SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
Tengo problemas con el mouse tiene virus al parecer
Mr_X:
Además de lo que dice Liamngls, te comento que la versión gratuita del FlashGet lleva adware...
licant:
un saludo mis hermanos
creo que esto es el log de auto run:
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ LogitechVideoRepair Logitech QuickCam Startup Application (Not verified) Logitech Inc. c:\archivos de programa\logitech\video\isstart.exe
+ LogitechVideoTray ImageStudio Tray Application (Not verified) Logitech Inc. c:\archivos de programa\logitech\video\logitray.exe
+ LVCOMSX LVCom Server (Not verified) Logitech Inc. c:\windows\system32\lvcomsx.exe
+ NeroFilterCheck NeroCheck (Not verified) Ahead Software Gmbh c:\windows\system32\nerocheck.exe
+ nod32kui NOD32 Control Center GUI (Not verified) Eset c:\archivos de programa\eset\nod32kui.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
C:\Documents and Settings\Robert\Menú Inicio\Programas\Inicio
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ LogitechSoftwareUpdate Logitech Software Update (Not verified) Logitech Inc. c:\archivos de programa\logitech\video\manifestengine.exe
+ NBJ Nero BackItUp Scheduler Application (Not verified) Ahead Software AG c:\archivos de programa\ahead\nero backitup\nbj.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
+ Class Install Handler Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ deflate Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ gzip Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ lzdhtml Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
+ cdl Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ cdo Microsoft SharePoint Portal Server Object Model (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\web folders\pkmcdo.dll
+ file Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ ftp Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ gopher Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ http Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ https Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ local Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ mk Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
+ ms-itss Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\information retrieval\msitss.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
+ 0 File not found: About:Home
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ ewido anti-spyware 4.0 ewido anti-spyware guard (Not verified) Anti-Malware Development a.s. c:\archivos de programa\ewido anti-spyware 4.0\shellexecutehook.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Carpetas Web Microsoft Web Folders (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\web folders\msonsext.dll
+ Extensión de paneo de pantalla del Panel de control File not found: deskpan.dll
+ My Logitech Pictures Logitech Namespace2 (Not verified) Logitech Inc. c:\archivos de programa\logitech\video\namespc2.dll
+ NOD32 Context Menu Shell Extension c:\archivos de programa\eset\nodshex.dll
+ WinRAR shell extension c:\archivos de programa\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\archivos de programa\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\archivos de programa\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\archivos de programa\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\archivos de programa\winzip\wzshlstb.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ IeCatch2 Class jccatch Module (Not verified) Amaze Soft c:\archivos de programa\flashget\jccatch.dll
+ SSVHelper Class Java(TM) 2 Platform Standard Edition binary (Not verified) Sun Microsystems, Inc. c:\archivos de programa\java\jre1.5.0_06\bin\ssv.dll
+ {53707962-6F74-2D53-2644-206D7942484F} Bad download blocker (Verified) Safer Networking Ltd. c:\archivos de programa\spybot - search & destroy\sdhelper.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ FlashGet Bar FlashGet IE Bar (Not verified) Amaze Soft c:\archivos de programa\flashget\fgiebar.dll
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ &FlashGet FlashGet (Not verified) Amaze Soft c:\archivos de programa\flashget\flashget.exe
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ ewido anti-spyware 4.0 guard ewido anti-spyware guard (Not verified) Anti-Malware Development a.s. c:\archivos de programa\ewido anti-spyware 4.0\guard.exe
+ MDM Manages local and remote debugging for Visual Studio debuggers (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\vs7debug\mdm.exe
+ NOD32krn NOD32 Kernel Service (Not verified) Eset c:\archivos de programa\eset\nod32krn.exe
HKLM\System\CurrentControlSet\Services
+ AMON Amon monitor (Not verified) Eset c:\windows\system32\drivers\amon.sys
+ ewido anti-spyware 4.0 driver c:\archivos de programa\ewido anti-spyware 4.0\guard.sys
+ pfc Padus(R) ASPI Shell (Not verified) Padus, Inc. c:\windows\system32\drivers\pfc.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
+ advapi32 API base de Windows 32 avanzado (Not verified) Microsoft Corporation c:\windows\system32\advapi32.dll
+ comdlg32 DLL de diálogos comunes (Not verified) Microsoft Corporation c:\windows\system32\comdlg32.dll
+ gdi32 GDI Client DLL (Not verified) Microsoft Corporation c:\windows\system32\gdi32.dll
+ imagehlp Windows NT Image Helper (Not verified) Microsoft Corporation c:\windows\system32\imagehlp.dll
+ kernel32 DLL de cliente API BASE de Windows NT (Not verified) Microsoft Corporation c:\windows\system32\kernel32.dll
+ lz32 LZ Expand/Compress API DLL (Not verified) Microsoft Corporation c:\windows\system32\lz32.dll
+ ole32 Microsoft OLE para Windows (Not verified) Microsoft Corporation c:\windows\system32\ole32.dll
+ urlmon Extensiones OLE32 para Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImageName
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ NOD32 NOD32 IMON - Internet scanning support (Not verified) Eset c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [RAW/IP]] NOD32 IMON - Internet scanning support (Not verified) Eset c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [TCP/IP]] NOD32 IMON - Internet scanning support (Not verified) Eset c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [UDP/IP]] NOD32 IMON - Internet scanning support (Not verified) Eset c:\windows\system32\imon.dll
+ NOD32 protected [RSVP TCP Service Provider] NOD32 IMON - Internet scanning support (Not verified) Eset c:\windows\system32\imon.dll
+ NOD32 protected [RSVP UDP Service Provider] NOD32 IMON - Internet scanning support (Not verified) Eset c:\windows\system32\imon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Mr_X:
Hola, perdona la demora, me imagino que solucionaste ya tu problema, sólo era para comentarte que los Logs del Autoruns y el HijackThis se ven limpios, lo único es el FlashGet que, como te comenté, la versión no registrada contiene adware...
Saludos
Navegación
[*] Página Anterior
Ir a la versión completa