Preguntar | Conectar | Registrarse | Recordar contraseña | Colaborar |
Usuarios registrados: 517.850 | Top visitas día: 416.892
Portada Foro Ayuda Tutoriales Programas Blog Tecnología Drivers Videos
Windows | Android | iOS | Comunidad | Hazte Fan | Síguenos Buscador

Ver ConfigurarEquipos TV

InicioForosForo VirusSe abren paginas de publicidad solas

Se abren paginas de publicidad solas


samago
0 puntos
4 posts

2009-07-29 20:16 - Respuestas: 6 - Tema nº: 2609530


Windows Vista AMD ATHOLN 3800+ 4GB RAM.

hola buen dia, ya brobe con el programa combofix pero al parecer todo sigue igual
este el el log que me genero:

ComboFix 09-07-29.01 - Shava&Zhuy 07/29/2009 10:56.1.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.3070.2182 [GMT -7:00]
Running from: c:\users\Shava&Zhuy\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-29 )))))))))))))))))))))))))))))))
.

2009-07-29 11:49 . 2009-07-29 11:53 d-w- c:\program files\Anti Trojan Elite
2009-07-29 11:40 . 2009-07-29 11:40 d-w- c:\progra~2\Office Genuine Advantage
2009-07-29 11:25 . 2009-07-29 11:22 4152184 a-w- c:\windows\system32\wgaer_m.exe
2009-07-29 11:06 . 2008-06-20 01:14 105016 a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-29 11:06 . 2008-06-20 01:14 97800 a-w- c:\windows\system32\infocardapi.dll
2009-07-29 11:06 . 2008-06-20 01:14 43544 a-w- c:\windows\system32\PresentationHostProxy.dll
2009-07-29 11:06 . 2008-06-20 01:14 11264 a-w- c:\windows\system32\icardres.dll
2009-07-29 11:06 . 2008-06-20 01:14 622080 a-w- c:\windows\system32\icardagt.exe
2009-07-29 11:06 . 2008-06-20 01:14 781344 a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-07-29 11:06 . 2008-06-20 01:14 326160 a-w- c:\windows\system32\PresentationHost.exe
2009-07-29 11:00 . 2008-07-27 18:03 96760 a-w- c:\windows\system32\dfshim.dll
2009-07-29 11:00 . 2008-07-27 18:03 282112 a-w- c:\windows\system32\mscoree.dll
2009-07-29 11:00 . 2008-07-27 18:03 41984 a-w- c:\windows\system32\netfxperf.dll
2009-07-29 11:00 . 2008-07-27 18:03 158720 a-w- c:\windows\system32\mscorier.dll
2009-07-29 11:00 . 2008-07-27 18:03 83968 a-w- c:\windows\system32\mscories.dll
2009-07-29 03:56 . 2009-07-29 03:56 d-w- c:\progra~2\part dead amok eggs
2009-07-29 03:53 . 2009-07-29 03:57 d-w- c:\progra~2\aimdrawrule
2009-07-29 03:04 . 2009-07-29 04:08 d-r- c:\users\Shava&Zhuy\zHuiidOcs!!
2009-07-29 02:44 . 2006-11-10 16:19 356352 a-w- c:\windows\system32\nvusmu.exe
2009-07-29 02:43 . 2006-11-08 15:48 356352 a-w- c:\windows\system32\nvusmb.exe
2009-07-29 02:43 . 2007-01-15 22:53 356352 a-w- c:\windows\system32\NVUNINST.EXE
2009-07-29 02:43 . 2009-07-29 02:43 d-w- c:\users\Shava&Zhuy\AppData\Roaming\InstallShield
2009-07-29 02:43 . 2009-07-29 02:43 d-w- C:\NVIDIA
2009-07-29 02:39 . 2009-07-29 05:17 d-w- c:\progra~2\Messenger Plus!
2009-07-29 02:20 . 2008-10-22 01:22 2048 a-w- c:\windows\system32\tzres.dll
2009-07-29 02:13 . 2009-07-29 02:13 d-w- c:\program files\Common Files\xing shared
2009-07-29 02:13 . 2009-07-29 02:13 d-w- c:\program files\Real
2009-07-29 02:05 . 2009-07-29 03:52 d-w- c:\program files\Crcle Developement
2009-07-29 02:05 . 2009-07-29 03:52 d-w- c:\program files\Messenger Plus! Live
2009-07-29 02:04 . 2009-07-29 02:04 d-w- c:\users\Shava&Zhuy\AppData\Roaming\Roxio
2009-07-29 02:04 . 2009-07-29 02:04 d-w- c:\users\Shava&Zhuy\AppData\Local\RoxioCentralFx
2009-07-29 01:59 . 2009-07-29 17:36 d-w- c:\users\Shava&Zhuy\Tracing
2009-07-29 01:59 . 2009-07-29 01:59 d-w- c:\program files\Microsoft Silverlight
2009-07-29 01:57 . 2009-07-29 01:57 d-w- c:\program files\Microsoft SQL Server Compact Edition
2009-07-29 01:55 . 2009-07-29 01:55 d-w- c:\program files\Microsoft
2009-07-29 01:55 . 2009-07-29 01:55 d-w- c:\program files\Windows Live SkyDrive
2009-07-29 01:54 . 2009-07-29 01:59 d-w- c:\program files\Windows Live
2009-07-29 01:53 . 2009-07-29 01:53 d-w- c:\progra~2\Uninstall
2009-07-29 01:50 . 2009-07-29 01:50 d-w- c:\program files\Roxio
2009-07-29 01:46 . 2009-07-29 01:46 d-w- c:\progra~2\InstallShield
2009-07-29 01:43 . 2009-07-29 01:46 d-w- c:\progra~2\Roxio
2009-07-29 01:43 . 2009-07-29 01:48 d-w- c:\program files\Common Files\Sonic Shared
2009-07-29 01:42 . 2009-07-29 01:51 d-w- c:\progra~2\Sonic
2009-07-29 01:41 . 2009-07-29 01:50 d-w- c:\program files\Common Files\PX Storage Engine
2009-07-29 01:41 . 2009-07-29 01:45 d-w- c:\program files\Common Files\Roxio Shared
2009-07-29 01:41 . 2009-07-29 01:49 d-w- c:\program files\Roxio Creator 2009
2009-07-29 01:41 . 2009-07-29 01:41 d-w- c:\progra~2\eSellerate
2009-07-29 01:41 . 2009-07-29 01:52 d-w- c:\progra~2\SmartSound Software Inc
2009-07-29 01:41 . 2009-07-29 01:41 d-w- c:\program files\SmartSound Software
2009-07-29 01:21 . 2009-07-29 01:21 d-w- c:\users\Shava&Zhuy\AppData\Roaming\DivX
2009-07-29 01:09 . 2009-07-29 01:09 d-w- c:\program files\BS_Player
2009-07-29 01:09 . 2009-07-29 01:09 d-w- c:\program files\Conduit
2009-07-29 01:09 . 2009-07-29 01:33 d-w- c:\users\Shava&Zhuy\AppData\Roaming\BSplayer
2009-07-29 01:09 . 2009-07-29 01:09 d-w- c:\users\Shava&Zhuy\AppData\Roaming\BSplayer Pro
2009-07-29 01:09 . 2009-07-29 01:09 d-w- c:\program files\Webteh
2009-07-29 00:57 . 2009-07-29 16:59 d-w- C:\Downloads
2009-07-29 00:20 . 2009-02-05 20:06 23152 a-w- c:\windows\system32\drivers\aswRdr.sys
2009-07-29 00:20 . 2009-02-05 20:06 51376 a-w- c:\windows\system32\drivers\aswTdi.sys
2009-07-29 00:20 . 2009-02-05 20:07 114768 a-w- c:\windows\system32\drivers\aswSP.sys
2009-07-29 00:20 . 2009-02-05 20:07 20560 a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-07-29 00:20 . 2009-02-05 20:04 97480 a-w- c:\windows\system32\AvastSS.scr
2009-07-29 00:19 . 2009-02-05 20:11 1256296 a-w- c:\windows\system32\aswBoot.exe
2009-07-29 00:19 . 2009-02-05 20:06 51792 a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-07-29 00:19 . 2003-03-18 19:20 1060864 a-w- c:\windows\system32\MFC71.dll
2009-07-29 00:19 . 2003-03-18 18:14 499712 a-w- c:\windows\system32\MSVCP71.dll
2009-07-29 00:19 . 2003-02-21 02:42 348160 a-w- c:\windows\system32\MSVCR71.dll
2009-07-29 00:19 . 2009-07-29 00:19 d-w- c:\program files\Alwil Software
2009-07-28 23:46 . 2009-07-28 23:46 d-w- c:\program files\BitComet
2009-07-28 23:43 . 2009-07-28 23:43 d-w- c:\windows\system32\Macromed
2009-07-28 23:30 . 2009-07-28 23:30 d-w- c:\program files\Common Files\Adobe AIR
2009-07-28 23:29 . 2009-07-28 23:29 d-w- c:\program files\Common Files\Adobe
2009-07-28 23:27 . 2004-02-27 07:00 962612 a-w- c:\windows\system32\mfc42d.dll
2009-07-28 23:27 . 2004-02-17 07:00 434252 a-w- c:\windows\system32\MSVCRTD.DLL
2009-07-28 23:26 . 2007-12-18 00:14 12400 a-w- c:\windows\system32\drivers\AsIO.sys
2009-07-28 23:26 . 2006-01-10 23:50 24576 a-w- c:\windows\system32\AsIO.dll
2009-07-28 23:26 . 2009-07-29 01:53 dhw- c:\program files\InstallShield Installation Information
2009-07-28 23:26 . 2009-07-28 23:26 d-w- c:\program files\ASUS
2009-07-28 23:26 . 2008-01-04 20:34 11832 a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2009-07-28 23:26 . 2008-01-04 20:34 10216 a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2009-07-28 23:26 . 2009-07-29 01:43 d-w- c:\program files\Common Files\InstallShield
2009-07-28 23:24 . 2009-07-28 22:29 d-w- c:\windows\Panther
2009-07-28 23:12 . 2009-07-28 23:12 d-w- c:\program files\Common Files\Windows Live
2009-07-28 23:10 . 2009-04-30 12:37 428544 a-w- c:\windows\system32\EncDec.dll
2009-07-28 23:10 . 2009-04-30 12:37 293376 a-w- c:\windows\system32\psisdecd.dll
2009-07-28 23:07 . 2009-07-29 02:13 d-w- c:\program files\Common Files\Real
2009-07-28 23:07 . 2009-07-28 23:07 d-w- c:\program files\Haihaisoft Universal Player
2009-07-28 23:05 . 2009-07-28 23:05 d-w- c:\users\Shava&Zhuy\AppData\Local\Ares
2009-07-28 22:55 . 2009-07-29 11:17 d-w- c:\program files\Microsoft Works
2009-07-28 22:54 . 2008-09-05 05:14 1191936 a-w- c:\windows\system32\msxml3.dll
2009-07-28 22:54 . 2008-08-12 03:39 443392 a-w- c:\windows\system32\win32spl.dll
2009-07-28 22:54 . 2008-10-21 05:25 1645568 a-w- c:\windows\system32\connect.dll
2009-07-28 22:53 . 2008-12-16 05:31 7680 a-w- c:\windows\system32\spwmp.dll
2009-07-28 22:53 . 2008-12-16 05:31 4096 a-w- c:\windows\system32\dxmasf.dll
2009-07-28 22:53 . 2008-12-16 03:29 8147456 a-w- c:\windows\system32\wmploc.DLL
2009-07-28 22:53 . 2009-07-28 22:53 d-w- c:\windows\PCHEALTH
2009-07-28 22:53 . 2009-07-28 22:53 d-w- c:\program files\Microsoft.NET
2009-07-28 22:52 . 2008-12-16 02:42 288768 a-w- c:\windows\system32\drivers\srv.sys
2009-07-28 22:52 . 2008-08-27 01:05 212480 a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-07-28 22:52 . 2009-04-23 12:42 636928 a-w- c:\windows\system32\localspl.dll
2009-07-28 22:51 . 2008-09-18 04:56 125952 a-w- c:\windows\system32\wersvc.dll
2009-07-28 22:51 . 2008-09-18 04:56 147456 a-w- c:\windows\system32\Faultrep.dll
2009-07-28 22:51 . 2009-07-28 22:51 d-w- c:\program files\Microsoft Visual Studio 8
2009-07-28 22:51 . 2008-10-21 05:25 296960 a-w- c:\windows\system32\gdi32.dll
2009-07-28 22:50 . 2009-04-23 12:43 784896 a-w- c:\windows\system32\rpcrt4.dll
2009-07-28 22:50 . 2008-10-22 03:57 241152 a-w- c:\windows\system32\PortableDeviceApi.dll
2009-07-28 22:50 . 2009-07-28 22:50 d-w- c:\users\Shava&Zhuy\AppData\Local\Microsoft Help
2009-07-28 22:50 . 2009-07-29 11:23 d-w- c:\progra~2\Microsoft Help
2009-07-28 22:50 . 2009-07-29 11:23 d-shw- c:\windows\Installer
2009-07-28 22:49 . 2009-07-28 22:49 dhr- C:\MSOCache
2009-07-28 22:48 . 2008-11-27 04:43 268288 a-w- c:\windows\system32\schannel.dll
2009-07-28 22:48 . 2008-06-06 03:27 38912 a-w- c:\windows\system32\xolehlp.dll
2009-07-28 22:48 . 2008-06-06 03:27 562176 a-w- c:\windows\system32\msdtcprx.dll
2009-07-28 22:48 . 2008-09-10 03:40 1334272 a-w- c:\windows\system32\msxml6.dll
2009-07-28 22:37 . 2009-07-29 11:28 115312 a-w- c:\users\Shava&Zhuy\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-28 22:34 . 2008-10-16 21:13 1809944 a-w- c:\windows\system32\wuaueng.dll
2009-07-28 22:34 . 2008-10-16 21:09 51224 a-w- c:\windows\system32\wuauclt.exe
2009-07-28 22:34 . 2008-10-16 21:09 43544 a-w- c:\windows\system32\wups2.dll
2009-07-28 22:34 . 2008-10-16 20:56 1524736 a-w- c:\windows\system32\wucltux.dll
2009-07-28 22:34 . 2008-10-16 21:12 561688 a-w- c:\windows\system32\wuapi.dll
2009-07-28 22:34 . 2008-10-16 21:08 34328 a-w- c:\windows\system32\wups.dll
2009-07-28 22:34 . 2008-10-16 20:55 83456 a-w- c:\windows\system32\wudriver.dll
2009-07-28 22:34 . 2008-10-16 21:08 162064 a-w- c:\windows\system32\wuwebv.dll
2009-07-28 22:34 . 2008-10-16 20:56 31232 a-w- c:\windows\system32\wuapp.exe
2009-07-28 22:31 . 2009-07-29 02:15 d-w- c:\windows\Debug

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-29 02:23 . 2006-11-02 11:18 d-w- c:\program files\Windows Mail
2009-07-29 01:40 . 2009-07-29 01:40 10134 a-r- c:\users\Shava&Zhuy\AppData\Roaming\Microsoft\Installer\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}\ARPPRODUCTICON.exe
2009-07-29 01:37 . 2009-07-29 01:37 0 -ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-07-28 22:54 . 2006-11-02 12:35 d-w- c:\program files\MSBuild
2009-07-21 21:52 . 2009-07-29 10:59 915456 a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 10:59 109056 a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 10:59 71680 a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 10:59 133632 a-w- c:\windows\system32\ieUnatt.exe
2009-06-15 15:24 . 2009-07-28 22:57 156672 a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-28 22:57 72704 a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-28 22:57 10240 a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-28 22:57 289792 a-w- c:\windows\system32\atmfd.dll
2008-04-09 23:35 . 2008-04-09 23:35 8192 sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-07-02 17:18 2215960 a-w- c:\program files\BS_Player\tbBS_P.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uploadmeet"="c:\programdata\vcphonephone.w2fsu4" [X]
"Amok Eggs Four Web"="c:\programdata\one blue phone.e7ihiyl" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-07 3885408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe" [2008-08-14 240112]
"CPMonitor"="c:\program files\Roxio Creator 2009\5.0\CPMonitor.exe" [2008-08-10 80368]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-29 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7C029C57-2359-489C-8F02-80F634BD0042}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{2DCDF3AF-0494-47CB-B51B-DE7D4BA2DA81}"= UDP:c:\program files\BitComet\BitComet.exe:BitComet.exe
"{BB657A16-0C55-42A4-8AEE-9C28ABF15053}"= TCP:c:\program files\BitComet\BitComet.exe:BitComet.exe
"{99C2BF1D-FD4B-4551-A4CA-D9AAEADC0118}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{B5FC9E12-361D-4DD9-8BA4-4D7881C73C10}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{04DDCB89-0D02-44B7-B9CA-468E601F8C80}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [7/28/2009 5:20 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [7/28/2009 5:20 PM 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [7/28/2009 5:19 PM 51792]
R2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMON.sys [7/29/2009 4:49 AM 7798]
R3 3xHybrid;SAA713x TV Card Service;c:\windows\System32\drivers\3xHybrid.sys [7/6/2007 8:00 PM 906368]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [8/14/2008 12:25 AM 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [8/14/2008 12:24 AM 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [8/14/2008 12:24 AM 170480]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [8/14/2008 12:25 AM 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [8/14/2008 12:23 AM 1124848]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
- Supplementary Scan -
.
uStart Page = hxxp://www.google.com.mx/
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-29 11:00
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-07-29 11:02
ComboFix-quarantined-files.txt 2009-07-29 18:02
ComboFix2.txt 2009-07-29 17:31

Pre-Run: 195,366,318,080 bytes free
Post-Run: 195,339,173,888 bytes free

225 - E O F - 2009-07-29 11:45





necesito ayuda, gracias......

Comentarios adicionales: El problema surgió justo despues de instalar un programa.
Se abren paginas de publicidad solas »

Más sobre: Windows Windows Vista MSN Messenger Drivers Instalar Windows Monitores Problemas Internet Microsoft Amd Software Correo electrónico Outlook Internet Explorer TV PDF Google P2P Videos



Posibles soluciones:
Se abren paginas de publicidad solasSe abren paginas de publicidad solas
Se me abren paginas de publicidad solasSe me abren paginas de publicidad solas
Se me abren paginas de publicidad solas (solucionado)Se me abren paginas de publicidad solas (solucionado)
Se me abren ventanas de publicidad solasSe me abren ventanas de publicidad solas
Se abren ventanas de explorer solas con publicidadSe abren ventanas de explorer solas con publicidad



marinalope
5831 puntos
25.373 posts


Re: Se abren paginas de publicidad solas - 2009-07-29 20:24 - Respuesta 2

Hola samago.Sigue estos pasos:

Paso 1: Descarga e instala los siguientes programas:

Spybot
Ccleaner (Manual de uso aquí)
Unlocker.
SUPERAntispyware (Manual de uso aquí)
RegSeeker. (Este último no requiere instalación. Sólo descomprímelo y mueve la carpeta a archivos de programa. Luego puedes crear un acceso directo del ejecutable en el escritorio)
Hijackthis (Manual de uso aquí)

Paso 2: Inicia en modo seguro con funciones de red

Paso 3: Haz una limpieza de archivos temporales con el Ccleaner

Paso 4: Actualiza el Spybot y el SUPERAntispyware

Paso 5: Escanea tu equipo con el Spybot, luego con el SUPERAntispyware, y limpia lo que te encuentren.

Paso 6: Escanea tu equipo con algún antivirus on-line.

Te recomiendo alguno de estos:

Panda antivirus
Computer associates
Trend micro (Para usar éste, necesitas tener instalado el Java)
Bit defender
Nod32

Paso 7: Reinicia nuevamente en modo seguro y escanea nuevamente con el Spybot y limpia lo que encuentre

Paso 8: Haz una limpieza de registro con el Regseeker (Escanea varias veces hasta que ya no quede nada por limpiar)

Paso 9: Reinicia en modo normal.

Paso 10: Abre el hijackthis y le das en donde dice Do a system scan and save a log file.
Te generará un archivo de texto. Copia su contenido y lo pegas aqui para que sea analizado.

Más sobre: Antivirus Programas CCleaner HijackThis Archivos



samago
0 puntos
4 posts


Re: Se abren paginas de publicidad solas - 2009-07-30 00:42 - Respuesta 3

ya hice lo ke me dijeron pero volvio a aparecer otra pagina de publicidad
CiD, te envio lo ke me pediste:

Logfile of HijackThis v1.99.1
Scan saved at 1:51:11 PM, on 7/29/2009
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HK\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uploadmeet] "C:\ProgramData\vcphonephone.w2fsu4"
O4 - HKCU\..\Run: [Amok Eggs Four Web] "C:\ProgramData\one blue phone.e7ihiyl"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)


Más sobre: Windows MSN Messenger Monitores Antivirus Programas Internet Microsoft Amd Software Correo electrónico Internet Explorer HijackThis GPS P2P Videos



marinalope
5831 puntos
25.373 posts


Re: Se abren paginas de publicidad solas - 2009-07-30 00:48 - Respuesta 4

Esa versión del HijackThis es antigua.Utiliza la que puedes descrgar del enlace que te puse.
¿Que versión de Windows usas?.

Más sobre: Windows Programas HijackThis



samago
0 puntos
4 posts


Re: Se abren paginas de publicidad solas - 2009-07-30 01:20 - Respuesta 5

utilizo windows vista ultimate

Más sobre: Windows Windows Vista



Página:1 2 Siguiente


Respuestas relacionadas:
Se me abren paginas solasSe me abren paginas solasForo
Paginas que se abren solasPaginas que se abren solasForo
Paginas que se abren solasPaginas que se abren solasForo
Se abren paginas solas en mi pcSe abren paginas solas en mi pcForo
Paginas que se abren solasPaginas que se abren solasForo
Páginas que se abren solasPáginas que se abren solasForo
Se abren paginas solasSe abren paginas solasForo
Se abren paginas solasSe abren paginas solasForo
Se me abren paginas solas (solucionado)Se me abren paginas solas (solucionado)Foro
Se abren paginas solas en windows 7Se abren paginas solas en windows 7Foro


Ver también:
Se abren paginas de publicidad solasSe abren paginas de publicidad solas »








Configurarequipos TVIpad 2IpadIphone 4Windows 7Windows VistaWindows XPWindowsFormatear disco duroHotmail
Aviso LegalPolitica de PrivacidadReferencias en PrensaColaborarContactar
PORTADA¿Qué es ConfigurarEquipos?Editores y ModeradoresLogoDirectorio




Buscar: en
ConfigurarEquipos.com® 2014 | 23-09-2014 04:19:41 Informática Windows | Mapa Web | Foro Ayuda