Error Programador de tareas. APPCRASH.taskeng.exe solucion??

Foro referente al sistema operativo Windows Vista (Longhorn)
arliveman
Usuario linuxero
Usuario linuxero
Mensajes: 4
Registrado: 21 Ene 2013, 19:46
Contactar:

Error Programador de tareas. APPCRASH.taskeng.exe solucion??

Mensajepor arliveman » 21 Ene 2013, 20:24

Buenas, tengo windows vista y cada vez que inicio windows aparte de que tarda en iniciar un poco, me sale el error en programador de tareas y me aparece errop de APPCRASH con el programa taskeng.exe

me he bajado este programa y este es el log. que deberia hacer ahora? encuentro el error ahi?



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:29, on 21/01/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TuneUp Utilities 2013\Integrator.exe
C:\Program Files\TuneUp Utilities 2013\RegistryCleaner.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Rezip - Unknown owner - C:\Windows\SYSTEM32\Rezip.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

--
End of file - 6096 bytes

arliveman
Usuario linuxero
Usuario linuxero
Mensajes: 4
Registrado: 21 Ene 2013, 19:46
Contactar:

Re: Error Programador de tareas. APPCRASH.taskeng.exe soluci

Mensajepor arliveman » 22 Ene 2013, 10:41

Por cierto, el arranque del sistema tambien va muy lento, he probador con StartupBoster y algunos consejos que vi en google y nada.. se pega un buen rato la raya verde cargando de izquierda a derecha, y una vez que por fin aparece el raton y el escritorio ya va como un tiro... a que se puede deber?

Avatar de Usuario
Souto
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 10665
Registrado: 25 Feb 2008, 10:21
Ubicación: Galicia
Agradecido : 6 veces
Agradecimiento recibido: 647 veces
Contactar:

Re: Error Programador de tareas. APPCRASH.taskeng.exe soluci

Mensajepor Souto » 22 Ene 2013, 11:03

Hola,
Aunque el log no aporta nada de interés, el tipo de error que comentas y el comportamiento del equipo apunta claramente a infección.
En mi experiencia (aunque esto es discutible) también el Tune-Up podría ser responsable de lo último que comentas.

Descarga a escritorio el Combofix, haz ratón derecho sobre él>>ejecutar como administrador y pega el reporte final.
A tener en cuenta:
1. El escaneo con Combofix es lento (15-20 min)
2. No se debe ni siquiera mover el ratón una vez que está corriendo porque cabe la posibilidad de que se pare
3. Sabremos que Combofix ha finalizado por fin porque mostrará en pantalla un bloc de notas y pedirá reiniciar.

Link de descarga: http://www.infospyware.com/antimalware/combofix

Saludos
Qui dove il mare luccica e tira forte il vento

arliveman
Usuario linuxero
Usuario linuxero
Mensajes: 4
Registrado: 21 Ene 2013, 19:46
Contactar:

