COTENSE | |
| 2010-06-08 13:06 - Respuestas: 1 - Tema nº: 2691715
WINDOWS 7
ME SALE UNA PAGINA QUE NO PUEDO QUITAR Y TAMPOCO PUEDO INSTALAR MESENGGER.HE ECHO ESTO CON UN PROGRAMA QUE RECOMENDABAIS A OTRO USUARIO Y ME SALIO ESTO Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:14, on 15/06/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe
C:\\Windows\\PLFSetI.exe
C:\\Program Files (x86)\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe
C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe
C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqtra08.exe
C:\\Program Files (x86)\\NewTech Infosystems\\Packard Bell MyBackup\\BackupManagerTray.exe
C:\\Program Files (x86)\\VideoWebCamera\\VideoWebCamera.exe
C:\\PROGRA~2\\Magentic\\bin\\MgApp.exe
C:\\Program Files (x86)\\Launch Manager\\LManager.exe
C:\\Program Files (x86)\\CyberLink\\PowerDVD8\\PDVD8Serv.exe
C:\\Program Files (x86)\\PC Connectivity Solution\\Transports\\NclMSBTSrvEx.exe
C:\\Program Files\\Alwil Software\\Avast5\\AvastUI.exe
C:\\Program Files (x86)\\Common Files\\Nokia\\NoA\\nokiaaserver.exe
C:\\Program Files (x86)\\HiYo\\Bin\\HiYo.exe
C:\\Program Files (x86)\\Common Files\\Nokia\\MPlatform\\NokiaMServer.exe
C:\\Program Files (x86)\\Iminent\\IMBooster\\IMBooster.exe
C:\\Program Files (x86)\\Iminent\\SearchTheWeb\\Iminent.Notifier.exe
C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSTE08.exe
C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqbam08.exe
C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqgpc01.exe
C:\\Program Files (x86)\\Internet explorer\\Iexplore.exe
C:\\Program Files (x86)\\HP\\Digital Imaging\\smart web printing\\hpswp_clipbook.exe
C:\\Program Files (x86)\\Internet explorer\\Iexplore.exe
C:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe
C:\\Windows\\SysWOW64\\DllHost.exe
C:\\Windows\\SysWOW64\\DllHost.exe
C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe
C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe
C:\\Program Files (x86)\\Trend Micro\\HijackThis\\HijackThis.exe
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0c0a&m=easynote_tj76&r=27360510i2b6l0460z1h5f4481y269
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.google.es/
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0c0a&m=easynote_tj76&r=27360510i2b6l0460z1h5f4481y269
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://mystart.magentic.com/
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
R3 - URLSearchHook: Iminent.BHO.NavigationError - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - C:\\Program Files (x86)\\Iminent\\SearchTheWeb\\Iminent.BHO.NavigationError.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\\Program Files (x86)\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\\Program Files (x86)\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll
O2 - BHO: ProfileSongToolbarIE - {367570a9-768f-4371-afc0-5bb758148619} - C:\\Program Files (x86)\\Babulous\\Profile Song\\adxloader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Search Helper\\SEPsearchhelperie.dll
O2 - BHO: CHelperBHO - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - C:\\Program Files (x86)\\Iminent\\SearchTheWeb\\Iminent.BHO.NavigationError.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Windows Live Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - (no file)
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\\Program Files (x86)\\Iminent\\IMBooster4Web\\Iminent.WebBooster.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre6\\bin\\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\\Program Files (x86)\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll
O3 - Toolbar: Profile Song - {25278368-52A4-4919-80E0-6F3822D2FE1F} - C:\\Program Files (x86)\\Babulous\\Profile Song\\adxloader.dll
O4 - HKLM\\..\\Run: [BackupManagerTray] \"C:\\Program Files (x86)\\NewTech Infosystems\\Packard Bell MyBackup\\BackupManagerTray.exe\" -h -k
O4 - HKLM\\..\\Run: [VideoWebCamera] \"C:\\Program Files (x86)\\VideoWebCamera\\VideoWebCamera.exe\" -a
O4 - HKLM\\..\\Run: [LManager] C:\\Program Files (x86)\\Launch Manager\\LManager.exe
O4 - HKLM\\..\\Run: [RemoteControl8] \"c:\\Program Files (x86)\\CyberLink\\PowerDVD8\\PDVD8Serv.exe\"
O4 - HKLM\\..\\Run: [PDVD8LanguageShortcut] \"c:\\Program Files (x86)\\CyberLink\\PowerDVD8\\Language\\Language.exe\"
O4 - HKLM\\..\\Run: [avast5] \"C:\\Program Files\\Alwil Software\\Avast5\\avastUI.exe\" /nogui
O4 - HKLM\\..\\Run: [StormCodec_Helper] \"C:\\Program Files (x86)\\Ringz Studio\\Storm Codec\\StormSet.exe\" /S /opti
O4 - HKLM\\..\\Run: [Hiyo] C:\\Program Files (x86)\\HiYo\\bin\\HiYo.exe /RunFromStartup
O4 - HKLM\\..\\Run: [NokiaMServer] C:\\Program Files (x86)\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup
O4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun
O4 - HKCU\\..\\Run: [Magentic] C:\\PROGRA~2\\Magentic\\bin\\Magentic.exe /c
O4 - HKCU\\..\\Run: [NokiaOviSuite2] C:\\Program Files (x86)\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe -tray
O4 - HKCU\\..\\Run: [PC Suite Tray] \"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray
O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /autoRun (User \'SERVICIO LOCAL\')
O4 - HKUS\\S-1-5-19\\..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (User \'SERVICIO LOCAL\')
O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /autoRun (User \'Servicio de red\')
O4 - HKUS\\S-1-5-20\\..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (User \'Servicio de red\')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqtra08.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\\Program Files (x86)\\IncrediMail\\bin\\resources\\WebMenuImg.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\\PROGRA~2\\MICROS~2\\Office12\\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\\Program Files (x86)\\Google\\Google Toolbar\\Component\\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: @C:\\Program Files (x86)\\Windows Live\\Companion\\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra \'Tools\' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~2\\MICROS~2\\Office12\\REFIEBAR.DLL
O9 - Extra button: Mostrar u ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\\Program Files (x86)\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\\program files (x86)\\common files\\microsoft shared\\windows live\\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\\program files (x86)\\common files\\microsoft shared\\windows live\\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} (Ovi maps browser plugin) - http://static.s2g.gate5.de/ovi_maps/OviMaps_4.0.12.12.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\\Program Files (x86)\\Adobe\\Photoshop Elements 7.0\\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\\Windows\\system32\\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe
O23 - Service: @%SystemRoot%\\system32\\efssvc.dll,-100 (EFS) - Unknown owner - C:\\Windows\\System32\\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\\Program Files\\Packard Bell\\Packard Bell Power Management\\ePowerSvc.exe
O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\\Program Files (x86)\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe
O23 - Service: Windows Live Family Safety Service (fsssvc) - Unknown owner - C:\\Program Files (x86)\\Windows Live\\Family Safety\\fsssvc.exe (file missing)
O23 - Service: Zatisfi Search Assistant Service (GPSearchAssistant) - Unknown owner - C:\\Program Files (x86)\\Zatisfi\\Zatisfi Search Assistant\\GPSearchGuard.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\\Program Files (x86)\\Packard Bell\\Registration\\GregHSRW.exe
O23 - Service: Servicio Google Update (gupdate) (gupdate) - Zatisfi LLC - C:\\Program Files (x86)\\Zatisfi\\Update\\ZatisfiUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\\Program Files (x86)\\Common Files\\Nero\\Nero BackItUp 4\\NBService.exe
O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\\Program Files (x86)\\NewTech Infosystems\\Packard Bell MyBackup\\IScheduleSvc.exe
O23 - Service: @%systemroot%\\system32\\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\\Program Files (x86)\\PC Connectivity Solution\\ServiceLayer.exe
O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\\Windows\\system32\\sppsvc.exe (file missing)
O23 - Service: @C:\\Program Files (x86)\\TuneUp Utilities 2010\\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\\Program Files (x86)\\TuneUp Utilities 2010\\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\\Program Files (x86)\\TuneUp Utilities 2010\\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe
O23 - Service: Updater Service - Acer - C:\\Program Files\\Packard Bell\\Packard Bell Updater\\UpdaterService.exe
O23 - Service: @%SystemRoot%\\system32\\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing)
O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\Wat\\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\\Windows\\system32\\Wat\\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Media Player\\wmpnetwk.exe (file missing)
-
Comentario del Moderador: Por favor no escribas en mayúsculas es sinónimo de gritar y además no se lee bien.
[Mensaje editado por swissman con fecha: 08-06-2010 13:52:11]. | |
|
|
marinalope | |
|
Re: Por favor necesito ayuda urgente - 2010-06-08 13:46 - Respuesta 2
Haz lo siguiente:
Paso 1: Descarga e instala los siguientes programas:
Spybot
Ccleaner (Manual de uso aquí)
Unlocker.
SUPERAntispyware (Manual de uso aquí)
malwarebytes anti malware instalacion configuracion y uso
RegSeeker. (Este último no requiere instalación. Sólo descomprímelo y mueve la carpeta a archivos de programa. Luego puedes crear un acceso directo del ejecutable en el escritorio)
Hijackthis (Manual de uso aquí)
Paso 2: Inicia en modo seguro con funciones de red
Paso 3: Haz una limpieza de archivos temporales con el Ccleaner
Paso 4: Actualiza el Spybot,el SUPERAntispyware y malwarebytes.
Paso 5: Escanea tu equipo con el Spybot,SUPERAntispyware,Malwarebytes y limpia lo que te encuentren.
Paso 6: Escanea tu equipo con algún antivirus on-line.
Te recomiendo alguno de estos:
Panda antivirus
Computer associates
Trend micro (Para usar éste, necesitas tener instalado el Java)
Bit defender
Nod32
Paso 7: Reinicia nuevamente en modo seguro y escanea nuevamente con el Spybot y limpia lo que encuentre
Paso 8: Haz una limpieza de registro con el Regseeker (Escanea varias veces hasta que ya no quede nada por limpiar)
Paso 9: Reinicia en modo normal.
Paso 10: Abre el hijackthis y le das en donde dice Do a system scan and save a log file.
Te generará un archivo de texto. Copia su contenido y lo pegas aqui para que sea analizado.
El HijackThis lo tienes que ejecutar como administrador.
Cuando pongas una pregunta,recuerda refrescar la página para ver si has tenido alguna respuesta.Puedes hacerlo pulsando F5. | |
|
|
|