| Neo21 |  |
|
2005-05-09 17:20 - Respuestas: 42 - Tema nº: 33129
eso es lo ke hecho ya muchas veces tengo en mi pc tres programas antiespias y el reg cleaner lo he pasado ya varias veces y siempre me pasa igual el bicho me vuelve aparecer y no se ke hacer!!!alguna otra idea???? | |
|
|
| tordanxa |  |
|
Re: Browser Hijack - 2005-05-09 17:24 - Respuesta 17
Pero dime ¿los otros te detectan algo?
Si es el sin-espias el que te lo detecta, las malas lenguas dicen que a veces da falsos positivos.
saludos | |
|
|
| Neo21 | |
|
Re: Browser Hijack - 2005-05-09 17:43 - Respuesta 18
SI me lo detectan TODOS los anti spias,el ad-aware,el de microsoft,y el sin espias,y hasta uno ke pase el otro dia online me lo detecto....Help me!!!!! | |
|
|
| tordanxa | |
|
Re: Browser Hijack - 2005-05-09 17:48 - Respuesta 19
Pasa este a ver que tal CwShredder
Nos podías poner lo que te pone Ad-Aware y el spybot
Saludos | |
|
|
| Neo21 | |
|
Re: Browser Hijack - 2005-05-09 23:12 - Respuesta 20
esto es lo ke me pone el log de CWsredder:
**** Run Keys ****
**** Browser Helper Objects ****
**** IE Toolbars ****
**** IE Extensions ****
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost
**** IE Settings ****
Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default Search: http://home.microsoft.com/search/search.asp
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
**** IE Context Menu (Right click) ****
IEContext: [Download &all with DAP]
**** Layered Service Providers ****
LSP: PAV_LAYERED over [MSAFD Tcpip [TCP/IP]]
LSP: PAV_LAYERED over [MSAFD Tcpip [UDP/IP]]
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3CA10D8C-CC00-4A29-ACAA-96A5D39A28D5}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3CA10D8C-CC00-4A29-ACAA-96A5D39A28D5}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1A7593CF-A604-40FF-A1F6-F048D8AA9D2E}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1A7593CF-A604-40FF-A1F6-F048D8AA9D2E}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FA4A4C42-574F-4E8E-AB83-6F452A61C589}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FA4A4C42-574F-4E8E-AB83-6F452A61C589}] DATAGRAM 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{246F0BB8-4893-45CE-A826-930B0BAC5794}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{246F0BB8-4893-45CE-A826-930B0BAC5794}] DATAGRAM 3
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_01-win.cab]
{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} [http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_01-win.cab]
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} [http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab]
{D27CDB6E-AE6D-11CF-96B8-444553540000} [http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab]
**** Windows Services ****
[Alerter] %SystemRoot%\System32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[Ati HotKey Poller] %SystemRoot%\System32\Ati2evxx.exe
[ATI Smart] C:\WINDOWS\system32\ati2sgag.exe
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
[cisvc] C:\WINDOWS\System32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[Creative Service for CDROM Access] C:\WINDOWS\system32\CTSvcCDA.exe
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\System32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\System32\svchost.exe -k NetworkService
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\System32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] C:\WINDOWS\System32\imapi.exe
[lanmanserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\System32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\System32\svchost.exe -k LocalService
[mnmsrvc] C:\WINDOWS\System32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\System32\msdtc.exe
[MSIServer] C:\WINDOWS\System32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\System32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\System32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\System32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[PASSRV]
[PAVFIRES]
[PavPrSrv] "C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe"
[PAVSRV]
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\System32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[PSIMSVC]
[RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\svchost.exe -k LocalService
[RpcLocator] %SystemRoot%\System32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\System32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\System32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\System32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\System32\svchost.exe -k imgsvc
[StyleXPService] "C:\Archivos de programa\TGTSoft\StyleXP\StyleXPService.exe"
[SwPrv] C:\WINDOWS\System32\dllhost.exe /Processid:{0AAACFDB-6144-41D6-8BCD-6086EF703B44}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TlntSvr] C:\WINDOWS\System32\tlntsvr.exe
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[UMWdf] C:\WINDOWS\System32\wdfmgr.exe
[upnphost] %SystemRoot%\System32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[W3SVC]
[WebClient] %SystemRoot%\System32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[Wmi] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\System32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
**** Complete IE Options ****
IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Check_Associations] no
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [Expand Alt Text] no
IEOPT: [Move System Caret] no
IEOPT: [AutoSearch]
IEOPT: [NscSingleExpand]
IEOPT: [Force Offscreen Composition]
IEOPT: [FavIntelliMenus] no
IEOPT: [UseThemes]
IEOPT: [Enable Browser Extensions] yes
IEOPT: [NoWebJITSetup]
IEOPT: [Page_Transitions]
IEOPT: [AllowWindowReuse]
IEOPT: [ShowGoButton] yes
IEOPT: [Friendly http errors] yes
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [SmoothScroll]
IEOPT: [Print_Background] no
IEOPT: [Play_Animations] yes
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Show image placeholders]
IEOPT: [Display Inline Videos] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Use FormSuggest] yes
IEOPT: [AddToFavoritesExpanded]
IEOPT: [FormSuggest PW Ask] no
IEOPT: [Save Directory] C:\Documents and Settings\Neos\Mis documentos\
IEOPT: [window title] C:\Documents and Settings\Neos\Mis documentos\
IEOPT: [Error Dlg Details Pane Open] yes
IEOPT: [ShowedCheckBrowser] Yes
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [DisableScriptDebuggerIE] yes
IEOPT: [LastCheckedHi] 1R�s
IEOPT: [Start Page] about:blank
IEOPT: [Default_Page_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IEOPT: [Default_Search_URL] http://home.microsoft.com/search/search.asp
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [Check_Associations] yes
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Start Page] about:blank
alguna idea??? | |
|
|
|
