SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
atmclk.exe
Kaiser Sose:
:ciego: Como ya eh leido de parte de otros usuario, tambiwn tengo problemas con este atmclk.exe que me aparece a cada rato, tengo bloqueada la pagina de inicio del explorer, el icono de interrogacion, tengo otro virus tambien que no puedo eliminar y no se que hacer!!!!! me esta volviendo loco!
por favor ayuda!
Desde ya muchas gracias.
Mr_X:
Bienvenido
Pues a seguir los pasos recomendados en los otros casos...
http://www.daboweb.com/foros/index.php/topic,25338.0.html
http://www.daboweb.com/foros/index.php/topic,24903.0.html
http://www.daboweb.com/foros/index.php/topic,24484.0.html
Kaiser Sose:
oka..........no se segui lo que me dijiste ahora pego el contenido y me decis como seguir?
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ KAVPersonal50 Kaspersky Anti-Virus GUI Part (Not verified) Kaspersky Lab c:\archivos de programa\kaspersky lab\kaspersky anti-virus personal\kav.exe
+ MyWebSearch Email Plugin File not found: C:\ARCHIV~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
+ NeroFilterCheck NeroCheck (Not verified) Ahead Software Gmbh c:\windows\system32\nerocheck.exe
+ NvCplDaemon NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll
+ NvMediaCenter NVIDIA Media Center Library (Not verified) NVIDIA Corporation c:\windows\system32\nvmctray.dll
+ nwiz NVIDIA nView Wizard, Version 61.72 (Not verified) NVIDIA Corporation c:\windows\system32\nwiz.exe
+ Smapp SoundMAX System Tray (Not verified) Analog Devices, Inc. c:\archivos de programa\analog devices\soundmax\smtray.exe
+ SpeedTouch USB Diagnostics SpeedTouch Statistics (Not verified) THOMSON Telecom Belgium c:\archivos de programa\thomson\dragdiag.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
+ InterVideo WinCinema Manager.lnk WinCinema Manager (Not verified) InterVideo Inc. c:\archivos de programa\intervideo\common\bin\wincinemamgr.exe
C:\Documents and Settings\Iva\Menú Inicio\Programas\Inicio
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
+ dcomcfg.exe c:\windows\system32\dcomcfg.exe
+ wininet.dll c:\windows\system32\regperf.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ MyWebSearch Email Plugin File not found: C:\ARCHIV~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
+ tspcm SATUpF (Not verified) Telefónica I+D c:\archivos de programa\telefonica\speedy\satconmon.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
+ ms-itss Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\information retrieval\msitss.dll
+ msnim MSN Messenger Protocol Handler (Not verified) Microsoft Corporation c:\archivos de programa\msn messenger\msgrapp.dll
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
+ ecosystems File not found: C:\WINDOWS\system32\guxxa.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ dvdshell.dll DVD Region-Free Shell Module (Not verified) Fengtao Software Inc. c:\archivos de programa\dvd region+css free\dvdshell.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Desktop Explorer NVIDIA Desktop Explorer, Version 61.72 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 61.72 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ Extensión de paneo de pantalla del Panel de control File not found: deskpan.dll
+ NOD32 Context Menu Shell Extension File not found: C:\Archivos de programa\Eset\nodshex.dll
+ NvCpl DesktopContext Class NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll
+ nView Desktop Context Menu NVIDIA Desktop Explorer, Version 61.72 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ Play on my TV helper NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll
+ WinRAR shell extension c:\archivos de programa\winrar\rarext.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ mwsBar BHO File not found: C:\Archivos de programa\MyWebSearch\bar\1.bin\MWSBAR.DLL
+ MyWebSearch Search Assistant BHO MyWebSearch Search Assistant (Not verified) MyWebSearch.com c:\archivos de programa\mywebsearch\srchastt\1.bin\mwssrcas.dll
+ Nothing c:\windows\system32\hp100.tmp
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
+ mwssrcas.dll MyWebSearch Search Assistant (Not verified) MyWebSearch.com c:\archivos de programa\mywebsearch\srchastt\1.bin\mwssrcas.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ kavsvc Kaspersky Anti-Virus Service (Not verified) Kaspersky Lab c:\archivos de programa\kaspersky lab\kaspersky anti-virus personal\kavsvc.exe
+ NVSvc Provides system and desktop level support to the NVIDIA display driver (Not verified) NVIDIA Corporation c:\windows\system32\nvsvc32.exe
+ SoundMAX Agent Service (default) SoundMAX service agent component (Not verified) Analog Devices, Inc. c:\archivos de programa\analog devices\soundmax\smagent.exe
HKLM\System\CurrentControlSet\Services
+ hamachi Hamachi Virtual Network Interface Driver (Not verified) Applied Networking Inc. c:\windows\system32\drivers\hamachi.sys
+ Kl1 Kaspersky Anti-Hacker Only Driver (Not verified) Kaspersky Lab c:\windows\system32\drivers\kl1.sys
+ Klif spuper-ptor (Not verified) Kaspersky Labs c:\windows\system32\drivers\klif.sys
+ Klmc Kaspersky Anti-Virus Mail Checker Proxy (Not verified) Kaspersky Lab c:\windows\system32\drivers\klmc.sys
+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 61.72 (Not verified) NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP (Not verified) Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImageName
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ NOD32 c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [RAW/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [TCP/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [UDP/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [RSVP TCP Service Provider] c:\windows\system32\imon.dll
+ NOD32 protected [RSVP UDP Service Provider] c:\windows\system32\imon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Microsoft Document Imaging Writer Monitor Microsoft® Document Imaging (Not verified) Microsoft Corporation c:\windows\system32\mdimon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Mr_X:
Haz una copia de seguridad del registro (te recomiendo el ERUNT), deshabilita el "Restaurar el sistema" (botón derecho a 'Mi PC'-->Restaurar el sistema-->marca "Deshabilitar el restaurar el sistema en todas las unidades"), reinicia en Modo seguro, ejecuta el Autoruns, selecciona con el botón derecho las siguientes entradas y dale a "Delete":
--- Código: ---+ MyWebSearch Email Plugin File not found: C:\ARCHIV~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
+ dcomcfg.exe c:\windows\system32\dcomcfg.exe
+ wininet.dll c:\windows\system32\regperf.exe
+ MyWebSearch Email Plugin File not found: C:\ARCHIV~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
+ ecosystems File not found: C:\WINDOWS\system32\guxxa.dll
+ mwsBar BHO File not found: C:\Archivos de programa\MyWebSearch\bar\1.bin\MWSBAR.DLL
+ MyWebSearch Search Assistant BHO MyWebSearch Search Assistant (Not verified) MyWebSearch.com c:\archivos de programa\mywebsearch\srchastt\1.bin\mwssrcas.dll
+ Nothing c:\windows\system32\hp100.tmp
+ mwssrcas.dll MyWebSearch Search Assistant (Not verified) MyWebSearch.com c:\archivos de programa\mywebsearch\srchastt\1.bin\mwssrcas.dll
--- Fin del código ---
¿Desinstalaste el Kaspersky? Reinicia normal, actualiza el NOD32 y/o el Kaspersky y pásalo(s) iniciando en Modo seguro... Baja, instala, actualiza y ejecuta el Spybot S&D, el Adaware y el Spywareblaster... Reinicia y saca un nuevo Log del Autoruns...
Kaiser Sose:
PERDON PERO, TENGO QUE DESINSTALARLO EL ANTIVIRUS? Y SIGO LOS PASOS EN EL ORDEN QUE ME DITE? O SEA.......DE LA PARTE SUPEROIR Y LUEGO LO QUE SIGUE DESPUES DEL CODIGO?
Navegación
[#] Página Siguiente
Ir a la versión completa