Re: Error Programador de tareas. APPCRASH.taskeng.exe soluci

Mensajepor arliveman » 23 Ene 2013, 10:30

ComboFix 13-01-22.01 - Samsung 23/01/2013 10:02:25.1.2 - x86
Running from: c:\users\Samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAH63VZ9\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-23 to 2013-01-23 )))))))))))))))))))))))))))))))
.
.
2013-01-23 09:10 . 2013-01-23 09:10 -------- d-----w- c:\users\Samsung\AppData\Local\temp
2013-01-23 09:10 . 2013-01-23 09:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-23 08:58 . 2013-01-23 08:58 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CC194728-2561-4556-B317-468A7F3369E4}\MpKslc8091953.sys
2013-01-22 09:33 . 2013-01-22 09:33 60872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CC194728-2561-4556-B317-468A7F3369E4}\offreg.dll
2013-01-22 05:57 . 2013-01-22 05:57 -------- d-----w- c:\users\Samsung\AppData\Roaming\Smart PC Solutions
2013-01-22 05:57 . 2013-01-22 05:57 -------- d-----w- c:\program files\Smart PC Solutions
2013-01-22 04:54 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CC194728-2561-4556-B317-468A7F3369E4}\mpengine.dll
2013-01-22 04:48 . 2013-01-22 05:07 -------- d-----w- c:\program files\CCleaner
2013-01-22 04:45 . 2013-01-22 04:45 -------- d-----w- c:\users\Samsung\AppData\Roaming\Babylon
2013-01-22 04:45 . 2013-01-22 04:45 -------- d-----w- c:\programdata\Babylon
2013-01-21 18:35 . 2013-01-21 18:35 -------- d-----w- c:\program files\Trend Micro
2013-01-20 08:16 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-15 11:30 . 2013-01-15 11:30 -------- d-----w- c:\program files\Winamp Detect
2013-01-15 11:29 . 2013-01-22 04:56 -------- d-----w- c:\users\Samsung\AppData\Roaming\Winamp
2013-01-10 17:57 . 2013-01-10 17:58 -------- d-----w- c:\program files\Google
2013-01-10 17:57 . 2013-01-10 17:58 -------- d-----w- c:\users\Samsung\AppData\Local\Google
2013-01-10 17:57 . 2013-01-10 17:57 -------- d-----w- c:\users\Samsung\AppData\Local\Apps
2013-01-10 17:57 . 2013-01-10 17:57 -------- d-----w- c:\users\Samsung\AppData\Local\Deployment
2013-01-09 12:22 . 2013-01-09 20:09 -------- d-----w- c:\users\Samsung\AppData\Roaming\Epson
2013-01-09 11:45 . 2013-01-09 11:45 -------- d-----w- c:\program files\Common Files\EPSON
2013-01-09 11:44 . 2013-01-09 11:44 -------- d-----w- c:\programdata\UDL
2013-01-09 11:41 . 2013-01-09 11:41 -------- d-----w- c:\users\Samsung\AppData\Roaming\InstallShield
2013-01-09 11:40 . 2013-01-09 11:42 -------- d-----w- c:\program files\Epson Software
2013-01-09 11:39 . 2013-01-09 11:39 -------- d-----w- c:\users\Samsung\AppData\Local\ABBYY
2013-01-09 11:38 . 2013-01-09 11:40 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint
2013-01-09 11:38 . 2013-01-09 11:38 -------- d-----w- c:\programdata\ABBYY
2013-01-09 11:38 . 2013-01-09 11:38 -------- d-----w- c:\program files\Common Files\ABBYY
2013-01-09 11:37 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 11:36 . 2007-04-10 01:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2013-01-09 11:36 . 2008-11-12 03:00 93696 ----a-w- c:\windows\system32\E_FLBGGE.DLL
2013-01-09 11:36 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 11:36 . 2009-10-01 03:01 63488 ----a-w- c:\windows\system32\E_FD4BGGE.DLL
2013-01-09 11:36 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 11:35 . 2013-01-09 20:09 -------- d-----w- c:\programdata\EPSON
2013-01-09 11:34 . 2009-11-19 23:00 341504 ----a-w- c:\windows\system32\esw2ud.dll
2013-01-09 11:34 . 2009-04-30 23:00 15872 ----a-w- c:\windows\system32\escdev.dll
2013-01-09 11:34 . 2009-04-30 23:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
2013-01-09 11:34 . 2013-01-09 11:40 -------- d-----w- c:\program files\epson
2013-01-02 06:25 . 2013-01-02 06:25 -------- d-----w- c:\program files\Common Files\Java
2013-01-02 06:24 . 2013-01-02 06:24 779704 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-02 06:24 . 2013-01-02 06:24 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-02 06:24 . 2013-01-02 06:24 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-02 06:24 . 2013-01-02 06:24 -------- d-----w- c:\program files\Java
2012-12-25 18:54 . 2001-09-05 03:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-25 18:54 . 2001-09-05 03:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2012-12-25 18:54 . 2001-09-05 03:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-25 18:54 . 2001-09-05 03:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-18 18:02 . 2012-12-19 20:37 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-18 18:02 . 2012-12-19 20:37 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-22 14:58 . 2012-12-22 14:58 1207888 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-22 11:47 . 2012-12-22 11:48 8192 ----a-w- c:\windows\system32\srvany.exe
2012-12-22 11:47 . 2012-12-22 11:48 151552 ----a-w- c:\windows\KMService.exe
2012-12-19 19:13 . 2012-12-19 19:13 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-12-19 18:45 . 2011-03-28 17:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-12-19 15:04 . 2012-12-19 15:04 161792 ----a-w- c:\windows\system32\msls31.dll
2012-12-19 15:04 . 2012-12-19 15:04 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-12-19 15:04 . 2012-12-19 15:04 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-12-19 15:04 . 2012-12-19 15:04 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-12-19 15:04 . 2012-12-19 15:04 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-12-19 15:04 . 2012-12-19 15:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-12-19 15:04 . 2012-12-19 15:04 367104 ----a-w- c:\windows\system32\html.iec
2012-12-19 15:04 . 2012-12-19 15:04 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-12-19 15:04 . 2012-12-19 15:04 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-12-19 15:04 . 2012-12-19 15:04 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-12-19 15:04 . 2012-12-19 15:04 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-19 15:04 . 2012-12-19 15:04 152064 ----a-w- c:\windows\system32\wextract.exe
2012-12-19 15:04 . 2012-12-19 15:04 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-12-19 15:04 . 2012-12-19 15:04 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-19 15:04 . 2012-12-19 15:04 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-12-19 15:04 . 2012-12-19 15:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-19 15:04 . 2012-12-19 15:04 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-12-19 15:04 . 2012-12-19 15:04 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-12-19 15:04 . 2012-12-19 15:04 11776 ----a-w- c:\windows\system32\mshta.exe
2012-12-19 15:04 . 2012-12-19 15:04 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-12-19 15:04 . 2012-12-19 15:04 101888 ----a-w- c:\windows\system32\admparse.dll
2012-12-19 15:03 . 2012-12-19 15:03 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-12-19 15:03 . 2012-12-19 15:03 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2012-12-19 15:03 . 2012-12-19 15:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2012-12-19 15:03 . 2012-12-19 15:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-12-19 15:03 . 2012-12-19 15:03 98816 ----a-w- c:\windows\system32\mfps.dll
2012-12-19 15:03 . 2012-12-19 15:03 586240 ----a-w- c:\windows\system32\stobject.dll
2012-12-19 15:03 . 2012-12-19 15:03 2873344 ----a-w- c:\windows\system32\mf.dll
2012-12-19 15:03 . 2012-12-19 15:03 209920 ----a-w- c:\windows\system32\mfplat.dll
2012-12-19 15:03 . 2012-12-19 15:03 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2012-12-19 15:03 . 2012-12-19 15:03 189952 ----a-w- c:\windows\system32\d3d10core.dll
2012-12-19 15:03 . 2012-12-19 15:03 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-12-19 15:03 . 2012-12-19 15:03 847360 ----a-w- c:\windows\system32\OpcServices.dll
2012-12-19 15:03 . 2012-12-19 15:03 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2012-12-19 15:03 . 2012-12-19 15:03 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-12-19 15:03 . 2012-12-19 15:03 478720 ----a-w- c:\windows\system32\dxgi.dll
2012-12-19 15:03 . 2012-12-19 15:03 37376 ----a-w- c:\windows\system32\cdd.dll
2012-12-19 15:03 . 2012-12-19 15:03 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2012-12-19 15:03 . 2012-12-19 15:03 258048 ----a-w- c:\windows\system32\winspool.drv
2012-12-19 15:03 . 2012-12-19 15:03 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2012-12-19 15:03 . 2012-12-19 15:03 1029120 ----a-w- c:\windows\system32\d3d10.dll
