Hola, Creo tener la PC infectada, ya que de un día para el otro empezó a suceder una cosa muy rara, hay muchos programas, como por ejemplo todos los de office que tardan años en abrir, y antes esto ni sucedía (abrian al instante)

*Borré todas las cookies y el registro con CCleaner
*No utilizo JAVA
*Pasé el AVG luego de actualizarlo y obtuve:

---------------------------------------------------------
AVG Anti-Spyware - Informe del análisis
---------------------------------------------------------

+ Creado en: 01:17:56 p.m. 21/07/2008

+ Resultado del análisis:



C:\Documents and Settings\Luciano\Desktop\Extra\MOD`s de FAO v1.0\Graficos - FogelAO\Graficos.scr -> Backdoor.ControlTotal.aj : Limpios.
C:\Documents and Settings\Luciano\Desktop\Staff Liverpool-Ao\Dat.scr -> Backdoor.ControlTotal.aj : Limpios.
C:\Documents and Settings\Luciano\My Documents\Mis archivos recibidos\Dat.rar/Dat.scr -> Backdoor.ControlTotal.aj : Limpios.
C:\Documents and Settings\Luciano\My Documents\Mis archivos recibidos\Gms.rar/Gms.scr -> Backdoor.ControlTotal.aj : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP162\A0034858.scr -> Backdoor.ControlTotal.aj : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP166\A0036750.scr -> Backdoor.ControlTotal.aj : Limpios.
C:\Documents and Settings\Luciano\Desktop\Extra\Incoming\Fate PC Game cracks.exe -> Downloader.Agent.aii : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP139\A0030073.exe -> Not-A-Virus.RemoteAdmin.Win32.VB.a : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP166\A0036767.exe -> Not-A-Virus.RemoteAdmin.Win32.VB.a : Limpios.
C:\AodraG 6.0\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Copy (2) of Star-AO - Cliente\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Copy of Star-AO - Cliente\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Downloads Argentum Online\cliente Fenix AO.rar/cliente\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Downloads\Setup Furius\ClienteFuriusAO.rar/AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Extra\MOD`s de FAO v1.0\Alkon\aoversiondx.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Extra\MOD`s de FAO v1.0\Cliente Twist AO\Cliente\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Extra\MOD`s de FAO v1.0\ClienteFuriusAO\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Extra\MOD`s de FAO v1.0\fenixao\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Extra\VB-juegos-etc\Warlord-Ao\client\aoversiondx.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\Star-AO - Cliente\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\Documents and Settings\Luciano\Desktop\aaaaStar-AO - Cliente\Copy of Star-AO - Cliente\AOVersionDX.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP154\A0033118.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP154\A0033133.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP154\A0033313.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP154\A0033444.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP154\A0033753.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP154\A0033793.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP157\A0034188.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP162\A0034790.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP162\A0034812.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP162\A0034837.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP163\A0034952.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP163\A0035683.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP164\A0035869.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP164\A0035928.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP166\A0036755.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP167\A0036961.dll -> Trojan.FakeLogin.e : Limpios.
C:\System Volume Information\_restore{55916985-11D7-4FED-924C-808A9C710574}\RP169\A0037268.dll -> Trojan.FakeLogin.e : Limpios.


::Fin del informe

*Luego pasé el Hijackthis, y obtuve:

Logfile of HijackThis v1.99.1
Scan saved at 01:25:22 p.m., on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\csrcs.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\AppServ\Apache2\bin\Apache.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\AppServ\Apache2\bin\Apache.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\Notepad.exe
C:\Documents and Settings\Luciano\My Documents\HiJackThis\HJT\HijackThis[www.trucoswindows.net].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-AR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Apache2 - Unknown owner - C:\AppServ\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

desde ya muchas gracias,

Saludos

Baja este programa:Malwarebytes Anti-Malware
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
Si lo ubicas en el escritorio aparecerá este archivo:
mbam-setup.exe
le damos doble click y se abrirá , elegimos el idioma , aceptamos las condiciones de uso y comenzará la instalación.
Actualizamos la base de datos y ya tendremos el ícono para hacer la limpieza :
doble click a Malwarebytes Anti-Malware, en la siguiente ventana elegimos Escaner "realizar un examen completo" y hacemos click en "Examinar".
Luego del proceso de scaneo nos aparecerá este mensaje:
"El exámen ha terminado con éxito.Click en mostrar resultados para ver todos los objetos hallados".
Nos encontraremos con el resumen de lo hallado y hacemos click en "Mostrar Resultados"(abajo a la derecha)
Luego en la siguiente pantalla hacemos click en "Quitar lo seleccionado"(abajo a la izquierda).
Por último se nos mostrará el reporte del análisis y lo realizado por el programa, ese reporte lo debes copiar y pegar junto a un nuevo log del Hijack.


