Se me abren paginas sin que yo quiera

Tema en 'Logs HijackThis' comenzado por davada, 27/12/08.

Estado del tema:
No está abierto para más respuestas.
  1. davada

    davada Nuevo Miembro Miembro

    Buenas a todos, soy nuevo en estos temas, pero desde hace 2 días en el navegador se me abren paginas de publicidad sin que yo quiera, he estado navegando por internet y no consigo quitar el malware que tengo, le he pasado antivirus y no consigo nada. Con el hijacks me da este log.Por favor, necesito ayuda.Gracias de antemano.

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 9:33:26, on 27/12/2008

    Platform: Windows Vista SP1 (WinNT 6.00.1905)

    MSIE: Internet Explorer v7.00 (7.00.6001.18000)

    Boot mode: Normal



    Running processes:

    C:\Program Files\DigitalPersona\Bin\DpAgent.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\SYSTEM32\WISPTIS.EXE

    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\WTablet\Pen_TabletUser.exe

    C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

    C:\Windows\RtHDVCpl.exe

    C:\Program Files\Hp\QuickPlay\QPService.exe

    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

    C:\Program Files\Windows Defender\MSASCui.exe

    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

    C:\Program Files\Java\jre6\bin\jusched.exe

    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

    C:\Program Files\Samsung\Samsung CLX-3160 Series\SPanel\PSU\Scan2pc.exe

    C:\Windows\Samsung\PanelMgr\SSMMgr.exe

    C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe

    C:\Users\David\AppData\Local\xccgq.exe

    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\Program Files\WinZip\WZQKPICK.EXE

    C:\Windows\ehome\ehmsas.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Internet Explorer\ieuser.exe

    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE

    C:\david\hijacksthis\HijackThis.exe

    C:\Program Files\Hp\HP Software Update\HPWUCli.exe



    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trucoswindows.net/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...ilion&pf=laptop

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...ilion&pf=laptop

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"

    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [IRIS_S2P] C:\Program Files\Samsung\Samsung CLX-3160 Series\SPanel\PSU\Scan2pc.exe

    O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

    O4 - HKCU\..\Run: [VodafoneUSBPP.exe] C:\Program Files\Huawei technologies\Vodafone Mobile Connect Modem\VodafoneUSBPP.exe windows

    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe

    O4 - HKCU\..\Run: [xccgq] "c:\users\david\appdata\local\xccgq.exe" xccgq

    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')

    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')

    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Global Startup: BTTray.lnk = ?

    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

    O8 - Extra context menu item: &AOL Toolbar Buscar - c:\program files\aol\aol toolbar 5.0\resources\es-es\local\search.html

    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Estadísticas del componente Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll

    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    O13 - Gopher Prefix:

    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish/kavwebscan_unicode.cab

    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab

    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

    O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe

    O23 - Service: Wacom Touch Service (WacomTouchService) - Unknown owner - C:\Windows\system32\WacomTouchService.exe

    O23 - Service: Motor de Spy Sweeper de Webroot (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe



    --

    End of file - 12655 bytes



    Gracias de nuevo
     
  2. davada

    davada Nuevo Miembro Miembro

    Tengo el explorer, pero el problema no es de popups, si no de algo que se me ha instalado enla memoria, ya que se me abren ventanas y ademas el navegador va mas lento.
     
  3. Caito

    Caito Nuevo Miembro Miembro

    Realiza los siguientes pasos y nos pasas los resultados:



    Actualiza tu sistema Aqui (Si no te deja actualizar pasa al siguiente paso)



    Borra todas las cookies y el registro con CCleaner



    Vete a Inicio- Panel de Control--> Java (si usas Java) y elimina todos los archivos temporales.



    Borrar archivos temporales--> Desde Inicio, Ejecutar, escribe %TEMP%, pulsa Enter y elimina todo el contenido.



    Pásale el Malwarebytes AntiMalware. (Actualizalo, y al acabar el Scaneo elije la opcion eliminar, despues guarda el report y lo pegas) [Si tienes alguna duda aquí tienes un Manual de Malwarebytes AntiMalware]



    Ademas, haz un :



    Scan on line:



    Los mejores antivirus online | Seguridad Windows

    Debes usar el Internet Explorer y aceptar los active x

    Le pones que elimine lo que te detecte.

    Nos copias ese reporte, el del Malwarebytes Antimalware y un nuevo log del hijackthis.



    Saludos

    Caito
     
  4. davada

    davada Nuevo Miembro Miembro

    Antes de nada, agradeceros la ayuda que me estais prestando.

    Una vez realizados los pasos, salvo el scaner online puesto que no me deja, me dice que abra el explorer como administrador, cosa que no entiendo porque siempre lo abro como dmin., el malwarwbytes no me ha detectado nada.

    Pongo el log del hijacks.



    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 6:32:40, on 29/12/2008

    Platform: Windows Vista SP1 (WinNT 6.00.1905)

    MSIE: Internet Explorer v7.00 (7.00.6001.18000)

    Boot mode: Normal



    Running processes:

    C:\Program Files\DigitalPersona\Bin\DpAgent.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\SYSTEM32\WISPTIS.EXE

    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\WTablet\Pen_TabletUser.exe

    C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

    C:\Windows\RtHDVCpl.exe

    C:\Program Files\Hp\QuickPlay\QPService.exe

    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

    C:\Program Files\Windows Defender\MSASCui.exe

    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

    C:\Program Files\Java\jre6\bin\jusched.exe

    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

    C:\Windows\System32\rundll32.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files\Samsung\Samsung CLX-3160 Series\SPanel\PSU\Scan2pc.exe

    C:\Windows\Samsung\PanelMgr\SSMMgr.exe

    C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe

    C:\Users\David\AppData\Local\xccgq.exe

    C:\Program Files\Ares\Ares.exe

    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\Program Files\WinZip\WZQKPICK.EXE

    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

    C:\Windows\ehome\ehmsas.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

    C:\Program Files\Internet Explorer\ieuser.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\david\hijacks\HijackThis.exe



    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...ilion&pf=laptop

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...ilion&pf=laptop

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    R3 - URLSearchHook: Peer2Peer Toolbar - {1b05fc31-35fb-4d12-86b9-d88a52736349} - C:\Program Files\Peer2Peer\tbPeer.dll

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Peer2Peer Toolbar - {1b05fc31-35fb-4d12-86b9-d88a52736349} - C:\Program Files\Peer2Peer\tbPeer.dll

    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

    O3 - Toolbar: Peer2Peer Toolbar - {1b05fc31-35fb-4d12-86b9-d88a52736349} - C:\Program Files\Peer2Peer\tbPeer.dll

    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"

    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [IRIS_S2P] C:\Program Files\Samsung\Samsung CLX-3160 Series\SPanel\PSU\Scan2pc.exe

    O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

    O4 - HKCU\..\Run: [VodafoneUSBPP.exe] C:\Program Files\Huawei technologies\Vodafone Mobile Connect Modem\VodafoneUSBPP.exe windows

    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe

    O4 - HKCU\..\Run: [xccgq] "c:\users\david\appdata\local\xccgq.exe" xccgq

    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')

    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')

    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Global Startup: BTTray.lnk = ?

    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

    O8 - Extra context menu item: &AOL Toolbar Buscar - c:\program files\aol\aol toolbar 5.0\resources\es-es\local\search.html

    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Estadísticas del componente Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll

    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O13 - Gopher Prefix:

    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

    O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe

    O23 - Service: Wacom Touch Service (WacomTouchService) - Unknown owner - C:\Windows\system32\WacomTouchService.exe



    --

    End of file - 12615 bytes



    Espero me podais ayudar.Muchas gracias.

    Un saludo.
     
  5. Caito

    Caito Nuevo Miembro Miembro

  6. davada

    davada Nuevo Miembro Miembro

    Buenas tardes una vez pasado los links que me recomiendas, sólo el virus total me ha detectado algo, hace un resumen muy largo que no puedo copiar, pero te escribo una linea del resultado sospechoso.



    Motor antivirus Version Ultima Actual. Resultado



    SecureWeb-Gateway 6.7.6 2008.12.29 Win32.Vulnerable.gen!High

    (suspicious)





    Gracias de antemano.

    Un saludo.
     
  7. Caito

    Caito Nuevo Miembro Miembro

    Si no lo conoces mejor es eliminarlo :rolleyes:

    hazlo y nos cuentas si sigues con problemas

    saludos

    caito
     
  8. davada

    davada Nuevo Miembro Miembro

    Efectivamente era ese el que origina el problema, intenté borrarlo manuamente pero no me dejaba, asi que tuve que quitarlo primero con el hijacks y despues manualmente, llevo ya un buen rato navegando y no se me abre ninguna ventana, además, parece que navego más rápido.

    Un millón de gracias.

    Saludos.
     
  9. Caito

    Caito Nuevo Miembro Miembro

    Nos alegra que lo hayas arreglado

    Damos por solucionado este tema

    Saludos

    Caito
     
Estado del tema:
No está abierto para más respuestas.

Comparte esta página