PROBLEMAS CON: tibs dialer

Tema en 'Seguridad informática' comenzado por xezbet69, 28/7/06.

Estado del tema:
No está abierto para más respuestas.
  1. xezbet69

    xezbet69 Nuevo Miembro Miembro

    RESULTA QUE AYER ANDABA EN LA INTERNET Y VISITE MUCHAS PAGINAS, ENTONCES EN UNA DE ELLA HABIA MUCHOS LINKS, ACCIDENTALMENTE LE DI A UNO Y SE TRABO EL INTERNET EXPLORER... LO CERRE CON EL ADMINISTRADOR DE TAREAS Y AL CABO DE UNAS 2 HORAS ME APARECIO UN MENSAJE DEL SPYSWEEPER...QUE ME ALERTABA DE UN ADWARE LLAMADO: tibs dialer Y DE OTRO, QUE NO RECUERDO EL NOMBRE CON UN RIESGO ALTO DE INFECCION... INICIE EL HIJACKTHIS Y NO ENCONTRE NADA, CHEQUEN EL LOG USTEDES A VER SI ENCUENTRAN ALGO, AQUI ENVIO UNA IMAGEN DEL REPORTE DEL SPYSWEEPER, SEGUN LO ELIMINO, PERO DESPUES ME APARECIO OTRA VEZ...CHEQUEN POR FAVOR MI LOG, Y DIGANME ALGUNOS LINKS DE ANALISIS DE VIRUS Y SPYWARE EN LINEA PARA ANALIZARLA...



    LOG DE HIJACKTHIS:



    Logfile of HijackThis v1.99.1

    Scan saved at 06:40:09 p.m., on 27/07/2006

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\ms4w\Apache\bin\Apache.exe

    C:\Archivos de programa\Intel\IDU\awServ.exe

    C:\ms4w\Apache\bin\Apache.exe

    C:\WINDOWS\system32\crypserv.exe

    C:\Archivos de programa\Executive Software\Diskeeper\DkService.exe

    C:\Archivos de programa\Eset\nod32krn.exe

    C:\WINDOWS\system32\HPZipm12.exe

    C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

    C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeper.exe

    C:\WINDOWS\Explorer.EXE

    C:\Archivos de programa\Eset\nod32kui.exe

    C:\Archivos de programa\Intel\IDU\iptray.exe

    C:\Archivos de programa\Intel\IDU\awtray.exe

    C:\WINDOWS\SOUNDMAN.EXE

    C:\WINDOWS\ALCWZRD.EXE

    C:\WINDOWS\system32\igfxtray.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\igfxpers.exe

    C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeperUI.exe

    C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe

    C:\WINDOWS\Integrator.exe

    C:\Archivos de programa\Webroot\Spy Sweeper\SSU.EXE

    C:\WINDOWS\system32\rundll32.exe

    C:\Archivos de programa\Internet Explorer\iexplore.exe

    C:\HJT\HijackThis.exe



    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar2.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll

    O4 - HKLM\..\Run: [Acceso directo a la página de propiedades de High Definition Audio] HDAudPropShortcut.exe

    O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [ipTray.exe] "C:\Archivos de programa\Intel\IDU\iptray.exe"

    O4 - HKLM\..\Run: [awTray.exe] "C:\Archivos de programa\Intel\IDU\awtray.exe"

    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

    O4 - HKLM\..\Run: [SpySweeper] "C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

    O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background

    O4 - Startup: AntiCrash.lnk = C:\Archivos de programa\Dachshund Software\AntiCrash\AntiCrash.exe

    O4 - Global Startup: Acelerador de inicio de AutoCAD.lnk = C:\Archivos de programa\Archivos comunes\Autodesk Shared\acstart16.exe

    O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    O8 - Extra context menu item: &Búsqueda en Google - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmsearch.html

    O8 - Extra context menu item: &Traducir palabra inglesa - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmwordtrans.html

