Hola antes que nada ojala me puedan ayudar . tengo una pc en la cual no puedo estar por mucho tiempo en internet ya que en solo minutos se me llena de paginas de antivirus y cosas asi .Les dejo mi log para que lo puedan checar y espero su pronta ayuda gracias .

Logfile of HijackThis v1.99.1
Scan saved at 1:46:03 AM, on 2/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\BellSouth\AM\BellSouthAlertManager.exe
C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\BearShare\BearShare.exe
C:\Program Files\SystemDefender\SystemDefender.exe
C:\windows\CaseyVideo[2].scr
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BearShare\BearShare.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\SOFTWA~1\soproc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
A:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...=MjI6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
O2 - BHO: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8B89C194-7E9E-73D5-C2FB-A766A5CEAF23} - C:\DOCUME~1\ALEJAN~1\APPLIC~1\ISOFLA~1\Regs Browse.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: edfqvrw - {D573EDD4-5DEA-4DF1-9D5A-329D6861EDC8} - C:\DOCUME~1\ALEJAN~1\LOCALS~1\Temp\ac8zt2\edfqvrw.dll (file missing)
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AQ3HelperStartUp] C:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [ML1HelperStartUp] C:\PROGRA~1\MIDNIG~1\ML1HEL~1.EXE /partner ML1
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [BellSouthAlertManager.exe] "C:\Program Files\BellSouth\AM\BellSouthAlertManager.exe" /AUTORUN
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [FastAccess Help] C:\Program Files\BellSouth Application Management\content\..\Start.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [two city internet heck] C:\Documents and Settings\All Users\Application Data\does dog two city\Stupid regs.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [SystemDefender] "C:\Program Files\SystemDefender\SystemDefender.exe" hide
O4 - HKCU\..\Run: [AolDesktopRmvMsg] "C:\PROGRA~1\AOLDES~1\RmvMsg.exe"
O4 - HKCU\..\Run: [CaseyVideo[2]] c:\windows\CaseyVideo[2].scr
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [curb mail] C:\DOCUME~1\ALEJAN~1\APPLIC~1\CLOSED~1\ballnoun.exe
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\TPT Registry_Cleaner (Trial)\regclean.exe"
O4 - HKCU\..\Run: [WhenUSave] "C:\PROGRA~1\Save\Save.exe"
O4 - HKCU\..\Run: [SOProc_SoRefRegSoAlertWxLiteNnAj] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack SoRefRegSoAlertWxLiteNnAj
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [XP Antivirus] C:\Program Files\XP Antivirus\xpa2008pro.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: .protected
O4 - Global Startup: .protected
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZN
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: bfrgnos - {33C571EC-4194-499C-8BB7-682F7B38D174} - C:\WINDOWS\bfrgnos.dll
O21 - SSODL: afxlspw - {3F6A0358-631B-4CFB-9C6E-E68CDC842638} - C:\WINDOWS\afxlspw.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

Actualiza la verion de HijackThis a la 2.0.2.Baja el HijackThis de AQUI


y pues empezar a:

1- Actualiza tu sistema Aca:

(Si por algun motivo no puedes actualizar sigue con los demás pasos)
2- Borra todas las cookies y el registro con Ccleaner:
3- Vete a Panel de Control--> Java y elimina todos los archivos temporales. (Si utilizas JAVA)
4- Pasale el Avg Antispyware. (Actualizalo, y al acabar el Scaneo elije la opcion eliminar, despues guarda el report y lo pegas)
Manual avg anti spyware
5- Esta aplicacion tambien (No necesita instalacion)No te saltes este paso Elistara

Cuando empiece el Scaneo, DESTILDAS LA OPCION ELIMINAR , a la izquierda de la ventana del programa

Que no elimine nada


6- Pega un nuevo Log del Hijackthis, mas los Reports de Avg-Antispyware y ElistarA.