2012-12-19 15:03 . 2012-12-19 15:03 4096 ----a-w- c:\windows\system32\drivers\es-ES\dxgkrnl.sys.mui
2012-12-19 15:03 . 2012-12-19 15:03 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-12-19 15:03 . 2012-12-19 15:03 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-12-19 15:03 . 2012-12-19 15:03 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-12-19 15:03 . 2012-12-19 15:03 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-12-19 15:03 . 2012-12-19 15:03 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-12-19 15:03 . 2012-12-19 15:03 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-12-19 15:03 . 2012-12-19 15:03 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-12-16 13:12 . 2012-12-21 17:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 17:42 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-11-19 00:04 . 2012-12-19 18:10 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{12936AF7-D4E8-460A-B0F0-E3FDC5E2DB9D}\mpengine.dll
2012-11-13 01:29 . 2012-12-19 14:43 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 10:18 . 2012-12-19 14:43 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 08:26 . 2012-12-19 14:43 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-11-29 08:26 . 2012-12-19 17:01 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2009-02-13 08:02 6814240 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2009-02-13 08:03 1833504 ----a-w- c:\program files\Realtek\Audio\HDA\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2012-07-04 02:03 641704 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-08-28 02:52 1049896 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
"ares"="c:\program files\Ares\Ares.exe" -h
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" -hide -runkey
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
.
R4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLC8091953
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
yksvcs REG_MULTI_SZ yksvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-15 19:46 1606760 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-10 17:57]
.
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.es/
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=SMSN
uInternet Settings,ProxyOverride = *.local
IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Descargar con Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
FF - ProfilePath - c:\users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\xjyvwbsq.default\
FF - ExtSQL: 2012-12-18 12:08; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2012-12-19 19:15; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\xjyvwbsq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_de ... e80623f&q=
FF - user.js: extensions.BabylonToolbar.id - e2d9722c00000000000000265e80623f
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15727
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.7.2
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.7.2
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.7.25:46
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108750&tt=0413_1
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-23 10:10
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\TEMP\TMP00004CC7BED8AA0393FB0BBC 524288 bytes
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.032"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ani"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bay"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bmp"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bw"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cr2"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.crw"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cs1"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cur"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcr"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcx"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dib"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djv"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djvu"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dng"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.emf"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.eps"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.erf"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fff"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fpx"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gif"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icl"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icn"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ico"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-4128426370-2806682143-2527754121-1003)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.iff"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ilbm"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.int"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.inta"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iw4"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2c"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2k"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jfif"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jif"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jp2"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpc"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpe"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpeg"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpg"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpk"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpx"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.lbm"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mos"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mrw"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.nef"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.orf"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pbm"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcd"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pct"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcx"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pef"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pgm"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pic"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pict"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pix"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.png"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ppm"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psd"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psp"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raf"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ras"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-4128426370-2806682143-2527754121-1003)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.raw"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgb"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgba"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rle"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rsb"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sgi"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sr2"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.srf"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tga"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.thm"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tif"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tiff"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttc"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttf"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9o"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9p"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9pf"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbm"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbmp"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wmf"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xbm"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xif"
.
[HKEY_USERS\S-1-5-21-4128426370-2806682143-2527754121-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-01-23 10:15:52
ComboFix-quarantined-files.txt 2013-01-23 09:15
.
Pre-Run: 11.834.294.272 bytes libres
Post-Run: 11.890.749.440 bytes libres
.
- - End Of File - - 8432E34423BDDBA7DD61596C94643693