    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Instantánea de caché de la página - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmcache.html

    O8 - Extra context menu item: Páginas similares - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmsimilar.html

    O8 - Extra context menu item: Páginas vinculadas - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmbacklinks.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll

    O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe

    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

    O23 - Service: Apache Web Server (ApacheWebServer) - Unknown owner - C:\ms4w\Apache\bin\Apache.exe" -k runservice (file missing)

    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe

    O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Archivos de programa\Intel\IDU\awServ.exe

    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Archivos de programa\Executive Software\Diskeeper\DkService.exe

    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe

    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

    O23 - Service: Motor de Spy Sweeper de Webroot (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeper.exe



    HASTA PRONTO, ESPERO ME PUEDAN AYUDAR...
  2. Lestat

    Lestat Nuevo Miembro Miembro

  3. xezbet69

    xezbet69 Nuevo Miembro Miembro

    OK.. YA HICE LO QUE ME DIJISTE, Y TANTO EL KASPERSKY COMO EL PANDA DETECTARON VIRUS, UNOS ERAN LOS MISMOS, UNOS ARCHIVOS .EXE QUE ESTABAN EN LA PC, LOS ELIMINE MANUALMENTE YA QUE ME PEDIAN QUE COMPRARA EL ANTIVIRUS PARA QUITARLOS...JEJEJE.....EL EWIDO TAMBIEN DETECTO ALGUNOS Y LOS PUSO EN CUARENTENA... AQUI OS DEJO LOS REPORTES:



    REPORTE DE PANDA:



    Incident Status Location



    Virus:Trj/Delf.ABB Disinfected C:\Archivos de programa\Intel\IDU\xpfwtool.exe

    Potentially unwanted tool:Application/JohnTheRipper.A Not disinfected F:\RECYCLER\S-1-5-21-343818398-1965331169-725345543-1003\Df2.zip[john-16/run/john.exe]

    Potentially unwanted tool:Application/JohnTheRipper.A Not disinfected F:\RECYCLER\S-1-5-21-343818398-1965331169-725345543-1003\Df2.zip[john-16/run/john-k6.zip][john.exe]

    Potentially unwanted tool:Application/JohnTheRipper.A Not disinfected F:\RECYCLER\S-1-5-21-343818398-1965331169-725345543-1003\Df2.zip[john-16/run/john-mmx.zip][john.exe]





    REPORTE DE KASPERSKY



    KASPERSKY ONLINE SCANNER REPORT

    Saturday, July 29, 2006 10:29:46 AM

    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

    Kaspersky Online Scanner version: 5.0.83.0

    Kaspersky Anti-Virus database last update: 29/07/2006

    Kaspersky Anti-Virus database records: 198159





    Scan Settings

    Scan using the following antivirus database standard

    Scan Archives true

    Scan Mail Bases true



    Scan Target My Computer

    A:\

    C:\

    D:\

    E:\

    F:\

    G:\

    H:\

    I:\

    J:\

    K:\



    Scan Statistics

    Total number of scanned objects 35649

    Number of viruses found 5

    Number of infected objects 16 / 0

    Number of suspicious objects 0

    Duration of the scan process 00:29:52



    Infected Object Name Virus Name Last Action

    C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2006-07-29.09-23-23.log Object is locked skipped



    C:\Archivos de programa\ESET\cache\CACHE.NDB Object is locked skipped



    C:\Archivos de programa\ESET\infected\0CUAMYDA.NQF Infected: HackTool.Win32.John skipped



    C:\Archivos de programa\ESET\infected\2U5QGIBA.NQF Infected: Trojan-Dropper.Win32.VB.lu skipped



    C:\Archivos de programa\ESET\infected\BUBFAWCA.NQF Infected: HackTool.Win32.John skipped



    C:\Archivos de programa\ESET\infected\W5HUHUCA.NQF Infected: Trojan-Dropper.Win32.VB.lu skipped



    C:\Archivos de programa\ESET\infected\X3EA4PBA.NQF Infected: P2P-Worm.Win32.VB.dw skipped



    C:\Archivos de programa\ESET\logs\virlog.dat Object is locked skipped



    C:\Archivos de programa\ESET\logs\warnlog.dat Object is locked skipped



    C:\Archivos de programa\Microsoft Office\OFFICE11\Macros\EUROTOOL.XLA Object is locked skipped



    C:\Archivos de programa\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped



    C:\Archivos de programa\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped



    C:\Archivos de programa\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped



    C:\Archivos de programa\Webroot\Spy Sweeper\Masters.base Object is locked skipped



    C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped



    C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped



    C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped



    C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped



    C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped



    C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped



    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS070E1DED-204E-4B93-8990-E277825F44F1.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS0971C2F1-EAF2-4AEC-8660-A545D4C5EDFB.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS0A7B2EA0-EF89-4FD6-8DE2-557ABED51AA0.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS0D144A73-4134-4340-9D23-68B2218A3180.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS0EA1E129-AA7E-48EC-9FD7-B21212727985.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS0F573499-8AB4-489A-8D53-3A57D3C0431D.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS0F5768C0-70BE-4E9A-8E67-7BAE83311E84.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS13A2BFCD-D7E5-4AF4-A1C9-00601E8119FB.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS142F24E7-0832-4197-9872-D79D8D7EFF3B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS14B53EC0-9673-45D3-9EC2-BC2587576275.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS15F1AF6C-2B9C-4754-8F6D-3DFE8847EF10.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS169AA462-391A-489D-A0D4-24E97D253F17.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS1FF2EFA0-4DB3-4AF6-A991-6DB6252A6B02.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS20E66107-1F26-4794-8BB6-E5CF099E1840.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS21E12C09-417F-4589-98F5-DD4C408B55B6.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS236687B3-C740-4C9C-ADA3-F20A14656756.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS23ACB753-CC6B-4A16-AD52-5F403EDA0859.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS242E2BD6-8E7E-4528-B605-28495E12D9AE.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS27E9FEA4-DFB7-40A5-B39A-CBEF5AD32BB1.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS2CD592C1-1A85-4E7A-8E13-96A1A9496987.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS3218F05D-67CE-42C8-B86C-BA6AED6BC598.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS359BD0A9-C6B2-4A75-AFAF-F6B6EB95C570.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS365F02A6-96E3-4E5C-B2C2-EAF702853CCB.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS369708DC-9341-47F9-8EFE-8893A5D92B44.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS38B4FE03-7BC7-4088-8D25-433D7117F9CC.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS3A0B413E-62CD-4285-9C7C-293FA2762195.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS3ECFB4AE-7757-4E40-983E-C5E0A5A695BF.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS401916FB-CD04-4F71-BBDB-F1E5D003C1CC.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS40E0C979-AE3A-4B17-B616-DA7A53B5B4FB.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS41CC235B-8C2A-43E8-B921-32E49635E75E.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS430A854A-7974-4738-AA0C-8C990591927B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS43718AB8-46F8-49A3-816D-AB7F9E1DE25E.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS45378B0A-96B2-49FC-AB4A-A0C47030D86B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS481527E8-AAB3-4C90-8E13-0344F65BF4F4.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS4C3DFAD3-D8A7-4834-9577-FD719E3DEDFE.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS4C8F35BD-3574-4319-8821-4352DC966CA6.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS4F193D0B-6007-421F-8B8D-C156ADDD5B98.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS55896547-EC85-4D91-AA91-B0CF3E4249FF.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS56129827-9D2E-44BB-A30E-9AEDF9275DD1.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS5638E64D-321D-4CEF-991C-4F5513426952.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS5C2995E0-F383-4A96-89BE-230B27C6A3B2.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS6296E611-89D5-4CDA-B368-2D6CFC0A3350.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS64569C90-29AB-41B8-BE6D-9120CC965DDD.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS65035436-4938-4E28-BF59-1E254FAE0874.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS6A60D12C-B31B-4974-9BED-0C48074A675B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS6B25FE3D-5068-4371-9C5C-BC89B32B7571.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS6B3DEE11-B331-4BCE-B33A-15531D853951.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS6D7CE673-8901-4D71-BA5C-EB3BC426DE4C.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS6E803EA2-3E7E-4659-8FA2-E1D2FCA88425.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS6F14624E-4AF6-45F6-9D80-BE28176166B6.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS6F3C813E-2D26-409B-8FCE-038DC8439372.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS70BF4283-0D5F-47D4-8E19-45CBD182360B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS71BC3318-0055-407A-BFFD-934BEF2236C4.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS734A4149-9658-4AD3-B6D1-23DD41977EA5.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS746F6C66-CBA8-44E8-9B0B-C5FD627D67F5.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS784E1F05-D60F-46F7-B207-67B1C0A48445.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS7AAA95FC-880E-4EE8-B9BC-CA40667DC67D.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS7EB2A39C-007A-4071-A204-687158D7C2B4.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS7EE1D888-56B4-42B9-B932-59E4F43E504F.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS845F7A7C-5AEE-4CFB-824E-3360877F1DE3.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS87140F09-5D9A-4803-A452-21A365209886.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS890F4A07-3B4B-4B1E-BE0E-91B07020A7B9.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS89658D28-03BE-4691-AC27-5D013A3CD676.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS8A8339A6-146F-4D4E-9BD7-BF87AEE6BF94.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS906188BB-53CD-48DA-B897-42ED8D010FCC.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS90960DFC-B4B0-4E2A-B4EB-97EBA271E070.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS9103BADA-6678-4FDA-86C9-4CAF20E80B7C.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS91B6BAED-4625-49EA-BF91-D0421B1CC849.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS9203446A-C412-4BCA-8FF6-EF2A5F2615EA.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS927A4BFD-BC01-471E-8EFF-4838364E671D.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS930E3357-F731-429B-A88D-EEC088D36F1C.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS933AADED-C13D-4A31-9E6F-1E548276301D.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS97E0AC22-2D84-40D2-A4ED-F95FEB8898FA.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS98319D0E-95A7-4905-AD07-6BBBD6053DCB.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS990C2F8A-3125-4732-B865-49679E889B7B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCS9977C78A-1EAA-4760-BC9B-7985B690F225.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSA6E4FB0F-7F25-427A-A0D7-CC760CB956E5.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSABEDC991-9EB3-4E13-BA2D-BD47A4C7C29A.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSB005B868-D553-4928-9D57-6CACE297A1D2.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSB0160ECC-403B-4F44-A126-76ED12D3286B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSB129850F-2952-4929-B40E-924EC9F3A17E.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSB3D2C5B1-8272-4213-971B-9209CFAEDE24.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSB3D72F94-4E08-402A-95F8-C93DE8565F79.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSBA2DDB3D-396B-413D-8B97-300122EF8F00.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSBD0BFDDA-5464-4DDF-B5FD-AA33CBD76418.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSBF7BF7C7-D7FC-4888-80EB-0BD4085FFCB9.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSC21D0D4E-CACE-43B4-B5C0-AB8869A1E390.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSC24265C3-1449-47A4-9CF1-457CB8C78A16.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSC992D510-DB37-4F22-9AB1-A876AE504D97.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSCA8837D2-C78A-4CEE-B8A8-69859D51EB3B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSCEFC7E1E-5DAF-44EA-A46B-A22E9356E04E.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSD06ED9E7-3C3F-4CBA-9BA5-8DDB184C9A7D.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSD1A8862D-94CC-4771-9529-15D17F75A0BE.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSD7D8B132-C798-4B98-83C3-A6E524666C0B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSD9273912-FA1E-41E1-ABF1-44864831062D.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSDA04251A-6059-4A7C-88DF-E56C33102751.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSDA26C2C7-AA6B-4B83-BA76-AD98E9DD9082.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSDA2C82C4-24D8-4B7E-9A50-8C15A444F221.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSDAC6BE0E-E70C-431A-96D0-302B6F9545A4.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSDECF4687-5004-4F76-B639-8DE9D974841B.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSDFF70FC2-5282-481A-959D-C04ACC909C40.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSE168732D-7AC7-4F44-989A-867FE0C762F4.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSE48E59CE-0E40-4C20-8D25-3C7079E6B2DC.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSE648113E-A055-4037-ABA9-3E9D50169ED7.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSF3454B7D-BCDE-4F9F-A484-CF227EB4DAD6.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSFB7C30F5-F99C-4DF0-9231-B8226052A243.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSFD4704FE-7E7A-4460-B7D8-5F7CF2E0990D.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSFE2F298F-CB71-461F-A245-9453977E7E34.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\Datos de programa\Webroot\Spy Sweeper\Temp\SSCSFE2FB8CF-4E9B-46FA-9D24-F40A002AAA28.tmp Object is locked skipped



    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped



    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped



    C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped



    C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped



    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped



    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped



    C:\Documents and Settings\Noe\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped



    C:\Documents and Settings\Noe\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped



    C:\Documents and Settings\Noe\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped



    C:\Documents and Settings\Noe\Configuración local\Historial\History.IE5\index.dat Object is locked skipped



    C:\Documents and Settings\Noe\Configuración local\Historial\History.IE5\MSHist012006072920060730\index.dat Object is locked skipped



    C:\Documents and Settings\Noe\Configuración local\Temp\~DFBE55.tmp Object is locked skipped



    C:\Documents and Settings\Noe\Configuración local\Temp\~DFE801.tmp Object is locked skipped



    C:\Documents and Settings\Noe\Configuración local\Temp\~DFF5FE.tmp Object is locked skipped



    C:\Documents and Settings\Noe\Cookies\index.dat Object is locked skipped



    C:\Documents and Settings\Noe\Datos de programa\Webroot\Spy Sweeper\Logs\060727140347.ses Object is locked skipped



    C:\Documents and Settings\Noe\NTUSER.DAT Object is locked skipped



    C:\Documents and Settings\Noe\ntuser.dat.LOG Object is locked skipped



    C:\ms4w\Apache\logs\access.log Object is locked skipped



    C:\ms4w\Apache\logs\error.log Object is locked skipped



    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped



    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped



    C:\WINDOWS\SchedLgU.Txt Object is locked skipped



    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped



    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped



    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped



    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped



    C:\WINDOWS\system32\config\default Object is locked skipped



    C:\WINDOWS\system32\config\default.LOG Object is locked skipped



    C:\WINDOWS\system32\config\SAM Object is locked skipped



    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped



    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped



    C:\WINDOWS\system32\config\SECURITY Object is locked skipped



    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped



    C:\WINDOWS\system32\config\software Object is locked skipped



    C:\WINDOWS\system32\config\software.LOG Object is locked skipped



    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped



    C:\WINDOWS\system32\config\system Object is locked skipped



    C:\WINDOWS\system32\config\system.LOG Object is locked skipped



    C:\WINDOWS\system32\h323log.txt Object is locked skipped



    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped



    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped



    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped



    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped



    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped



    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped



    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped



    C:\WINDOWS\Temp\Perflib_Perfdata_8a0.dat Object is locked skipped



    C:\WINDOWS\WindowsUpdate.log Object is locked skipped



    F:\Shared\02 Track 2 (ntrance).wm Infected: Trojan-Downloader.WMA.Wimad.d skipped



    F:\Shared\Eighties classic (ntrance).wm Infected: Trojan-Downloader.WMA.Wimad.c skipped



    F:\Shared\John the Ripper -- password cracker john-16w.zip/john-16/run/john.exe Infected: HackTool.Win32.John skipped



    F:\Shared\John the Ripper -- password cracker john-16w.zip/john-16/run/john-k6.zip/john.exe Infected: HackTool.Win32.John skipped



    F:\Shared\John the Ripper -- password cracker john-16w.zip/john-16/run/john-k6.zip Infected: HackTool.Win32.John skipped



    F:\Shared\John the Ripper -- password cracker john-16w.zip/john-16/run/john-mmx.zip/john.exe Infected: HackTool.Win32.John skipped



    F:\Shared\John the Ripper -- password cracker john-16w.zip/john-16/run/john-mmx.zip Infected: HackTool.Win32.John skipped



    F:\Shared\John the Ripper -- password cracker john-16w.zip ZIP: infected - 5 skipped



    F:\Shared\Top of Charts - 2003 (ntrance).wm Infected: Trojan-Downloader.WMA.Wimad.c skipped



    F:\Shared\Top of Charts - 2004 (ntrance).wm Infected: Trojan-Downloader.WMA.Wimad.c skipped



    F:\Shared\Top of Charts - 2005 (ntrance).wm Infected: Trojan-Downloader.WMA.Wimad.c skipped



    F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped



    F:\Trabajo\COORDINACION\LARGUILLO DE OBRA KONDE AL 28-07-2006.xls Object is locked skipped



    F:\Trabajo\G Y G CONSTRUCCION S.A. DE C.V\INFORMES\INFORME 24 GYG (24 - 30 JULIO 2006).xls Object is locked skipped



    F:\Trabajo\KONDE S.A DE C.V\ESTIMACIONES\ESTIMACION No. 4 C\Generadores de Terracerias est 4C.xls Object is locked skipped



    F:\Trabajo\SUPERVISA\BOVEDA 113+194\Armado Boveda.dwg Object is locked skipped



    F:\Trabajo\SUPERVISA\BOVEDA 113+194\Armado Boveda.dwl Object is locked skipped



    Scan process completed.





    REPORTE DEL EWIDO:





    ---------------------------------------------------------

    ewido anti-spyware - Scan Report

    ---------------------------------------------------------



    + Created at: 05:53:01 p.m. 28/07/2006



    + Scan result:







    F:\estrellita\wgatray.exe -> Adware.BargainBuddy : No action taken.

    F:\Shared\mungabunga prog para cagar cuentas de msn pero tiene troyano.exe -> Backdoor.DSSdoor.b : No action taken.

    F:\Shared\01 Track 1 (ancient).wm -> Downloader.Wimad.d : No action taken.

    C:\Archivos de programa\ESET\infected\TQH2FODA.NQF -> Dropper.Delf.vt : No action taken.

    C:\Archivos de programa\ESET\infected\BUBFAWCA.NQF -> Not-A-Virus.HackTool.Win32.John : No action taken.

    F:\Shared\John the Ripper -- password cracker john-16w.zip/john-16/run/john-k6.zip/john.exe -> Not-A-Virus.HackTool.Win32.John : No action taken.

    F:\Shared\John the Ripper -- password cracker john-16w.zip/john-16/run/john-mmx.zip/john.exe -> Not-A-Virus.HackTool.Win32.John : No action taken.

    F:\Shared\John the Ripper -- password cracker john-16w.zip/john-16/run/john.exe -> Not-A-Virus.HackTool.Win32.John : No action taken.

    C:\Documents and Settings\Noe\Cookies\noe@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.





    ::Report end









    LOG DE HIJACKTHIS DESPUES DE HABER HECHO TODO ESO...





    Logfile of HijackThis v1.99.1

    Scan saved at 11:07:28 a.m., on 29/07/2006

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\ms4w\Apache\bin\Apache.exe

    C:\Archivos de programa\Intel\IDU\awServ.exe

    C:\ms4w\Apache\bin\Apache.exe

    C:\WINDOWS\system32\crypserv.exe

    C:\Archivos de programa\Executive Software\Diskeeper\DkService.exe

    C:\Archivos de programa\ewido anti-spyware 4.0\guard.exe

    C:\Archivos de programa\Eset\nod32krn.exe

    C:\WINDOWS\system32\HPZipm12.exe

    C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

    C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeper.exe

    C:\WINDOWS\Explorer.EXE

    C:\Archivos de programa\Eset\nod32kui.exe

    C:\Archivos de programa\Intel\IDU\iptray.exe

    C:\Archivos de programa\Intel\IDU\awtray.exe

    C:\WINDOWS\SOUNDMAN.EXE

    C:\WINDOWS\ALCWZRD.EXE

    C:\WINDOWS\system32\igfxtray.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\igfxpers.exe

    C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeperUI.exe

    C:\Archivos de programa\ewido anti-spyware 4.0\ewido.exe

    C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe

    C:\WINDOWS\Integrator.exe

    C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE

    C:\Archivos de programa\Microsoft Office\OFFICE11\EXCEL.EXE

    C:\Archivos de programa\Webroot\Spy Sweeper\SSU.EXE

    C:\HJT\HijackThis.exe



    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar2.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll

    O4 - HKLM\..\Run: [Acceso directo a la página de propiedades de High Definition Audio] HDAudPropShortcut.exe

    O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [ipTray.exe] "C:\Archivos de programa\Intel\IDU\iptray.exe"

    O4 - HKLM\..\Run: [awTray.exe] "C:\Archivos de programa\Intel\IDU\awtray.exe"

    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

    O4 - HKLM\..\Run: [SpySweeper] "C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

    O4 - HKLM\..\Run: [!ewido] "C:\Archivos de programa\ewido anti-spyware 4.0\ewido.exe" /minimized

    O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background

    O4 - Startup: AntiCrash.lnk = C:\Archivos de programa\Dachshund Software\AntiCrash\AntiCrash.exe

    O4 - Global Startup: Acelerador de inicio de AutoCAD.lnk = C:\Archivos de programa\Archivos comunes\Autodesk Shared\acstart16.exe

    O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    O8 - Extra context menu item: &Búsqueda en Google - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmsearch.html

    O8 - Extra context menu item: &Traducir palabra inglesa - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmwordtrans.html

    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Instantánea de caché de la página - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmcache.html

    O8 - Extra context menu item: Páginas similares - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmsimilar.html

    O8 - Extra context menu item: Páginas vinculadas - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmbacklinks.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll

    O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe

    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

    O23 - Service: Apache Web Server (ApacheWebServer) - Unknown owner - C:\ms4w\Apache\bin\Apache.exe" -k runservice (file missing)

    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe

    O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Archivos de programa\Intel\IDU\awServ.exe

    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Archivos de programa\Executive Software\Diskeeper\DkService.exe

    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Archivos de programa\ewido anti-spyware 4.0\guard.exe

    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe

    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

    O23 - Service: Motor de Spy Sweeper de Webroot (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeper.exe







    OK...ESPERO NO ESTE ALGO EXTRAÑO POR AHI... GRACIAS POR SU AYUDA, EL MENSAJE DEL SPYSWEEPER YA NO HA SALIDO CRE0 YA SE ELIMINO EL PROBLEMA, MUCHAS GRACIAS...
  4. Caito

    Caito Nuevo Miembro Miembro

    Tambien lo veo limpio, podrías borrar archivos innecesarios con el disck cleaner (o similar)y eliminar el contenido de las carpetas tipo cuarentena.

    Podemos cerrar este tema

    Salu2

    Caito
Estado del tema:
No está abierto para más respuestas.

Comparte esta página