• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 18

    Ventanas emergentes(Solucionado)

    Resumen del tema: Ventanas emergentes(Solucionado) - Hola a todos,mi problema es referente a las dichosas ventanas he seguido todos los pasos eliminando algunas,pero todabia siguen apareciendo,os pido de nuevo vuestra ayuda para solucionar este problema,os dejo el log: Logfile of Trend ...

      
    1. #1
      Usuario Avatar de vasc
      Registrado
      nov 2007
      Ubicación
      palma de mallorca
      Mensajes
      181

      Ventanas emergentes(Solucionado)

      Hola a todos,mi problema es referente a las dichosas ventanas he seguido todos los pasos eliminando algunas,pero todabia siguen apareciendo,os pido de nuevo vuestra ayuda para solucionar este problema,os dejo el log:

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:34:11, on 11/11/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16915)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe
      C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2010\WebProxy.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
      C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
      C:\WINDOWS\System32\svchost.exe
      c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE
      C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\TUProgSt.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrv51.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\ehome\ehtray.exe
      C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE
      C:\WINDOWS\vsnpstd.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\DAEMON Tools Lite\daemon.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\WINDOWS\system32\dllhost.exe
      C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
      C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\WINDOWS\System32\regsvr32.exe
      C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\SRVLOAD.EXE
      C:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\psimreal.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://es.rd.yahoo.com/customize/ycomp/defaults/sp/*http://es.yahoo.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wwwgoogle.com/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SmartAds browser enhancer cwinmlrg - {1DA73A2E-EE69-42E7-B359-CA49A93CCB45} - C:\WINDOWS\system32\cwinmlrg.dll
      O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\MsgUpdate.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: gooochi browser enhancer - {97CFD463-B7BB-DCA0-B316-A6E769FE15CD} - C:\WINDOWS\system32\wnpvceubvlozafisb.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [LaunchApp] Alaunch
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
      O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s
      O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe"
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
      O4 - HKLM\..\Run: [drdhoolylyrmuqfxh] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\wnpvceubvlozafisb.dll"
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
      O4 - HKCU\..\Run: [IgfxSys] rundll32.exe "C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\IgfxSys.dll",StartProtector
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Selección inteligente de HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
      O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
      O20 - AppInit_DLLs: C:\WINDOWS\System32\hnetcfg32.dll
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe
      O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
      O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
      O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrv51.exe
      O23 - Service: Programador de LiveUpdate automático - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
      O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE
      O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe
      O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe
      O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe
      O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
      O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

      --
      End of file - 10919 bytes


      como siempre muy agradecido

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.841

      Re: Ventanas emergentes

      Hola vasc


      Descarga lo siguiente:

      º Ccleaner. Lo instalas según Su Manual

      º Malwarebytes. Lo instalas y actualizas según su manual, PERO NO LO EJECUTES AUN

      º ComboFix.exe y guárdalo en el escritorio.


      Cierra todos los programas, ejecutas HijackThis , tildas las casillas de estas entradas y presionas "FIX Cheked"


      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://es.rd.yahoo.com/customize/ycomp/defaults/sp/*http://es.yahoo.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wwwgoogle.com/

      R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

      O2 - BHO: SmartAds browser enhancer cwinmlrg - {1DA73A2E-EE69-42E7-B359-CA49A93CCB45} - C:\WINDOWS\system32\cwinmlrg.dll

      O2 - BHO: gooochi browser enhancer - {97CFD463-B7BB-DCA0-B316-A6E769FE15CD} - C:\WINDOWS\system32\wnpvceubvlozafisb.dll

      O4 - HKLM\..\Run: [drdhoolylyrmuqfxh] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\wnpvceubvlozafisb.dll"

      O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
      O20 - AppInit_DLLs: C:\WINDOWS\System32\hnetcfg32.dll




      Ejecuta Ccleaner usando sus opciones "Limpiador" y "Registro".