Esto es lo que me ha respondido el log del programa. El tuneup 2013 lo desinstalé. Al terminar el combofix no me dejaba abrir los archivos ejecutables y tuve que reiniciar el portatil. El error del programador de tareas ya no me aparece desde que instalé el Startup boster, o al desintalar el tuneup. Pero la carga del ordenador es lenta, hasta que se carga windows, que entonces si va mas rapido.

Avatar de Usuario
Souto
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 10665
Registrado: 25 Feb 2008, 10:21
Ubicación: Galicia
Agradecido : 6 veces
Agradecimiento recibido: 647 veces
Contactar:

Re: Error Programador de tareas. APPCRASH.taskeng.exe soluci

Mensajepor Souto » 23 Ene 2013, 17:39

Descarga la herramienta ADWCLEANER (para descargarla tienes que pulsar en la flecha verde)

La ejecutas y pulsas en "Delete". Esperas a que termine el proceso, momento en el que te aparecerá un informe: copia el contenido y pégalo aquí para que podamos verlo.

Imagen

Este programa es posible que te cambie tu página de inicio (no tienes más que volver a cambiarla tú por la que quieras).

Adwcleaner te pedirá reiniciar.


Con esto debería ser suficiente, pero según el resultado hablamos

Saludos
Qui dove il mare luccica e tira forte il vento

arliveman
Usuario linuxero
Usuario linuxero
Mensajes: 4
Registrado: 21 Ene 2013, 19:46
Contactar:

Re: Error Programador de tareas. APPCRASH.taskeng.exe soluci

Mensajepor arliveman » 24 Ene 2013, 11:54

# AdwCleaner v2.107 - Fichero creado el 24/01/2013 a 11:45:01
# Actualizado el 21/01/2013 por Xplode
# Sistema operativo : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuario : Samsung - SAMSUNG1
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\Samsung\Desktop\adwcleaner.exe
# Opción [Supresión]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****

Carpeta Suprimido : C:\ProgramData\Babylon
Carpeta Suprimido : C:\Users\Samsung\AppData\Roaming\Babylon
Fichero Suprimido : C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\xjyvwbsq.default\searchplugins\babylon1.xml

***** [Registro] *****

Clave Supprimida : HKCU\Software\e48ad0b33eee12
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Clave Supprimida : HKCU\Software\Softonic
Clave Supprimida : HKLM\Software\Babylon
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.cap
Clave Supprimida : HKLM\Software\Conduit

***** [Navegadores] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] El registro no contiene ninguna entrada ilegítima.

-\\ Mozilla Firefox v17.0.1 (es-ES)

Fichero : C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\xjyvwbsq.default\prefs.js

C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\xjyvwbsq.default\user.js ... Suprimido !

[OK] El fichero no contiene ninguna entrada ilegítima.

-\\ Google Chrome v24.0.1312.52

Fichero : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

*************************

AdwCleaner[S1].txt - [2018 octets] - [24/01/2013 11:45:01]

########## EOF - C:\AdwCleaner[S1].txt - [2078 octets] ##########


Esto es el reporte que me ha salido


Volver a “Windows Vista”

¿Quién está conectado?

Usuarios navegando por este Foro: Bing [Bot] y 2 invitados