Utilizamos Cookies de terceros para generar estadísticas de audiencia y mostrar publicidad personalizada analizando tu navegación. Si sigues navegando estarás aceptando su uso. Más información X
PortadaForo AyudaTutoriales
Inicio Respuestas Spyware

Spyware de publicidad (máquina lenta)
chemicalboy
- 14/04/2012 04:07:37 - Pregunta nº.: 28.205
Windows 7 (6.1) 64 bits, Microsoft Internet Explorer 9.0

Hola, he notado que desde hace algunos días tengo un problema con mi computadora, está corriendo más lenta y muy seguido pasa que el CPU se encuentra al 100%. Esto creo que empezó desde que instalé una especie de programa que supuestamente necesitaba para oir una canción que me había descargado.

Mientras estoy navegando por la Internet me salta una especie de página web que empieza con ad.funky .com (etc.), no les coloco la web site porque se que está prohibido. A través de mi McAfee Site Advisor recibí un informe que hay riesgo potencial y que el origen de la página es de un tal gabrielmoreno .com .ar. Le escribí a esta persona y dice no saber nada (es un programador o algo así).

Bueno el problema es que no sé cómo desinstalar esta especie de spyware que me lanza avisos de publicidad. La he bloqueado en mi navegador Internet Explorer 9, pero sigue apareciendo. Mi antivirus Windows Live Essentials no lo detecta.

Agradeceré su apoyo para salir de este problema como antes ya lo han hecho.


Grs,
Renato
#1 swissman (39.814 Posts) - 14/04/2012 06:43:09
Primero de todo, que sepas que nadie da nada gratis, y que los problemas como estos se evitan haciendo las cosas mal, como has hecho al descargar de vete a saber donde una cancion pirateada.

después del sermón:
Inicia tu pc en modo seguro con conexiones de red y pasa algún antivirus actualizado on-line

desinstala todas las toolbar, programas de descarga de musica, p2p y similares y programas que ya no uses (si hay) desde agregar o quitar programas.

descarga y actualiza los siguientes programas y los vas pasando uno tras otro, un par de veces cada uno:
Malwarebytes\ ' Anti-Malware 1.3
Spyware Doctor 6
jv16 PowerTools 2008
Spybot
cwshredder.exe
ad-aware
SUPERAntiSpyware
Ccleaner (limpiar temporales y registro)

Reinicia, arranca en modo normal, descarga la version 2.0.4 Hijackthis
( http://free.antivirus.com/hijackthis/ ), lo instalas, ejecutas y pulsa “do a system scan and save a log”, se te abrirá un fichero txt, el contenido del cual debes copiar al portapapeles (ctrl c) y pegas a continuación(ctrl v).
(Obtener el log del Hijackthis)
Bajar - Subir
#2 chemicalboy (38 Posts) - 16/04/2012 19:33:33
Hola, gracias por la ayuda ante todo.

Hice lo que me dijsite, pero parece que hubo interferencia entre los programas que diste porque el Ad-Aware y el Ad-Watch 2007 se bloquearon. De hecho eliminé algunos trojanos.

El problema que tengo ahora es que cuando paso el Hijack This poco después de iniciar el análisis me sale un mensaje que dice: For some reason your system denied write access to the Host file. If any hijacked domains are in this file, HijackThis may not be able to fix this. If that happens, you need to edit the file yourself. To do this, click Start, Run and type

notepad C:/Windows/System32/drivers/etc/hosts

No sé cómo hacer esto (ojo que tengo Windows 7 Home Premium). De igual modo colocó \ "aceptar\ " para que continúe el análisis y cuando finaliza me sale otro mensaje que dice: No se encuentra el archivo C:/Program Files (x86)/Trend Micro/HijackThis/hijackthis.log - ¿Desea crear unno nuevo?

Colocó que sí, pero en el block de notas no aparece el detalle del análisis hecho en el programa.

Quedo atento a tus comentarios.

Slds,
Renato

Bajar - Subir
#3 swissman (39.814 Posts) - 16/04/2012 20:06:03
Hola, intenta a ver si en modo seguro puedes pasar el hijackthis y vemos algo.
saludos
Bajar - Subir
#4 chemicalboy (38 Posts) - 16/04/2012 20:23:47
Ahora sí salió. Por si acaso tengo instalado en mi PC el Refog Keylogger, pero ha sido mucho después que empezó a ponerse lenta mi máquina.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:15:09 p.m., on 16/04/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode

Running processes:
C:\ \ Windows\ \ SysWOW64\ \ MPK\ \ mpk.exe
C:\ \ Program Files (x86)\ \ Trend Micro\ \ HijackThis\ \ HijackThis.exe

R1 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,SearchAssistant =
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,CustomizeSearch =
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Local Page = C:\ \ Windows\ \ SysWOW64\ \ blank.htm
R1 - HKCU\ \ Software\ \ Microsoft\ \ Windows\ \ CurrentVersion\ \ Internet Settings,ProxyOverride = *.local
R0 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=C:\ \ Windows\ \ SysWOW64\ \ userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\ \ Program Files (x86)\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpOtsPluginIe8.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\ \ Program Files (x86)\ \ Java\ \ jre6\ \ bin\ \ ssv.dll
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\ \ Program Files (x86)\ \ Common Files\ \ Microsoft Shared\ \ Windows Live\ \ WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\ \ Program Files (x86)\ \ Java\ \ jre6\ \ bin\ \ jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O4 - HKLM\ \ .\ \ Run: [QlbCtrl.exe] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ QlbCtrl.exe /Start
O4 - HKLM\ \ .\ \ Run: [UpdatePRCShortCut] \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Recovery\ \ MUITransfer\ \ MUIStartMenu.exe\ " \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Recovery\ " UpdateWithCreateOnce \ "Software\ \ CyberLink\ \ PowerRecover\ "
O4 - HKLM\ \ .\ \ Run: [Adobe Reader Speed Launcher] \ "C:\ \ Program Files (x86)\ \ Adobe\ \ Reader 9.0\ \ Reader\ \ Reader_sl.exe\ "
O4 - HKLM\ \ .\ \ Run: [HP Software Update] C:\ \ Program Files (x86)\ \ Hp\ \ HP Software Update\ \ HPWuSchd2.exe
O4 - HKLM\ \ .\ \ Run: [StartCCC] \ "c:\ \ Program Files (x86)\ \ ATI Technologies\ \ ATI.ACE\ \ Core-Static\ \ CLIStart.exe\ " MSRun
O4 - HKLM\ \ .\ \ Run: [HPCam_Menu] \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Media\ \ Webcam\ \ MUITransfer\ \ MUIStartMenu.exe\ " \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Media\ \ Webcam\ " UpdateWithCreateOnce \ "Software\ \ Hewlett-Packard\ \ Media\ \ Webcam\ "
O4 - HKLM\ \ .\ \ Run: [WirelessAssistant] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Wireless Assistant\ \ HPWAMain.exe
O4 - HKLM\ \ .\ \ Run: [Adobe ARM] \ "C:\ \ Program Files (x86)\ \ Common Files\ \ Adobe\ \ ARM\ \ 1.0\ \ AdobeARM.exe\ "
O4 - HKLM\ \ .\ \ Run: [DpAgent] C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ dpagent.exe
O4 - HKLM\ \ .\ \ Run: [APSDaemon] \ "C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Apple Application Support\ \ APSDaemon.exe\ "
O4 - HKLM\ \ .\ \ Run: [Google Desktop Search] \ "C:\ \ Program Files (x86)\ \ Google\ \ Google Desktop Search\ \ GoogleDesktop.exe\ " /startup
O4 - HKLM\ \ .\ \ Run: [iTunesHelper] \ "C:\ \ Program Files (x86)\ \ iTunes\ \ iTunesHelper.exe\ "
O4 - HKLM\ \ .\ \ Run: [Malwarebytes\ ' Anti-Malware] \ "C:\ \ Program Files (x86)\ \ Malwarebytes\ ' Anti-Malware\ \ mbamgui.exe\ " /starttray
O4 - HKCU\ \ .\ \ Run: [HPADVISOR] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Advisor\ \ HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\ \ .\ \ Run: [LightScribe Control Panel] C:\ \ Program Files (x86)\ \ Common Files\ \ LightScribe\ \ LightScribeControlPanel.exe -hidden
O4 - HKCU\ \ .\ \ Run: [Registry Reviver] C:\ \ Program Files (x86)\ \ ReviverSoft\ \ Registry Reviver\ \ RegistryReviver.exe
O4 - HKCU\ \ .\ \ Run: [GarenaMessenger] \ "C:\ \ Program Files (x86)\ \ Garena Plus\ \ GarenaMessenger.exe\ "
O4 - HKCU\ \ .\ \ Run: [KiesPDLR] C:\ \ Program Files (x86)\ \ Samsung\ \ Kies\ \ External\ \ FirmwareUpdate\ \ KiesPDLR.exe
O4 - HKCU\ \ .\ \ Run: [Facebook Update] \ "C:\ \ Users\ \ user\ \ AppData\ \ Local\ \ Facebook\ \ Update\ \ FacebookUpdate.exe\ " /c /nocrashserver
O4 - HKCU\ \ .\ \ Run: [MobileDocuments] C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Internet Services\ \ ubd.exe
O4 - HKCU\ \ .\ \ Run: [SpybotSD TeaTimer] C:\ \ Program Files (x86)\ \ Spybot - Search & Destroy\ \ TeaTimer.exe
O4 - HKCU\ \ .\ \ Run: [SUPERAntiSpyware] C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SUPERAntiSpyware.exe
O4 - HKUS\ \ S-1-5-19\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /autoRun (User \ 'SERVICIO LOCAL\ ')
O4 - HKUS\ \ S-1-5-19\ \ .\ \ RunOnce: [mctadmin] C:\ \ Windows\ \ System32\ \ mctadmin.exe (User \ 'SERVICIO LOCAL\ ')
O4 - HKUS\ \ S-1-5-20\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /autoRun (User \ 'Servicio de red\ ')
O4 - HKUS\ \ S-1-5-20\ \ .\ \ RunOnce: [mctadmin] C:\ \ Windows\ \ System32\ \ mctadmin.exe (User \ 'Servicio de red\ ')
O4 - HKUS\ \ S-1-5-18\ \ .\ \ RunOnce: [] (User \ 'SYSTEM\ ')
O4 - HKUS\ \ .DEFAULT\ \ .\ \ RunOnce: [] (User \ 'Default user\ ')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Enviar a OneNote - res://C:\ \ PROGRA~2\ \ MICROS~4\ \ Office14\ \ ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\ \ Windows\ \ system32\ \ GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ \ PROGRA~2\ \ MICROS~4\ \ Office14\ \ EXCEL.EXE/3000
O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra button: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companioncore.dll
O9 - Extra button: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WriterBrowserExtension.dll
O9 - Extra \ 'Tools\ ' menuitem: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ ONBttnIE.dll
O9 - Extra \ 'Tools\ ' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ REFIEBAR.DLL
O9 - Extra button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra \ 'Tools\ ' menuitem: Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O9 - Extra \ 'Tools\ ' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\ \ program files (x86)\ \ common files\ \ microsoft shared\ \ windows live\ \ wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\ \ program files (x86)\ \ common files\ \ microsoft shared\ \ windows live\ \ wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.configurarequipos.com
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/download/DownloaderActiveX.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Photo Gallery\ \ AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\ \ PROGRA~2\ \ Google\ \ GOOGLE~4\ \ GO36F4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SASCORE64.EXE
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\ \ Windows\ \ System32\ \ DriverStore\ \ FileRepository\ \ stwrt64.inf_amd64_neutral_dd9f359bee8e57f9\ \ AESTSr64.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ Alg.exe,-112 (ALG) - Unknown owner - C:\ \ Windows\ \ System32\ \ alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\ \ Windows\ \ system32\ \ atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Mobile Device Support\ \ AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\ \ Program Files\ \ Bonjour\ \ mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ Com4QLBEx.exe
O23 - Service: @C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpHostW.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ efssvc.dll,-100 (EFS) - Unknown owner - C:\ \ Windows\ \ System32\ \ lsass.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ fxsresm.dll,-118 (Fax) - Unknown owner - C:\ \ Windows\ \ system32\ \ fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\ \ Program Files (x86)\ \ WildTangent Games\ \ App\ \ GamesAppService.exe
O23 - Service: Administrador de Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\ \ Program Files (x86)\ \ Google\ \ Google Desktop Search\ \ GoogleDesktop.exe
O23 - Service: Servicio de actualización de Google (gupdate) (gupdate) - Google Inc. - C:\ \ Program Files (x86)\ \ Google\ \ Update\ \ GoogleUpdate.exe
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Google Inc. - C:\ \ Program Files (x86)\ \ Google\ \ Update\ \ GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\ \ Program Files (x86)\ \ Google\ \ Common\ \ Google Updater\ \ GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Support Framework\ \ hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Shared\ \ HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Shared\ \ hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\ \ Windows\ \ system32\ \ Hpservice.exe (file missing)
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\ \ Program Files\ \ iPod\ \ bin\ \ iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Common Files\ \ LightScribe\ \ LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\ \ Program Files (x86)\ \ Malwarebytes\ ' Anti-Malware\ \ mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcsacore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\ \ Windows\ \ System32\ \ msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\ \ System32\ \ netlogon.dll,-102 (Netlogon) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: Realtek87B - Realtek - C:\ \ Program Files (x86)\ \ Realtek\ \ RTL8187 Wireless LAN Utility\ \ RtlService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\ \ Program Files (x86)\ \ CyberLink\ \ Shared files\ \ RichVideo.exe
O23 - Service: @%systemroot%\ \ system32\ \ Locator.exe,-2 (RpcLocator) - Unknown owner - C:\ \ Windows\ \ system32\ \ locator.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ samsrv.dll,-1 (SamSs) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\ \ Windows\ \ System32\ \ snmptrap.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ spoolsv.exe,-1 (Spooler) - Unknown owner - C:\ \ Windows\ \ System32\ \ spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ sppsvc.exe (file missing)
O23 - Service: SrvAd - Unknown owner - C:\ \ Users\ \ user\ \ AppData\ \ Roaming\ \ Microsoft\ \ Windows\ \ AdvService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\ \ Windows\ \ System32\ \ DriverStore\ \ FileRepository\ \ stwrt64.inf_amd64_neutral_dd9f359bee8e57f9\ \ STacSV64.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\ \ Windows\ \ system32\ \ UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ vds.exe,-100 (vds) - Unknown owner - C:\ \ Windows\ \ System32\ \ vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\ \ Windows\ \ system32\ \ vfsFPService.exe
O23 - Service: @%systemroot%\ \ system32\ \ vssvc.exe,-102 (VSS) - Unknown owner - C:\ \ Windows\ \ system32\ \ vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ Wat\ \ WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ Wat\ \ WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ wbengine.exe,-104 (wbengine) - Unknown owner - C:\ \ Windows\ \ system32\ \ wbengine.exe (file missing)
O23 - Service: @%Systemroot%\ \ system32\ \ wbem\ \ wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\ \ Windows\ \ system32\ \ wbem\ \ WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\ \ Windows Media Player\ \ wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\ \ Program Files (x86)\ \ Windows Media Player\ \ wmpnetwk.exe (file missing)

--
End of file - 15575 bytes
Bajar - Subir
#5 swissman (39.814 Posts) - 16/04/2012 20:47:40
Observo demasiadas cosas que pueden dificulatr el buen funcionamiento. Desinstala todo lo que sobra, messenger, lo que tengas de google y lo del keylogger , que no sé qué utilidad tiene el \ "por si acaso\ ".
parece que tienen un virus, concretamente en
O4 - HKCU\ \ .\ \ Run: [Registry Reviver] C:\ \ Program Files (x86)\ \ ReviverSoft\ \ Registry Reviver\ \ RegistryReviver.exe
mira si puedes desinstalar desde agregara o quitar programas, si lo hay, algo que ponga RegistryReviver.exe



cierra todos los programas, navegador incluido, ejecuta hijackthis pulsando do a system scan only y marcas las siguientes entradas:

O4 - HKCU\ \ .\ \ Run: [Registry Reviver] C:\ \ Program Files (x86)\ \ ReviverSoft\ \ Registry Reviver\ \ RegistryReviver.exe
O4 - HKCU\ \ .\ \ Run: [GarenaMessenger] \ "C:\ \ Program Files (x86)\ \ Garena Plus\ \ GarenaMessenger.exe\ "
O4 - HKCU\ \ .\ \ Run: [Facebook Update] \ "C:\ \ Users\ \ user\ \ AppData\ \ Local\ \ Facebook\ \ Update\ \ FacebookUpdate.exe\ " /c /nocrashserver
O4 - HKUS\ \ S-1-5-18\ \ .\ \ RunOnce: [] (User \ 'SYSTEM\ ')
O4 - HKUS\ \ .DEFAULT\ \ .\ \ RunOnce: [] (User \ 'Default user\ ')
O20 - AppInit_DLLs: C:\ \ PROGRA~2\ \ Google\ \ GOOGLE~4\ \ GO36F4~1.DLL
O23 - Service: GamesAppService - WildTangent, Inc. - C:\ \ Program Files (x86)\ \ WildTangent Games\ \ App\ \ GamesAppService.exe


pulsa fix checked, sin reiniciar busca y borra lo siguiente (habilita la opción de ver archivos y carpetas ocultos). si alguno no se deja usa killbox o unlocker, o ambos

C:\ \ Program Files (x86)\ \ ReviverSoft-->carpeta y contenido
C:\ \ Program Files (x86)\ \ Garena Plus-->carpeta y contenido
C:\ \ PROGRA~2\ \ Google--->carpeta y contenido
C:\ \ Program Files (x86)\ \ WildTangent Games--->carpeta y contenido

pasa ccleaner, para limpiar los temporales y cokies y registro, y jv16 PowerTools 2008

reinicias en modo normal y nos dices que tal va, pegas un nuevo log, si puedes en modo normal

saludos
Bajar - Subir
#6 chemicalboy (38 Posts) - 16/04/2012 22:21:16
Listo! te paso el log, pero fijate que el 020 no lo puedo eliminar porque no sale el cuadrito, solo aparece en el reporte. Además, me sigue saliendo el problema que te comenté referente al Hijackthis:

------
El problema que tengo ahora es que cuando paso el Hijack This poco después de iniciar el análisis me sale un mensaje que dice: For some reason your system denied write access to the Host file. If any hijacked domains are in this file, HijackThis may not be able to fix this. If that happens, you need to edit the file yourself. To do this, click Start, Run and type

notepad C:/Windows/System32/drivers/etc/hosts

-----

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:15:09 p.m., on 16/04/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode

Running processes:
C:\ \ Windows\ \ SysWOW64\ \ MPK\ \ mpk.exe
C:\ \ Program Files (x86)\ \ Trend Micro\ \ HijackThis\ \ HijackThis.exe

R1 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,SearchAssistant =
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,CustomizeSearch =
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Local Page = C:\ \ Windows\ \ SysWOW64\ \ blank.htm
R1 - HKCU\ \ Software\ \ Microsoft\ \ Windows\ \ CurrentVersion\ \ Internet Settings,ProxyOverride = *.local
R0 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=C:\ \ Windows\ \ SysWOW64\ \ userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\ \ Program Files (x86)\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpOtsPluginIe8.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\ \ Program Files (x86)\ \ Java\ \ jre6\ \ bin\ \ ssv.dll
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\ \ Program Files (x86)\ \ Common Files\ \ Microsoft Shared\ \ Windows Live\ \ WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\ \ Program Files (x86)\ \ Java\ \ jre6\ \ bin\ \ jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O4 - HKLM\ \ .\ \ Run: [QlbCtrl.exe] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ QlbCtrl.exe /Start
O4 - HKLM\ \ .\ \ Run: [UpdatePRCShortCut] \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Recovery\ \ MUITransfer\ \ MUIStartMenu.exe\ " \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Recovery\ " UpdateWithCreateOnce \ "Software\ \ CyberLink\ \ PowerRecover\ "
O4 - HKLM\ \ .\ \ Run: [Adobe Reader Speed Launcher] \ "C:\ \ Program Files (x86)\ \ Adobe\ \ Reader 9.0\ \ Reader\ \ Reader_sl.exe\ "
O4 - HKLM\ \ .\ \ Run: [HP Software Update] C:\ \ Program Files (x86)\ \ Hp\ \ HP Software Update\ \ HPWuSchd2.exe
O4 - HKLM\ \ .\ \ Run: [StartCCC] \ "c:\ \ Program Files (x86)\ \ ATI Technologies\ \ ATI.ACE\ \ Core-Static\ \ CLIStart.exe\ " MSRun
O4 - HKLM\ \ .\ \ Run: [HPCam_Menu] \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Media\ \ Webcam\ \ MUITransfer\ \ MUIStartMenu.exe\ " \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Media\ \ Webcam\ " UpdateWithCreateOnce \ "Software\ \ Hewlett-Packard\ \ Media\ \ Webcam\ "
O4 - HKLM\ \ .\ \ Run: [WirelessAssistant] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Wireless Assistant\ \ HPWAMain.exe
O4 - HKLM\ \ .\ \ Run: [Adobe ARM] \ "C:\ \ Program Files (x86)\ \ Common Files\ \ Adobe\ \ ARM\ \ 1.0\ \ AdobeARM.exe\ "
O4 - HKLM\ \ .\ \ Run: [DpAgent] C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ dpagent.exe
O4 - HKLM\ \ .\ \ Run: [APSDaemon] \ "C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Apple Application Support\ \ APSDaemon.exe\ "
O4 - HKLM\ \ .\ \ Run: [Google Desktop Search] \ "C:\ \ Program Files (x86)\ \ Google\ \ Google Desktop Search\ \ GoogleDesktop.exe\ " /startup
O4 - HKLM\ \ .\ \ Run: [iTunesHelper] \ "C:\ \ Program Files (x86)\ \ iTunes\ \ iTunesHelper.exe\ "
O4 - HKLM\ \ .\ \ Run: [Malwarebytes\ ' Anti-Malware] \ "C:\ \ Program Files (x86)\ \ Malwarebytes\ ' Anti-Malware\ \ mbamgui.exe\ " /starttray
O4 - HKCU\ \ .\ \ Run: [HPADVISOR] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Advisor\ \ HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\ \ .\ \ Run: [LightScribe Control Panel] C:\ \ Program Files (x86)\ \ Common Files\ \ LightScribe\ \ LightScribeControlPanel.exe -hidden
O4 - HKCU\ \ .\ \ Run: [Registry Reviver] C:\ \ Program Files (x86)\ \ ReviverSoft\ \ Registry Reviver\ \ RegistryReviver.exe
O4 - HKCU\ \ .\ \ Run: [GarenaMessenger] \ "C:\ \ Program Files (x86)\ \ Garena Plus\ \ GarenaMessenger.exe\ "
O4 - HKCU\ \ .\ \ Run: [KiesPDLR] C:\ \ Program Files (x86)\ \ Samsung\ \ Kies\ \ External\ \ FirmwareUpdate\ \ KiesPDLR.exe
O4 - HKCU\ \ .\ \ Run: [Facebook Update] \ "C:\ \ Users\ \ user\ \ AppData\ \ Local\ \ Facebook\ \ Update\ \ FacebookUpdate.exe\ " /c /nocrashserver
O4 - HKCU\ \ .\ \ Run: [MobileDocuments] C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Internet Services\ \ ubd.exe
O4 - HKCU\ \ .\ \ Run: [SpybotSD TeaTimer] C:\ \ Program Files (x86)\ \ Spybot - Search & Destroy\ \ TeaTimer.exe
O4 - HKCU\ \ .\ \ Run: [SUPERAntiSpyware] C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SUPERAntiSpyware.exe
O4 - HKUS\ \ S-1-5-19\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /autoRun (User \ 'SERVICIO LOCAL\ ')
O4 - HKUS\ \ S-1-5-19\ \ .\ \ RunOnce: [mctadmin] C:\ \ Windows\ \ System32\ \ mctadmin.exe (User \ 'SERVICIO LOCAL\ ')
O4 - HKUS\ \ S-1-5-20\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /autoRun (User \ 'Servicio de red\ ')
O4 - HKUS\ \ S-1-5-20\ \ .\ \ RunOnce: [mctadmin] C:\ \ Windows\ \ System32\ \ mctadmin.exe (User \ 'Servicio de red\ ')
O4 - HKUS\ \ S-1-5-18\ \ .\ \ RunOnce: [] (User \ 'SYSTEM\ ')
O4 - HKUS\ \ .DEFAULT\ \ .\ \ RunOnce: [] (User \ 'Default user\ ')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Enviar a OneNote - res://C:\ \ PROGRA~2\ \ MICROS~4\ \ Office14\ \ ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\ \ Windows\ \ system32\ \ GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ \ PROGRA~2\ \ MICROS~4\ \ Office14\ \ EXCEL.EXE/3000
O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra button: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companioncore.dll
O9 - Extra button: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WriterBrowserExtension.dll
O9 - Extra \ 'Tools\ ' menuitem: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ ONBttnIE.dll
O9 - Extra \ 'Tools\ ' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ REFIEBAR.DLL
O9 - Extra button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra \ 'Tools\ ' menuitem: Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O9 - Extra \ 'Tools\ ' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\ \ program files (x86)\ \ common files\ \ microsoft shared\ \ windows live\ \ wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\ \ program files (x86)\ \ common files\ \ microsoft shared\ \ windows live\ \ wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.configurarequipos.com
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/download/DownloaderActiveX.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Photo Gallery\ \ AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\ \ PROGRA~2\ \ Google\ \ GOOGLE~4\ \ GO36F4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SASCORE64.EXE
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\ \ Windows\ \ System32\ \ DriverStore\ \ FileRepository\ \ stwrt64.inf_amd64_neutral_dd9f359bee8e57f9\ \ AESTSr64.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ Alg.exe,-112 (ALG) - Unknown owner - C:\ \ Windows\ \ System32\ \ alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\ \ Windows\ \ system32\ \ atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Mobile Device Support\ \ AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\ \ Program Files\ \ Bonjour\ \ mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ Com4QLBEx.exe
O23 - Service: @C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpHostW.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ efssvc.dll,-100 (EFS) - Unknown owner - C:\ \ Windows\ \ System32\ \ lsass.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ fxsresm.dll,-118 (Fax) - Unknown owner - C:\ \ Windows\ \ system32\ \ fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\ \ Program Files (x86)\ \ WildTangent Games\ \ App\ \ GamesAppService.exe
O23 - Service: Administrador de Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\ \ Program Files (x86)\ \ Google\ \ Google Desktop Search\ \ GoogleDesktop.exe
O23 - Service: Servicio de actualización de Google (gupdate) (gupdate) - Google Inc. - C:\ \ Program Files (x86)\ \ Google\ \ Update\ \ GoogleUpdate.exe
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Google Inc. - C:\ \ Program Files (x86)\ \ Google\ \ Update\ \ GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\ \ Program Files (x86)\ \ Google\ \ Common\ \ Google Updater\ \ GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Support Framework\ \ hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Shared\ \ HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Shared\ \ hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\ \ Windows\ \ system32\ \ Hpservice.exe (file missing)
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\ \ Program Files\ \ iPod\ \ bin\ \ iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Common Files\ \ LightScribe\ \ LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\ \ Program Files (x86)\ \ Malwarebytes\ ' Anti-Malware\ \ mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcsacore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\ \ Windows\ \ System32\ \ msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\ \ System32\ \ netlogon.dll,-102 (Netlogon) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: Realtek87B - Realtek - C:\ \ Program Files (x86)\ \ Realtek\ \ RTL8187 Wireless LAN Utility\ \ RtlService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\ \ Program Files (x86)\ \ CyberLink\ \ Shared files\ \ RichVideo.exe
O23 - Service: @%systemroot%\ \ system32\ \ Locator.exe,-2 (RpcLocator) - Unknown owner - C:\ \ Windows\ \ system32\ \ locator.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ samsrv.dll,-1 (SamSs) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\ \ Windows\ \ System32\ \ snmptrap.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ spoolsv.exe,-1 (Spooler) - Unknown owner - C:\ \ Windows\ \ System32\ \ spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ sppsvc.exe (file missing)
O23 - Service: SrvAd - Unknown owner - C:\ \ Users\ \ user\ \ AppData\ \ Roaming\ \ Microsoft\ \ Windows\ \ AdvService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\ \ Windows\ \ System32\ \ DriverStore\ \ FileRepository\ \ stwrt64.inf_amd64_neutral_dd9f359bee8e57f9\ \ STacSV64.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\ \ Windows\ \ system32\ \ UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ vds.exe,-100 (vds) - Unknown owner - C:\ \ Windows\ \ System32\ \ vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\ \ Windows\ \ system32\ \ vfsFPService.exe
O23 - Service: @%systemroot%\ \ system32\ \ vssvc.exe,-102 (VSS) - Unknown owner - C:\ \ Windows\ \ system32\ \ vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ Wat\ \ WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ Wat\ \ WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ wbengine.exe,-104 (wbengine) - Unknown owner - C:\ \ Windows\ \ system32\ \ wbengine.exe (file missing)
O23 - Service: @%Systemroot%\ \ system32\ \ wbem\ \ wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\ \ Windows\ \ system32\ \ wbem\ \ WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\ \ Windows Media Player\ \ wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\ \ Program Files (x86)\ \ Windows Media Player\ \ wmpnetwk.exe (file missing)

--
End of file - 15575 bytes
Bajar - Subir
#7 Mega-tron (24.583 Posts) - 17/04/2012 07:49:16
Hola envia el blog en modo normal y dale click derecho al icono y ejecutalo como administrador, veamos si funciona

En Configurarequipos.com queremos ayudarte, si quieres recibir una respuesta tecnica, danos toda la información correspondiente a tu problema, utilizando el lenguaje español, no nos gusta el lenguaje tipo sms.







[Mensaje editado por Moderador Mega-tron con fecha: 17/04/2012 08:19:33].
Bajar - Subir
#8 chemicalboy (38 Posts) - 18/04/2012 06:27:06
Hola, este es el nuevo log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:06 p.m., on 17/04/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\ \ Windows\ \ SysWOW64\ \ MPK\ \ mpk.exe
C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Advisor\ \ HPAdvisor.exe
C:\ \ Program Files (x86)\ \ Common Files\ \ LightScribe\ \ LightScribeControlPanel.exe
C:\ \ Program Files (x86)\ \ Samsung\ \ Kies\ \ External\ \ FirmwareUpdate\ \ KiesPDLR.exe
C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Internet Services\ \ ubd.exe
C:\ \ Program Files (x86)\ \ Spybot - Search & Destroy\ \ TeaTimer.exe
C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Apple Application Support\ \ distnoted.exe
C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ QLBCTRL.exe
C:\ \ Program Files (x86)\ \ Hp\ \ HP Software Update\ \ hpwuschd2.exe
C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpAgent.exe
C:\ \ Program Files (x86)\ \ iTunes\ \ iTunesHelper.exe
C:\ \ Program Files (x86)\ \ Malwarebytes\ ' Anti-Malware\ \ mbamgui.exe
C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ BluetoothHeadsetProxy.exe
C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Shared\ \ hpqToaster.exe
c:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Media\ \ Live TV\ \ TVAgent.exe
c:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ TouchSmart\ \ Media\ \ Kernel\ \ CLML\ \ CLMLSvc.exe
c:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Media\ \ DVD\ \ DVDAgent.exe
C:\ \ Windows\ \ SysWOW64\ \ MPK\ \ MPKView.exe
C:\ \ Program Files (x86)\ \ Windows Live\ \ Mail\ \ wlmail.exe
C:\ \ Program Files (x86)\ \ Windows Live\ \ Contacts\ \ wlcomm.exe
C:\ \ Program Files (x86)\ \ Windows Live\ \ Messenger\ \ msnmsgr.exe
C:\ \ Program Files (x86)\ \ Internet Explorer\ \ iexplore.exe
C:\ \ Program Files (x86)\ \ Internet Explorer\ \ iexplore.exe
c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ saui.exe
C:\ \ Program Files (x86)\ \ Internet Explorer\ \ iexplore.exe
C:\ \ Program Files (x86)\ \ Trend Micro\ \ HijackThis\ \ HijackThis.exe

R1 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_PE&c=94&bd=Pavilion&pf=cnnb
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,SearchAssistant =
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,CustomizeSearch =
R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Local Page = C:\ \ Windows\ \ SysWOW64\ \ blank.htm
R1 - HKCU\ \ Software\ \ Microsoft\ \ Windows\ \ CurrentVersion\ \ Internet Settings,ProxyOverride = *.local
R0 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=C:\ \ Windows\ \ SysWOW64\ \ userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\ \ Program Files (x86)\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpOtsPluginIe8.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\ \ Program Files (x86)\ \ Java\ \ jre6\ \ bin\ \ ssv.dll
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\ \ Program Files (x86)\ \ Common Files\ \ Microsoft Shared\ \ Windows Live\ \ WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\ \ Program Files (x86)\ \ Java\ \ jre6\ \ bin\ \ jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O4 - HKLM\ \ .\ \ Run: [QlbCtrl.exe] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ QlbCtrl.exe /Start
O4 - HKLM\ \ .\ \ Run: [UpdatePRCShortCut] \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Recovery\ \ MUITransfer\ \ MUIStartMenu.exe\ " \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Recovery\ " UpdateWithCreateOnce \ "Software\ \ CyberLink\ \ PowerRecover\ "
O4 - HKLM\ \ .\ \ Run: [Adobe Reader Speed Launcher] \ "C:\ \ Program Files (x86)\ \ Adobe\ \ Reader 9.0\ \ Reader\ \ Reader_sl.exe\ "
O4 - HKLM\ \ .\ \ Run: [HP Software Update] C:\ \ Program Files (x86)\ \ Hp\ \ HP Software Update\ \ HPWuSchd2.exe
O4 - HKLM\ \ .\ \ Run: [StartCCC] \ "c:\ \ Program Files (x86)\ \ ATI Technologies\ \ ATI.ACE\ \ Core-Static\ \ CLIStart.exe\ " MSRun
O4 - HKLM\ \ .\ \ Run: [HPCam_Menu] \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Media\ \ Webcam\ \ MUITransfer\ \ MUIStartMenu.exe\ " \ "C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Media\ \ Webcam\ " UpdateWithCreateOnce \ "Software\ \ Hewlett-Packard\ \ Media\ \ Webcam\ "
O4 - HKLM\ \ .\ \ Run: [WirelessAssistant] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Wireless Assistant\ \ HPWAMain.exe
O4 - HKLM\ \ .\ \ Run: [Adobe ARM] \ "C:\ \ Program Files (x86)\ \ Common Files\ \ Adobe\ \ ARM\ \ 1.0\ \ AdobeARM.exe\ "
O4 - HKLM\ \ .\ \ Run: [DpAgent] C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ dpagent.exe
O4 - HKLM\ \ .\ \ Run: [APSDaemon] \ "C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Apple Application Support\ \ APSDaemon.exe\ "
O4 - HKLM\ \ .\ \ Run: [iTunesHelper] \ "C:\ \ Program Files (x86)\ \ iTunes\ \ iTunesHelper.exe\ "
O4 - HKLM\ \ .\ \ Run: [Malwarebytes\ ' Anti-Malware] \ "C:\ \ Program Files (x86)\ \ Malwarebytes\ ' Anti-Malware\ \ mbamgui.exe\ " /starttray
O4 - HKCU\ \ .\ \ Run: [HPADVISOR] C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Advisor\ \ HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\ \ .\ \ Run: [LightScribe Control Panel] C:\ \ Program Files (x86)\ \ Common Files\ \ LightScribe\ \ LightScribeControlPanel.exe -hidden
O4 - HKCU\ \ .\ \ Run: [KiesPDLR] C:\ \ Program Files (x86)\ \ Samsung\ \ Kies\ \ External\ \ FirmwareUpdate\ \ KiesPDLR.exe
O4 - HKCU\ \ .\ \ Run: [MobileDocuments] C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Internet Services\ \ ubd.exe
O4 - HKCU\ \ .\ \ Run: [SpybotSD TeaTimer] C:\ \ Program Files (x86)\ \ Spybot - Search & Destroy\ \ TeaTimer.exe
O4 - HKCU\ \ .\ \ Run: [SUPERAntiSpyware] C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SUPERAntiSpyware.exe
O4 - HKUS\ \ S-1-5-19\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /autoRun (User \ 'SERVICIO LOCAL\ ')
O4 - HKUS\ \ S-1-5-19\ \ .\ \ RunOnce: [mctadmin] C:\ \ Windows\ \ System32\ \ mctadmin.exe (User \ 'SERVICIO LOCAL\ ')
O4 - HKUS\ \ S-1-5-20\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /autoRun (User \ 'Servicio de red\ ')
O4 - HKUS\ \ S-1-5-20\ \ .\ \ RunOnce: [mctadmin] C:\ \ Windows\ \ System32\ \ mctadmin.exe (User \ 'Servicio de red\ ')
O4 - HKUS\ \ S-1-5-18\ \ .\ \ RunOnce: [] (User \ 'SYSTEM\ ')
O4 - HKUS\ \ .DEFAULT\ \ .\ \ RunOnce: [] (User \ 'Default user\ ')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Enviar a OneNote - res://C:\ \ PROGRA~2\ \ MICROS~4\ \ Office14\ \ ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\ \ Windows\ \ system32\ \ GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ \ PROGRA~2\ \ MICROS~4\ \ Office14\ \ EXCEL.EXE/3000
O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra button: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Companion\ \ companioncore.dll
O9 - Extra button: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WriterBrowserExtension.dll
O9 - Extra \ 'Tools\ ' menuitem: @C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Writer\ \ WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ ONBttnIE.dll
O9 - Extra \ 'Tools\ ' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ \ PROGRA~2\ \ MICROS~4\ \ Office12\ \ REFIEBAR.DLL
O9 - Extra button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra \ 'Tools\ ' menuitem: Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O9 - Extra \ 'Tools\ ' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ \ PROGRA~2\ \ SPYBOT~1\ \ SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\ \ program files (x86)\ \ common files\ \ microsoft shared\ \ windows live\ \ wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\ \ program files (x86)\ \ common files\ \ microsoft shared\ \ windows live\ \ wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.configurarequipos.com
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/download/DownloaderActiveX.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\ \ Program Files (x86)\ \ Windows Live\ \ Photo Gallery\ \ AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\ \ Program Files\ \ SUPERAntiSpyware\ \ SASCORE64.EXE
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\ \ Windows\ \ System32\ \ DriverStore\ \ FileRepository\ \ stwrt64.inf_amd64_neutral_dd9f359bee8e57f9\ \ AESTSr64.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ Alg.exe,-112 (ALG) - Unknown owner - C:\ \ Windows\ \ System32\ \ alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\ \ Windows\ \ system32\ \ atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\ \ Program Files (x86)\ \ Common Files\ \ Apple\ \ Mobile Device Support\ \ AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\ \ Program Files\ \ Bonjour\ \ mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\ \ Program Files\ \ WIDCOMM\ \ Bluetooth Software\ \ btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Quick Launch Buttons\ \ Com4QLBEx.exe
O23 - Service: @C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\ \ Program Files (x86)\ \ DigitalPersona\ \ Bin\ \ DpHostW.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ efssvc.dll,-100 (EFS) - Unknown owner - C:\ \ Windows\ \ System32\ \ lsass.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ fxsresm.dll,-118 (Fax) - Unknown owner - C:\ \ Windows\ \ system32\ \ fxssvc.exe (file missing)
O23 - Service: GamesAppService - Unknown owner - C:\ \ Program Files (x86)\ \ WildTangent Games\ \ App\ \ GamesAppService.exe (file missing)
O23 - Service: Servicio de actualización de Google (gupdate) (gupdate) - Unknown owner - C:\ \ Program Files (x86)\ \ Google\ \ Update\ \ GoogleUpdate.exe (file missing)
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\ \ Program Files (x86)\ \ Google\ \ Update\ \ GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\ \ Program Files (x86)\ \ Google\ \ Common\ \ Google Updater\ \ GoogleUpdaterService.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ HP Support Framework\ \ hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Shared\ \ HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Hewlett-Packard\ \ Shared\ \ hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\ \ Windows\ \ system32\ \ Hpservice.exe (file missing)
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\ \ Program Files\ \ iPod\ \ bin\ \ iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\ \ Program Files (x86)\ \ Common Files\ \ LightScribe\ \ LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\ \ Program Files (x86)\ \ Malwarebytes\ ' Anti-Malware\ \ mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\ \ PROGRA~2\ \ mcafee\ \ SITEAD~1\ \ mcsacore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\ \ Windows\ \ System32\ \ msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\ \ System32\ \ netlogon.dll,-102 (Netlogon) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: Realtek87B - Realtek - C:\ \ Program Files (x86)\ \ Realtek\ \ RTL8187 Wireless LAN Utility\ \ RtlService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\ \ Program Files (x86)\ \ CyberLink\ \ Shared files\ \ RichVideo.exe
O23 - Service: @%systemroot%\ \ system32\ \ Locator.exe,-2 (RpcLocator) - Unknown owner - C:\ \ Windows\ \ system32\ \ locator.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ samsrv.dll,-1 (SamSs) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\ \ Windows\ \ System32\ \ snmptrap.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ spoolsv.exe,-1 (Spooler) - Unknown owner - C:\ \ Windows\ \ System32\ \ spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ sppsvc.exe (file missing)
O23 - Service: SrvAd - Unknown owner - C:\ \ Users\ \ user\ \ AppData\ \ Roaming\ \ Microsoft\ \ Windows\ \ AdvService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\ \ Windows\ \ System32\ \ DriverStore\ \ FileRepository\ \ stwrt64.inf_amd64_neutral_dd9f359bee8e57f9\ \ STacSV64.exe
O23 - Service: @%SystemRoot%\ \ system32\ \ ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\ \ Windows\ \ system32\ \ UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ vds.exe,-100 (vds) - Unknown owner - C:\ \ Windows\ \ System32\ \ vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\ \ Windows\ \ system32\ \ vfsFPService.exe
O23 - Service: @%systemroot%\ \ system32\ \ vssvc.exe,-102 (VSS) - Unknown owner - C:\ \ Windows\ \ system32\ \ vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\ \ system32\ \ Wat\ \ WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ Wat\ \ WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\ \ system32\ \ wbengine.exe,-104 (wbengine) - Unknown owner - C:\ \ Windows\ \ system32\ \ wbengine.exe (file missing)
O23 - Service: @%Systemroot%\ \ system32\ \ wbem\ \ wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\ \ Windows\ \ system32\ \ wbem\ \ WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\ \ Windows Media Player\ \ wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\ \ Program Files (x86)\ \ Windows Media Player\ \ wmpnetwk.exe (file missing)

--
End of file - 16433 bytes
Bajar - Subir
#9 swissman (39.814 Posts) - 18/04/2012 07:14:15
Así por encima no veo ninguna infección, pero ahora he visto que estás usando la versión 2.02 y la más reciente es la 2.04. desistala las cosas de juegos que me ha parecido ver, el hijackthis 2.02 y después de reiniciar, pones el log de la versión 2.04, tal como has hecho la ultima vez.
Bajar - Subir
#10 Mega-tron (24.583 Posts) - 18/04/2012 09:36:34
Que bien que funciono, yo te acnsejaria ejecutar un antivirus online, y descargar ejecutar un antivirus para tu equipo, si bien ya te dijeron aunque no se ve nada, mal por encima, tampoco veo un antivirus instalado como tal

En Configurarequipos.com queremos ayudarte, si quieres recibir una respuesta tecnica, danos toda la información correspondiente a tu problema, utilizando el lenguaje español, no nos gusta el lenguaje tipo sms.

Bajar - Subir
#11 chemicalboy (38 Posts) - 18/04/2012 22:39:05
Gracias muchachos!!! en realidad mi preocupacion inicial que era esa publicidad que me saltaba como si fuera un web site ya no me sale y el rendimiento ha mejorado bastante, ya no está lenta la máquina.

Como última consulta solo quería saber con cuál de los siguientes programas debería quedarme, porque tener muchos anti-virus y/o anti spyware no creo que sea bueno para el rendimiento. Actualmente tengo instalados:

jv16 Power Tools
Spybot
Super Anti -Spyware
Malware-bytes anti malware


Slds,
Renato
Bajar - Subir
#12 Mega-tron (24.583 Posts) - 19/04/2012 05:11:40
Antispy puedes tener varios, de hecho yo unicamente quitaria el jv16 que no se que sea,(no lo conosco) los otros tres los dejaria pero agregaria un antivirus que ninguno de esos lo son, uno gratuito es el escencials de microsoft

En Configurarequipos.com queremos ayudarte, si quieres recibir una respuesta tecnica, danos toda la información correspondiente a tu problema, utilizando el lenguaje español, no nos gusta el lenguaje tipo sms.

Bajar - Subir
#13 chemicalboy (38 Posts) - 19/04/2012 06:02:16
El jv16 me lo reocmendo swissman al inicio del foro.esta bien, solo kitare ese.gracias!!!
Bajar - Subir
#14 swissman (39.814 Posts) - 19/04/2012 07:56:17
El J16 e sesto
http://www.configurarequipos.com/descargar-jv16-powertools-2008.html

todo lo que recoemiendo/desprotico lo he probado yo antes xD

desisntalar, puedes desisntalar lo que no uses, o dejarlo, pero siempre procurar que no se inicen con windows, es decir, al lado del reloj solo ha de haber el antivirus y las pantallitas de conexión de internet, todo lo que haya ralentiza.

mira este tutorial.



Deshabilitar programa_s de inicio

saludos


edito: a veces lo que no quita un antimalware lo quita otro, por eso se hacen pasar varios.




[Mensaje editado por Moderador swissman con fecha: 19/04/2012 07:58:23].
Bajar - Subir

Temas relacionados:

Maquina lenta
Windows 7 (6.1) 32b, Microsoft Internet Explorer 8.0 hola a todos lo que pasa es que cuando enciendo mi computadora se demora mas de lo normal en abrir windows.y tengo que esperar como 5 minutos.para que se ponga normal.y cuando quiero abrir google o otro programa se demora.y cuando quiero actualizarlo se demora mucho.lo que eh tratado de hacer es desinfectar con mi antivirus nod internet security.pero sigue igual.no se que hacer para que sea rapida.ya que yo tengo un internet speedy de 2mb.y deberia de ser rapidoo.ayúdenme x favor.gracias ...
Maquina muy lenta
Lo que pasa esq tenía un windows 2002 y la formatiaron por qué unos problemas que tenía pero ahora le pusieron el windows 2008-2009 y ahora esta muy lenta para abrir internet tenía juegos pero ya los elimine y nada que puedo hacer ...
Mi maquina esta lenta...
Hola a todos miren hace unos dias fortee mi maquina y bueno se supone que tengo un buen disco duro y memoria ram la tarjeta de graficos es muy buena. y bueno desde antes de formatearla estaba muy lenta,haora que la formatee sigue igual. habeces como que deja de funcionar,se alenta y los juegos si le pongo las graficos al maximo pues como que se alenta. la verdad no se si haci se la marca o que es lo que pasa. mi maquina es una dell inspiron m-5030. sugerencias? el modelo dell es así en todas las verciones? o que es lo que puedo hace...
Maquina esta muy lenta!!!
Windows XP Se pueden borrar las actualizaciones antigua del disco duro sin afectar nada? quiero saber si borrando las actualizaciones mas antigua no perjudica las mas recientes, ya que tengo actualizaciones desde el 2009 ...
Mi maquina esta recontra lenta
Window WP pac3 placa IBM 6269M1S hola, tengo una Pentium III con placa IBM 6269 M1S no se si el tipo de memoria que tiene es el apropiado me agradaria saber que bus debe usar porque tiene 512 de memoria y supongo que alli esta el problema, si existiera otro factor para poder solucionar avisenme por favor ...
Foros: Spyware
Subir

Foros:

Foro ADSL

Foro Android

Foro Antivirus

Foro Comunidad

Foro Consolas

Foro Debate

Foro Facebook

Foro Hardware

Foro Hotmail

Foro iPad 		Foro iPhone

Foro Juegos

Foro Linux

Foro Móviles

Foro Opiniones

Foro Tablet

Foro Whatsapp

Foro Windows

Foro Windows 7

Foro Windows 8
InicioSecciones
^ SubirAviso legal
Política Privacidad
Configurarequipos15 Noviembre 2024