○» No olvides actualizar la consola de java http://java.sun.com/javase/downloads/index.jsp Debes bajarte la versión Java Runtime Environment (JRE) 6u7 [Desinstala la versión de Java que tienes e instala esta otra]

Malwarebytes' Anti-Malware 1.22
Versión de la Base de Datos: 977
Windows 5.1.2600 Service Pack 2

11:53:53 p.m. 21/07/2008
mbam-log-7-21-2008 (23-53-53).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 163299
Tiempo transcurrido: 1 hour(s), 33 minute(s), 27 second(s)

Procesos en Memoria Infectados: 1
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 2
Valores del Registro Infectados: 1
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 4

Procesos en Memoria Infectados:
C:\WINDOWS\system32\csrcs.exe (Trojan.Agent) -> Unloaded process successfully.

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_CLASSES_ROOT\Interface\{1e293881-f1aa-4580-9ea4-4c714e71162a} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{08dfed4c-5beb-490a-8afa-331ac1ae5c0d} (Trojan.Clicker) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\csrcs (Trojan.Agent) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
C:\WINDOWS\regsvc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regsvc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\csrcs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Explorer.dll (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

********************************************************************
Logfile of HijackThis v1.99.1
Scan saved at 11:56:53 p.m., on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\AppServ\Apache2\bin\Apache.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\AppServ\Apache2\bin\Apache.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\Notepad.exe
C:\Documents and Settings\Luciano\My Documents\HiJackThis\HJT\HijackThis[www.trucoswindows.net].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-AR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Apache2 - Unknown owner - C:\AppServ\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Cierra todas las aplicaciones
Ejecuta el Hijack :

Scan y luego Fix a estas:

F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Cierra el Hijack.
Busca estos archivos y los eliminas: (pueden no estar )

csrcs.exe

Borra con el CCleaner :Archivos Temp. de Internet,Temp. de Sistema,cookies,historial , etc.

Vacía la Papelera

Ejecuta el AVG
Reinicia normal, conecta Internet, pon el reporte del AVG y pega un nuevo log del Hijack.
Nos comentas si se solucionó.
Saludos
Caito

---------------------------------------------------------
AVG Anti-Spyware - Informe del análisis
---------------------------------------------------------

+ Creado en: 06:27:14 p.m. 22/07/2008

+ Resultado del análisis:



:mozilla.28:C:\Documents and Settings\Luciano\Application Data\Mozilla\Firefox\Profiles\6hk06fib.default\cookies.txt -> TrackingCookie.Webtrends : Limpios.
:mozilla.11:C:\Documents and Settings\Luciano\Application Data\Mozilla\Firefox\Profiles\6hk06fib.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpios.
:mozilla.12:C:\Documents and Settings\Luciano\Application Data\Mozilla\Firefox\Profiles\6hk06fib.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpios.
:mozilla.13:C:\Documents and Settings\Luciano\Application Data\Mozilla\Firefox\Profiles\6hk06fib.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpios.
:mozilla.14:C:\Documents and Settings\Luciano\Application Data\Mozilla\Firefox\Profiles\6hk06fib.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpios.
:mozilla.15:C:\Documents and Settings\Luciano\Application Data\Mozilla\Firefox\Profiles\6hk06fib.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpios.


::Fin del informe


*********************************************************************

Logfile of HijackThis v1.99.1
Scan saved at 06:28:20 p.m., on 22/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\AppServ\Apache2\bin\Apache.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\AppServ\Apache2\bin\Apache.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\No-IP\DUC20.exe
C:\Documents and Settings\Luciano\Desktop\Star-AO - Server\Server.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Luciano\My Documents\HiJackThis\HJT\HijackThis[www.trucoswindows.net].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-AR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Apache2 - Unknown owner - C:\AppServ\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

******************************************************************

El problema pareciera haberse solucionado.
Gracias por todo!!
Saludos

Nos alegra que lo hayas arreglado
Damos por solucionado este tema
Saludos
Caito