      Ejecuta Malwarebytes.
      Hacé un "escaneo completo". Una vez finalizado, si te detecta algo eliges " quitar lo seleccionado ".
      Si te pide reiniciar, lo haces.
      Ejecuta ComboFix.exe
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.



      PD: No vuelvas a ejecutar ComboFix ni ningun otro programa antivirus hasta que vuelva con una respuesta, ya que puedes hacer cambiar las cosas.


      En tu próxima respuesta, debes poner lo siguiente:

      º El reporte de malwarebyte´s, que se encuentra en su pestaña REGISTROS
      º El reporte de ComboFix
      º Un nuevo log de Hijackthis
      º Como funciona tu pc ahora


      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de vasc
      Registrado
      nov 2007
      Ubicación
      palma de mallorca
      Mensajes
      181

      Re: Ventanas emergentes

      Hola,estos son los resultados:

      Malwarebytes' Anti-Malware 1.41
      Versión de la Base de Datos: 3086
      Windows 5.1.2600 Service Pack 3

      11/11/2009 22:13:16
      mbam-log-2009-11-11 (22-13-16).txt

      Tipo de examen : Examen Completo (C:\|D:\|)
      Objetos examinados: 195496
      Tiempo transcurrido: 26 minute(s), 31 second(s)

      Procesos en Memoria Infectados: 0
      Módulos en Memoria Infectados: 4
      Claves del Registro Infectadas: 10
      Valores del Registro Infectados: 1
      Elementos de Datos del Registro Infectados: 0
      Carpetas Infectadas: 4
      Ficheros Infectados: 30

      Procesos en Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Módulos en Memoria Infectados:
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\MsgUpdate.dll (Backdoor.Bot) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\IgfxSys.dll (Trojan.Agent) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\Aud32\msgasst841.dll (Trojan.Agent) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\Aud32\msgutil84.dll (Trojan.Agent) -> Delete on reboot.

      Claves del Registro Infectadas:
      HKEY_CLASSES_ROOT\TypeLib\{e3a14032-f6fc-426d-a024-bead613d5db3} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{bbcc290a-5e32-4e54-80db-f0f3f3892444} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Backdoor.Bot) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\messengerupdateproject.messengerupdat.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\messengerupdateproject.messengerupdate (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\{d8c0508c-e235-4d9e-a27e-c8bb5f527dc9} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sgbzvktsftog (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\MessengerUpdateProject.dll (Trojan.Agent) -> Quarantined and deleted successfully.

      Valores del Registro Infectados:
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\igfxsys (Trojan.Agent) -> Quarantined and deleted successfully.

      Elementos de Datos del Registro Infectados:
      (No se han detectado elementos maliciosos)

      Carpetas Infectadas:
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers (Trojan.Agent) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\Aud32 (Trojan.Agent) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Sys (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.

      Ficheros Infectados:
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\MsgUpdate.dll (Backdoor.Bot) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\Aud32\go28.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Sys\mu.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{0E4A5C45-3CA3-4005-A1B6-9AD938B99CBD}\RP111\A0049833.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\sgbzvktsftog.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\conf.sys (Trojan.Agent) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\IgfxSys.dll (Trojan.Agent) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\phuninst.dll (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\pub.dll (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\serial.sys (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\Aud32\msgasst84.dll (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\Aud32\msgasst841.dll (Trojan.Agent) -> Delete on reboot.
      C:\Documents and Settings\JOSE\Application Data\Messenger\Drivers\Aud32\msgutil84.dll (Trojan.Agent) -> Delete on reboot.
      C:\WINDOWS\system32\LocalService\313.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\313.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\314.keygen.zip (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\314.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\315.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\315.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\316.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\316.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\317.music.au (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\317.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\318.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\318.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\319.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\319.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\320.music4.au (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\LocalService\320.music4.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
      C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.



      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 23:22:41, on 11/11/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16915)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe
      C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2010\WebProxy.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
      C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
      C:\WINDOWS\System32\svchost.exe
      c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE
      C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\TUProgSt.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrv51.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\ehome\ehtray.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE
      C:\WINDOWS\vsnpstd.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
      C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\SRVLOAD.EXE
      C:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
      C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\Program Files\Panda Security\Panda Internet Security 2010\psimreal.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [LaunchApp] Alaunch
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
      O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s
      O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe"
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
      O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Selección inteligente de HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe
      O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
      O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
      O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrv51.exe
      O23 - Service: Programador de LiveUpdate automático - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
      O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE
      O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe
      O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe
      O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe
      O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
      O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

      --
      End of file - 9493 bytes


      Respecto a combofix me puso que tenia que reiniciar por encontrar rootkits,reinicie y empezo a escanear pantallas,hasta 50,despues ponia que estaba eliminando algo,pero parecia bloqueado,despues de una hora seguia igual y decidi finalizarlo,puedes decirme algo mas.

      Gracias

    4. #4
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.841

      Re: Ventanas emergentes

      Hola de nuevo

      Desinstala CF de esta manera:

      • Ve a Inicio > Ejecutar
      • Escribe lo siguiente: ComboFix /u como muestra la imagen debajo:
        o
      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")



      Reinicia el ordenador y volvemos a realizar lo siguiente:

      Actualiza malwarebytes y Hacé un "escaneo completo". Una vez finalizado, si te detecta algo eliges " quitar lo seleccionado ".
      Si te pide reiniciar, lo haces.


      Despuès de ello.... - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.



      PD: No vuelvas a ejecutar ComboFix ni ningun otro programa antivirus hasta que vuelva con una respuesta, ya que puedes hacer cambiar las cosas.

      Volves con los reportes de malwarebytes y ComboFix.


      saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de vasc
      Registrado
      nov 2007
      Ubicación
      palma de mallorca
      Mensajes
      181

      Re: Ventanas emergentes

      Hola,el resultado de antimalware es cero infecciones,y combofix se ha vuelto a bloquear,me pidio reiniciar por rookits,y despues no hizo nada mas durante una hora,recuerdo haber utilizado combofix antes,y su comportamiento no era el mismo,y el escaneo duraba bastante poco.

    6. #6
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.841

      Re: Ventanas emergentes

      Hola de nuevo

      Desinstala CF de esta manera:

      • Ve a Inicio > Ejecutar
      • Escribe lo siguiente: ComboFix /u como muestra la imagen debajo:
        o
      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")




      Utiliza GMER ANTIROOTKIT siguiendo atentamente el manual que escribió GUILLERMO TELL.

      Luego pones su reporte en tu próxima respuesta....

      Te dejo saludos....

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de vasc
      Registrado
      nov 2007
      Ubicación
      palma de mallorca
      Mensajes
      181

      Re: Ventanas emergentes

      Siento darte tantos problemas,pero no ha funcionado ninguno de los dos programas,al ejecutar me sale una ventana de que dichos programas han encontrado un problema y que deben cerrarse.

    8. #8
      Usuario Avatar de vasc
      Registrado
      nov 2007
      Ubicación
      palma de mallorca
      Mensajes
      181

      Re: Ventanas emergentes

      Hola,he escaneado con sophos y me dice lo siguente:


      Area: Local hard drives
      Description: Unknown hidden file
      Location: C:\Documents and Settings\GLORIA\Local Settings\Temporary Internet Files\Content.IE5\0LY5A1GD\Type=click&FlightID=33450&AdID=41212&TargetID=19594&ASeg=&AMod=&Segments=93,203,1826,1829,1838,2551,3388,3508,3682,3683,3699,4535,4719,5612,7209,7268,7758,7[1].htm
      Removable: Yes (but clean up not recommended for this file)
      Notes: (no more detail available)



      Area: Local hard drives
      Description: Unknown hidden file
      Location: C:\WINDOWS\system32\drivers\atapi.sys
      Removable: Yes (but clean up not recommended for this file)
      Notes: (no more detail available)



      Area: Local hard drives
      Description: Unknown hidden file
      Location: C:\WINDOWS\system32\drivers\sptd.sys
      Removable: Yes (but clean up not recommended for this file)
      Notes: (no more detail available)




      Area: Local hard drives
      Description: Unknown hidden file
      Location: C:\Documents and Settings\GLORIA\Local Settings\Temporary Internet Files\Content.IE5\WT67WD4V\id=1254589247&ga_hid=1210192577&ga_fc=0&u_tz=120&u_his=4&u_java=1&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_nplug=0&u_nmime=0&biw=1007&bih=519&fu=0&ifi=1&dtd=16
      Removable: Yes (but clean up not recommended for this file)
      Notes: (no more detail available)


      puedes decirme que debo hacer?

    9. #9
      Usuario Avatar de vasc
      Registrado
      nov 2007
      Ubicación
      palma de mallorca
      Mensajes
      181

      Re: Ventanas emergentes

      Hola de nuevo,he conseguido pasar combo fix,te djo el log:


      ComboFix 09-11-16.05 - JOSE 16/11/2009 12:29:37.3.2 - FAT32x86
      Microsoft Windows XP Professional 5.1.2600.3.1252.34.1033.18.1023.598 [GMT 1:00]
      Running from: C:\Documents and Settings\JOSE\Desktop\ComboFix.exe
      AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
      FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Documents and Settings\JOSE\Application Data\020000002b13952d687C.manifest
      C:\Documents and Settings\JOSE\Application Data\020000002b13952d687O.manifest
      C:\Documents and Settings\JOSE\Application Data\020000002b13952d687P.manifest
      C:\Documents and Settings\JOSE\Application Data\020000002b13952d687S.manifest
      C:\Documents and Settings\JOSE\Application Data\Desktopicon
      C:\Documents and Settings\JOSE\Application Data\Desktopicon\eBay.ico
      C:\Documents and Settings\JOSE\Application Data\Desktopicon\uninst.exe
      C:\WINDOWS\kb913800.exe
      C:\WINDOWS\system32\autorun.ini

      Infected copy of C:\WINDOWS\system32\drivers\atapi.sys was found and disinfected
      Restored copy from - Kitty ate it :p
      .
      ((((((((((((((((((((((((( Files Created from 2009-10-16 to 2009-11-16 )))))))))))))))))))))))))))))))
      .

