, aunque el problema sea el mismo. Tienes que abrir un tema nuevo, como lo hiciste ahora.
      Entonces, ahora con tu problema planteado seguimos en este hilo, solo con el problema de tu pc...


      Descarga CCLEANER. Lo instalas según Su Manual

      Actualiza Malwarebytes


      Cierra todos los programas, ejecutas HijackThis , tildas las casillas de estas entradas y presionas "FIX Cheked"


      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=ES_ES&c=64&bd=PAVILION &pf=desktop
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILI ON&pf=desktop
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILI ON&pf=desktop
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILI ON&pf=desktop

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILI ON&pf=desktop

      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=ES_ES&c=64&bd=PAVILI ON&pf=desktop

      F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDO WS\system32\mshcxm32.exe,



      Ejecuta CCLEANER usando sus opciones "Limpiador" y "Registro".


      Ejecuta MALWAREBYTE´S.
      Hacé un "escaneo completo". Una vez finalizado, si te detecta algo eliges " quitar lo seleccionado ".
      Si te pide reiniciar, lo haces.


      Utiliza INIREM 2.0.4 para desboquear el explorer y restaurar el archivo host.

      Reinicia el ordenador y sacas un nuevo log de Hijackthis




      En tu próxima respuesta, debes poner lo siguiente:

      º El reporte de malwarebyte´s, que se encuentra en su pestaña REGISTROS
      º Un nuevo log de Hijackthis
      º Como funciona tu pc ahora

      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de marinick
      Registrado
      nov 2009
      Ubicación
      Sevilla
      Mensajes
      6

      Re: Problemas con las tildes ´´

      Hola!
      He hecho todo lo que me has dicho, pero sigo igual...
      --------------------------------------------------------------------------------------------------
      ---------------------------------------------------------------------------------------------------

      Escribo los logs:

      Malwarebytes' Anti-Malware 1.41
      Versión de la Base de Datos: 3092
      Windows 5.1.2600 Service Pack 3

      03/11/2009 21:21:35
      mbam-log-2009-11-03 (21-21-35).txt

      Tipo de examen : Examen Completo (C:\|D:\|)
      Objetos examinados: 215677
      Tiempo transcurrido: 47 minute(s), 16 second(s)

      Procesos en Memoria Infectados: 0
      Módulos en Memoria Infectados: 0
      Claves del Registro Infectadas: 4
      Valores del Registro Infectados: 1
      Elementos de Datos del Registro Infectados: 0
      Carpetas Infectadas: 0
      Ficheros Infectados: 0

      Procesos en Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Módulos en Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Claves del Registro Infectadas:
      HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.

      Valores del Registro Infectados:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

      Elementos de Datos del Registro Infectados:
      (No se han detectado elementos maliciosos)

      Carpetas Infectadas:
      (No se han detectado elementos maliciosos)

      Ficheros Infectados:
      (No se han detectado elementos maliciosos)
      --------------------------------------------------------------------------------------------------
      ---------------------------------------------------------------------------------------------------


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 22:35:35, on 03/11/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16915)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir Desktop\sched.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\ehome\ehtray.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      C:\WINDOWS\arservice.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\WINDOWS\System32\alg.exe
      C:\HP\KBD\KBD.EXE
      C:\WINDOWS\system32\wuauclt.exe
      c:\windows\system\hpsysdrv.exe
      C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
      C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forospyware.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\mshcxm32.exe,
      O1 - Hosts: 75.127.69.91 www.forospyware.com
      O1 - Hosts: 75.127.69.91 forospyware.com
      O1 - Hosts: 75.127.86.187 www.infospyware.com
      O1 - Hosts: 75.127.86.187 infospyware.com
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
      O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
      O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
      O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
      O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
      O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
      O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
      O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
      O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
      O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
      O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
      O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Ayuda para la conexión - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
      O9 - Extra 'Tools' menuitem: Ayuda para la conexión - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O15 - Trusted Zone: http://*.formaciondigital.com
      O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O20 - AppInit_DLLs: winmm.dll
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
      O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

      --
      End of file - 8807 bytes
      -----------------------------------------------------------------------------------------------------
      -----------------------------------------------------------------------------------------------------

      ¿alguna otra idea?

