Hola Lestat. Cuando te refieres a un nuevo Log, es al Hijackthis? Y el Combofix lo ejecuto tal y como dices en el escritorio? Es que nunca he usado ese programa, pero he oido hablar mucho de él. Voy a conectar el portátil y haré lo que me dices. Saludos. Bueno. ya he pasado el combofix y aqui pego el log:
ComboFix 08-06-16.3 - Juan Pedro 2008-06-17 16:40:09.1 -
FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.34.1033.18.407 [GMT 1:00]
Running from: C:\Documents and Settings\Juan Pedro\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Juan Pedro\Application Data\inst.exe
C:\WINDOWS\system32\autorun.ini
.
((((((((((((((((((((((((( Files Created from 2008-05-17 to 2008-06-17 )))))))))))))))))))))))))))))))
.
2008-06-17 00:27 . 2008-06-17 00:27 <DIR> d-------- C:\Documents and Settings\Juan Pedro\.housecall6.6
2008-06-16 23:30 . 2005-04-13 03:48 49,265 --a------ C:\WINDOWS\system32\jpicpl32.cpl
2008-06-16 23:29 . 2008-06-16 23:29 <DIR> d-------- C:\Program Files\Java
2008-06-16 23:28 . 2008-06-16 23:28 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-16 19:30 . 2008-06-16 19:30 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-06-16 18:20 . 2008-06-16 18:20 <DIR> d-------- C:\WINDOWS\Sun
2008-06-16 15:24 . 2008-06-16 15:24 <DIR> d-------- C:\Documents and Settings\Juan Pedro\Application Data\Grisoft
2008-06-16 15:23 . 2008-06-16 15:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-16 15:12 . 2008-06-16 15:12 <DIR> d-------- C:\Program Files\FileASSASSIN
2008-06-16 14:22 . 2008-06-16 14:22 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-16 14:21 . 2008-06-16 14:21 <DIR> d-------- C:\Program Files\HJTInstall
2008-06-11 21:28 . 2007-01-18 13:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2008-06-11 21:23 . 2008-06-11 21:23 <DIR> d-------- C:\Program Files\DivX
2008-06-10 22:56 . 2008-06-10 22:56 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-10 21:00 . 2008-04-14 13:30 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 20:58 . 2008-05-08 15:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-10 20:43 . 2008-06-10 20:43 8,840 --a------ C:\WINDOWS\SEC153E.PNF
2008-06-10 20:38 . 2008-06-10 20:38 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-06-10 20:38 . 2008-06-10 20:38 <DIR> d-------- C:\WINDOWS\system32\en
2008-06-10 20:38 . 2008-06-10 20:38 <DIR> d-------- C:\WINDOWS\system32\bits
2008-06-10 20:38 . 2008-06-10 20:38 <DIR> d-------- C:\WINDOWS\l2schemas
2008-06-10 20:35 . 2008-06-10 20:35 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-06-10 20:31 . 2008-06-10 20:31 2,948 --a------ C:\WINDOWS\SEC2C.PNF
2008-06-10 20:17 . 2008-04-14 01:12 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-06-10 20:17 . 2008-04-14 01:12 1,306,624 --------- C:\WINDOWS\system32\dllcache\msxml6.dll
2008-06-10 20:17 . 2008-04-14 01:12 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
2008-06-10 20:17 . 2008-04-14 01:11 650,752 --------- C:\WINDOWS\system32\dot3ui.dll
2008-06-10 20:17 . 2008-04-14 01:12 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
2008-06-10 20:17 . 2008-04-14 01:12 290,304 --------- C:\WINDOWS\system32\rhttpaa.dll
2008-06-10 20:17 . 2008-04-14 01:12 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
2008-06-10 20:15 . 2008-04-14 01:12 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2008-06-10 20:14 . 2004-08-03 22:29 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2008-05-19 18:40 . 2008-05-19 18:40 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-19 18:40 . 2008-05-19 18:40 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-19 18:39 . 2008-05-19 18:39 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-19 18:39 . 2008-05-19 18:39 <DIR> d-------- C:\Program Files\AVG
2008-05-19 18:39 . 2008-05-19 18:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-19 18:34 . 2008-05-19 18:34 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:12 1,288,192 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-03 07:54 47,360 ----a-w C:\Documents and Settings\Juan Pedro\Application Data\pcouffin.sys
2008-04-21 06:44 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-21 06:44 666,112 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2008-04-21 06:44 3,066,880 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-14 04:42 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 04:42 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 04:41 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-14 00:25 1,804 ----a-w C:\WINDOWS\system32\Dcache.bin
2008-04-14 00:16 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 00:13 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 00:13 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 00:13 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 00:11 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
2008-04-14 00:10 67,584 ----a-w C:\WINDOWS\system32\dllcache\pmigrate.dll
2008-04-14 00:10 53,760 ----a-w C:\WINDOWS\system32\dllcache\pintlcsd.dll
2008-04-14 00:10 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 00:10 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 00:10 4,126 ----a-w C:\WINDOWS\system32\dllcache\msdxmlc.dll
2008-04-14 00:10 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-14 00:10 175,104 ----a-w C:\WINDOWS\system32\dllcache\pintlcsa.dll
2008-04-14 00:10 15,872 ----a-w C:\WINDOWS\system32\dllcache\padrs404.dll
2008-04-14 00:10 15,360 ----a-w C:\WINDOWS\system32\dllcache\padrs804.dll
2008-04-13 19:30 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 19:27 2,188,928 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 18:45 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-13 18:43 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe
2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 18:31 2,065,792 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 18:14 76,800 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-13 17:39 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 17:39 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 17:39 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-13 17:27 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-13 17:27 79,872 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-04-13 17:26 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dLL
2008-04-13 17:24 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-13 17:09 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-13 17:03 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-13 17:03 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-13 16:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
2008-04-13 16:43 70,144 ----a-w C:\WINDOWS\system32\dllcache\pintlphr.exe
2008-04-13 16:26 56,832 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
2008-04-13 16:22 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 01:12 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:56 64512]
"LaunchApp"="" []
"RTHDCPL"="RTHDCPL.EXE" [2006-08-16 11:23 16248320 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-08-16 11:21 2879488 C:\WINDOWS\SkyTel.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2006-08-16 11:20 53248]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 20:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 20:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 20:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 20:00 455168]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 01:12 110592 C:\WINDOWS\system32\bthprops.cpl]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 11:12 90112]
"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [2006-09-07 19:52 479232]
"Acer OrbiCam"="C:\WINDOWS\AcerOrbiCam.exe" [2006-10-16 17:36 434176]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-08-09 16:18 675840]
"Sunkist2k"="C:\Program Files\Trust_CR-1200_16-in-1_USB2_CARD_READER\shwicon2k.exe" [2005-06-29 19:10 143360]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19 69632]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-30 09:57 442368]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-19 18:39 1177368]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 01:12 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= c:\progra~1\codecp~2\i263\i263_32.drv
"vidc.DIV3"= c:\progra~1\codecp~2\divx3\divxc32.dll
"vidc.DIV4"= c:\progra~1\codecp~2\divx412\divx.dll
"vidc.DIVX"= c:\progra~1\codecp~2\divx511\divx.dll
"vidc.xvid"= c:\progra~1\codecp~2\xvid\xvid.dll
"vidc.fvfw"= c:\progra~1\codecp~2\ffvfw\ffvfw.dll
"msacm.avis"= c:\progra~1\codecp~2\ffvfw\ffvfw.dll
"vidc.MPG4"= c:\progra~1\codecp~2\mpeg4\mpg4c32.dll
"vidc.MP42"= c:\progra~1\codecp~2\mpeg4\mpg4c32.dll
"vidc.MP43"= c:\progra~1\codecp~2\mpeg4\mpg4c32.dll
"VIDC.MJPG"= c:\progra~1\codecp~2\picvideo\pvmjpg21.dll
"VIDC.PIMJ"= c:\progra~1\codecp~2\picvideo\pvljpg20.dll
"VIDC.PVW2"= c:\progra~1\codecp~2\picvideo\pvwv220.dll
"VIDC.SJPG"= c:\progra~1\codecp~2\pmmjpeg\pmmjpeg.dll
"vidc.MJPX"= c:\progra~1\codecp~2\m3jpegv3\m3jpeg32.dll
"vidc.dmb1"= c:\progra~1\codecp~2\m3jpegv3\m3jpeg32.dll
"VIDC.HFYU"= c:\progra~1\codecp~2\huffyuv\huffyuv.dll
"VIDC.ZLIB"= c:\progra~1\codecp~2\lcljp\avizlib.dll
"VIDC.MSZH"= c:\progra~1\codecp~2\lcljp\avimszh.dll
"vidc.MVW1"= c:\progra~1\codecp~2\aware\icmw_32.dll
"vidc.dvmc"= c:\progra~1\codecp~2\mcdv\mcdvd_32.dll
"vidc.VP31"= c:\progra~1\codecp~2\on2vp3\vp31vfw.dll
"vidc.VP60"= c:\progra~1\codecp~2\on2vp6\vp6vfw.dll
"vidc.VP61"= c:\progra~1\codecp~2\on2vp6\vp6vfw.dll
"vidc.3IV2"= c:\progra~1\codecp~2\3ivx\3ivxvf~1.dll
"vidc.I263"= c:\progra~1\codecp~2\i263\i263_32.drv
"msacm.imc"= c:\progra~1\codecp~2\i263\imc32.acm
"VIDC.YMPG"= c:\progra~1\codecp~2\ympeg\ympgcdc.dll
"msacm.ympgacm"= c:\progra~1\codecp~2\ympeg\ympgacm.acm
"VIDC.WMV3"= c:\progra~1\codecp~2\wm9\wmv9vcm.dll
"msacm.lameacm"= c:\progra~1\codecp~2\mp3lame\lameacm.acm
"msacm.atrac3"= c:\progra~1\codecp~2\atrac3\atrac3.acm
"msacm.qmpeg"= c:\progra~1\codecp~2\qmpeg\qmpeg.acm
"msacm.uleaddv"= c:\progra~1\codecp~2\uleaddv\dvacm.acm
"msacm.vorbis"= c:\progra~1\codecp~2\vorbis\vorbis.acm
"msacm.divxa32"= c:\progra~1\codecp~2\wma\divxa32.acm
"msacm.msaudio2"= c:\progra~1\codecp~2\wma\msaud32h.acm
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk
backup=C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
--a------ 2006-07-28 10:40 208896 C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-06-27 19:03 152872 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 22:12 579584 C:\Acer\Empowering Technology\ePower\Boot.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2006-09-28 19:21 57344 C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
--a------ 2006-07-31 21:02 346112 C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
--a------ 2006-08-30 09:57 442368 C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
--a------ 2006-06-01 14:40 413696 C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
-ra------ 2003-09-30 00:14 155648 C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-08-15 20:34 766041 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\BitComet\\BitComet.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\WINDOWS\\System32\\mmc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21846:TCP"= 21846:TCP:BitComet 21846 TCP
"21846:UDP"= 21846:UDP:BitComet 21846 UDP
"52568:TCP"= 52568:TCP:Emule TCP
"20398:UDP"= 20398:UDP:Emule UDP
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-19 18:40]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-19 18:39]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-08-11 17:52]
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-17 16:42:23
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-17 16:42:50
ComboFix-quarantined-files.txt 2008-06-17 15:42:48
Pre-Run: 31,234,785,280 bytes free
Post-Run: 31,246,417,920 bytes free
244 --- E O F --- 2008-06-10 20:34:13
Te pego también un log de Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:50:09, on 17/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\AcerOrbiCam.exe
C:\Program Files\Trust_CR-1200_16-in-1_USB2_CARD_READER\shwicon2k.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://es.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://es.es.acer.yahoo.comR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://es.es.acer.yahoo.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Documents and Settings\All Users\Start Menu\Programs\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [Acer OrbiCam] C:\WINDOWS\AcerOrbiCam.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Trust_CR-1200_16-in-1_USB2_CARD_READER\shwicon2k.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/spanish/kavwebscan_unicode.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/webplayer/stage6/...owserPlugin.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 9022 bytes
Portátil lento al conectar a Internet, Portátil le cuesta entrar a Internet y al apagar se queda finalizando
Jun 16 2008, 02:43 PM