      2009-12-31 21:07:28 . 2009-12-31 21:07:52 0 d-----w- C:\ERDNT
      2009-12-31 19:08:45 . 2009-10-02 20:21:17 0 d-----w- C:\Program Files\SimpleAgenda
      2009-12-31 19:07:43 . 2009-12-31 19:08:33 253952 ------w- C:\WINDOWS\Setup1.exe
      2009-12-31 19:07:41 . 2009-12-31 19:08:33 74240 ----a-w- C:\WINDOWS\ST6UNST.EXE
      2009-12-31 14:37:47 . 2009-12-31 14:37:47 0 d-----w- C:\Documents and Settings\JOSE\Local Settings\Application Data\Help
      2009-12-31 14:26:12 . 1999-01-20 04:01:00 210032 ----a-w- C:\WINDOWS\system32\DBCLIENT.DLL
      2009-12-31 14:26:11 . 2009-12-31 14:26:11 0 d-----w- C:\Program Files\Common Files\Borland Shared
      2009-12-31 14:26:06 . 2009-10-08 19:26:25 0 d-----w- C:\Program Files\Arcadina
      2009-12-31 13:38:19 . 2009-12-31 13:38:19 0 d-----w- C:\Documents and Settings\JOSE\Application Data\MSD_Soft
      2009-12-30 20:51:20 . 2009-12-30 20:51:20 26 ----a-w- C:\WINDOWS\WINSTART.BAT
      2009-12-30 20:51:20 . 2009-12-30 20:51:20 123 ----a-w- C:\WINDOWS\TMPCPYIS.BAT
      2009-12-30 20:51:20 . 2009-12-30 20:51:20 122 ----a-w- C:\WINDOWS\TMPDELIS.BAT
      2009-12-30 20:50:51 . 2009-12-30 20:50:51 0 d-----w- C:\~QTWTMP.TMP
      2009-12-30 20:49:49 . 1997-01-10 17:37:38 252928 ----a-w- C:\WINDOWS\UN16040A.EXE
      2009-12-30 20:49:49 . 1996-02-08 17:07:48 247296 ----a-w- C:\WINDOWS\UN160410.EXE
      2009-12-30 20:49:49 . 1995-07-13 18:43:40 26768 ----a-w- C:\WINDOWS\system\CTL3D.DLL
      2009-12-30 20:49:46 . 2009-12-30 20:49:46 0 d-----w- C:\Documents and Settings\GLORIA\WINDOWS
      2009-11-14 19:36:45 . 2009-11-15 09:02:38 0 d-----w- C:\Program Files\Unlocker
      2009-11-14 17:43:26 . 2009-11-14 17:43:26 0 d-----w- C:\Documents and Settings\GLORIA\Local Settings\Application Data\Ashampoo
      2009-11-14 16:06:18 . 2009-11-14 16:12:46 0 d-----w- C:\Program Files\Cracklock
      2009-11-14 16:06:18 . 2005-11-06 23:36:00 118784 ----a-w- C:\WINDOWS\system32\CLKERN.DLL
      2009-11-13 15:04:11 . 2009-11-13 19:56:33 0 d-----w- C:\Documents and Settings\JOSE\Local Settings\Application Data\Ashampoo
      2009-11-13 13:03:12 . 2009-11-13 13:03:12 932368 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
      2009-11-13 13:03:12 . 2009-11-13 13:03:12 678416 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
      2009-11-13 13:03:12 . 2009-11-13 13:03:12 604688 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
      2009-11-13 13:03:12 . 2009-11-13 13:03:12 1096208 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
      2009-11-13 13:03:11 . 2009-11-13 13:03:11 522768 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
      2009-11-13 12:58:33 . 2009-11-13 12:58:33 95259 ----a-w- C:\WINDOWS\system32\drivers\klick.dat
      2009-11-13 12:58:33 . 2009-11-13 12:58:33 108059 ----a-w- C:\WINDOWS\system32\drivers\klin.dat
      2009-11-13 12:57:50 . 2009-11-16 11:39:58 0 d-----w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
      2009-11-13 12:57:50 . 2009-11-13 12:57:50 0 d-----w- C:\Program Files\Kaspersky Lab
      2009-11-13 12:52:24 . 2009-11-13 12:52:24 0 d-----w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
      2009-11-09 20:51:58 . 2009-11-09 20:51:58 0 d-----w- C:\Documents and Settings\GLORIA\Application Data\Smart-Ads-Solutions
      2009-11-09 20:50:40 . 2009-11-09 20:50:40 0 d-----w- C:\Documents and Settings\GLORIA\Application Data\Malwarebytes
      2009-11-09 16:52:19 . 2009-11-09 16:52:19 0 d-----w- C:\Documents and Settings\JOSE\Application Data\Smart-Ads-Solutions
      2009-11-09 16:52:14 . 2009-11-11 21:17:49 0 d-----w- C:\Documents and Settings\JOSE\Application Data\Messenger
      2009-11-09 16:52:13 . 2009-11-09 16:52:13 0 d-----w- C:\Program Files\Smart-Ads-Solutions
      2009-11-09 14:43:27 . 2009-11-09 14:43:27 0 d-----w- C:\Program Files\Elaborate Bytes
      2009-11-09 14:36:14 . 2009-11-09 14:36:24 0 d-----w- C:\Nueva carpeta
      2009-11-09 14:33:36 . 2009-11-09 14:33:36 0 d-----w- C:\Program Files\Smart Projects
      2009-11-08 23:11:10 . 2009-11-16 11:17:55 0 d-----w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2009-11-08 23:11:10 . 2009-11-08 23:12:25 0 d-----w- C:\Program Files\Spybot - Search & Destroy
      2009-11-07 15:29:11 . 2009-11-07 15:29:11 0 d-----w- C:\Program Files\Softonic_Espana_PCM
      2009-11-07 15:29:08 . 2009-05-12 12:07:14 51200 ----a-w- C:\Documents and Settings\GLORIA\Application Data\Mozilla\Firefox\Profiles\927lcvy6.default\extensions\{500064de-0129-4e91-bbf0-0fc2da9660fb}\components\FFExternalAlert.dll
      2009-11-07 15:29:08 . 2009-05-12 12:07:14 114688 ----a-w- C:\Documents and Settings\GLORIA\Application Data\Mozilla\Firefox\Profiles\927lcvy6.default\extensions\{500064de-0129-4e91-bbf0-0fc2da9660fb}\components\npmozax.dll
      2009-11-07 15:29:04 . 2009-11-07 15:29:04 0 d-----w- C:\Program Files\Common Files\Bcgsoft
      2009-11-07 15:28:42 . 2009-11-07 15:28:42 0 d-----w- C:\Program Files\PearlMountain Soft
      2009-11-07 09:31:36 . 2009-11-10 17:11:34 0 d-----w- C:\Documents and Settings\GLORIA\Tracing
      2009-11-06 18:53:53 . 2009-11-06 18:53:53 0 d-----w- C:\Documents and Settings\JOSE\Local Settings\Application Data\RcIncidents
      2009-11-06 12:51:20 . 2009-11-16 11:40:01 0 d-----w- C:\Documents and Settings\JOSE\Tracing
      2009-11-06 12:46:04 . 2009-11-06 12:46:04 0 d-----w- C:\Program Files\Microsoft
      2009-11-06 12:45:50 . 2009-11-06 12:45:50 0 d-----w- C:\Program Files\Windows Live SkyDrive
      2009-11-06 12:43:57 . 2009-11-06 12:43:57 0 d-----w- C:\Program Files\Common Files\Windows Live
      2009-11-05 19:49:50 . 2009-11-05 19:49:50 0 d-----w- C:\Documents and Settings\GLORIA\Application Data\TuneUp Software
      2009-11-05 14:14:34 . 2009-11-05 14:14:34 0 d-----w- C:\Documents and Settings\JOSE\DoctorWeb
      2009-11-02 16:11:38 . 2009-11-02 16:11:38 0 d-----w- C:\Program Files\Sophos
      2009-11-02 15:54:11 . 2009-11-02 15:54:11 0 d-----w- C:\Documents and Settings\JOSE\Application Data\Malwarebytes
      2009-11-02 15:54:05 . 2009-09-10 13:54:06 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
      2009-11-02 15:54:04 . 2009-11-02 15:54:10 0 d-----w- C:\Program Files\Malwarebytes' Anti-Malware
      2009-11-02 15:54:04 . 2009-11-02 15:54:04 0 d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2009-11-02 15:54:04 . 2009-09-10 13:53:50 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
      2009-11-01 18:57:19 . 2009-11-09 18:29:09 0 d-----w- C:\Documents and Settings\All Users\Application Data\DVD Shrink
      2009-11-01 18:57:15 . 2009-11-01 18:57:15 0 d-----w- C:\Program Files\DVD Shrink
      2009-10-31 11:54:32 . 2009-10-31 11:54:32 0 d-----w- C:\Documents and Settings\All Users\Application Data\nView_Profiles
      2009-10-26 14:02:33 . 2009-11-10 16:22:22 0 d-----w- C:\WINDOWS\SoftR
      2009-10-26 09:42:50 . 2009-10-26 09:42:51 0 d-----w- C:\Program Files\CCleaner
      2009-10-25 20:26:38 . 2009-11-03 19:11:39 0 d-----w- C:\Documents and Settings\JOSE\Local Settings\Application Data\photoOptimizeHistoryDataBase
      2009-10-25 20:26:37 . 2009-11-16 08:33:01 0 d-----w- C:\Documents and Settings\JOSE\Local Settings\Application Data\Ashampoo Photo Optimizer 3
      2009-10-25 20:26:28 . 2009-11-13 14:41:01 0 d-----w- C:\Program Files\Ashampoo
      2009-10-21 13:00:21 . 2009-10-21 13:00:21 0 d-----w- C:\Program Files\Common Files\VCAMEye
      2009-10-21 13:00:21 . 2005-06-20 19:27:02 390912 ----a-w- C:\WINDOWS\system32\drivers\snpstd.sys
      2009-10-21 13:00:21 . 2005-04-15 04:20:40 98304 ----a-w- C:\WINDOWS\system32\rsnpstd.dll
      2009-10-21 13:00:21 . 2004-09-24 08:58:56 36864 ----a-w- C:\WINDOWS\system32\vsnpstd.dll
      2009-10-21 13:00:21 . 2004-06-10 11:48:04 286720 ----a-w- C:\WINDOWS\vsnpstd.exe
      2009-10-21 13:00:21 . 2004-05-06 09:22:02 53248 ----a-w- C:\WINDOWS\system32\dsnpstd.dll
      2009-10-21 13:00:21 . 2004-02-16 11:59:50 61440 ----a-w- C:\WINDOWS\system32\csnpstd.dll
      2009-10-20 19:34:56 . 2009-10-20 19:34:56 219664 ----a-w- C:\WINDOWS\system32\klogon.dll
      2009-10-20 16:54:20 . 2009-10-20 16:54:20 59992 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe
      2009-10-19 12:14:38 . 2009-10-19 12:14:38 1123594 ----a-w- C:\ersave.dat

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .


      Tambien dejo este:

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 12:56:05, on 16/11/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16915)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\ehome\ehtray.exe
      C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\WINDOWS\RTHDCPL.EXE
      C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\TUProgSt.exe
      C:\WINDOWS\ehome\mcrdsvc.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\WINDOWS\explorer.exe
      C:\WINDOWS\system32\wscntfy.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wwwgoogle.com/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [LaunchApp] Alaunch
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
      O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
      O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
      O4 - HKLM\..\Run: ['Ashampoo AntiSpyWare 2 Guard'] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
      O9 - Extra button: Selección inteligente de HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
      O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
      O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Programador de LiveUpdate automático - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
      O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
      O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

      --
      End of file - 8200 bytes



      Saludos

    10. #10
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.841

      Re: Ventanas emergentes

      Realiza lo siguiente :

      • Clic en INICIO > EJECUTAR >
        • Y ahí pones notepad.exe y ACEPTAR
        • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad


      Código:
      KillAll::
      
      File::
      C:\WINDOWS\Setup1.exe
      C:\WINDOWS\ST6UNST.EXE
      C:\WINDOWS\WINSTART.BAT
      C:\WINDOWS\TMPCPYIS.BAT
      C:\WINDOWS\TMPDELIS.BAT
      C:\~QTWTMP.TMP
      C:\WINDOWS\UN16040A.EXE
      C:\WINDOWS\UN160410.EXE


      • Guarda este archivo con el nombre CFScript.txt
      • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



      • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.



      PD: Asegurate de copiar y pegar el reporte completo de ComboFix en esta ocaciòn...porque en tu anterior respuesta, solo pusiste una parte del mismo.




      saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo