hijackrs winlogon! de win vista
| comentario del autor | Lun Jul 13, 2009 8:37 am | |
|
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 06:58:24 a.m., on 13/07/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16851) Boot mode: Normal Running processes: C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe C:\Program Files (x86)\Spyware Doctor\pctsTray.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\vsnpstd3.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\luis arturo\Links\Internet Download Manager\IDMan.exe C:\Program Files (x86)\No-IP\DUC20.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Windows\tsnpstd3.exe C:\Program Files (x86)\EVGA Precision\EVGAPrecision.exe C:\Users\luis arturo\Links\Internet Download Manager\IEMonitor.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Vuze\Azureus.exe C:\Program Files (x86)\Spyware Doctor\pctsGui.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\SysWOW64\conime.exe C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe C:\Users\luis arturo\Documents\Downloads\Programs\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:\\www.zonagamerz.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http:\\www.zonagamerz.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 208.109.103.87 viabcp.com O1 - Hosts: 208.109.103.87 www.viabcp.com O1 - Hosts: 208.109.103.87 bcpzonasegura.viabcp.com O1 - Hosts: 208.109.103.87 www.bcpzonasegura.viabcp.com O1 - Hosts: 208.109.103.87 scotiabank.com.pe O1 - Hosts: 208.109.103.87 www.scotiabank.com.pe O1 - Hosts: 208.109.103.87 scotiaenlinea.scotiabank.com.pe O1 - Hosts: 208.109.103.87 www.scotiaenlinea.scotiabank.com.pe O1 - Hosts: 65.60.49.245 atevip.net O1 - Hosts: 65.60.49.245 atrapadoz.com O1 - Hosts: 65.60.49.245 bateriaseria.biz O1 - Hosts: 65.60.49.245 bateriaseria.info O1 - Hosts: 65.60.49.245 bateriafina.org O1 - Hosts: 65.60.49.245 bateriaseria.net O1 - Hosts: 65.60.49.245 bautizame.org O1 - Hosts: 65.60.49.245 buenamusica.com O1 - Hosts: 65.60.49.245 caidos.net O1 - Hosts: 65.60.49.245 caleta.com.pe O1 - Hosts: 65.60.49.245 caleta.tk O1 - Hosts: 65.60.49.245 nuevaq.net O1 - Hosts: 65.60.49.245 callevip.com O1 - Hosts: 65.60.49.245 enladisco.com O1 - Hosts: 65.60.49.245 fulltono.com O1 - Hosts: 65.60.49.245 musica.com O1 - Hosts: 65.60.49.245 thedaniex.com O1 - Hosts: 65.60.49.245 trikool.com.pe O1 - Hosts: 65.60.49.245 unvicio.net O1 - Hosts: 65.60.49.245 yumusica.com O1 - Hosts: 65.60.49.245 zonamusical.net O1 - Hosts: 65.60.49.245 cleptomano.com O1 - Hosts: 65.60.49.245 tuescuchas.com O1 - Hosts: 65.60.49.245 www.atevip.net O1 - Hosts: 65.60.49.245 www.atrapadoz.com O1 - Hosts: 65.60.49.245 www.bateriaseria.biz O1 - Hosts: 65.60.49.245 www.bateriaseria.info O1 - Hosts: 65.60.49.245 www.bateriafina.org O1 - Hosts: 65.60.49.245 www.bateriaseria.net O1 - Hosts: 65.60.49.245 www.bautizame.org O1 - Hosts: 65.60.49.245 www.buenamusica.com O1 - Hosts: 65.60.49.245 www.caidos.net O1 - Hosts: 65.60.49.245 www.caleta.com.pe O1 - Hosts: 65.60.49.245 www.caleta.tk O1 - Hosts: 65.60.49.245 www.nuevaq.net O1 - Hosts: 65.60.49.245 www.callevip.com O1 - Hosts: 65.60.49.245 www.enladisco.com O1 - Hosts: 65.60.49.245 www.fulltono.com O1 - Hosts: 65.60.49.245 www.musica.com O1 - Hosts: 65.60.49.245 www.thedaniex.com O1 - Hosts: 65.60.49.245 www.trikool.com.pe O1 - Hosts: 65.60.49.245 www.unvicio.net O1 - Hosts: 65.60.49.245 www.yumusica.com O1 - Hosts: 65.60.49.245 www.zonamusical.net O1 - Hosts: 65.60.49.245 www.cleptomano.com O1 - Hosts: 65.60.49.245 www.tuescuchas.com O1 - Hosts: 65.60.49.245 cholotube.com O1 - Hosts: 65.60.49.245 macizorras.com O1 - Hosts: 65.60.49.245 quevideos.com O1 - Hosts: 65.60.49.245 videosgratis.tv O1 - Hosts: 65.60.49.245 guiaporno.com O1 - Hosts: 65.60.49.245 unaspajas.com O1 - Hosts: 65.60.49.245 videosgratis.net O1 - Hosts: 65.60.49.245 cuantosexo.com O1 - Hosts: 65.60.49.245 marqueze.net O1 - Hosts: 65.60.49.245 iberporno.com O1 - Hosts: 65.60.49.245 muyzorras.com O1 - Hosts: 65.60.49.245 viendosexo.com O1 - Hosts: 65.60.49.245 petardas.com O1 - Hosts: 65.60.49.245 babosas.com O1 - Hosts: 65.60.49.245 redtube.com O1 - Hosts: 65.60.49.245 pornhub.com O1 - Hosts: 65.60.49.245 pornotube.com O1 - Hosts: 65.60.49.245 xvideos.com O1 - Hosts: 65.60.49.245 youporn.com O1 - Hosts: 65.60.49.245 tube8.com O1 - Hosts: 65.60.49.245 porntube.com O1 - Hosts: 65.60.49.245 puritanas.com O1 - Hosts: 65.60.49.245 peliculasxgratis.com O1 - Hosts: 65.60.49.245 locuraporno.com O1 - Hosts: 65.60.49.245 pillaporno.com O1 - Hosts: 65.60.49.245 elpajas.com O1 - Hosts: 65.60.49.245 sexofree.com O1 - Hosts: 65.60.49.245 misputillas.com O1 - Hosts: 65.60.49.245 rubias19.com O1 - Hosts: 65.60.49.245 aztepajas.com O1 - Hosts: 65.60.49.245 goceprofundo.com O1 - Hosts: 65.60.49.245 123-amateur.com O1 - Hosts: 65.60.49.245 viveporno.com O1 - Hosts: 65.60.49.245 metelagratis.com O1 - Hosts: 65.60.49.245 sexobot.com O1 - Hosts: 65.60.49.245 orgasmatrix.com O1 - Hosts: 65.60.49.245 bienporno.com O1 - Hosts: 65.60.49.245 pasteleras.com O1 - Hosts: 65.60.49.245 depravacionsexual.com O1 - Hosts: 65.60.49.245 pornobrutal.com O1 - Hosts: 65.60.49.245 tusexycam.com O1 - Hosts: 65.60.49.245 elfolladero.com O1 - Hosts: 65.60.49.245 javichuparadise.com O1 - Hosts: 65.60.49.245 guarras.org O1 - Hosts: 65.60.49.245 pornoxlacara.com O1 - Hosts: 65.60.49.245 xnxx.com O1 - Hosts: 65.60.49.245 tuporno.tv O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Users\luis arturo\Links\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE.dll O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll O4 - HKLM\..\Run: [EVGAPrecision] "C:\Program Files (x86)\EVGA Precision\EVGAPrecisionWrapper.exe" /s O4 - HKLM\..\Run: [msnmsgr] "C:\PROGRA~2\WI1F86~1\MESSEN~1\msnmsgr.exe" /background O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [Winlogon] C:\Windows\winlogon.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DeskSpace] C:\Program Files (x86)\DeskSpace\deskspace.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [IDMan] C:\Users\luis arturo\Links\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: No-IP DUC.lnk = C:\Program Files (x86)\No-IP\DUC20.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Download All Links with IDM - C:\Users\luis arturo\Links\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Users\luis arturo\Links\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Users\luis arturo\Links\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O13 - Gopher Prefix: O15 - Trusted IP range: http://0.0.0.0 O15 - ESC Trusted IP range: http://0.0.0.0 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files (x86)\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WEP key recovery service (WZCOOK) - Unknown owner - C:\Users\LUISAR~1\AppData\Local\Temp\Rar$EX04.439\CrackeoRedesWi-Fi\wzcook.exe (file missing) -- End of file - 15570 bytes |
||
| sin valorar | Mar Jul 14, 2009 3:00 pm | |
|
Usa los siguientes programas actualizados y en modo a prueba de fallos: *Dr.Web CureIt! 4.44 *MalwareBits Antimalware. Ademas limpia el registro del windows usa la herramienta Ccleaner. Te dara bueno resultados... PD. acerca del log... me reservo algun comentario.. Suerte y Comenta. |
||