un saludo

Ok bueno realize todos los pasos segun lo indicado a exepcion de la actualizacion del sistema que no me dejo hacerla desde la pagina que me dieron.
Pero segui con el resto del procedimiento ,dejo todos los reportes para que los chequen agradeciendo su atencion.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:23:18 AM, on 2/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\BellSouth\AM\BellSouthAlertManager.exe
C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\windows\CaseyVideo[2].scr
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\XP Antivirus\xpa2008pro.exe
C:\PROGRA~1\SOFTWA~1\soproc.exe
C:\WINDOWS\system32\Notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.mx/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8B89C194-7E9E-73D5-C2FB-A766A5CEAF23} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {D573EDD4-5DEA-4DF1-9D5A-329D6861EDC8} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [BellSouthAlertManager.exe] "C:\Program Files\BellSouth\AM\BellSouthAlertManager.exe" /AUTORUN
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [FastAccess Help] C:\Program Files\BellSouth Application Management\content\..\Start.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [two city internet heck] C:\Documents and Settings\All Users\Application Data\does dog two city\Stupid regs.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CaseyVideo[2]] c:\windows\CaseyVideo[2].scr
O4 - HKCU\..\Run: [curb mail] C:\DOCUME~1\ALEJAN~1\APPLIC~1\CLOSED~1\ballnoun.exe
O4 - HKCU\..\Run: [SOProc_SoRefRegSoAlertWxLiteNnAj] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack SoRefRegSoAlertWxLiteNnAj
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [XP Antivirus] C:\Program Files\XP Antivirus\xpa2008pro.exe
O4 - Startup: .protected
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O21 - SSODL: bfrgnos - {33C571EC-4194-499C-8BB7-682F7B38D174} - C:\WINDOWS\bfrgnos.dll
O21 - SSODL: afxlspw - {3F6A0358-631B-4CFB-9C6E-E68CDC842638} - C:\WINDOWS\afxlspw.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

--
End of file - 6080 bytes


----------------------------------------------------------------------------------

AQui dejo el del AVG
---------------------------------------------------------
AVG Anti-Spyware - Informe del análisis
---------------------------------------------------------

+ Creado en: 11:29:52 PM 2/17/2008

+ Resultado del análisis:



C:\Program Files\Common Files\anhndlpr\ahbjlntppp\npctjefbn.exe -> Adware.Gator : Limpios.
C:\Program Files\Common Files\anhndlpr\ltejafdt\ffcrjfpn.exe -> Adware.Gator : Limpios.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\HDPlugin1101.dll -> Adware.Gator : Limpios.
HKLM\SOFTWARE\Gator.com -> Adware.Gator : Limpios.
HKLM\SOFTWARE\Gator.com\CMEII -> Adware.Gator : Limpios.
HKLM\SOFTWARE\Gator.com\CMEII\GSNUninstalled -> Adware.Gator : Limpios.
HKU\S-1-5-21-3242283122-1650585958-2735069381-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D758A3-D33B-45FD-91E3-67749B4057FA} -> Adware.Generic : Limpios.
C:\Program Files\Adverts\uninst.exe -> Adware.Lop : Limpios.
C:\Program Files\Yahoo!\Messenger\ycomp.dll -> Adware.Yahoo : Limpios.
C:\Documents and Settings\alejandro lopez\Desktop\XPantivirus2008_A28.exe -> Downloader.FraudLoad.i : Limpios.
C:\WINDOWS\Downloaded Program Files\ysbactivex.dll -> Downloader.IstBar : Limpios.
C:\WINDOWS\afxlspw.dll -> Not-A-Virus.Adware.Vapsup : Limpios.
C:\WINDOWS\bfrgnos.dll -> Not-A-Virus.Adware.Vapsup : Limpios.
C:\WINDOWS\frplprg.exe -> Not-A-Virus.Adware.Vapsup : Limpios.
[1464] C:\WINDOWS\bfrgnos.dll -> Not-A-Virus.Adware.Vapsup : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]2o7[2].txt -> TrackingCookie.2o7 : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Limpios.
C:\Documents and Settings\bisitante\Cookies\bisitante[arroba]msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]adrevolver[2].txt -> TrackingCookie.Adrevolver : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]advertising[2].txt -> TrackingCookie.Advertising : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]atdmt[2].txt -> TrackingCookie.Atdmt : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]burstnet[1].txt -> TrackingCookie.Burstnet : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]doubleclick[1].txt -> TrackingCookie.Doubleclick : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Limpios.
C:\Documents and Settings\bisitante\Cookies\bisitante[arroba]adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]as-us.falkag[1].txt -> TrackingCookie.Falkag : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]fastclick[1].txt -> TrackingCookie.Fastclick : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]media.fastclick[2].txt -> TrackingCookie.Fastclick : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]ehg-hollywood.hitbox[1].txt -> TrackingCookie.Hitbox : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]hitbox[2].txt -> TrackingCookie.Hitbox : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]banner.newyorkcasino[2].txt -> TrackingCookie.Newyorkcasino : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]newyorkcasino[1].txt -> TrackingCookie.Newyorkcasino : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]overture[2].txt -> TrackingCookie.Overture : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]perf.overture[1].txt -> TrackingCookie.Overture : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]questionmarket[2].txt -> TrackingCookie.Questionmarket : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]revsci[1].txt -> TrackingCookie.Revsci : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]trafficmp[1].txt -> TrackingCookie.Trafficmp : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]valueclick[1].txt -> TrackingCookie.Valueclick : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]m.webtrends[2].txt -> TrackingCookie.Webtrends : Limpios.
C:\Documents and Settings\Guest\Cookies\guest[arroba]ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Limpios.
C:\Documents and Settings\alejandro lopez\Application Data\CloseDashKeep\cbaenoad.exe -> Trojan.Inject.qu : Limpios.
C:\Program Files\3wPlayer\minime.exe -> Trojan.Obfuscated.en : Limpios.


::Fin del informe

------------------------------------------------------------------

Por ultimo el reporte de ELISTARA.

Mon Feb 18 00:03:02 2008
EliStartPage v15.65 ©2008 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
C:\Documents and Settings\alejandro lopez\Favorites\Error Cleaner.url --> Eliminado (Fichero Complementario).
C:\Documents and Settings\alejandro lopez\Favorites\Privacy Protector.url --> Eliminado (Fichero Complementario).
C:\Documents and Settings\alejandro lopez\Favorites\Spyware&Malware Protection.url --> Eliminado (Fichero Complementario).
Eliminada Class, "{147A976E-EEE1-4377-8EA7-4716E4CDD239}" -> NULL1
Eliminada Class, "{9AFB8248-617F-460D-9366-D71CDEDA3179}" -> NULL1
Eliminada Carpeta "%Archivos de Programa%\FunWebProducts"
Eliminada Carpeta "%Archivos de Programa%\MyWebSearch"
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

Mon Feb 18 02:07:09 2008
EliStartPage v15.65 ©2008 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Linea Eliminada del HOSTS --> 127.0.0.1 bin.errorprotector.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 de.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 de.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.systemdoctor.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.windrivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 dynamique.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 errorprotector.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 es.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 fr.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 fr.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 hk.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 jsp.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 kb.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 kb.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 nl.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 se.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispam.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispy.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 support.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 ulog.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.errorprotector.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.systemdoctor.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.win-virus-pro.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.winantispam.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.winantispy.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.winantiviruspro.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.windrivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.windrivesafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 trial.updates.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winfixer2006.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.utils.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.winfixer2006.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 www.winsoftware.com ## added by CiD
Eliminados Ficheros Temporales del IE

Mon Feb 18 02:07:28 2008
EliStartPage v15.65 ©2008 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\Common Files\aolback\Comps\qt\QT.EXE --> Infectado, Puper-Isa
C:\Program Files\MessengerPlus! 3\MSGPLUS.EXE --> Infectado, MessengerPlus
C:\System Volume Information\_restore{65CB372D-E45C-438A-8D1D-62BA9819FA04}\RP885\A0220564.EXE --> Infectado, SaveNow (dropper)
C:\System Volume Information\_restore{65CB372D-E45C-438A-8D1D-62BA9819FA04}\RP885\A0220650.EXE --> Infectado, Swizzor(lop)

Nº Total de Directorios: 4246
Nº Total de Ficheros: 58991
Nº de Ficheros Analizados: 16774
Nº de Ficheros Infectados: 4
Nº de Ficheros Limpiados: 0

E

Hola de nuevo se me olvido mencionar que la pc va mucho mejor pero sigo teniendo un programa desconocido que se llama xp antivirus 2008 yo se que ustedes son los expertos pero igual esta referencia les pueda ayudar mas.
Muchas gracias por su ayuda .

Descarga SDFix :

http://downloads.andymanchesta.com/RemovalTools/SDFix.zip

Reiniciar eh iniciar en "Modo a prueba de fallos"
Hace doble-clic en SDFix.zip para extraer el contenido en C:\SDFix.
*NOTA: Algunos antivirus y/o programas anti-malware detectan el proceso "process.exe" como malicioso
Mis Documentos o carpeta donde has descargado "SDFix\SDFix.zip\SDFix.exe\Process.exe" y en
"C:\SDFix\apps\Process.exe" (Risktool.Win32.Processor.20)
Debes ignorar esas alertas y desactivar el antivirus temporalmente para permitir que SDFix lleve a cabo el proceso de desinfección.
Abre la carpeta C:\SDFix y haz doble-clic sobre el archivo "RunThis.bat".
En la pantalla en modo MS-DOS (modo con símbolo del sistema), teclea "Y" (Yes) para empezar la ejecución del programa. Aparecerá una ventana mostrando los siguientes textos:
Please wait...
"Checking Running Processes"
"Checking Running Services"
Se eliminarán todos los servicios (entradas 023 del log de HijackThis) relacionados con el troyano en cuestión y se realizarán las reparaciones pertinentes en el registro del sistema.
Cuando haya terminado, presiona cualquier tecla para reiniciar. Notarás que el sistema tardará algo más en reiniciar.
Esto es normal.
Cuando el PC haya reiniciado, aparecerá una ventana indicando lo siguiente:
"Stage Two"
"This may take 4-5 Minutes..."
"Please be patient as this may take a few minutes..."
"Checking for Remaining Files and Services..."
Se paciente y espera a que transcurran los 4 ó 5 minutos necesarios para completar el proceso de desinfección.
Por último, aparecerá la ventana "The FixTool has finished".
Presiona cualquier tecla para finalizar el script y cargar los iconos del Escritorio normalmente.
Se habrá generado un informe detallado "report.txt" en la carpeta C:\SDFix indicando los resultados de la limpieza y eliminación de los troyanos detectados, así como cualquier referencia de los mismos en el registro del sistema.
Reinicia y nos pones ese reporte y por último un nuevo log del hijack
salu2
caito

Hola lamentablemente no pude llevar a cabo la ultima peticion , realize todo perfectamente segun lo indicado pero en la pagina ms - dos despues de marcar la "y" me marcaba la siguiente informacion

'apps/process' is not recognized as an internal or external command, operable program or batch file.

por tal motivo no pude generar ningun reporte .

Agradezco su ayuda .gracias

Desconéctate físicamente de Internet (cables,ADSL, o Dial Up modem a tu PC )

Desactiva Restaurar Sistema (si tienes ME o XP )
http://www.trucoswindows.net/faq-VerFaq-5.html

Reinicia en Modo seguro o A prueba de Fallos
http://www.trucoswindows.net/foro/index.ph...32&#entry146932

Haz que se vean todos los archivos.
http://www.trucoswindows.net/foro/index.ph...99&#entry147099

Cierra todas las aplicaciones
Ejecuta el Hijack :
Busca “Open the Misc Tools Section"
Selecciona "Open process manager"
Busca los siguientes procesos:

Stupid regs.exe
ballnoun.exe
soproc.exe
xpa2008pro.exe

Y uno a uno termina estos procesos clickeando "Kill process" y “Yes”
Cuando terminas con todos clickea "Back"
Scan y luego Fix a estas:

C:\windows\CaseyVideo[2].scr
C:\PROGRA~1\SOFTWA~1\soproc.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8B89C194-7E9E-73D5-C2FB-A766A5CEAF23} - (no file)
O3 - Toolbar: (no name) - {D573EDD4-5DEA-4DF1-9D5A-329D6861EDC8} - (no file)
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 –u
O4 - HKLM\..\Run: [two city internet heck] C:\Documents and Settings\All Users\Application Data\does dog two city\Stupid regs.exe
O4 - HKCU\..\Run: [CaseyVideo[2]] c:\windows\CaseyVideo[2].scr
O4 - HKCU\..\Run: [curb mail] C:\DOCUME~1\ALEJAN~1\APPLIC~1\CLOSED~1\ballnoun.exe
O4 - HKCU\..\Run: [SOProc_SoRefRegSoAlertWxLiteNnAj] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack SoRefRegSoAlertWxLiteNnAj
O4 - HKCU\..\Run: [XP Antivirus] C:\Program Files\XP Antivirus\xpa2008pro.exe
O4 - Startup: .protected
O21 - SSODL: bfrgnos - {33C571EC-4194-499C-8BB7-682F7B38D174} - C:\WINDOWS\bfrgnos.dll
O21 - SSODL: afxlspw - {3F6A0358-631B-4CFB-9C6E-E68CDC842638} - C:\WINDOWS\afxlspw.dll

Cierra el Hijack.
Busca estos archivos y los eliminas: (pueden no estar )

C:\windows\CaseyVideo[2].scr
C:\PROGRA~1\SOFTWA~1\soproc.exe
C:\Documents and Settings\All Users\Application Data\does dog two city\Stupid regs.exe<solo si no sabes qué es
C:\DOCUME~1\ALEJAN~1\APPLIC~1\CLOSED~1\ballnoun.exe<solo si no sabes qué es
C:\Program Files\XP Antivirus\xpa2008pro.exe
C:\WINDOWS\bfrgnos.dll
C:\WINDOWS\afxlspw.dll

Borra con el Disk Cleaner :Archivos Temp. de Internet,Temp. de Sistema,cookies,historial , etc.

Vacía la Papelera

Ejecuta el Avg-antispyware
Reinicia normal, conecta Internet, pon el reporte del AVG Anti-Spyware y pega un nuevo log del Hijack.
Salu2
Caito

Ok anteds que nada mil discuplas por no haber respondido rapido pero ya saben trabajo y escuela .

Bueno realize lo antes mencionado y al parecer ya todo esta corriendo normal de igal te dejo el ultimo reporte del avg y del hijack.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:40 AM, on 2/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\BellSouth\AM\BellSouthAlertManager.exe
C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.mx/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {D573EDD4-5DEA-4DF1-9D5A-329D6861EDC8} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BellSouthAlertManager.exe] "C:\Program Files\BellSouth\AM\BellSouthAlertManager.exe" /AUTORUN
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\Bellsouth\HelpCenter40b\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [FastAccess Help] C:\Program Files\BellSouth Application Management\content\..\Start.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

--
End of file - 4879 bytes


y el de el avg aca
---------------------------------------------------------
AVG Anti-Spyware - Informe del análisis
---------------------------------------------------------

+ Creado en: 10:25:13 AM 2/19/2008

+ Resultado del análisis:



C:\Documents and Settings\alejandro lopez\Cookies\alejandro_lopez[arroba]doubleclick[1].txt -> TrackingCookie.Doubleclick : Limpios.
C:\Documents and Settings\alejandro lopez\Cookies\alejandro_lopez[arroba]revsci[1].txt -> TrackingCookie.Revsci : Limpios.


::Fin del informe

Falta eliminar esta:
O3 - Toolbar: (no name) - {D573EDD4-5DEA-4DF1-9D5A-329D6861EDC8} - (no file)
nos cuentas
salu2
caito

elimine esa ultima informacion y gracias a toda su colaboracion mi pc esta corriendo perfectamente libre de virus.

gracias por toda su amable ayuda.

Nos alegra que lo hayas arreglado
Damos x solucionado este tema
Salu2
Caito