      GRACIAS!

    4. #4
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.089

      Re: Problemas con las tildes ´´

      Hola de nuevo.

      Tildaste la casilla de esta entrada y le diste al botón "FIX Cheked" de Hijackthis ??

      F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDO WS\system32\mshcxm32.exe,


      Si no lo hiciste, lo haces, luego, busca y elimina este fichero de tu pc:

      C:\WINDOWS\system32\mshcxm32.exe,

      Nos comentas.

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de marinick
      Registrado
      nov 2009
      Ubicación
      Sevilla
      Mensajes
      6

      Re: Problemas con las tildes ´´

      Creo que ahi esta el problema.
      Le doy a FiX, pero al momento se vuelve a generar. Me he ido al registro, a la rama:
      HKLM\software\microsoft\windows nt\winlogon y he modificado la clave userinit, pero al momento se vuelve a modificar.
      El fichero C:\WINDOWS\system32\mshcxm32.exe no aparece, lo he buscado como oculto y tampoco.

    6. #6
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.089

      Re: Problemas con las tildes ´´

      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.



      PD: No vuelvas a ejecutar ComboFix ni ningun otro programa antivirus hasta que vuelva con una respuesta, ya que puedes hacer cambiar las cosas.

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de marinick
      Registrado
      nov 2009
      Ubicación
      Sevilla
      Mensajes
      6

      Re: Problemas con las tildes ´´

      Ya he hecho lo que pedias. Aqui tienes el reporte. gracias!!!

      ComboFix 09-11-03.03 - HP_Administrator 04/11/2009 15:44.1.2 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.3.1252.34.1033.18.1022.545 [GMT 1:00]
      Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
      AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
      * Created a new restore point
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      c:\documents and settings\HP_Administrator\Application Data\inst.exe
      c:\recycler\S-1-5-21-527237240-179605362-725345543-500
      c:\windows\kwtstcb.hpn
      D:\Autorun.inf

      .
      ((((((((((((((((((((((((( Files Created from 2009-10-04 to 2009-11-04 )))))))))))))))))))))))))))))))
      .

      2009-11-04 01:47 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
      2009-11-03 16:53 . 2009-11-03 16:53 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes
      2009-11-03 16:53 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2009-11-03 16:53 . 2009-11-03 16:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
      2009-11-03 16:53 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
      2009-11-03 16:53 . 2009-11-03 16:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2009-11-01 20:19 . 2009-11-01 20:19 -------- d-----w- c:\program files\Trend Micro
      2009-11-01 20:12 . 2008-04-14 00:12 146432 ----a-w- c:\windows\regedit1.exe
      2009-11-01 16:54 . 2009-07-28 15:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
      2009-11-01 16:54 . 2009-03-30 09:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
      2009-11-01 16:54 . 2009-02-13 11:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
      2009-11-01 16:54 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
      2009-11-01 16:54 . 2009-11-01 16:54 -------- d-----w- c:\program files\Avira
      2009-11-01 16:54 . 2009-11-01 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
      2009-10-31 16:21 . 2009-10-31 16:20 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
      2009-10-22 20:55 . 2009-10-22 20:55 -------- d-----w- c:\windows\system32\XPSViewer
      2009-10-22 20:55 . 2009-10-22 20:55 -------- d-----w- c:\program files\MSBuild
      2009-10-22 20:54 . 2009-10-22 20:54 -------- d-----w- c:\program files\Reference Assemblies
      2009-10-22 20:54 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
      2009-10-22 20:54 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
      2009-10-22 20:54 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
      2009-10-22 20:54 . 2009-10-22 20:54 -------- d-----w- C:\e15580ecbdc51b123766
      2009-10-22 20:54 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
      2009-10-22 20:54 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
      2009-10-22 20:54 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
      2009-10-22 20:54 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
      2009-10-20 16:08 . 2009-10-20 16:08 -------- d-----w- C:\aa5194bc1619fa5ef1b107
      2009-10-20 15:12 . 2009-10-20 15:13 -------- d-----w- c:\program files\CleanUp!
      2009-10-20 14:59 . 2009-10-20 14:59 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
      2009-10-20 14:59 . 2009-10-20 14:59 -------- d-----w- c:\program files\SUPERAntiSpyware
      2009-10-20 14:59 . 2009-10-20 14:59 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\SUPERAntiSpyware.com
      2009-10-20 14:58 . 2009-10-20 14:58 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
      2009-10-20 14:44 . 2009-10-20 14:44 -------- d-----w- C:\VundoFix Backups
      2009-10-20 14:36 . 2009-10-20 14:43 -------- d-----w- c:\program files\RegCleaner
      2009-10-19 18:55 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
      2009-10-19 18:54 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
      2009-10-19 18:46 . 2009-11-03 22:49 -------- d-----w- c:\program files\CCleaner
      2009-10-19 18:34 . 2009-11-01 19:42 -------- d-----w- c:\program files\EMCO Malware Destroyer
      2009-10-19 18:32 . 2009-10-19 18:32 -------- d-sh--w- c:\windows\ftpcache
      2009-10-18 19:20 . 2009-10-18 19:20 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
      2009-10-18 19:20 . 2009-10-18 19:20 -------- d-----w- c:\program files\DAEMON Tools Toolbar
      2009-10-18 18:15 . 2009-10-18 18:15 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
      2009-10-18 18:15 . 2009-10-18 19:21 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\DAEMON Tools Lite
      2009-10-18 16:39 . 2009-10-31 22:59 -------- d-----w- c:\documents and settings\HP_Administrator\Tracing
      2009-10-18 16:38 . 2009-10-18 16:38 -------- d-----w- c:\program files\Microsoft
      2009-10-18 16:37 . 2009-10-18 16:37 -------- d-----w- c:\program files\Windows Live SkyDrive
      2009-10-18 16:35 . 2009-10-18 16:35 -------- d-----w- c:\program files\Common Files\Windows Live

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2009-11-02 18:21 . 2007-04-25 19:49 71400 -c--a-w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2009-11-01 15:16 . 2009-03-10 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
      2009-10-20 15:54 . 2006-08-12 09:40 -------- d-----w- c:\program files\PC-Doctor 5 for Windows
      2009-10-18 19:54 . 2008-10-22 15:40 -------- d-----w- c:\program files\Common Files\Nokia
      2009-10-18 19:54 . 2008-10-22 15:40 -------- d-----w- c:\program files\Nokia
      2009-10-18 19:54 . 2008-10-22 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
      2009-10-18 19:25 . 2006-08-12 17:55 -------- d-----w- c:\program files\Java
      2009-10-18 18:14 . 2008-09-21 09:29 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Skype
      2009-10-18 16:43 . 2008-09-21 09:32 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\skypePM
      2009-10-18 16:37 . 2008-03-05 19:57 -------- d-----w- c:\program files\Windows Live
      2009-09-21 18:51 . 2007-05-11 16:32 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Image Zone Express
      2009-09-11 14:18 . 2004-08-09 21:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
      2009-09-04 21:03 . 2004-08-09 21:00 58880 ----a-w- c:\windows\system32\msasn1.dll
      2009-08-29 07:36 . 2004-08-09 21:00 832512 ----a-w- c:\windows\system32\wininet.dll
      2009-08-29 07:36 . 2004-08-09 21:00 78336 ----a-w- c:\windows\system32\ieencode.dll
      2009-08-29 07:36 . 2004-08-09 21:00 17408 ------w- c:\windows\system32\corpol.dll
      2009-08-26 08:00 . 2004-08-09 21:00 247326 ------w- c:\windows\system32\strmdll.dll
      2009-08-06 17:24 . 2004-08-09 21:00 327896 ----a-w- c:\windows\system32\wucltui.dll
      2009-08-06 17:24 . 2004-08-09 21:00 209632 ----a-w- c:\windows\system32\wuweb.dll
      2009-08-06 17:24 . 2005-05-26 02:16 44768 ----a-w- c:\windows\system32\wups2.dll
      2009-08-06 17:24 . 2004-08-09 21:00 35552 ----a-w- c:\windows\system32\wups.dll
      2009-08-06 17:24 . 2004-08-09 21:00 53472 ----a-w- c:\windows\system32\wuauclt.exe
      2009-08-06 17:24 . 2004-08-09 21:00 96480 ----a-w- c:\windows\system32\cdm.dll
      2009-08-06 17:23 . 2004-08-09 21:00 575704 ----a-w- c:\windows\system32\wuapi.dll
      2009-08-06 17:23 . 2007-06-02 15:07 274288 ----a-w- c:\windows\system32\mucltui.dll
      2009-08-06 17:23 . 2004-08-09 21:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
      2007-11-03 15:02 . 2007-11-03 15:02 251 -c--a-w- c:\program files\wt3d.ini
      2007-05-07 20:38 . 2007-05-07 20:38 22 --sha-w- c:\windows\SMINST\HPCD.sys
      .

      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
      "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-24 1916928]
      "Google Update"="c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-20 133104]
      "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 1481968]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
      "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
      "DMAScheduler"="c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
      "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
      "HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
      "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
      "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
      "PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
      "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
      "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
      "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
      "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
      "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
      "ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
      "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-07-21 16261632]
      "AlwaysReady Power Message APP"="ARPWRMSG.EXE" - c:\windows\arpwrmsg.exe [2005-08-02 77312]
      "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-31 1622016]

      c:\documents and settings\Default User\Start Menu\Programs\Startup\
      Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-8-12 27136]
      PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-8-12 27136]

      c:\documents and settings\All Users\Start Menu\Programs\Startup\
      Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-7-6 113664]
      HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
      Inicio r*pido de Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
      "Userinit"="c:\windows\system32\userinit.exe,c:\windows\system32\mshcxm32.exe,"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
      2007-04-19 10:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=c:\windows\system32\winmm.dll

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\Program Files\\Messenger\\msmsgs.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
      "c:\\Documents and Settings\\HP_Administrator\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
      "c:\\Documents and Settings\\HP_Administrator\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
      "c:\\Program Files\\Lphant\\eLePhantClient.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

      R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [29/02/2008 15:03 8944]
      R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29/02/2008 15:03 51440]
      R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [01/11/2009 17:54 108289]
      R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [12/08/2006 19:18 2829696]
      R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 15:51 4096]
      R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [24/04/2007 16:55 162176]
      R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [12/08/2006 19:18 468768]
      S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

      --- Other Services/Drivers In Memory ---

      *NewlyCreated* - MBR
      *NewlyCreated* - PROCEXP113
      *Deregistered* - mbr
      *Deregistered* - PROCEXP113
      .
      Contents of the 'Scheduled Tasks' folder

      2009-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3562878181-1604441590-3082518484-1007Core.job
      - c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-20 20:06]

      2009-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3562878181-1604441590-3082518484-1007UA.job
      - c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-20 20:06]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.es/
      mStart Page = hxxp://www.forospyware.com
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
      Trusted Zone: formaciondigital.com
      .
      - - - - ORPHANS REMOVED - - - -

      HKLM-Run-PCDrProfiler - (no file)
      AddRemove-HijackThis - k:\antivirus\HiJackThis\HijackThis.exe



      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-11-04 15:52
      Windows 5.1.2600 Service Pack 3 NTFS

      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...


      c:\windows\system32\mshcxm32.exe 241664 bytes executable

      scan completed successfully
      hidden files: 1

      **************************************************************************

      Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

      device: opened successfully
      user: MBR read successfully
      called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spwe.sys >>UNKNOWN [0x87188938]<<
      kernel: MBR read successfully
      user & kernel MBR OK
      Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

      atapi.sys @ 0x0 0x0 bytes

      \Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xF73A3B40 atapi.sys
      \Driver\atapi IRP hooks detected !

      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\Browser]
      @DACL=(02 0000)
      @SACL=
      "IE"="0"
      "Netscape"="0"

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\BWOPT]
      @DACL=(02 0000)
      @SACL=
      "bwsupport"="1"
      "bwoffers"="0"

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\HPGuide]
      @DACL=(02 0000)
      @SACL=
      "HPGuideLaunch"="0"

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\HPSU]
      @DACL=(02 0000)
      @SACL=
      "OptInPath"="c:\\hp\\bin\\cloaker.exe"
      "OptInCmdLine"="c:\\hp\\drivers\\hpsu\\HPSU_optin.bat"
      "OptOutPath"="c:\\hp\\bin\\cloaker.exe"
      "OptOutCmdLine"="c:\\hp\\drivers\\hpsu\\HPSU_optout.bat"
      "hpsulaunch"="0"

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\NIS]
      @DACL=(02 0000)
      @SACL=
      "NISRun"="1"
      "NISPath"="c:\\windows\\system32\\pcintro\\autorun.exe"
      "NISCmdLine"="security.cmd"

      [HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
      @DACL=(02 0000)
      @SACL=

      [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Alchemy]
      @DACL=(02 0000)
      @SACL=

      [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
      @DACL=(02 0000)
      @SACL=
      "NoServices"=dword:00000000

      [HKEY_LOCAL_MACHINE\software\Microsoft\Updates\SP3\KB912067\Filelist]
      @DACL=(02 0000)
      @SACL=

      [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•A~*]
      "A0C0110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      - - - - - - - > 'winlogon.exe'(784)
      c:\program files\SUPERAntiSpyware\SASWINLO.dll
      c:\windows\system32\WININET.dll

      - - - - - - - > 'lsass.exe'(840)
      c:\windows\system32\wininet.dll
      .
      Completion time: 2009-11-04 15:56
      ComboFix-quarantined-files.txt 2009-11-04 14:55

      Pre-Run: 69.958.402.048 bytes free
      Post-Run: 69.973.450.752 bytes libres

    8. #8
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.089

      Re: Problemas con las tildes ´´

      Realiza lo siguiente :

      • Clic en INICIO > EJECUTAR >
        • Y ahí pones notepad.exe y ACEPTAR
        • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad


      Código:
      KillAll::
      
      File::
      c:\windows\system32\mshcxm32.exe
      
      
      Rootkit::
      c:\windows\system32\mshcxm32.exe
      
      Registry::
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
      "Userinit"=-


      • Guarda este archivo con el nombre CFScript.txt
      • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



      • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.



      Despuès de reiniciar, nos comentas como funciona el ordenador ahora.

      saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de marinick
      Registrado
      nov 2009
      Ubicación
      Sevilla
      Mensajes
      6

      Bien Re: Problemas con las tildes ´´

      SOLUCIONADO!!!
      Ya me funciona, tanto las tildes como la web de Supernet.
      Muchisimas gracias, sois la caña!

      Aqui teneis el report del ComboFix

      ComboFix 09-11-03.03 - HP_Administrator 04/11/2009 19:14.2.2 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.3.1252.34.1033.18.1022.569 [GMT 1:00]
      Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
      Command switches used :: c:\documents and settings\HP_Administrator\Desktop\CFScript.txt
      AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
      * Created a new restore point

      FILE ::
      "c:\windows\system32\mshcxm32.exe"
      .

      ((((((((((((((((((((((((( Files Created from 2009-10-04 to 2009-11-04 )))))))))))))))))))))))))))))))
      .

      2009-11-04 01:47 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
      2009-11-03 16:53 . 2009-11-03 16:53 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes
      2009-11-03 16:53 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2009-11-03 16:53 . 2009-11-03 16:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
      2009-11-03 16:53 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
      2009-11-03 16:53 . 2009-11-03 16:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2009-11-01 20:19 . 2009-11-01 20:19 -------- d-----w- c:\program files\Trend Micro
      2009-11-01 20:12 . 2008-04-14 00:12 146432 ----a-w- c:\windows\regedit1.exe
      2009-11-01 16:54 . 2009-07-28 15:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
      2009-11-01 16:54 . 2009-03-30 09:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
      2009-11-01 16:54 . 2009-02-13 11:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
      2009-11-01 16:54 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
      2009-11-01 16:54 . 2009-11-01 16:54 -------- d-----w- c:\program files\Avira
      2009-11-01 16:54 . 2009-11-01 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
      2009-10-31 16:21 . 2009-10-31 16:20 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
      2009-10-22 20:55 . 2009-10-22 20:55 -------- d-----w- c:\windows\system32\XPSViewer
      2009-10-22 20:55 . 2009-10-22 20:55 -------- d-----w- c:\program files\MSBuild
      2009-10-22 20:54 . 2009-10-22 20:54 -------- d-----w- c:\program files\Reference Assemblies
      2009-10-22 20:54 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
      2009-10-22 20:54 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
      2009-10-22 20:54 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
      2009-10-22 20:54 . 2009-10-22 20:54 -------- d-----w- C:\e15580ecbdc51b123766
      2009-10-22 20:54 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
      2009-10-22 20:54 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
      2009-10-22 20:54 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
      2009-10-22 20:54 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
      2009-10-20 16:08 . 2009-10-20 16:08 -------- d-----w- C:\aa5194bc1619fa5ef1b107
      2009-10-20 15:12 . 2009-10-20 15:13 -------- d-----w- c:\program files\CleanUp!
      2009-10-20 14:59 . 2009-10-20 14:59 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
      2009-10-20 14:59 . 2009-10-20 14:59 -------- d-----w- c:\program files\SUPERAntiSpyware
      2009-10-20 14:59 . 2009-10-20 14:59 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\SUPERAntiSpyware.com
      2009-10-20 14:58 . 2009-10-20 14:58 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
      2009-10-20 14:44 . 2009-10-20 14:44 -------- d-----w- C:\VundoFix Backups
      2009-10-20 14:36 . 2009-10-20 14:43 -------- d-----w- c:\program files\RegCleaner
      2009-10-19 18:55 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
      2009-10-19 18:54 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
      2009-10-19 18:46 . 2009-11-03 22:49 -------- d-----w- c:\program files\CCleaner
      2009-10-19 18:34 . 2009-11-01 19:42 -------- d-----w- c:\program files\EMCO Malware Destroyer
      2009-10-19 18:32 . 2009-10-19 18:32 -------- d-sh--w- c:\windows\ftpcache
      2009-10-18 19:20 . 2009-10-18 19:20 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
      2009-10-18 19:20 . 2009-10-18 19:20 -------- d-----w- c:\program files\DAEMON Tools Toolbar
      2009-10-18 18:15 . 2009-10-18 18:15 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
      2009-10-18 18:15 . 2009-10-18 19:21 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\DAEMON Tools Lite
      2009-10-18 16:39 . 2009-10-31 22:59 -------- d-----w- c:\documents and settings\HP_Administrator\Tracing
      2009-10-18 16:38 . 2009-10-18 16:38 -------- d-----w- c:\program files\Microsoft
      2009-10-18 16:37 . 2009-10-18 16:37 -------- d-----w- c:\program files\Windows Live SkyDrive
      2009-10-18 16:35 . 2009-10-18 16:35 -------- d-----w- c:\program files\Common Files\Windows Live

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2009-11-02 18:21 . 2007-04-25 19:49 71400 -c--a-w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2009-11-01 15:16 . 2009-03-10 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
      2009-10-20 15:54 . 2006-08-12 09:40 -------- d-----w- c:\program files\PC-Doctor 5 for Windows
      2009-10-18 19:54 . 2008-10-22 15:40 -------- d-----w- c:\program files\Common Files\Nokia
      2009-10-18 19:54 . 2008-10-22 15:40 -------- d-----w- c:\program files\Nokia
      2009-10-18 19:54 . 2008-10-22 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
      2009-10-18 19:25 . 2006-08-12 17:55 -------- d-----w- c:\program files\Java
      2009-10-18 18:14 . 2008-09-21 09:29 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Skype
      2009-10-18 16:43 . 2008-09-21 09:32 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\skypePM
      2009-10-18 16:37 . 2008-03-05 19:57 -------- d-----w- c:\program files\Windows Live
      2009-09-21 18:51 . 2007-05-11 16:32 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Image Zone Express
      2009-09-11 14:18 . 2004-08-09 21:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
      2009-09-04 21:03 . 2004-08-09 21:00 58880 ----a-w- c:\windows\system32\msasn1.dll
      2009-08-29 07:36 . 2004-08-09 21:00 832512 ------w- c:\windows\system32\wininet.dll
      2009-08-29 07:36 . 2004-08-09 21:00 78336 ----a-w- c:\windows\system32\ieencode.dll
      2009-08-29 07:36 . 2004-08-09 21:00 17408 ------w- c:\windows\system32\corpol.dll
      2009-08-26 08:00 . 2004-08-09 21:00 247326 ------w- c:\windows\system32\strmdll.dll
      2007-11-03 15:02 . 2007-11-03 15:02 251 -c--a-w- c:\program files\wt3d.ini
      2007-05-07 20:38 . 2007-05-07 20:38 22 --sha-w- c:\windows\SMINST\HPCD.sys
      .

      ((((((((((((((((((((((((((((( SnapShot@2009-11-04_14.53.04 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2009-11-04 18:22 . 2009-11-04 18:22 16384 c:\windows\temp\Perflib_Perfdata_7b0.dat
      - 2005-08-30 21:02 . 2009-11-03 20:45 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
      + 2005-08-30 21:02 . 2009-11-04 15:05 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
      + 2005-08-30 13:51 . 2009-11-04 15:05 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
      - 2005-08-30 13:51 . 2009-11-03 20:45 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
      + 2005-08-30 13:51 . 2009-11-04 15:05 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
      - 2005-08-30 13:51 . 2009-11-03 20:45 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
      "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-24 1916928]
      "Google Update"="c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-20 133104]
      "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 1481968]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
      "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
      "DMAScheduler"="c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
      "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
      "HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
      "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
      "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
      "PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
      "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
      "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
      "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
      "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
      "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
      "ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
      "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-07-21 16261632]
      "AlwaysReady Power Message APP"="ARPWRMSG.EXE" - c:\windows\arpwrmsg.exe [2005-08-02 77312]
      "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-31 1622016]

      c:\documents and settings\Default User\Start Menu\Programs\Startup\
      Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-8-12 27136]
      PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-8-12 27136]

      c:\documents and settings\All Users\Start Menu\Programs\Startup\
      Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-7-6 113664]
      HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
      Inicio r*pido de Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
      2007-04-19 10:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=c:\windows\system32\winmm.dll

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\Program Files\\Messenger\\msmsgs.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
      "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
      "c:\\Documents and Settings\\HP_Administrator\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
      "c:\\Documents and Settings\\HP_Administrator\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
      "c:\\Program Files\\Lphant\\eLePhantClient.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

      R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [29/02/2008 15:03 8944]
      R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29/02/2008 15:03 51440]
      R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [01/11/2009 17:54 108289]
      R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [12/08/2006 19:18 2829696]
      R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 15:51 4096]
      R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [24/04/2007 16:55 162176]
      R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [12/08/2006 19:18 468768]
      S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

      --- Other Services/Drivers In Memory ---

      *Deregistered* - mbr
      .
      Contents of the 'Scheduled Tasks' folder

      2009-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3562878181-1604441590-3082518484-1007Core.job
      - c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-20 20:06]

      2009-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3562878181-1604441590-3082518484-1007UA.job
      - c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-20 20:06]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.es/
      mStart Page = hxxp://www.forospyware.com
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
      Trusted Zone: formaciondigital.com
      .

      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-11-04 19:24
      Windows 5.1.2600 Service Pack 3 NTFS

      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...

      scan completed successfully
      hidden files: 0

      **************************************************************************

      Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

      device: opened successfully
      user: MBR read successfully
      called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spgj.sys >>UNKNOWN [0x87188938]<<
      kernel: MBR read successfully
      user & kernel MBR OK
      Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

      atapi.sys @ 0x0 0x0 bytes

      \Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xF73A3B40 atapi.sys
      \Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xF73A3B40 atapi.sys
      \Driver\atapi IRP hooks detected !

      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\Browser]
      @DACL=(02 0000)
      @SACL=
      "IE"="0"
      "Netscape"="0"

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\BWOPT]
      @DACL=(02 0000)
      @SACL=
      "bwsupport"="1"
      "bwoffers"="0"

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\HPGuide]
      @DACL=(02 0000)
      @SACL=
      "HPGuideLaunch"="0"

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\HPSU]
      @DACL=(02 0000)
      @SACL=
      "OptInPath"="c:\\hp\\bin\\cloaker.exe"
      "OptInCmdLine"="c:\\hp\\drivers\\hpsu\\HPSU_optin.bat"
      "OptOutPath"="c:\\hp\\bin\\cloaker.exe"
      "OptOutCmdLine"="c:\\hp\\drivers\\hpsu\\HPSU_optout.bat"
      "hpsulaunch"="0"

      [HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\NIS]
      @DACL=(02 0000)
      @SACL=
      "NISRun"="1"
      "NISPath"="c:\\windows\\system32\\pcintro\\autorun.exe"
      "NISCmdLine"="security.cmd"

      [HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
      @DACL=(02 0000)
      @SACL=

      [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Alchemy]
      @DACL=(02 0000)
      @SACL=

      [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
      @DACL=(02 0000)
      @SACL=
      "NoServices"=dword:00000000

      [HKEY_LOCAL_MACHINE\software\Microsoft\Updates\SP3\KB912067\Filelist]
      @DACL=(02 0000)
      @SACL=

      [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•A~*]
      "A0C0110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      - - - - - - - > 'winlogon.exe'(788)
      c:\program files\SUPERAntiSpyware\SASWINLO.dll
      c:\windows\system32\WININET.dll

      - - - - - - - > 'explorer.exe'(3836)
      c:\windows\system32\WININET.dll
      c:\windows\system32\nview.dll
      c:\windows\system32\NVWRSES.DLL
      c:\windows\system32\ieframe.dll
      c:\windows\system32\nvwddi.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\Avira\AntiVir Desktop\avguard.exe
      c:\windows\arservice.exe
      c:\windows\eHome\ehRecvr.exe
      c:\windows\eHome\ehSched.exe
      c:\program files\Java\jre6\bin\jqs.exe
      c:\program files\Common Files\LightScribe\LSSrvc.exe
      c:\windows\system32\nvsvc32.exe
      c:\windows\system32\dllhost.exe
      c:\windows\system32\rundll32.exe
      c:\windows\eHome\ehmsas.exe
      c:\windows\system32\wscntfy.exe
      c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
      .
      **************************************************************************
      .
      Completion time: 2009-11-04 19:28 - machine was rebooted
      ComboFix-quarantined-files.txt 2009-11-04 18:28
      ComboFix2.txt 2009-11-04 14:56

      Pre-Run: 69.965.017.088 bytes free
      Post-Run: 69.929.693.184 bytes libres

    10. #10
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.089

      Re: Problemas con las tildes ´´

      Hola de nuevo

      Desinstala CF de esta manera:

      • Ve a Inicio > Ejecutar
      • Escribe lo siguiente: ComboFix /u como muestra la imagen debajo:
        o
      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")


      Esto realizara las siguientes tareas:


      • Se borraran:
        • ComboFix: sus archivos y carpetas.
        • VundoFix: copias de seguridad (si está presente)
        • La carpeta C:\Deckard (si está presente)
        • La carpeta C: _OtMoveIt (si está presente)
      • Restablece la configuración del reloj.
      • Ocultar extensiones de archivo (si es necesario.)
      • Oculta los archivos que estaban ocultos
      • Reactiva el "Restaurar Sistema"




      Nos comentas como va el ordenador ahora.

      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo