Utilizamos Cookies de terceros para generar estadísticas de audiencia y mostrar publicidad personalizada analizando tu navegación. Si sigues navegando estarás aceptando su uso. Más información X
PortadaForo AyudaTutoriales
Inicio Respuestas Mouse

Problema con el mouse
tazmania72
- 03/05/2012 04:10:05 - Pregunta nº.: 30.498
Hola de nuevo, resulta ser que tengo mi equipo presenta el siguiente problema, desde hace unos dias el touch pad de mi equipo una hp pavilion dv6636nr no funciona correctamente, ya revise los drivers y esta actualizado, cheque en administracion y el touch funciona correctamente, segun lo señala el equipo, ocacionalmente funciona mas o menos pero se batalla para que haga lo que tiene que hacer, si conecto un mouse por medio de la usb también presenta algun problema y de repente no funciona, recientemente compre un mouse inhalambrico y lo mismo en ocaciones funciona correctamente y en otras no, mi pregunta es si sera algun virus que no me detecta ningun AV, ya pase el eset on line y no detecta nada, el panda active scan 2.0 y nada, el bitdefender y nada, mcafee on line y nada. analice con antimalwerebytes y nada, superantispaywere y nada, spyboot search and destroy y nada, todos actualizados segun su manual, no se si sera algun tipo de virus que no sea detectable, ya que todo lo demas funciona correctamente, si inicio el equipo en modo a prueba de errores el touch pad funciona de manera mas o menos regular, pero con problemas también, creanme que ya busque en la red y no encuentro nada que me ayude a solucionar mi problema, menciono que el boton que esta por encima del touch pad no esta en rojo, por lo que no esta desactivado el touch pad, ademas de que esto no deberia inhibir el funcionamiento de los mouse que se conectan mediante la usb, ademas que los puertos usb funcionan correctamente segun yo, ya que cualquier otro dispositivo que se conecta funciona de manera correcta, así que por favor ayúdenme, aca les dejo el log de hijackthis por si es de ayuda. saludos y gracias por su tiempo y ayuda brindada.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:53:31 PM, on 5/2/2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)
Boot mode: Normal

Running processes:
C:\ \ Windows\ \ system32\ \ Dwm.exe
C:\ \ Windows\ \ Explorer.EXE
C:\ \ Windows\ \ system32\ \ taskeng.exe
C:\ \ Program Files\ \ Windows Defender\ \ MSASCui.exe
C:\ \ Program Files\ \ Synaptics\ \ SynTP\ \ SynTPEnh.exe
C:\ \ Program Files\ \ Hewlett-Packard\ \ HP Wireless Assistant\ \ HPWAMain.exe
C:\ \ Program Files\ \ Hewlett-Packard\ \ HP Wireless Assistant\ \ WiFiMsg.exe
C:\ \ Program Files\ \ Java\ \ jre1.6.0\ \ bin\ \ jusched.exe
C:\ \ Program Files\ \ ESET\ \ ESET Smart Security\ \ egui.exe
C:\ \ Program Files\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ QLBCtrl.exe
C:\ \ WINDOWS\ \ System32\ \ rundll32.exe
C:\ \ Program Files\ \ Windows Sidebar\ \ sidebar.exe
C:\ \ Program Files\ \ Common Files\ \ LightScribe\ \ LightScribeControlPanel.exe
C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SUPERANTISPYWARE.EXE
C:\ \ Program Files\ \ McAfee Security Scan\ \ 3.0.271\ \ SSScheduler.exe
C:\ \ Program Files\ \ Hewlett-Packard\ \ Shared\ \ hpqToaster.exe
C:\ \ PROGRAM FILES\ \ SYNAPTICS\ \ SYNTP\ \ SYNTPHELPER.EXE
C:\ \ Program Files\ \ Internet Explorer\ \ ieuser.exe
C:\ \ users\ \ angel\ \ downloads\ \ HijackThis.exe

R1 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R1 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,SearchAssistant =
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,CustomizeSearch =
R0 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ \ PROGRA~1\ \ SPYBOT~1\ \ SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ \ PROGRA~1\ \ MICROS~4\ \ Office14\ \ GROOVEEX.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\ \ Program Files\ \ Java\ \ jre1.6.0\ \ bin\ \ ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ \ PROGRA~1\ \ MICROS~4\ \ Office14\ \ URLREDIR.DLL
O4 - HKLM\ \ .\ \ Run: [Windows Defender] %ProgramFiles%\ \ Windows Defender\ \ MSASCui.exe -hide
O4 - HKLM\ \ .\ \ Run: [SynTPEnh] %ProgramFiles%\ \ Synaptics\ \ SynTP\ \ SynTPEnh.exe
O4 - HKLM\ \ .\ \ Run: [hpWirelessAssistant] %ProgramFiles%\ \ Hewlett-Packard\ \ HP Wireless Assistant\ \ HPWAMain.exe
O4 - HKLM\ \ .\ \ Run: [WAWifiMessage] %ProgramFiles%\ \ Hewlett-Packard\ \ HP Wireless Assistant\ \ WiFiMsg.exe
O4 - HKLM\ \ .\ \ Run: [SunJavaUpdateSched] "C:\ \ Program Files\ \ Java\ \ jre1.6.0\ \ bin\ \ jusched.exe"
O4 - HKLM\ \ .\ \ Run: [egui] "C:\ \ Program Files\ \ ESET\ \ ESET Smart Security\ \ egui.exe" /hide /waitservice
O4 - HKLM\ \ .\ \ Run: [MSConfig] "C:\ \ Windows\ \ system32\ \ msconfig.exe" /auto
O4 - HKLM\ \ .\ \ Run: [QlbCtrl.exe] C:\ \ Program Files\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ QlbCtrl.exe /Start
O4 - HKLM\ \ .\ \ Run: [NvCplDaemon] RUNDLL32.EXE C:\ \ Windows\ \ system32\ \ NvCpl.dll,NvStartup
O4 - HKLM\ \ .\ \ Run: [NvMediaCenter] RUNDLL32.EXE C:\ \ Windows\ \ system32\ \ NvMcTray.dll,NvTaskbarInit
O4 - HKLM\ \ .\ \ RunOnce: [Launcher] %WINDIR%\ \ SMINST\ \ launcher.exe
O4 - HKCU\ \ .\ \ Run: [Sidebar] C:\ \ Program Files\ \ Windows Sidebar\ \ sidebar.exe /autoRun
O4 - HKCU\ \ .\ \ Run: [LightScribe Control Panel] C:\ \ Program Files\ \ Common Files\ \ LightScribe\ \ LightScribeControlPanel.exe -hidden
O4 - HKCU\ \ .\ \ Run: [SUPERAntiSpyware] C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SUPERAntiSpyware.exe
O4 - HKUS\ \ S-1-5-19\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\ \ S-1-5-19\ \ .\ \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\ \ S-1-5-20\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\ \ Program Files\ \ McAfee Security Scan\ \ 3.0.271\ \ SSScheduler.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\ \ Program Files\ \ Java\ \ jre1.6.0\ \ bin\ \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\ \ Program Files\ \ Java\ \ jre1.6.0\ \ bin\ \ ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ Program Files\ \ Microsoft Office\ \ Office14\ \ ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ Program Files\ \ Microsoft Office\ \ Office14\ \ ONBttnIE.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\ \ Program Files\ \ Microsoft Office\ \ Office14\ \ ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\ \ Program Files\ \ Microsoft Office\ \ Office14\ \ ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ \ PROGRA~1\ \ SPYBOT~1\ \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ \ PROGRA~1\ \ SPYBOT~1\ \ SDHelper.dll
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\ \ Program Files\ \ Common Files\ \ Microsoft Shared\ \ OFFICE14\ \ MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\ \ Windows\ \ system32\ \ browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SASCORE.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\ \ Program Files\ \ HP\ \ QuickPlay\ \ Kernel\ \ TV\ \ CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\ \ Program Files\ \ HP\ \ QuickPlay\ \ Kernel\ \ TV\ \ CLSched.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\ \ Program Files\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ Com4QLBEx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\ \ Program Files\ \ ESET\ \ ESET Smart Security\ \ ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\ \ Program Files\ \ Hewlett-Packard\ \ HP Health Check\ \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\ \ Program Files\ \ Hewlett-Packard\ \ Shared\ \ hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\ \ Program Files\ \ Common Files\ \ InstallShield\ \ Driver\ \ 1050\ \ Intel 32\ \ IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\ \ Program Files\ \ Common Files\ \ LightScribe\ \ LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\ \ Program Files\ \ McAfee Security Scan\ \ 3.0.271\ \ McCHSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\ \ Windows\ \ system32\ \ nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\ \ Program Files\ \ Common Files\ \ Roxio Shared\ \ 9.0\ \ SharedCOM\ \ RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\ \ Program Files\ \ Spybot - Search & Destroy\ \ SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\ \ Program Files\ \ Common Files\ \ SureThing Shared\ \ stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\ \ Windows\ \ system32\ \ DRIVERS\ \ xaudio.exe

--
End of file - 8481 bytes



cuando esta a punto de amanecer es cuando el cielo se ve mas obscuro
#1 swissman (39.814 Posts) - 03/05/2012 07:11:33
Hola, los antivirus/antibichos que mencionas, ¿los has pasado en modo normla o seguro?

busca SMINST\ \ launcher.exe y lo subes a www.virustotal.com y nos comentas el resultado. Asímismo, mira con msconfig qué te arranca con el pc, y mira en administradoer de tareas si hay algo sospechoso. Tambié podrias pasar el combofix, pero antes debes aasegurarte de tener actualizada la copia de seguridad de tus archivos, y nada en mis documentos o carpeta similares que pertenecen a windows. Si el archivo arriba indicado essospechoso, marca

O4 - HKLM\ \ .\ \ RunOnce: [Launcher] %WINDIR%\ \ SMINST\ \ launcher.exe

nos cuentas.
saludos

Bajar - Subir
#2 tazmania72 (86 Posts) - 08/05/2012 00:15:01
Gracias swissman por tu ayuda, el archivo que me comentas resulto con una deteccion de 42 en el antivirus total me dice que ViRobot lo detecta como Trojan.Win32.Agent.44168, así que lo marque con el hijackthis y le di fix., reinicie la lap, pero todo sigue igual, cheque lo que se cargaba con el arranque y si tardaba pero eran programas de los que los equipos traen por defecto, en cuanto al administrador de tareas no veo nada raro funcionando y pues no se que mas hacer. ojala me pudieran orientar al respecto, lo que si realice también es que analizamos el disco duro con hhd tune y salio con varios sectores dañado, pudiera ser esto la causa? en fin estare atento a sus comentarios. saludos.

cuando esta a punto de amanecer es cuando el cielo se ve mas obscuro
Bajar - Subir
#3 tazmania72 (86 Posts) - 08/05/2012 01:25:49
Y este es el log que me manda combo fix

combofix 12-05-07.03 - angel 05/07/2012 16:35:38.1.2 - x86
microsoft® windows vista™ home premium 6.0.6001.1.1252.1.1033.18.1982.887 [gmt -6:00]
running from: c:\ \ users\ \ angel\ \ desktop\ \ combofix.exe
av: eset smart security 5.0 *disabled/outdated* {77deafed-8149-104b-25a1-21771ca47cd1}
fw: firewall personal de eset *enabled* {4fe52ec8-cb26-1113-0efe-8842e2773baa}
sp: eset smart security 5.0 *disabled/outdated* {ccbf4e09-a773-1fc5-1f11-1a056723366c}
sp: windows defender *enabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
.
((((((((((((((((((((((((((((((((((((((( other deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\ \ program files\ \ eset\ \ minodlogin
c:\ \ program files\ \ eset\ \ minodlogin\ \ servidores.xml
c:\ \ program files\ \ winrar\ \ setup.s
c:\ \ windows\ \ security\ \ database\ \ tmp.edb
c:\ \ windows\ \ system32\ \ oem41.inf
.
.
((((((((((((((((((((((((( files created from 2012-04-07 to 2012-05-07 )))))))))))))))))))))))))))))))
.
.
2012-05-07 22:46 . 2012-05-07 22:46 -------- d-----w- c:\ \ users\ \ default\ \ appdata\ \ local\ \ temp
2012-05-07 22:32 . 2012-04-18 09:06 6734704 ----a-w- c:\ \ programdata\ \ microsoft\ \ windows defender\ \ definition updates\ \ {479d7486-0c15-4143-a16f-365f568aed39}\ \ mpengine.dll
2012-05-02 21:59 . 2012-05-02 21:59 -------- d-----w- c:\ \ programdata\ \ mcafee security scan
2012-05-02 21:58 . 2012-05-02 21:58 -------- d-----w- c:\ \ program files\ \ mcafee security scan
2012-05-02 21:58 . 2012-05-02 21:58 -------- d-----w- c:\ \ programdata\ \ mcafee
2012-04-30 17:52 . 2012-04-30 17:52 -------- d-----w- c:\ \ program files\ \ sp43867
2012-04-30 07:35 . 2012-04-30 07:35 -------- d-----w- c:\ \ programdata\ \ kaspersky lab
2012-04-30 06:15 . 2012-04-30 06:15 -------- d-----w- c:\ \ programdata\ \ malwarebytes
2012-04-30 06:15 . 2012-04-30 06:18 -------- d-----w- c:\ \ program files\ \ malwarebytes\ ' anti-malware
2012-04-30 06:15 . 2012-04-04 21:56 22344 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ mbam.sys
2012-04-27 03:40 . 2009-06-30 16:37 28552 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ pavboot.sys
2012-04-27 03:40 . 2012-04-27 03:40 -------- d-----w- c:\ \ program files\ \ panda security
2012-04-26 04:32 . 2012-04-28 03:45 -------- d-----w- c:\ \ program files\ \ superantispyware
2012-04-26 04:32 . 2012-04-26 04:32 -------- d-----w- c:\ \ programdata\ \ superantispyware.com
2012-04-26 01:29 . 2012-04-30 06:13 -------- d-----w- c:\ \ programdata\ \ spybot - search & destroy
2012-04-26 01:29 . 2012-04-26 01:31 -------- d-----w- c:\ \ program files\ \ spybot - search & destroy
2012-04-26 01:25 . 2012-04-26 01:25 -------- d-----w- c:\ \ program files\ \ ccleaner
2012-04-24 05:05 . 2012-04-24 05:13 -------- d-----w- c:\ \ program files\ \ glary utilities
2012-04-23 06:05 . 2010-09-20 09:25 231936 ----a-w- c:\ \ windows\ \ system32\ \ msshsq.dll
2012-04-23 03:31 . 2008-05-27 05:17 34816 ----a-w- c:\ \ windows\ \ system32\ \ msscb.dll
2012-04-23 03:31 . 2008-05-27 05:17 11776 ----a-w- c:\ \ windows\ \ system32\ \ msshooks.dll
2012-04-23 03:31 . 2008-05-27 04:59 18904 ----a-w- c:\ \ windows\ \ system32\ \ structuredqueryschematrivial.bin
2012-04-23 03:31 . 2008-05-27 04:59 106605 ----a-w- c:\ \ windows\ \ system32\ \ structuredqueryschema.bin
2012-04-23 03:19 . 2010-04-14 17:46 80896 ----a-w- c:\ \ windows\ \ system32\ \ msnp.ax
2012-04-23 03:19 . 2010-04-14 17:47 293376 ----a-w- c:\ \ windows\ \ system32\ \ psisdecd.dll
2012-04-23 03:19 . 2010-04-14 17:47 217088 ----a-w- c:\ \ windows\ \ system32\ \ psisrndr.ax
2012-04-23 03:11 . 2009-11-08 16:55 99176 ----a-w- c:\ \ windows\ \ system32\ \ presentationhostproxy.dll
2012-04-23 03:11 . 2009-11-08 16:55 49472 ----a-w- c:\ \ windows\ \ system32\ \ netfxperf.dll
2012-04-23 03:11 . 2009-11-08 16:55 297808 ----a-w- c:\ \ windows\ \ system32\ \ mscoree.dll
2012-04-23 03:11 . 2009-11-08 16:55 295264 ----a-w- c:\ \ windows\ \ system32\ \ presentationhost.exe
2012-04-23 03:11 . 2009-11-08 16:55 1130824 ----a-w- c:\ \ windows\ \ system32\ \ dfshim.dll
2012-04-23 03:10 . 2012-04-23 03:10 -------- d-----w- c:\ \ users\ \ default\ \ appdata\ \ local\ \ microsoft help
2012-04-23 02:13 . 2011-04-21 15:02 634648 ----a-w- c:\ \ program files\ \ internet explorer\ \ iexplore.exe
2012-04-23 01:45 . 2011-02-16 13:24 292864 ----a-w- c:\ \ windows\ \ system32\ \ atmfd.dll
2012-04-23 01:45 . 2010-06-16 15:12 72704 ----a-w- c:\ \ windows\ \ system32\ \ fontsub.dll
2012-04-23 01:45 . 2011-02-16 15:29 34304 ----a-w- c:\ \ windows\ \ system32\ \ atmlib.dll
2012-04-23 01:45 . 2010-12-28 14:57 409600 ----a-w- c:\ \ windows\ \ system32\ \ odbc32.dll
2012-04-23 01:45 . 2010-12-28 14:56 708608 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ ado\ \ msado15.dll
2012-04-23 01:45 . 2010-12-28 14:56 57344 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ msadc\ \ msadcs.dll
2012-04-23 01:45 . 2010-12-28 14:56 253952 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ ado\ \ msadox.dll
2012-04-23 01:45 . 2010-12-28 14:56 241664 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ ado\ \ msadomd.dll
2012-04-23 01:45 . 2010-12-28 14:56 180224 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ msadc\ \ msadco.dll
2012-04-23 01:45 . 2010-09-06 16:24 125952 ----a-w- c:\ \ windows\ \ system32\ \ srvsvc.dll
2012-04-23 01:45 . 2010-09-06 16:23 17920 ----a-w- c:\ \ windows\ \ system32\ \ netevent.dll
2012-04-23 01:43 . 2010-10-18 14:01 81920 ----a-w- c:\ \ windows\ \ system32\ \ consent.exe
2012-04-23 01:40 . 2010-08-31 15:40 531968 ----a-w- c:\ \ windows\ \ system32\ \ comctl32.dll
2012-04-23 00:43 . 2010-10-28 12:56 2048 ----a-w- c:\ \ windows\ \ system32\ \ tzres.dll
2012-04-23 00:42 . 2011-04-29 12:49 146432 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ srv2.sys
2012-04-23 00:42 . 2011-04-29 12:49 102400 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ srvnet.sys
2012-04-23 00:32 . 2010-10-12 13:52 515584 ----a-w- c:\ \ program files\ \ windows mail\ \ wab.exe
2012-04-23 00:32 . 2010-10-12 15:48 33280 ----a-w- c:\ \ program files\ \ windows mail\ \ wabfind.dll
2012-04-23 00:32 . 2010-10-12 13:52 66048 ----a-w- c:\ \ program files\ \ windows mail\ \ wabmig.exe
2012-04-23 00:32 . 2010-12-14 15:49 1169408 ----a-w- c:\ \ windows\ \ system32\ \ sdclt.exe
2012-04-23 00:32 . 2010-04-16 16:10 501760 ----a-w- c:\ \ windows\ \ system32\ \ usp10.dll
2012-04-23 00:30 . 2010-08-17 13:32 126464 ----a-w- c:\ \ windows\ \ system32\ \ spoolsv.exe
2012-04-23 00:29 . 2010-12-29 17:41 323072 ----a-w- c:\ \ windows\ \ system32\ \ sbe.dll
2012-04-23 00:29 . 2010-12-29 17:41 429056 ----a-w- c:\ \ windows\ \ system32\ \ encdec.dll
2012-04-23 00:29 . 2010-12-29 17:41 153088 ----a-w- c:\ \ windows\ \ system32\ \ sbeio.dll
2012-04-23 00:29 . 2010-12-29 17:39 177664 ----a-w- c:\ \ windows\ \ system32\ \ mpg2splt.ax
2012-04-23 00:29 . 2011-05-02 15:58 738816 ----a-w- c:\ \ windows\ \ system32\ \ inetcomm.dll
2012-04-23 00:29 . 2010-08-26 16:07 157184 ----a-w- c:\ \ windows\ \ system32\ \ t2embed.dll
2012-04-23 00:29 . 2010-01-29 16:22 1616384 ----a-w- c:\ \ program files\ \ windows mail\ \ msoe.dll
2012-04-23 00:29 . 2011-04-20 14:47 375808 ----a-w- c:\ \ windows\ \ system32\ \ winsrv.dll
2012-04-23 00:29 . 2011-04-20 14:44 49152 ----a-w- c:\ \ windows\ \ system32\ \ csrsrv.dll
2012-04-23 00:29 . 2010-04-05 16:07 67072 ----a-w- c:\ \ windows\ \ system32\ \ asycfilt.dll
2012-04-23 00:28 . 2010-04-05 16:08 317952 ----a-w- c:\ \ windows\ \ system32\ \ mp4sdecd.dll
2012-04-23 00:28 . 2008-05-08 21:58 135168 ----a-w- c:\ \ windows\ \ system32\ \ wshom.ocx
2012-04-23 00:28 . 2008-05-08 21:59 90112 ----a-w- c:\ \ windows\ \ system32\ \ wshext.dll
2012-04-23 00:28 . 2008-05-08 21:59 180224 ----a-w- c:\ \ windows\ \ system32\ \ scrobj.dll
2012-04-23 00:28 . 2008-05-08 21:59 172032 ----a-w- c:\ \ windows\ \ system32\ \ scrrun.dll
2012-04-23 00:28 . 2008-05-08 21:59 155648 ----a-w- c:\ \ windows\ \ system32\ \ wscript.exe
2012-04-23 00:28 . 2008-05-08 21:58 135168 ----a-w- c:\ \ windows\ \ system32\ \ cscript.exe
2012-04-23 00:24 . 2010-12-17 16:43 2067456 ----a-w- c:\ \ windows\ \ system32\ \ mstscax.dll
2012-04-23 00:24 . 2010-12-17 15:06 677888 ----a-w- c:\ \ windows\ \ system32\ \ mstsc.exe
2012-04-23 00:16 . 2011-04-29 14:54 276992 ----a-w- c:\ \ windows\ \ system32\ \ schannel.dll
2012-04-22 23:52 . 2012-04-22 23:52 -------- d-----w- c:\ \ program files\ \ microsoft synchronization services
2012-04-22 23:51 . 2012-04-23 06:46 -------- d-----w- c:\ \ program files\ \ microsoft.net
2012-04-22 23:51 . 2012-04-22 23:51 -------- d-----w- c:\ \ windows\ \ pchealth
2012-04-22 23:51 . 2012-04-22 23:51 -------- d-----w- c:\ \ program files\ \ microsoft sync framework
2012-04-22 23:51 . 2012-04-22 23:51 -------- d-----w- c:\ \ program files\ \ microsoft sql server compact edition
2012-04-22 23:49 . 2012-04-22 23:49 -------- d-----w- c:\ \ program files\ \ microsoft visual studio 8
2012-04-22 23:15 . 2012-04-22 23:15 -------- d-----w- c:\ \ program files\ \ microsoft analysis services
2012-04-22 23:13 . 2012-04-22 23:13 -------- d-----r- c:\ \ msocache
2012-04-22 22:56 . 2012-04-22 22:56 -------- d-----w- c:\ \ perflogs
2012-04-22 22:20 . 2008-01-19 07:36 17920 ----a-w- c:\ \ windows\ \ system32\ \ wfapigp.dll
2012-04-22 22:19 . 2008-01-19 07:36 6656 ----a-w- c:\ \ windows\ \ system32\ \ sdspres.dll
2012-04-22 22:18 . 2008-01-19 07:36 1597440 ----a-w- c:\ \ program files\ \ movie maker\ \ pipeline.dll
2012-04-22 21:20 . 2012-04-22 21:20 -------- d-----w- c:\ \ program files\ \ microsoft silverlight
2012-04-22 21:20 . 2012-04-22 21:20 -------- d-----w- c:\ \ program files\ \ microsoft capicom 2.1.0.2
2012-04-22 20:56 . 2012-04-22 20:56 378368 ----a-w- c:\ \ windows\ \ system32\ \ winhttp.dll
2012-04-22 20:55 . 2012-04-22 20:55 269312 ----a-w- c:\ \ windows\ \ system32\ \ es.dll
2012-04-22 20:42 . 2012-04-22 20:42 38480 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ wdfldr.sys
2012-04-22 20:42 . 2012-04-22 20:42 445008 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ wdf01000.sys
2012-04-22 20:29 . 2012-04-22 20:29 14848 ----a-w- c:\ \ windows\ \ system32\ \ wshrm.dll
2012-04-22 20:29 . 2012-04-22 20:29 113664 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ rmcast.sys
2012-04-22 20:28 . 2012-04-22 20:28 43520 ----a-w- c:\ \ windows\ \ system32\ \ msdxm.tlb
2012-04-22 20:28 . 2012-04-22 20:28 313344 ----a-w- c:\ \ windows\ \ system32\ \ wmpdxm.dll
2012-04-22 20:28 . 2012-04-22 20:28 18432 ----a-w- c:\ \ windows\ \ system32\ \ amcompat.tlb
2012-04-22 20:27 . 2012-04-22 20:27 347136 ----a-w- c:\ \ windows\ \ system32\ \ rmactivate_ssp.exe
2012-04-22 20:27 . 2012-04-22 20:27 329216 ----a-w- c:\ \ windows\ \ system32\ \ msdrm.dll
2012-04-22 20:27 . 2012-04-22 20:27 151040 ----a-w- c:\ \ windows\ \ system32\ \ secproc_ssp.dll
2012-04-22 20:27 . 2012-04-22 20:27 346624 ----a-w- c:\ \ windows\ \ system32\ \ rmactivate_ssp_isv.exe
2012-04-22 20:27 . 2012-04-22 20:27 151040 ----a-w- c:\ \ windows\ \ system32\ \ secproc_ssp_isv.dll
2012-04-22 20:27 . 2012-04-22 20:27 472064 ----a-w- c:\ \ windows\ \ system32\ \ secproc.dll
2012-04-22 20:27 . 2012-04-22 20:27 523776 ----a-w- c:\ \ windows\ \ system32\ \ rmactivate_isv.exe
2012-04-22 20:27 . 2012-04-22 20:27 511488 ----a-w- c:\ \ windows\ \ system32\ \ rmactivate.exe
2012-04-22 20:27 . 2012-04-22 20:27 472576 ----a-w- c:\ \ windows\ \ system32\ \ secproc_isv.dll
2012-04-22 20:20 . 2012-04-22 20:20 97800 ----a-w- c:\ \ windows\ \ system32\ \ infocardapi.dll
2012-04-22 20:20 . 2012-04-22 20:20 622080 ----a-w- c:\ \ windows\ \ system32\ \ icardagt.exe
2012-04-22 20:20 . 2012-04-22 20:20 37384 ----a-w- c:\ \ windows\ \ system32\ \ infocardcpl.cpl
2012-04-22 20:20 . 2012-04-22 20:20 11264 ----a-w- c:\ \ windows\ \ system32\ \ icardres.dll
2012-04-22 20:19 . 2012-04-22 20:19 105016 ----a-w- c:\ \ windows\ \ system32\ \ presentationcffrasterizernative_v0300.dll
2012-04-22 20:19 . 2012-04-22 20:19 781344 ----a-w- c:\ \ windows\ \ system32\ \ presentationnative_v0300.dll
2012-04-22 19:50 . 2012-04-22 19:50 -------- d-----w- c:\ \ programdata\ \ lightscribe
2012-04-22 15:13 . 2012-04-22 23:09 -------- d-----w- c:\ \ programdata\ \ nvidia
2012-04-22 11:51 . 2012-04-22 11:51 23552 ----a-w- c:\ \ windows\ \ system32\ \ lpk.dll
2012-04-22 11:51 . 2012-04-22 11:51 10240 ----a-w- c:\ \ windows\ \ system32\ \ dciman32.dll
2012-04-22 11:49 . 2012-04-22 11:49 72704 ----a-w- c:\ \ windows\ \ system32\ \ admparse.dll
2012-04-22 11:49 . 2012-04-22 11:49 48128 ----a-w- c:\ \ windows\ \ system32\ \ mshtmler.dll
2012-04-22 11:49 . 2012-04-22 11:49 129536 ----a-w- c:\ \ program files\ \ internet explorer\ \ sqmapi.dll
2012-04-22 11:47 . 2012-04-22 11:47 61440 ----a-w- c:\ \ windows\ \ system32\ \ winipsec.dll
2012-04-22 11:47 . 2012-04-22 11:47 361984 ----a-w- c:\ \ windows\ \ system32\ \ ipsecsvc.dll
2012-04-22 11:47 . 2012-04-22 11:47 28672 ----a-w- c:\ \ windows\ \ system32\ \ fwremotesvr.dll
2012-04-22 11:47 . 2012-04-22 11:47 272896 ----a-w- c:\ \ windows\ \ system32\ \ polstore.dll
2012-04-22 11:43 . 2012-04-22 11:43 94720 ----a-w- c:\ \ windows\ \ system32\ \ portabledeviceclassextension.dll
.
.
(((((((((((((((((((((((((((((((((((((((( find3m report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-22 22:40 . 2006-11-02 10:32 101888 ----a-w- c:\ \ windows\ \ system32\ \ ifxcardm.dll
2012-04-22 22:40 . 2006-11-02 10:32 82432 ----a-w- c:\ \ windows\ \ system32\ \ axaltocm.dll
2012-04-22 20:54 . 2012-04-22 20:54 36864 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ en-us\ \ http.sys.mui
2012-04-22 20:42 . 2012-04-22 20:42 2560 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ en-us\ \ wdf01000.sys.mui
2012-04-22 10:32 . 2012-04-22 10:32 40960 ----a-w- c:\ \ windows\ \ apppatch\ \ apihex86.dll
2012-04-22 09:13 . 2012-04-22 09:13 2560 ----a-w- c:\ \ windows\ \ apppatch\ \ acres.dll
2012-02-14 18:09 . 2012-02-14 18:09 1070352 ----a-w- c:\ \ windows\ \ system32\ \ mscomctl.ocx
.
.
((((((((((((((((((((((((((((((((((((( reg loading points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*note* empty entries & legit default entries are not shown
regedit4
.
[hkey_current_user\ \ software\ \ microsoft\ \ windows\ \ currentversion\ \ run]
\ "sidebar\ "=\ "c:\ \ program files\ \ windows sidebar\ \ sidebar.exe\ " [2008-01-19 1233920]
\ "superantispyware\ "=\ "c:\ \ program files\ \ superantispyware\ \ superantispyware.exe\ " [2012-04-28 3905920]
.
[hkey_local_machine\ \ software\ \ microsoft\ \ windows\ \ currentversion\ \ run]
\ "syntpenh\ "=\ "c:\ \ program files\ \ synaptics\ \ syntp\ \ syntpenh.exe\ " [2011-10-14 2299176]
\ "egui\ "=\ "c:\ \ program files\ \ eset\ \ eset smart security\ \ egui.exe\ " [2011-09-22 3080264]
\ "nvcpldaemon\ "=\ "c:\ \ windows\ \ system32\ \ nvcpl.dll\ " [2009-06-24 13601312]
\ "nvmediacenter\ "=\ "c:\ \ windows\ \ system32\ \ nvmctray.dll\ " [2009-06-24 92704]
.
[hkey_local_machine\ \ software\ \ microsoft\ \ windows\ \ currentversion\ \ policies\ \ system]
\ "enableuiadesktoptoggle\ "= 0 (0x0)
.
[hkey_local_machine\ \ software\ \ microsoft\ \ windows\ \ currentversion\ \ explorer\ \ shellexecutehooks]
\ "{5ae067d3-9afb-48e0-853a-ebb7f4a000da}\ "= \ "c:\ \ program files\ \ superantispyware\ \ sasseh.dll\ " [2011-07-19 113024]
.
[hkey_local_machine\ \ software\ \ microsoft\ \ windows nt\ \ currentversion\ \ winlogon\ \ notify\ \ !saswinlogon]
2011-05-04 17:54 551296 ----a-w- c:\ \ program files\ \ superantispyware\ \ saswinlo.dll
.
[hkey_local_machine\ \ system\ \ currentcontrolset\ \ control\ \ safeboot\ \ minimal\ \ !sascore]
@=\ "\ "
.
[hkey_local_machine\ \ system\ \ currentcontrolset\ \ control\ \ safeboot\ \ minimal\ \ wdf01000.sys]
@=\ "driver\ "
.
[hklm\ \ ~\ \ startupfolder\ \ c:^programdata^microsoft^windows^start menu^programs^startup^adobe reader speed launch.lnk]
backup=c:\ \ windows\ \ pss\ \ adobe reader speed launch.lnk.commonstartup
backupextension=.commonstartup
.
[hklm\ \ ~\ \ startupfolder\ \ c:^programdata^microsoft^windows^start menu^programs^startup^adobe reader synchronizer.lnk]
backup=c:\ \ windows\ \ pss\ \ adobe reader synchronizer.lnk.commonstartup
backupextension=.commonstartup
.
[hklm\ \ ~\ \ startupfolder\ \ c:^programdata^microsoft^windows^start menu^programs^startup^mcafee security scan plus.lnk]
path=c:\ \ programdata\ \ microsoft\ \ windows\ \ start menu\ \ programs\ \ startup\ \ mcafee security scan plus.lnk
backup=c:\ \ windows\ \ pss\ \ mcafee security scan plus.lnk.commonstartup
backupextension=.commonstartup
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ bcssync]
2010-03-13 20:54 91520 ----a-w- c:\ \ program files\ \ microsoft office\ \ office14\ \ bcssync.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ hp health check scheduler]
2007-03-12 18:54 50696 ------w- c:\ \ program files\ \ hewlett-packard\ \ hp health check\ \ hphc_scheduler.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ hp software update]
2005-02-17 06:11 49152 ----a-w- c:\ \ program files\ \ hp\ \ hp software update\ \ hpwuschd2.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ hpadvisor]
2007-03-20 22:23 1773568 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp advisor\ \ hpadvisor.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ hpwirelessassistant]
2007-03-01 20:18 472776 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp wireless assistant\ \ hpwamain.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ lightscribe control panel]
2007-04-19 20:26 484904 ----a-w- c:\ \ program files\ \ common files\ \ lightscribe\ \ lightscribecontrolpanel.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ qlbctrl]
2009-11-24 17:07 323640 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp quick launch buttons\ \ qlbctrl.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ qlbctrl.exe]
2009-11-24 17:07 323640 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp quick launch buttons\ \ qlbctrl.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ qpservice]
2007-04-24 01:11 176128 ----a-w- c:\ \ program files\ \ hp\ \ quickplay\ \ qpservice.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ spybotsd teatimer]
2009-03-05 22:07 2260480 --sha-r- c:\ \ program files\ \ spybot - search & destroy\ \ teatimer.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ sunjavaupdatesched]
2007-08-04 11:36 77824 ----a-w- c:\ \ program files\ \ java\ \ jre1.6.0\ \ bin\ \ jusched.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ wawifimessage]
2007-01-10 23:12 317128 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp wireless assistant\ \ wifimsg.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ security center\ \ monitoring]
\ "disablemonitoring\ "=dword:00000001
.
[hkey_local_machine\ \ software\ \ microsoft\ \ security center\ \ monitoring\ \ symantecantivirus]
\ "disablemonitoring\ "=dword:00000001
.
[hkey_local_machine\ \ software\ \ microsoft\ \ security center\ \ monitoring\ \ symantecfirewall]
\ "disablemonitoring\ "=dword:00000001
.
s2 !sascore;sas core service;c:\ \ program files\ \ superantispyware\ \ sascore.exe [2011-08-11 116608]
.
.
[hkey_local_machine\ \ software\ \ microsoft\ \ active setup\ \ installed components\ \ {10880d85-aad9-4558-abdc-2ab1552d831f}]
2007-04-19 20:23 452136 ----a-w- c:\ \ program files\ \ common files\ \ lightscribe\ \ lsrunonce.exe
.
contents of the \ 'scheduled tasks\ ' folder
.
2007-01-01 c:\ \ windows\ \ tasks\ \ glaryinitialize.job
- c:\ \ program files\ \ glary utilities\ \ initialize.exe [2012-04-24 03:06]
.
.
------- supplementary scan -------
.
ustart page = hxxp://www.google.com.mx/
mstart page = hxxp://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=en_us&c=73&bd=pavilion&pf=laptop
tcp: dhcpnameserver = 192.168.1.254
.
.
**************************************************************************
.
catchme 0.3.1398 w2k/xp/vista - rootkit/stealth malware detector by gmer, http://www.gmer.net
rootkit scan 2012-05-07 16:46
windows 6.0.6001 service pack 1 ntfs
.
scanning hidden processes .
.
scanning hidden autostart entries .
.
scanning hidden files .
.
.
c:\ \ users\ \ angel\ \ appdata\ \ local\ \ temp\ \ catchme.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
- locked registry keys -
.
[hkey_local_machine\ \ system\ \ controlset001\ \ control\ \ class\ \ {4d36e96d-e325-11ce-bfc1-08002be10318}\ \ 0000\ \ allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
\ "blinddial\ "=dword:00000000
.
completion time: 2012-05-07 16:54:12
combofix-quarantined-files.txt 2012-05-07 22:54
.
pre-run: 114,658,422,784 bytes free
post-run: 113,953,026,048 bytes free
.
- - end of file - - c8e4f5fdb5e35c92049ef61ee64f3695

saludos.

cuando esta a punto de amanecer es cuando el cielo se ve mas obscuro
Bajar - Subir
#4 swissman (39.814 Posts) - 08/05/2012 07:09:57
Hola, el discoduro puede tener sectores defectuosos y puede ser la causa de los problema,s pero si tenias un trojano, puedes tener más.

haz lo siguiente, aunque lo hayas hecho antes, ya que no has comentado si lo habias pasado en modo seguro o no, esta vez hazlo en modo seguro.



Inicia tu pc en modo seguro con conexiones de red y pasa algún antivirus actualizado on-line

desinstala todas las toolbar y programas que ya no uses (si hay) desde agregar o quitar programas.

descarga y actualiza los siguientes programas y los vas pasando uno tras otro, un par de veces cada uno:
Malwarebytes\ ' Anti-Malware 1.3
Spyware Doctor 6
jv16 PowerTools 2008
Spybot
cwshredder.exe
ad-aware
SUPERAntiSpyware
Ccleaner (limpiar temporales y registro)

Reinicia en modo normal y pegas un nuevo log.
Bajar - Subir
#5 tazmania72 (86 Posts) - 09/05/2012 07:05:14
El log que se requiere es el de combo fix o cual necesitas una vez que termine en modo a prueba de errores con servicios de red, anticipando te comento que use el eset on line scanner y encontro 5 problemas que ya elimino, todos eran derivado el hires boot 15.1 incluida la iso, el malware bytes no encontro nada, el spyware doctor elimino 5 amenazas con 31 infecciones, todas de baja peligrosidad, el jv16 powertools corrigio algunos errores en el registro, spybot detecto 3 entradas con 4 infecciones, todas eran traquin cookies, el ad ware no lo puedo usar en modo a prueba de errores, así que ese lo paso en modo normal cuando reinicie, en estos momentos estoy utulizando el superantispywere y a ver que resultados arroja, pero el touch pad hasta este momento sigue sin operar, bueno me despido y espero tu comentario. saludos.

cuando esta a punto de amanecer es cuando el cielo se ve mas obscuro
Bajar - Subir
#6 tazmania72 (86 Posts) - 10/05/2012 05:40:36
Hola ya termine los procesos que me indicaste ademas genere un log con runscanner lo pongo aqui por si te sirve, con los demas ya no me detecto nada, saludos

runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

general info
------------
computer name : angel-pc
creation time : 5/9/2012 9:32:31 pm
hosts 127.0.0.1 : 0
hosts file location : %systemroot%\ \ system32\ \ drivers\ \ etc
ie version : 7.0.6001.18000
os : windows vista (tm) home premium
os build : 6001
os sp : service pack 1
runscanner version : 2.0.0.60
user language : english (united states)
user rights : administrator
windows folder : c:\ \ windows

running processes
-----------------
* c:\ \ program files\ \ ad-aware antivirus\ \ adawareservice.exe (lavasoft limited)
* c:\ \ programdata\ \ ad-aware browsing protection\ \ adawarebp.exe (lavasoft)
c:\ \ program files\ \ hp\ \ quickplay\ \ kernel\ \ tv\ \ clcapsvc.exe
* c:\ \ windows\ \ system32\ \ csrss.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ csrss.exe (microsoft corporation)
c:\ \ program files\ \ superantispyware\ \ sascore.exe (superantispyware.com)
* c:\ \ windows\ \ system32\ \ dwm.exe (microsoft corporation)
* c:\ \ program files\ \ eset\ \ eset smart security\ \ egui.exe (eset)
* c:\ \ program files\ \ eset\ \ eset smart security\ \ ekrn.exe (eset)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ svchost.exe (microsoft corporation)
* c:\ \ program files\ \ internet explorer\ \ ieuser.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ lsass.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ lsm.exe (microsoft corporation)
* c:\ \ program files\ \ common files\ \ lightscribe\ \ lssrvc.exe (hewlett-packard company)
* c:\ \ windows\ \ system32\ \ slsvc.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ searchfilterhost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ searchindexer.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ searchprotocolhost.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ drivers\ \ xaudio.exe (conexant systems, inc.)
* c:\ \ windows\ \ system32\ \ nvvsvc.exe (nvidia corporation)
* c:\ \ users\ \ angel\ \ downloads\ \ runscanner.exe (runscanner.net)
* c:\ \ windows\ \ system32\ \ services.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ spoolsv.exe (microsoft corporation)
* c:\ \ program files\ \ spybot - search & destroy\ \ sdwinsec.exe (safer networking ltd.)
c:\ \ program files\ \ superantispyware\ \ superantispyware.exe (superantispyware.com)
* c:\ \ program files\ \ synaptics\ \ syntp\ \ syntphelper.exe (synaptics incorporated)
* c:\ \ program files\ \ synaptics\ \ syntp\ \ syntpenh.exe (synaptics incorporated)
* c:\ \ windows\ \ system32\ \ taskeng.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ taskeng.exe (microsoft corporation)
* c:\ \ program files\ \ panda usb vaccine\ \ usbvaccine.exe (panda security)
* c:\ \ windows\ \ system32\ \ audiodg.exe (microsoft corporation)
* c:\ \ windows\ \ explorer.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ rundll32.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ rundll32.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ winlogon.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ smss.exe (microsoft corporation)
* c:\ \ program files\ \ windows sidebar\ \ sidebar.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ wininit.exe (microsoft corporation)
* c:\ \ windows\ \ system32\ \ wlanext.exe (microsoft corporation)

unrated items
-------------
003 c:\ \ program files\ \ superantispyware\ \ superantispyware.exe (superantispyware.com)
010 * c:\ \ program files\ \ ad-aware antivirus\ \ adawareservice.exe (ad-aware antivirus service)
010 c:\ \ program files\ \ hp\ \ quickplay\ \ kernel\ \ tv\ \ clcapsvc.exe (clcapsvc module)
010 c:\ \ program files\ \ hp\ \ quickplay\ \ kernel\ \ tv\ \ clsched.exe (clsched module)
010 c:\ \ program files\ \ superantispyware\ \ sascore.exe (core service)
010 c:\ \ program files\ \ common files\ \ installshield\ \ driver\ \ 1050\ \ intel 32\ \ idrivert.exe (idrivert module)
010 c:\ \ program files\ \ common files\ \ roxio shared\ \ 9.0\ \ sharedcom\ \ roxmediadb9.exe (roxmediadb9 module)
010 * c:\ \ program files\ \ common files\ \ surething shared\ \ stllssvr.exe (surething labelflash disc printer service module)
011 * c:\ \ program files\ \ superantispyware\ \ sasdifsv.sys (sasdifsv.sys)
011 * c:\ \ program files\ \ superantispyware\ \ saskutil.sys (saskutil.sys)
042 guid / clsid not found {08b0e5c0-4fcb-11cf-a5-00401c608501}
042 guid / clsid not found {dfb852a3-47f8-48c4-a200-58cab36fd2a2}
042 guid / clsid not found {2670000a-7350-4f3c-8081-5663ee0c6c49}
042 guid / clsid not found {789fe86f-6fc4-46a1-9849-ede0db0c95ca}
050 c:\ \ program files\ \ superantispyware\ \ sasseh.dll (superadblocker.com) {5ae067d3-9afb-48e0-853a-ebb7f4a000da}
061 c:\ \ windows\ \ system32\ \ shellvrtf.dll (xss) {7f67036b-66f1-411a-ad85-759fb9c5b0db}
061 c:\ \ program files\ \ winrar\ \ rarext.dll {b41db860-8ee4-11d2-9906-e49fadc173ca}
062 c:\ \ program files\ \ common files\ \ adobe\ \ acrobat\ \ activex\ \ pdfshell.dll (adobe systems, inc.) {f9db5320-233e-11d1-9f84-707f02c10627}
067 c:\ \ program files\ \ superantispyware\ \ saswinlo.dll (superantispyware.com)
100 start page hkcu : http://www.google.com.mx/
100 start page hklm : http://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=en_us&c=73&bd=pavilion&pf=laptop
104 * c:\ \ windows\ \ downlo~1\ \ qsax.dll (bitdefender llc) {4b54a9de-ef1c-4ebe-a328-7c28ea3b433a}
173 guid / clsid not found
173 c:\ \ program files\ \ superantispyware\ \ sasctxmn.dll (superantispyware.com) superantispyware context menu
173 c:\ \ program files\ \ winrar\ \ rarext.dll {b41db860-8ee4-11d2-9906-e49fadc173ca}
221 guid / clsid not found
221 c:\ \ program files\ \ superantispyware\ \ sasctxmn.dll (superantispyware.com) superantispyware context menu
221 c:\ \ program files\ \ winrar\ \ rarext.dll {b41db860-8ee4-11d2-9906-e49fadc173ca}
223 * c:\ \ program files\ \ ad-aware antivirus\ \ adawareshellextension.dll (lavasoft limited) {5b64240d-5b36-4b9f-a75f-4925b6a53d5b}
223 * c:\ \ program files\ \ malwarebytes\ ' anti-malware\ \ mbamext.dll (malwarebytes corporation) {57ce581a-0cb6-4266-9ca0-19364c90a0b3}
225 * c:\ \ program files\ \ malwarebytes\ ' anti-malware\ \ mbamext.dll (malwarebytes corporation) {57ce581a-0cb6-4266-9ca0-19364c90a0b3}
225 * c:\ \ program files\ \ malwarebytes\ ' anti-malware\ \ mbamext.dll (malwarebytes corporation) {57ce581a-0cb6-4266-9ca0-19364c90a0b3}
225 c:\ \ program files\ \ winrar\ \ rarext.dll {b41db860-8ee4-11d2-9906-e49fadc173ca}
225 c:\ \ program files\ \ winrar\ \ rarext.dll {b41db860-8ee4-11d2-9906-e49fadc173ca}
227 guid / clsid not found
227 c:\ \ program files\ \ superantispyware\ \ sasctxmn.dll (superantispyware.com) superantispyware context menu
227 c:\ \ program files\ \ winrar\ \ rarext.dll {b41db860-8ee4-11d2-9906-e49fadc173ca}
231 c:\ \ program files\ \ common files\ \ adobe\ \ acrobat\ \ activex\ \ pdfshell.dll (adobe systems, inc.) pdf column info
251 c:\ \ program files\ \ winrar\ \ rarext.dll {b41db860-8ee4-11d2-9906-e49fadc173ca}

missing files
-------------
011 c:\ \ windows\ \ system32\ \ drivers\ \ blbdrive.sys
011 c:\ \ windows\ \ system32\ \ drivers\ \ ipinip.sys
011 c:\ \ windows\ \ system32\ \ drivers\ \ nwlnkflt.sys
011 c:\ \ windows\ \ system32\ \ drivers\ \ nwlnkfwd.sys
032 rdpclip

y este es el log de hijackthis

logfile of trend micro hijackthis v2.0.4
scan saved at 9:40:13 pm, on 5/9/2012
platform: windows vista sp1 (winnt 6.00.1905)
msie: internet explorer v7.00 (7.00.6001.18639)
boot mode: normal

running processes:
c:\ \ windows\ \ system32\ \ dwm.exe
c:\ \ windows\ \ explorer.exe
c:\ \ windows\ \ system32\ \ taskeng.exe
c:\ \ program files\ \ synaptics\ \ syntp\ \ syntpenh.exe
c:\ \ program files\ \ eset\ \ eset smart security\ \ egui.exe
c:\ \ windows\ \ system32\ \ rundll32.exe
c:\ \ programdata\ \ ad-aware browsing protection\ \ adawarebp.exe
c:\ \ program files\ \ windows sidebar\ \ sidebar.exe
c:\ \ program files\ \ superantispyware\ \ superantispyware.exe
c:\ \ program files\ \ synaptics\ \ syntp\ \ syntphelper.exe
c:\ \ program files\ \ internet explorer\ \ iexplore.exe
c:\ \ users\ \ angel\ \ downloads\ \ anti virus\ \ hijackthis.exe

r1 - hklm\ \ software\ \ microsoft\ \ internet explorer\ \ main,default_page_url = http://go.microsoft.com/fwlink/?linkid=69157
r1 - hklm\ \ software\ \ microsoft\ \ internet explorer\ \ main,default_search_url = http://go.microsoft.com/fwlink/?linkid=54896
r0 - hklm\ \ software\ \ microsoft\ \ internet explorer\ \ main,start page = http://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=en_us&c=73&bd=pavilion&pf=laptop
r0 - hkcu\ \ software\ \ microsoft\ \ internet explorer\ \ toolbar,linksfoldername =
o1 - hosts: ::1 localhost #[ipv6]
o2 - bho: adobe pdf reader link helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\ \ program files\ \ common files\ \ adobe\ \ acrobat\ \ activex\ \ acroiehelper.dll
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\ \ progra~1\ \ spybot~1\ \ sdhelper.dll
o2 - bho: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\ \ progra~1\ \ micros~4\ \ office14\ \ grooveex.dll
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\ \ program files\ \ java\ \ jre1.6.0\ \ bin\ \ ssv.dll
o2 - bho: urlredirectionbho - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\ \ progra~1\ \ micros~4\ \ office14\ \ urlredir.dll
o4 - hklm\ \ .\ \ run: [syntpenh] %programfiles%\ \ synaptics\ \ syntp\ \ syntpenh.exe
o4 - hklm\ \ .\ \ run: [egui] \ "c:\ \ program files\ \ eset\ \ eset smart security\ \ egui.exe\ " /hide /waitservice
o4 - hklm\ \ .\ \ run: [nvcpldaemon] rundll32.exe c:\ \ windows\ \ system32\ \ nvcpl.dll,nvstartup
o4 - hklm\ \ .\ \ run: [nvmediacenter] rundll32.exe c:\ \ windows\ \ system32\ \ nvmctray.dll,nvtaskbarinit
o4 - hkcu\ \ .\ \ run: [sidebar] c:\ \ program files\ \ windows sidebar\ \ sidebar.exe /autorun
o4 - hkcu\ \ .\ \ run: [superantispyware] c:\ \ program files\ \ superantispyware\ \ superantispyware.exe
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-a5-00401c608501} - c:\ \ program files\ \ java\ \ jre1.6.0\ \ bin\ \ ssv.dll
o9 - extra \ 'tools\ ' menuitem: sun java console - {08b0e5c0-4fcb-11cf-a5-00401c608501} - c:\ \ program files\ \ java\ \ jre1.6.0\ \ bin\ \ ssv.dll
o9 - extra button: enviar a onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\ \ program files\ \ microsoft office\ \ office14\ \ onbttnie.dll
o9 - extra \ 'tools\ ' menuitem: &enviar a onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\ \ program files\ \ microsoft office\ \ office14\ \ onbttnie.dll
o9 - extra button: notas &vinculadas de onenote - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\ \ program files\ \ microsoft office\ \ office14\ \ onbttnielinkednotes.dll
o9 - extra \ 'tools\ ' menuitem: notas &vinculadas de onenote - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\ \ program files\ \ microsoft office\ \ office14\ \ onbttnielinkednotes.dll
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\ \ progra~1\ \ spybot~1\ \ sdhelper.dll
o9 - extra \ 'tools\ ' menuitem: spybot - search & destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\ \ progra~1\ \ spybot~1\ \ sdhelper.dll
o16 - dpf: {4b54a9de-ef1c-4ebe-a328-7c28ea3b433a} (bitdefender quickscan control) - http://quickscan.bitdefender.com/qsax/qsax.cab
o16 - dpf: {73ecb3aa-4717-450c-a2ab-d00dad9ee203} (gmnrev class) - http://h20614.www2.hp.com/ediags/gmd/install/cab/hpdetect118.cab
o16 - dpf: {7530bfb8-7293-4d34-9923-61a11451afc5} (onlinescanner control) - http://download.eset.com/special/eos/onlinescanner.cab
o16 - dpf: {9191f686-7f0a-441d-8a98-2fe3ac1bd913} (activescan 2.0 installer class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
o18 - filter hijack: text/xml - {807573e5-5146-11d5-a672-00b0d022e945} - c:\ \ program files\ \ common files\ \ microsoft shared\ \ office14\ \ msoxmlmf.dll
o20 - winlogon notify: !saswinlogon - c:\ \ program files\ \ superantispyware\ \ saswinlo.dll
o22 - sharedtaskscheduler: component categories cache daemon - {8c7461ef-2b13-11d2-be35-3078302c2030} - c:\ \ windows\ \ system32\ \ browseui.dll
o23 - service: sas core service (!sascore) - superantispyware.com - c:\ \ program files\ \ superantispyware\ \ sascore.exe
o23 - service: ad-aware service - lavasoft limited - c:\ \ program files\ \ ad-aware antivirus\ \ adawareservice.exe
o23 - service: adobe flash player update service (adobeflashplayerupdatesvc) - adobe systems incorporated - c:\ \ windows\ \ system32\ \ macromed\ \ flash\ \ flashplayerupdateservice.exe
o23 - service: cyberlink background capture service (cbcs) (clcapsvc) - unknown owner - c:\ \ program files\ \ hp\ \ quickplay\ \ kernel\ \ tv\ \ clcapsvc.exe
o23 - service: cyberlink task scheduler (cts) (clsched) - unknown owner - c:\ \ program files\ \ hp\ \ quickplay\ \ kernel\ \ tv\ \ clsched.exe
o23 - service: com4qlbex - hewlett-packard development company, l.p. - c:\ \ program files\ \ hewlett-packard\ \ hp quick launch buttons\ \ com4qlbex.exe
o23 - service: eset service (ekrn) - eset - c:\ \ program files\ \ eset\ \ eset smart security\ \ ekrn.exe
o23 - service: hp health check service - hewlett-packard - c:\ \ program files\ \ hewlett-packard\ \ hp health check\ \ hphc_service.exe
o23 - service: hpqwmiex - hewlett-packard development company, l.p. - c:\ \ program files\ \ hewlett-packard\ \ shared\ \ hpqwmiex.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\ \ program files\ \ common files\ \ installshield\ \ driver\ \ 1050\ \ intel 32\ \ idrivert.exe
o23 - service: lightscribeservice direct disc labeling service (lightscribeservice) - hewlett-packard company - c:\ \ program files\ \ common files\ \ lightscribe\ \ lssrvc.exe
o23 - service: nvidia display driver service (nvsvc) - nvidia corporation - c:\ \ windows\ \ system32\ \ nvvsvc.exe
o23 - service: roxmediadb9 - sonic solutions - c:\ \ program files\ \ common files\ \ roxio shared\ \ 9.0\ \ sharedcom\ \ roxmediadb9.exe
o23 - service: ad-aware (sbamsvc) - gfi software - c:\ \ program files\ \ ad-aware antivirus\ \ sbamsvc.exe
o23 - service: sbsd security center service (sbsdwscservice) - safer networking ltd. - c:\ \ program files\ \ spybot - search & destroy\ \ sdwinsec.exe
o23 - service: pc tools auxiliary service (sdauxservice) - pc tools - c:\ \ program files\ \ spyware doctor\ \ pctsauxs.exe
o23 - service: pc tools security service (sdcoreservice) - pc tools - c:\ \ program files\ \ spyware doctor\ \ pctssvc.exe
o23 - service: stllssvr - microvision development, inc. - c:\ \ program files\ \ common files\ \ surething shared\ \ stllssvr.exe
o23 - service: xaudioservice - conexant systems, inc. - c:\ \ windows\ \ system32\ \ drivers\ \ xaudio.exe

--
end of file - 6855 bytes




cuando esta a punto de amanecer es cuando el cielo se ve mas obscuro
Bajar - Subir
#7 swissman (39.814 Posts) - 10/05/2012 07:12:34
No veo ninguna infeccion, lo que no es conveniente es usar el disco de hirens para formatear o lo que sea, ya que muchos de los programas que integra son pirateados, y puede traer más problemas de los que se pretende solucionar. Veo que este runscaner es un programa que debe instalarse, por lo que he entendido, es prescindible, e instalando tantas cosas es cuando al final no se puede recuperar y hay que instalar de nuevo.

te falta solo el touch que funcione? quizas te falten sus drivers ahora, ¿lo demás funciona, bien o mal?
slaudos
Bajar - Subir
#8 tazmania72 (86 Posts) - 10/05/2012 07:35:32
Gracias por tu ayuda, lo unico que no esta funcionando es el touch lo demas aparentemente va bien, no se que pueda ser, ocacionalmente el touch medio funciona pero no bien, y así nada mas dejo de operar correctamente. y creo que sea algun bicho ya que la pc del trabajo de pronto empezo con un problema similar en el mouse que es de raton se alocaba y empezaba a no responder, por lo que considere que podia tener el mismo problema. en fin aca te dejo el ultimo log de combofix por si las dudas y procedere a desinstalar todo lo que instale adicional para tratar de arreglar esto saludos y quedo al pendiente.

combofix 12-05-07.03 - angel 05/09/2012 21:59:38.2.2 - x86
microsoft® windows vista™ home premium 6.0.6001.1.1252.1.1033.18.1982.1002 [gmt -6:00]
running from: c:\ \ users\ \ angel\ \ desktop\ \ combofix.exe
av: eset smart security 5.0 *enabled/updated* {77deafed-8149-104b-25a1-21771ca47cd1}
av: lavasoft ad-aware *disabled/updated* {445b48c3-0fa4-6b16-8f07-6506f305d800}
fw: firewall personal de eset *enabled* {4fe52ec8-cb26-1113-0efe-8842e2773baa}
fw: lavasoft ad-aware *disabled* {7c60c9e6-45cb-6a4e-a458-cc330dd69f7b}
sp: eset smart security 5.0 *enabled/updated* {ccbf4e09-a773-1fc5-1f11-1a056723366c}
sp: lavasoft ad-aware *disabled/updated* {ff3aa927-299e-6498-b5b7-5e74888292bd}
sp: spyware doctor *disabled/updated* {f008ab3a-52b9-2b13-3681-4ed4fda86549}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
* resident av is active
.
.
.
((((((((((((((((((((((((((((((((((((((( other deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\ \ windows\ \ system32\ \ cc32100mt.dll
.
.
((((((((((((((((((((((((( files created from 2012-04-10 to 2012-05-10 )))))))))))))))))))))))))))))))
.
.
2012-05-10 03:45 . 2012-05-10 03:45 -------- d-----w- c:\ \ program files\ \ digital support
2012-05-10 00:50 . 2012-05-10 00:50 -------- d-----w- c:\ \ programdata\ \ ad-aware browsing protection
2012-05-10 00:49 . 2011-12-19 18:44 93816 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ sbhips.sys
2012-05-10 00:48 . 2011-09-29 18:16 94584 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ sbfwim.sys
2012-05-10 00:48 . 2011-12-19 18:44 223864 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ sbfw.sys
2012-05-10 00:48 . 2012-05-10 00:48 -------- d-----w- c:\ \ windows\ \ system32\ \ drivers\ \ vdd
2012-05-10 00:48 . 2012-05-10 01:19 -------- d-----w- c:\ \ program files\ \ ad-aware antivirus
2012-05-09 21:38 . 2012-05-10 00:48 -------- d-----w- c:\ \ programdata\ \ lavasoft
2012-05-09 00:13 . 2012-05-09 00:13 22 --sha-w- c:\ \ windows\ \ 90c7d912be2316.sys
2012-05-09 00:11 . 2012-05-09 06:17 -------- d-----w- c:\ \ program files\ \ jv16 powertools 2012
2012-05-08 23:59 . 2008-12-11 14:38 159600 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ pctgntdi.sys
2012-05-08 23:59 . 2009-04-03 17:18 130936 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ pctcore.sys
2012-05-08 23:59 . 2008-12-18 18:16 73840 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ pctappevent.sys
2012-05-08 23:58 . 2012-05-09 00:00 -------- d-----w- c:\ \ program files\ \ common files\ \ pc tools
2012-05-08 23:58 . 2008-12-10 17:36 64392 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ pctplsg.sys
2012-05-08 23:58 . 2012-05-10 00:38 -------- d-----w- c:\ \ program files\ \ spyware doctor
2012-05-08 06:40 . 2012-05-08 06:40 -------- d-----w- c:\ \ program files\ \ hdd regenerator
2012-05-07 23:31 . 2012-05-07 23:31 70304 ----a-w- c:\ \ windows\ \ system32\ \ flashplayercplapp.cpl
2012-05-07 23:31 . 2012-05-07 23:31 419488 ----a-w- c:\ \ windows\ \ system32\ \ flashplayerapp.exe
2012-05-07 22:32 . 2012-04-18 09:06 6734704 ------w- c:\ \ programdata\ \ microsoft\ \ windows defender\ \ definition updates\ \ {479d7486-0c15-4143-a16f-365f568aed39}\ \ mpengine.dll
2012-04-30 17:52 . 2012-04-30 17:52 -------- d-----w- c:\ \ program files\ \ sp43867
2012-04-30 07:35 . 2012-04-30 07:35 -------- d-----w- c:\ \ programdata\ \ kaspersky lab
2012-04-30 06:15 . 2012-04-30 06:15 -------- d-----w- c:\ \ programdata\ \ malwarebytes
2012-04-30 06:15 . 2012-04-30 06:18 -------- d-----w- c:\ \ program files\ \ malwarebytes\ ' anti-malware
2012-04-30 06:15 . 2012-04-04 21:56 22344 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ mbam.sys
2012-04-27 03:40 . 2009-06-30 16:37 28552 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ pavboot.sys
2012-04-27 03:40 . 2012-04-27 03:40 -------- d-----w- c:\ \ program files\ \ panda security
2012-04-26 04:32 . 2012-05-09 04:58 -------- d-----w- c:\ \ program files\ \ superantispyware
2012-04-26 04:32 . 2012-04-26 04:32 -------- d-----w- c:\ \ programdata\ \ superantispyware.com
2012-04-26 01:29 . 2012-05-09 06:17 -------- d-----w- c:\ \ programdata\ \ spybot - search & destroy
2012-04-26 01:29 . 2012-04-26 01:31 -------- d-----w- c:\ \ program files\ \ spybot - search & destroy
2012-04-26 01:25 . 2012-04-26 01:25 -------- d-----w- c:\ \ program files\ \ ccleaner
2012-04-24 05:05 . 2012-04-24 05:13 -------- d-----w- c:\ \ program files\ \ glary utilities
2012-04-23 06:05 . 2010-09-20 09:25 231936 ----a-w- c:\ \ windows\ \ system32\ \ msshsq.dll
2012-04-23 03:31 . 2008-05-27 05:17 34816 ----a-w- c:\ \ windows\ \ system32\ \ msscb.dll
2012-04-23 03:31 . 2008-05-27 05:17 11776 ----a-w- c:\ \ windows\ \ system32\ \ msshooks.dll
2012-04-23 03:31 . 2008-05-27 04:59 18904 ----a-w- c:\ \ windows\ \ system32\ \ structuredqueryschematrivial.bin
2012-04-23 03:31 . 2008-05-27 04:59 106605 ----a-w- c:\ \ windows\ \ system32\ \ structuredqueryschema.bin
2012-04-23 03:19 . 2010-04-14 17:46 80896 ----a-w- c:\ \ windows\ \ system32\ \ msnp.ax
2012-04-23 03:19 . 2010-04-14 17:47 293376 ----a-w- c:\ \ windows\ \ system32\ \ psisdecd.dll
2012-04-23 03:19 . 2010-04-14 17:47 217088 ----a-w- c:\ \ windows\ \ system32\ \ psisrndr.ax
2012-04-23 03:11 . 2009-11-08 16:55 99176 ----a-w- c:\ \ windows\ \ system32\ \ presentationhostproxy.dll
2012-04-23 03:11 . 2009-11-08 16:55 49472 ----a-w- c:\ \ windows\ \ system32\ \ netfxperf.dll
2012-04-23 03:11 . 2009-11-08 16:55 297808 ----a-w- c:\ \ windows\ \ system32\ \ mscoree.dll
2012-04-23 03:11 . 2009-11-08 16:55 295264 ----a-w- c:\ \ windows\ \ system32\ \ presentationhost.exe
2012-04-23 03:11 . 2009-11-08 16:55 1130824 ----a-w- c:\ \ windows\ \ system32\ \ dfshim.dll
2012-04-23 02:13 . 2011-04-21 15:02 634648 ----a-w- c:\ \ program files\ \ internet explorer\ \ iexplore.exe
2012-04-23 01:45 . 2011-02-16 13:24 292864 ----a-w- c:\ \ windows\ \ system32\ \ atmfd.dll
2012-04-23 01:45 . 2010-06-16 15:12 72704 ----a-w- c:\ \ windows\ \ system32\ \ fontsub.dll
2012-04-23 01:45 . 2011-02-16 15:29 34304 ----a-w- c:\ \ windows\ \ system32\ \ atmlib.dll
2012-04-23 01:45 . 2010-12-28 14:57 409600 ----a-w- c:\ \ windows\ \ system32\ \ odbc32.dll
2012-04-23 01:45 . 2010-12-28 14:56 708608 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ ado\ \ msado15.dll
2012-04-23 01:45 . 2010-12-28 14:56 57344 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ msadc\ \ msadcs.dll
2012-04-23 01:45 . 2010-12-28 14:56 253952 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ ado\ \ msadox.dll
2012-04-23 01:45 . 2010-12-28 14:56 241664 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ ado\ \ msadomd.dll
2012-04-23 01:45 . 2010-12-28 14:56 180224 ----a-w- c:\ \ program files\ \ common files\ \ system\ \ msadc\ \ msadco.dll
2012-04-23 01:45 . 2010-09-06 16:24 125952 ----a-w- c:\ \ windows\ \ system32\ \ srvsvc.dll
2012-04-23 01:45 . 2010-09-06 16:23 17920 ----a-w- c:\ \ windows\ \ system32\ \ netevent.dll
2012-04-23 01:43 . 2010-10-18 14:01 81920 ----a-w- c:\ \ windows\ \ system32\ \ consent.exe
2012-04-23 01:40 . 2010-08-31 15:40 531968 ----a-w- c:\ \ windows\ \ system32\ \ comctl32.dll
2012-04-23 00:43 . 2010-10-28 12:56 2048 ----a-w- c:\ \ windows\ \ system32\ \ tzres.dll
2012-04-23 00:42 . 2011-04-29 12:49 146432 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ srv2.sys
2012-04-23 00:42 . 2011-04-29 12:49 102400 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ srvnet.sys
2012-04-23 00:32 . 2010-10-12 13:52 515584 ----a-w- c:\ \ program files\ \ windows mail\ \ wab.exe
2012-04-23 00:32 . 2010-10-12 15:48 33280 ----a-w- c:\ \ program files\ \ windows mail\ \ wabfind.dll
2012-04-23 00:32 . 2010-10-12 13:52 66048 ----a-w- c:\ \ program files\ \ windows mail\ \ wabmig.exe
2012-04-23 00:32 . 2010-12-14 15:49 1169408 ----a-w- c:\ \ windows\ \ system32\ \ sdclt.exe
2012-04-23 00:32 . 2010-04-16 16:10 501760 ----a-w- c:\ \ windows\ \ system32\ \ usp10.dll
2012-04-23 00:30 . 2010-08-17 13:32 126464 ----a-w- c:\ \ windows\ \ system32\ \ spoolsv.exe
2012-04-23 00:29 . 2010-12-29 17:41 323072 ----a-w- c:\ \ windows\ \ system32\ \ sbe.dll
2012-04-23 00:29 . 2010-12-29 17:41 429056 ----a-w- c:\ \ windows\ \ system32\ \ encdec.dll
2012-04-23 00:29 . 2010-12-29 17:41 153088 ----a-w- c:\ \ windows\ \ system32\ \ sbeio.dll
2012-04-23 00:29 . 2010-12-29 17:39 177664 ----a-w- c:\ \ windows\ \ system32\ \ mpg2splt.ax
2012-04-23 00:29 . 2011-05-02 15:58 738816 ----a-w- c:\ \ windows\ \ system32\ \ inetcomm.dll
2012-04-23 00:29 . 2010-08-26 16:07 157184 ----a-w- c:\ \ windows\ \ system32\ \ t2embed.dll
2012-04-23 00:29 . 2010-01-29 16:22 1616384 ----a-w- c:\ \ program files\ \ windows mail\ \ msoe.dll
2012-04-23 00:29 . 2011-04-20 14:47 375808 ----a-w- c:\ \ windows\ \ system32\ \ winsrv.dll
2012-04-23 00:29 . 2011-04-20 14:44 49152 ----a-w- c:\ \ windows\ \ system32\ \ csrsrv.dll
2012-04-23 00:29 . 2010-04-05 16:07 67072 ----a-w- c:\ \ windows\ \ system32\ \ asycfilt.dll
2012-04-23 00:28 . 2010-04-05 16:08 317952 ----a-w- c:\ \ windows\ \ system32\ \ mp4sdecd.dll
2012-04-23 00:28 . 2008-05-08 21:58 135168 ----a-w- c:\ \ windows\ \ system32\ \ wshom.ocx
2012-04-23 00:28 . 2008-05-08 21:59 90112 ----a-w- c:\ \ windows\ \ system32\ \ wshext.dll
2012-04-23 00:28 . 2008-05-08 21:59 180224 ----a-w- c:\ \ windows\ \ system32\ \ scrobj.dll
2012-04-23 00:28 . 2008-05-08 21:59 172032 ----a-w- c:\ \ windows\ \ system32\ \ scrrun.dll
2012-04-23 00:28 . 2008-05-08 21:59 155648 ----a-w- c:\ \ windows\ \ system32\ \ wscript.exe
2012-04-23 00:28 . 2008-05-08 21:58 135168 ----a-w- c:\ \ windows\ \ system32\ \ cscript.exe
2012-04-23 00:24 . 2010-12-17 16:43 2067456 ----a-w- c:\ \ windows\ \ system32\ \ mstscax.dll
2012-04-23 00:24 . 2010-12-17 15:06 677888 ----a-w- c:\ \ windows\ \ system32\ \ mstsc.exe
2012-04-23 00:16 . 2011-04-29 14:54 276992 ----a-w- c:\ \ windows\ \ system32\ \ schannel.dll
2012-04-22 23:52 . 2012-04-22 23:52 -------- d-----w- c:\ \ program files\ \ microsoft synchronization services
2012-04-22 23:51 . 2012-04-23 06:46 -------- d-----w- c:\ \ program files\ \ microsoft.net
2012-04-22 23:51 . 2012-04-22 23:51 -------- d-----w- c:\ \ windows\ \ pchealth
2012-04-22 23:51 . 2012-04-22 23:51 -------- d-----w- c:\ \ program files\ \ microsoft sync framework
2012-04-22 23:51 . 2012-04-22 23:51 -------- d-----w- c:\ \ program files\ \ microsoft sql server compact edition
2012-04-22 23:49 . 2012-05-09 06:17 -------- d-----w- c:\ \ program files\ \ microsoft visual studio 8
2012-04-22 23:15 . 2012-04-22 23:15 -------- d-----w- c:\ \ program files\ \ microsoft analysis services
2012-04-22 23:13 . 2012-04-22 23:13 -------- d-----r- c:\ \ msocache
2012-04-22 22:20 . 2008-01-19 07:36 17920 ----a-w- c:\ \ windows\ \ system32\ \ wfapigp.dll
2012-04-22 22:19 . 2008-01-19 07:36 6656 ----a-w- c:\ \ windows\ \ system32\ \ sdspres.dll
2012-04-22 22:18 . 2008-01-19 07:36 1597440 ----a-w- c:\ \ program files\ \ movie maker\ \ pipeline.dll
2012-04-22 21:20 . 2012-05-10 00:36 -------- d-----w- c:\ \ program files\ \ microsoft silverlight
2012-04-22 21:20 . 2012-04-22 21:20 -------- d-----w- c:\ \ program files\ \ microsoft capicom 2.1.0.2
2012-04-22 20:56 . 2012-04-22 20:56 378368 ----a-w- c:\ \ windows\ \ system32\ \ winhttp.dll
2012-04-22 20:55 . 2012-04-22 20:55 269312 ----a-w- c:\ \ windows\ \ system32\ \ es.dll
2012-04-22 20:42 . 2012-04-22 20:42 38480 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ wdfldr.sys
2012-04-22 20:42 . 2012-04-22 20:42 445008 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ wdf01000.sys
2012-04-22 20:29 . 2012-04-22 20:29 14848 ----a-w- c:\ \ windows\ \ system32\ \ wshrm.dll
2012-04-22 20:29 . 2012-04-22 20:29 113664 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ rmcast.sys
2012-04-22 20:28 . 2012-04-22 20:28 43520 ----a-w- c:\ \ windows\ \ system32\ \ msdxm.tlb
2012-04-22 20:28 . 2012-04-22 20:28 313344 ----a-w- c:\ \ windows\ \ system32\ \ wmpdxm.dll
2012-04-22 20:28 . 2012-04-22 20:28 18432 ----a-w- c:\ \ windows\ \ system32\ \ amcompat.tlb
2012-04-22 20:27 . 2012-04-22 20:27 347136 ----a-w- c:\ \ windows\ \ system32\ \ rmactivate_ssp.exe
2012-04-22 20:27 . 2012-04-22 20:27 329216 ----a-w- c:\ \ windows\ \ system32\ \ msdrm.dll
2012-04-22 20:27 . 2012-04-22 20:27 151040 ----a-w- c:\ \ windows\ \ system32\ \ secproc_ssp.dll
2012-04-22 20:27 . 2012-04-22 20:27 346624 ----a-w- c:\ \ windows\ \ system32\ \ rmactivate_ssp_isv.exe
2012-04-22 20:27 . 2012-04-22 20:27 151040 ----a-w- c:\ \ windows\ \ system32\ \ secproc_ssp_isv.dll
2012-04-22 20:27 . 2012-04-22 20:27 472064 ----a-w- c:\ \ windows\ \ system32\ \ secproc.dll
2012-04-22 20:27 . 2012-04-22 20:27 523776 ----a-w- c:\ \ windows\ \ system32\ \ rmactivate_isv.exe
2012-04-22 20:27 . 2012-04-22 20:27 511488 ----a-w- c:\ \ windows\ \ system32\ \ rmactivate.exe
2012-04-22 20:27 . 2012-04-22 20:27 472576 ----a-w- c:\ \ windows\ \ system32\ \ secproc_isv.dll
2012-04-22 20:20 . 2012-04-22 20:20 97800 ----a-w- c:\ \ windows\ \ system32\ \ infocardapi.dll
2012-04-22 20:20 . 2012-04-22 20:20 622080 ----a-w- c:\ \ windows\ \ system32\ \ icardagt.exe
2012-04-22 20:20 . 2012-04-22 20:20 37384 ----a-w- c:\ \ windows\ \ system32\ \ infocardcpl.cpl
2012-04-22 20:20 . 2012-04-22 20:20 11264 ----a-w- c:\ \ windows\ \ system32\ \ icardres.dll
2012-04-22 20:19 . 2012-04-22 20:19 105016 ----a-w- c:\ \ windows\ \ system32\ \ presentationcffrasterizernative_v0300.dll
.
.
(((((((((((((((((((((((((((((((((((((((( find3m report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-22 22:40 . 2006-11-02 10:32 101888 ----a-w- c:\ \ windows\ \ system32\ \ ifxcardm.dll
2012-04-22 22:40 . 2006-11-02 10:32 82432 ----a-w- c:\ \ windows\ \ system32\ \ axaltocm.dll
2012-04-22 20:54 . 2012-04-22 20:54 36864 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ en-us\ \ http.sys.mui
2012-04-22 20:42 . 2012-04-22 20:42 2560 ----a-w- c:\ \ windows\ \ system32\ \ drivers\ \ en-us\ \ wdf01000.sys.mui
2012-04-22 10:32 . 2012-04-22 10:32 40960 ----a-w- c:\ \ windows\ \ apppatch\ \ apihex86.dll
2012-04-22 09:13 . 2012-04-22 09:13 2560 ----a-w- c:\ \ windows\ \ apppatch\ \ acres.dll
2012-02-14 18:09 . 2012-02-14 18:09 1070352 ----a-w- c:\ \ windows\ \ system32\ \ mscomctl.ocx
.
.
((((((((((((((((((((((((((((((((((((( reg loading points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*note* empty entries & legit default entries are not shown
regedit4
.
[hkey_current_user\ \ software\ \ microsoft\ \ windows\ \ currentversion\ \ run]
\ "sidebar\ "=\ "c:\ \ program files\ \ windows sidebar\ \ sidebar.exe\ " [2008-01-19 1233920]
\ "superantispyware\ "=\ "c:\ \ program files\ \ superantispyware\ \ superantispyware.exe\ " [2012-04-28 3905920]
.
[hkey_local_machine\ \ software\ \ microsoft\ \ windows\ \ currentversion\ \ run]
\ "syntpenh\ "=\ "c:\ \ program files\ \ synaptics\ \ syntp\ \ syntpenh.exe\ " [2011-10-14 2299176]
\ "egui\ "=\ "c:\ \ program files\ \ eset\ \ eset smart security\ \ egui.exe\ " [2011-09-22 3080264]
\ "nvcpldaemon\ "=\ "c:\ \ windows\ \ system32\ \ nvcpl.dll\ " [2009-06-24 13601312]
\ "nvmediacenter\ "=\ "c:\ \ windows\ \ system32\ \ nvmctray.dll\ " [2009-06-24 92704]
.
[hkey_local_machine\ \ software\ \ microsoft\ \ windows\ \ currentversion\ \ policies\ \ system]
\ "enableuiadesktoptoggle\ "= 0 (0x0)
.
[hkey_local_machine\ \ software\ \ microsoft\ \ windows\ \ currentversion\ \ explorer\ \ shellexecutehooks]
\ "{5ae067d3-9afb-48e0-853a-ebb7f4a000da}\ "= \ "c:\ \ program files\ \ superantispyware\ \ sasseh.dll\ " [2011-07-19 113024]
.
[hkey_local_machine\ \ software\ \ microsoft\ \ windows nt\ \ currentversion\ \ winlogon\ \ notify\ \ !saswinlogon]
2011-05-04 17:54 551296 ----a-w- c:\ \ program files\ \ superantispyware\ \ saswinlo.dll
.
[hkey_local_machine\ \ system\ \ currentcontrolset\ \ control\ \ safeboot\ \ minimal\ \ !sascore]
@=\ "\ "
.
[hkey_local_machine\ \ system\ \ currentcontrolset\ \ control\ \ safeboot\ \ minimal\ \ ad-aware service]
@=\ "ad-aware service\ "
.
[hkey_local_machine\ \ system\ \ currentcontrolset\ \ control\ \ safeboot\ \ minimal\ \ sbamsvc]
@=\ "service\ "
.
[hkey_local_machine\ \ system\ \ currentcontrolset\ \ control\ \ safeboot\ \ minimal\ \ sdauxservice]
@=\ "\ "
.
[hkey_local_machine\ \ system\ \ currentcontrolset\ \ control\ \ safeboot\ \ minimal\ \ sdcoreservice]
@=\ "\ "
.
[hkey_local_machine\ \ system\ \ currentcontrolset\ \ control\ \ safeboot\ \ minimal\ \ wdf01000.sys]
@=\ "driver\ "
.
[hklm\ \ ~\ \ startupfolder\ \ c:^programdata^microsoft^windows^start menu^programs^startup^adobe reader speed launch.lnk]
backup=c:\ \ windows\ \ pss\ \ adobe reader speed launch.lnk.commonstartup
backupextension=.commonstartup
.
[hklm\ \ ~\ \ startupfolder\ \ c:^programdata^microsoft^windows^start menu^programs^startup^adobe reader synchronizer.lnk]
backup=c:\ \ windows\ \ pss\ \ adobe reader synchronizer.lnk.commonstartup
backupextension=.commonstartup
.
[hklm\ \ ~\ \ startupfolder\ \ c:^programdata^microsoft^windows^start menu^programs^startup^mcafee security scan plus.lnk]
path=c:\ \ programdata\ \ microsoft\ \ windows\ \ start menu\ \ programs\ \ startup\ \ mcafee security scan plus.lnk
backup=c:\ \ windows\ \ pss\ \ mcafee security scan plus.lnk.commonstartup
backupextension=.commonstartup
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ ad-aware antivirus]
c:\ \ program files\ \ ad-aware antivirus\ \ adawarelauncher --windows-run [x]
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ ad-aware browsing protection]
2011-10-21 09:09 198032 ----a-w- c:\ \ programdata\ \ ad-aware browsing protection\ \ adawarebp.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ bcssync]
2010-03-13 20:54 91520 ----a-w- c:\ \ program files\ \ microsoft office\ \ office14\ \ bcssync.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ hp health check scheduler]
2007-03-12 18:54 50696 ------w- c:\ \ program files\ \ hewlett-packard\ \ hp health check\ \ hphc_scheduler.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ hp software update]
2005-02-17 06:11 49152 ----a-w- c:\ \ program files\ \ hp\ \ hp software update\ \ hpwuschd2.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ hpadvisor]
2007-03-20 22:23 1773568 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp advisor\ \ hpadvisor.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ hpwirelessassistant]
2007-03-01 20:18 472776 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp wireless assistant\ \ hpwamain.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ lightscribe control panel]
2007-04-19 20:26 484904 ----a-w- c:\ \ program files\ \ common files\ \ lightscribe\ \ lightscribecontrolpanel.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ pctstray.exe]
2008-12-08 19:33 1173384 ----a-w- c:\ \ program files\ \ spyware doctor\ \ pctstray.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ qlbctrl]
2009-11-24 17:07 323640 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp quick launch buttons\ \ qlbctrl.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ qlbctrl.exe]
2009-11-24 17:07 323640 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp quick launch buttons\ \ qlbctrl.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ qpservice]
2007-04-24 01:11 176128 ----a-w- c:\ \ program files\ \ hp\ \ quickplay\ \ qpservice.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ spybotsd teatimer]
2009-03-05 22:07 2260480 --sha-r- c:\ \ program files\ \ spybot - search & destroy\ \ teatimer.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ sunjavaupdatesched]
2007-08-04 11:36 77824 ----a-w- c:\ \ program files\ \ java\ \ jre1.6.0\ \ bin\ \ jusched.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ shared tools\ \ msconfig\ \ startupreg\ \ wawifimessage]
2007-01-10 23:12 317128 ----a-w- c:\ \ program files\ \ hewlett-packard\ \ hp wireless assistant\ \ wifimsg.exe
.
[hkey_local_machine\ \ software\ \ microsoft\ \ security center\ \ monitoring]
\ "disablemonitoring\ "=dword:00000001
.
[hkey_local_machine\ \ software\ \ microsoft\ \ security center\ \ monitoring\ \ symantecantivirus]
\ "disablemonitoring\ "=dword:00000001
.
[hkey_local_machine\ \ software\ \ microsoft\ \ security center\ \ monitoring\ \ symantecfirewall]
\ "disablemonitoring\ "=dword:00000001
.
r3 adobeflashplayerupdatesvc;adobe flash player update service;c:\ \ windows\ \ system32\ \ macromed\ \ flash\ \ flashplayerupdateservice.exe [2012-05-07 257696]
s2 !sascore;sas core service;c:\ \ program files\ \ superantispyware\ \ sascore.exe [2011-08-11 116608]
s2 ad-aware service;ad-aware service;c:\ \ program files\ \ ad-aware antivirus\ \ adawareservice.exe [2012-05-04 1226096]
.
.
--- other services/drivers in memory ---
.
*newlycreated* - sbapifs
*newlycreated* - sbhips
*newlycreated* - sbwtis
.
[hkey_local_machine\ \ software\ \ microsoft\ \ active setup\ \ installed components\ \ {10880d85-aad9-4558-abdc-2ab1552d831f}]
2007-04-19 20:23 452136 ----a-w- c:\ \ program files\ \ common files\ \ lightscribe\ \ lsrunonce.exe
.
contents of the \ 'scheduled tasks\ ' folder
.
2012-05-10 c:\ \ windows\ \ tasks\ \ adobe flash player updater.job
- c:\ \ windows\ \ system32\ \ macromed\ \ flash\ \ flashplayerupdateservice.exe [2012-05-07 23:31]
.
2012-05-10 c:\ \ windows\ \ tasks\ \ glaryinitialize.job
- c:\ \ program files\ \ glary utilities\ \ initialize.exe [2012-04-24 03:06]
.
.
------- supplementary scan -------
.
ustart page = hxxp://www.google.com.mx/
mstart page = hxxp://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=en_us&c=73&bd=pavilion&pf=laptop
tcp: dhcpnameserver = 192.168.1.254
.
.
**************************************************************************
.
catchme 0.3.1398 w2k/xp/vista - rootkit/stealth malware detector by gmer, http://www.gmer.net
rootkit scan 2012-05-09 22:09
windows 6.0.6001 service pack 1 ntfs
.
scanning hidden processes .
.
scanning hidden autostart entries .
.
scanning hidden files .
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
- locked registry keys -
.
[hkey_local_machine\ \ system\ \ controlset001\ \ control\ \ class\ \ {4d36e96d-e325-11ce-bfc1-08002be10318}\ \ 0000\ \ allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
\ "blinddial\ "=dword:00000000
.
completion time: 2012-05-09 22:14:44
combofix-quarantined-files.txt 2012-05-10 04:14
combofix2.txt 2012-05-07 22:54
.
pre-run: 103,115,603,968 bytes free
post-run: 103,081,828,352 bytes free
.
- - end of file - - 0a40daa3e9a030d0eac7a0fc2cbb2f71



cuando esta a punto de amanecer es cuando el cielo se ve mas obscuro
Bajar - Subir
#9 swissman (39.814 Posts) - 10/05/2012 13:42:06
Veo que te ha sacado cc32100mt.dll, segun google, podria estar contaminado o formar parte de un virus.

Que no sea lo de los drivers, o bien, el propio touch que esté estropeado.
no sé qué mas indicarte, aparte de si tuvieras otro disco duro, ponerlo e instalarle el sistema operativo para probar.
saludos
Bajar - Subir
#10 tazmania72 (86 Posts) - 14/05/2012 22:48:03
Gracias nuevamente voy a checar lo que me marcas y ver si consigo otro disco duro para probar y aviso. saludos

cuando esta a punto de amanecer es cuando el cielo se ve mas obscuro
Bajar - Subir

Temas relacionados:

Problema con Tactil, mouse usb y mouse inalambrico
Windows Vista Home Premiun, Dell latitude E5500 Tengo una laptop a la cual le cayo cafe y daño el teclado, este fue cambiado por otro. y todo funcionaba bien hasta que un tiempo para aca el mouse empezo a dar errores. tanto el tactil como el usb, tiene problema con cualquier mouse que le conecto. el problema es el siguiente: a veces le doy click izquierdo para seleccionar un icono o cualquier cosa y me sale un menu como si le estuviera dando al click derecho. y piso el click derecho y es lo mismo. es decir no pueden estr intercambiado por ...
Problema con mi mouse
Windows 7, procesador: pentium(R) Dual-core CPU T4400 @ 2.20GHz 2.20GHz, memoria ram 2,00 GB, sistema operativo 64 bits mi problema es que cuando presiono una tecla el cursor se me congela y después de 2 ó 3 segundos reacciona. como arreglo ese problema. ...
Problema con mouse
Hola, tengo un problema con el mouse en mi Qosmio X875. Tanto con el touch pad como con el mouse inalámbrico al hacer click se brinca ligeramente hacia arriba y no hace el click en el lugar preciso sino un poco arriba (2 ó 3 mm quizá) entonces tengo que repetir el click para que lo haga en el lugar específico. Tengo un mouse Cyborg RAT 9 pero lo hace con cualquier mouse . Muchas gracias y buen día, Francisco Windows 8 Toshiba Qosmio X875. ...
Problema con el mouse del portatil
Hola tengo un Toshiba Satellite L850-1RX y no me responde el mouse ( raton) miro las propiedades y pone que funciona bien pero no hace nada Toshiba Satellite L850-1RX. ...
Problema con Mouse (Hardware).
Window 7, ratón por cable. Hola, chicos. Veréis, hace unas horas mi Mouse dejó de funcionar, sin ton ni son. No se ha caído, no le he dado ningún golpe, simplemente navegaba y de pronto ZAS. Lo quito del USB, vuelvo a ponerlo y nada, lo pongo en otro puerto y tampoco. Estuve probando un buen rato y reiniciando el PC. Probé con otro Mouse que tengo, bastante más antiguo y funciona. Es pues problema del ratón. He desmontado el ratón y no veo nada raro. Todo en su sitio. Empecé a tocar en el cable de corriente, moviéndolo, y entonces ...
Foros: Mouse, Problema
Subir

Foros:

Foro ADSL

Foro Android

Foro Antivirus

Foro Comunidad

Foro Consolas

Foro Debate

Foro Facebook

Foro Hardware

Foro Hotmail

Foro iPad 		Foro iPhone

Foro Juegos

Foro Linux

Foro Móviles

Foro Opiniones

Foro Tablet

Foro Whatsapp

Foro Windows

Foro Windows 7

Foro Windows 8
InicioSecciones
^ SubirAviso legal
Política Privacidad
Configurarequipos17 Mayo 2024