| janinaa |  |
|
2009-08-16 00:00 - Respuestas: 6 - Tema nº: 2613527
Windows Vista .
hola..
pues tengo un problema, use el spy bot y me detecto *** y no los eliminó. baje el programa de superspyware y ccleaner y tampoco se eliminarion. lei que bajara el hijackthis pero pues ya hice el analisis y no se que hacer con el. ahi les va lo que salio..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:24:37, on 15/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\\Windows\\system32\\Dwm.exe
C:\\Windows\\Explorer.EXE
C:\\Windows\\system32\\taskeng.exe
C:\\Program Files\\Acer\\Empowering Technology\\SysMonitor.exe
C:\\Program Files\\Acer\\Empowering Technology\\Framework.Launcher.exe
C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSLoader.exe
C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BkupTray.exe
C:\\Windows\\RtHDVCpl.exe
C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\MOM.exe
C:\\Program Files\\HP\\HP Software Update\\hpwuSchd2.exe
C:\\Program Files\\iTunes\\iTunesHelper.exe
C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe
C:\\Program Files\\Nova Development\\Photo Explosion 3.0 SE\\CalCheck.exe
D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\acrotray.exe
C:\\Program Files\\Java\\jre6\\bin\\jusched.exe
C:\\Windows\\ehome\\ehtray.exe
C:\\Windows\\ehome\\ehmsas.exe
C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CCC.exe
C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe
C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe
C:\\Program Files\\Nero\\data\\Xtras\\mssysmgr.exe
C:\\Program Files\\Ares\\Ares.exe
C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe
C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe
C:\\Program Files\\Northstar\\SmartCopy\\SmartCopy.exe
C:\\Program Files\\Northstar\\SmartLauncher\\SmartLauncher.exe
C:\\Windows\\system32\\conime.exe
C:\\Program Files\\Norton AntiVirus\\Norton AntiVirus\\Engine\\16.5.0.134\\ccSvcHst.exe
C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSTE08.exe
C:\\Program Files\\Spybot - Search & Destroy\\SpybotSD.exe
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\Windows\\system32\\wuauclt.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe
C:\\Windows\\System32\\NOTEPAD.EXE
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&s=1&o=vp32&d=1108&m=aspire_m1201
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://es.es.acer.yahoo.com
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&s=1&o=vp32&d=1108&m=aspire_m1201
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
R3 - URLSearchHook: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\\Program Files\\Shareware.Pro\\tbSha0.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\\Program Files\\AskTBar\\SrchAstt\\1.bin\\A5SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\\Program Files\\Yahoo!\\Companion\\Installs\\cpn\\yt.dll (file missing)
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\\Program Files\\HP\\Smart Web Printing\\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\\Program Files\\Spybot - Search & Destroy\\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\\Program Files\\Norton AntiVirus\\Norton AntiVirus\\Engine\\16.5.0.134\\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\\PROGRA~1\\MICROS~2\\Office12\\GRA8E1~1.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\ActiveToolBand.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\\Program Files\\AskTBar\\SrchAstt\\1.bin\\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\\Program Files\\Google\\Google Toolbar\\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\\Program Files\\Google\\GoogleToolbarNotifier\\5.1.1309.15642\\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\\Program Files\\Google\\Google Toolbar\\Component\\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\\Program Files\\Shareware.Pro\\tbSha0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\\Program Files\\AskTBar\\bar\\1.bin\\ASKTBAR.DLL
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\\Program Files\\Yahoo!\\Companion\\Installs\\cpn\\yt.dll (file missing)
O3 - Toolbar: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\\Program Files\\Shareware.Pro\\tbSha0.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\\Program Files\\AskTBar\\bar\\1.bin\\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\\Program Files\\Google\\Google Toolbar\\GoogleToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll
O4 - HKLM\\..\\Run: [Windows Defender] %ProgramFiles%\\Windows Defender\\MSASCui.exe -hide
O4 - HKLM\\..\\Run: [Acer Empowering Technology Monitor] C:\\Program Files\\Acer\\Empowering Technology\\SysMonitor.exe
O4 - HKLM\\..\\Run: [EmpoweringTechnology] C:\\Program Files\\Acer\\Empowering Technology\\Framework.Launcher.exe boot
O4 - HKLM\\..\\Run: [eDataSecurity Loader] C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSloader.exe
O4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"
O4 - HKLM\\..\\Run: [BkupTray] \"C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BkupTray.exe\"
O4 - HKLM\\..\\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\\..\\Run: [StartCCC] \"C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\"
O4 - HKLM\\..\\Run: [PCMMediaSharing] C:\\Program Files\\Acer Arcade Live\\Acer HomeMedia Connect\\Kernel\\DMS\\PCMMediaSharing.exe
O4 - HKLM\\..\\Run: [WarReg_PopUp] C:\\Program Files\\Acer\\WR_PopUp\\WarReg_PopUp.exe
O4 - HKLM\\..\\Run: [Setresolution] C:\\ACER\\config\\1440x900.cmd
O4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe
O4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime
O4 - HKLM\\..\\Run: [iTunesHelper] \"C:\\Program Files\\iTunes\\iTunesHelper.exe\"
O4 - HKLM\\..\\Run: [GrooveMonitor] \"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"
O4 - HKLM\\..\\Run: [PhotoExplosionCalCheck] C:\\Program Files\\Nova Development\\Photo Explosion 3.0 SE\\calcheck.exe
O4 - HKLM\\..\\Run: [Acrobat Assistant 8.0] \"D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\Acrotray.exe\"
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\"
O4 - HKCU\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe
O4 - HKCU\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background
O4 - HKCU\\..\\Run: [swg] C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe
O4 - HKCU\\..\\Run: [PhotoShow Deluxe Media Manager] C:\\PROGRA~1\\Nero\\data\\Xtras\\mssysmgr.exe
O4 - HKCU\\..\\Run: [ares] \"C:\\Program Files\\Ares\\Ares.exe\" -h
O4 - HKCU\\..\\Run: [SpybotSD TeaTimer] C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe
O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'SERVICIO LOCAL\')
O4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'SERVICIO LOCAL\')
O4 - HKUS\\S-1-5-19\\..\\RunOnce: [] (User \'SERVICIO LOCAL\')
O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'Servicio de red\')
O4 - HKUS\\S-1-5-20\\..\\RunOnce: [] (User \'Servicio de red\')
O4 - HKUS\\S-1-5-18\\..\\RunOnce: [] (User \'SYSTEM\')
O4 - HKUS\\.DEFAULT\\..\\RunOnce: [] (User \'Default user\')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe
O4 - Global Startup: SmartCopy.lnk = C:\\Program Files\\Northstar\\SmartCopy\\SmartCopy.exe
O4 - Global Startup: SmartLauncher.lnk = C:\\Program Files\\Northstar\\SmartLauncher\\SmartLauncher.exe
O8 - Extra context menu item: Append to existing PDF - res://D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office12\\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~2\\Office12\\ONBttnIE.dll
O9 - Extra \'Tools\' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~2\\Office12\\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\\Program Files\\HP\\Smart Web Printing\\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\\Program Files\\HP\\Smart Web Printing\\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\Program Files\\Spybot - Search & Destroy\\SDHelper.dll
O9 - Extra \'Tools\' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\Program Files\\Spybot - Search & Destroy\\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\\PROGRA~1\\MICROS~2\\Office12\\GR99D3~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\\Program Files\\Google\\Google Toolbar\\Component\\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\\Program Files\\Acer Arcade Live\\Acer HomeMedia Connect\\Kernel\\DMS\\CLMSServer.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\\Windows\\system32\\Ati2evxx.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\Client\\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\\Program Files\\Acer\\Empowering Technology\\Service\\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe
O23 - Service: Servicio Google Update (gupdate1c9b50c2031ee09) (gupdate1c9b50c2031ee09) - Google Inc. - C:\\Program Files\\Google\\Update\\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\1150\\Intel 32\\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\\Program Files\\iPod\\bin\\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\\Program Files\\Norton AntiVirus\\Norton AntiVirus\\Engine\\16.5.0.134\\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\SchedulerSvc.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe
End of file - 15227 bytes
...............
espero me puedan ayudar
gracias..
Comentarios adicionales: No había instalado ningún programa, ni cambiado nada de hardware en el PC.
-
[Mensaje editado por caterpilar con fecha: 16-08-2009 01:26:11]. | |
|
|
| marinalope |  |
|
Re: Problema con myway.mywebsearch y funwebproducts - 2009-08-16 00:42 - Respuesta 3
A parte de lo que te ha dicho enrique,desinstala todas las toolbars que no te sean imprescindibles. | |
|
|
| janinaa | |
|
Re: Problema con myway.mywebsearch y funwebproducts - 2009-08-16 19:04 - Respuesta 4
wo0ow!!
muchas gracias.. parece que mi paciencia valio la pena.. hice todo lo que me dijeron y ya quedó
pase el spy bot y ya no aparecen ninguno de los 2(mywayweb... y funweb..)
aqui dejo lo que salio en hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:24:37, on 15/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nova Development\Photo Explosion 3.0 SE\CalCheck.exe
D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nero\data\Xtras\mssysmgr.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Northstar\SmartCopy\SmartCopy.exe
C:\Program Files\Northstar\SmartLauncher\SmartLauncher.exe
C:\Windows\system32\conime.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\System32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&s=1&o=vp32&d=1108&m=aspire_m1201
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://es.es.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&s=1&o=vp32&d=1108&m=aspire_m1201
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\Program Files\Shareware.Pro\tbSha0.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.5.0.134\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\Program Files\Shareware.Pro\tbSha0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\Program Files\Shareware.Pro\tbSha0.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Setresolution] C:\ACER\config\1440x900.cmd
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PhotoExplosionCalCheck] C:\Program Files\Nova Development\Photo Explosion 3.0 SE\calcheck.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SmartCopy.lnk = C:\Program Files\Northstar\SmartCopy\SmartCopy.exe
O4 - Global Startup: SmartLauncher.lnk = C:\Program Files\Northstar\SmartLauncher\SmartLauncher.exe
O8 - Extra context menu item: Append to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servicio Google Update (gupdate1c9b50c2031ee09) (gupdate1c9b50c2031ee09) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
End of file - 15227 bytes
| |
|
|
| swissman |  |
|
Re: Problema con myway.mywebsearch y funwebproducts - 2009-08-16 19:17 - Respuesta 5
desinstala TODAS las toolbar que tengas y programas que no uses.
cierra todos los programas, navegador incluido, ejecuta hijackthis pulsando do a system scan only y marcas las siguientes entradas:
R3 - URLSearchHook: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\Program Files\Shareware.Pro\tbSha0.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\Program Files\Shareware.Pro\tbSha0.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Shareware.Pro Toolbar - {d82b1ec9-0d76-4f88-9fe6-4e92d2a8ea93} - C:\Program Files\Shareware.Pro\tbSha0.dll
pulsa fix checked, sin reinciar busca y borra lo siguientes carpetas y su contenido (habilita la opcion de ver archivos y carpetas ocultos). si alguno no se deja usa killbox o unlocker, o ambos
C:\Program Files\Shareware
C:\Program Files\AskTBar
C:\Program Files\Yahoo!
pasa ccleaner, para limpiar los temporales y cokies y registro, y regclener
reinicias y nos dices que tal va, pegas el log de nuevo | |
|
|
|
