problema

Estado
Cerrado para nuevas respuestas

donochile

Nuevo Miembro
Miembro
#1
bueno lo que pasa es que derrepente me aparecieron unos iconos ( los que tienen los puntos en la imagen) resulta que yo trate de borrarlos como todo, el boton derecho>delete , pero no me deja nisiquiera moverlos. Un amigo me dijo que intale el Ad-Aware SE y un Spybot Search and Destroy . Los intale y los quito pero cada vez que reinicio el computador están , espero que me ayuden para que no me aparescan mas ;)

Saludos y Feliz Año

esta es la foto del escritorio
 

Espaiderman

Nuevo Miembro
Miembro
#2
La respuesta esta aquí ami me pasaba lo mismo

Aparte por favor, bajate el HijackThis 1.99.0 descomprimelo en c:\ ejecutalo, dale a Do a system scan and save a log, salva el log y copialo aquí.
 

donochile

Nuevo Miembro
Miembro
#3
hice lo que me dijiste y este es el log

Logfile of HijackThis v1.99.0

Scan saved at 2:54:38 PM, on 12/31/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

D:\Program Files\Norton AntiVirus\navapsvc.exe

D:\Program Files\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\ezSP_Px.exe

C:\program files\support.com\client\bin\tgcmd.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Yahoo!\browser\ybrwicon.exe

C:\Program Files\2Wire\2PortalMon.exe

C:\PROGRA~1\Yahoo!\browser\ycommon.exe

C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Browser MOUSE\mouse32a.exe

C:\Program Files\Messenger Plus! 3\MsgPlus.exe

C:\Program Files\QuickTime\qttask.exe

D:\Program Files\SinEspias\No-Spy.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\2Wire Wireless\Client Manager\CMTWO.EXE

D:\Raul's Digital Picture 2004\SonyTray.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

D:\Program Files\Opera\opera.exe

C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://npyndezknltsgd.biz/dJ27Al0q1M6GSwtW...Phfz/VqkAb.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O1 - Hosts: 66.98.178.19 06272002-dbase.hitcountz.net

O1 - Hosts: 66.98.178.19 1ca.cqcounter.com

O1 - Hosts: 66.98.178.19 2001-007.com

O1 - Hosts: 66.98.178.19 ad-logics.com

O1 - Hosts: 66.98.178.19 ad.trafficmp.com

O1 - Hosts: 66.98.178.19 adclient.rottentomatoes.com

O1 - Hosts: 66.98.178.19 adcounter.globeandmail.com

O1 - Hosts: 66.98.178.19 adcounter.theglobeandmail.com

O1 - Hosts: 66.98.178.19 adlog.com.com

O1 - Hosts: 66.98.178.19 admanmail.com

O1 - Hosts: 66.98.178.19 ads.specificpop.com

O1 - Hosts: 66.98.178.19 adtech.de

O1 - Hosts: 66.98.178.19 askmen.thruport.com

O1 - Hosts: 66.98.178.19 banner.0catch.com

O1 - Hosts: 66.98.178.19 bilbo.counted.com

O1 - Hosts: 66.98.178.19 c1.statcounter.com

O1 - Hosts: 66.98.178.19 c1.thecounter.com

O1 - Hosts: 66.98.178.19 c2.gostats.com

O1 - Hosts: 66.98.178.19 c2.thecounter.com

O1 - Hosts: 66.98.178.19 c3.thecounter.com

O1 - Hosts: 66.98.178.19 c3.xxxcounter.com

O1 - Hosts: 66.98.178.19 cashcounter.com

O1 - Hosts: 66.98.178.19 cgi.hotstat.nl

O1 - Hosts: 66.98.178.19 clit6.sextracker.com

O1 - Hosts: 66.98.178.19 clit8.sextracker.com

O1 - Hosts: 66.98.178.19 cookies.cmpnet.com

O1 - Hosts: 66.98.178.19 counter.aaddzz.com

O1 - Hosts: 66.98.178.19 counter.bloke.com

O1 - Hosts: 66.98.178.19 counter.hitslink.com

O1 - Hosts: 66.98.178.19 counter.yadro.ru

O1 - Hosts: 66.98.178.19 counter14.sextracker.com

O1 - Hosts: 66.98.178.19 counter16.bravenet.com

O1 - Hosts: 66.98.178.19 counter17.bravenet.com

O1 - Hosts: 66.98.178.19 counter2.hitslink.com

O1 - Hosts: 66.98.178.19 counter26.bravenet.com

O1 - Hosts: 66.98.178.19 counter32.bravenet.com

O1 - Hosts: 66.98.178.19 counter34.breavenet.com

O1 - Hosts: 66.98.178.19 counter41.bravenet.com

O1 - Hosts: 66.98.178.19 counter47.bravenet.com

O1 - Hosts: 66.98.178.19 counter6.sextracker.com

O1 - Hosts: 66.98.178.19 counter8.bravenet.com

O1 - Hosts: 66.98.178.19 data.coremetrics.com

O1 - Hosts: 66.98.178.19 delivery.loopingclick.com

O1 - Hosts: 66.98.178.19 dwclick.com

O1 - Hosts: 66.98.178.19 ebay.doubleclick.net

O1 - Hosts: 66.98.178.19 ehg-amerix.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-bestbuy.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-crain.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-dig.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-eckounlimited.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-espn.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-idg.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-liveperson.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-oreilley.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-space.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-sportsline.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-techtarget.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-tigerdirect.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-uniontrib.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-viacom.hitbox.com

O1 - Hosts: 66.98.178.19 ehg.commjun.hitbox.com

O1 - Hosts: 66.98.178.19 ehg.hitbox.com

O1 - Hosts: 66.98.178.19 fastclick.net

O1 - Hosts: 66.98.178.19 fcstats.bcentral.com

O1 - Hosts: 66.98.178.19 flycast.com

O1 - Hosts: 66.98.178.19 g-wizzads.net

O1 - Hosts: 66.98.178.19 gostats.com

O1 - Hosts: 66.98.178.19 gtcc1.acecounter.com

O1 - Hosts: 66.98.178.19 hc2.humanclick.com

O1 - Hosts: 66.98.178.19 hit2.hotlog.ru

O1 - Hosts: 66.98.178.19 hit37.chark.dk

O1 - Hosts: 66.98.178.19 hitbox.com

O1 - Hosts: 66.98.178.19 hits.webstat.com

O1 - Hosts: 66.98.178.19 images.dailydiscounts.com

O1 - Hosts: 66.98.178.19 imp.clickability.com

O1 - Hosts: 66.98.178.19 impacts.alliancehub.com

O1 - Hosts: 66.98.178.19 insightfirst.com

O1 - Hosts: 66.98.178.19 int.sitestat.com

O1 - Hosts: 66.98.178.19 jkearns.freestats.com

O1 - Hosts: 66.98.178.19 linktrack.bravenet.com

O1 - Hosts: 66.98.178.19 logs.comics.com

O1 - Hosts: 66.98.178.19 m1.nedstatbasic.net

O1 - Hosts: 66.98.178.19 media101.sitebrand.com

O1 - Hosts: 66.98.178.19 mt122.mtree.com

O1 - Hosts: 66.98.178.19 nedstat.s0.nl

O1 - Hosts: 66.98.178.19 nl.sitestat.com

O1 - Hosts: 66.98.178.19 partner.alerts.aol.com

O1 - Hosts: 66.98.178.19 paxito.sitetracker.com

O1 - Hosts: 66.98.178.19 perso.estat.com

O1 - Hosts: 66.98.178.19 pmg.ad-logics.com

O1 - Hosts: 66.98.178.19 postclick.adcentriconline.com

O1 - Hosts: 66.98.178.19 prof.estat.com

O1 - Hosts: 66.98.178.19 s10.sitemeter.com

O1 - Hosts: 66.98.178.19 s11.sitemeter.com

O1 - Hosts: 66.98.178.19 s12.sitemeter.com

O1 - Hosts: 66.98.178.19 s13.sitemeter.com

O1 - Hosts: 66.98.178.19 s14.sitemeter.com

O1 - Hosts: 66.98.178.19 s15.sitemeter.com

O1 - Hosts: 66.98.178.19 s16.sitemeter.com

O1 - Hosts: 66.98.178.19 s2.statcounter.com

O1 - Hosts: 66.98.178.19 sm1.sitemeter.com

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll

O2 - BHO: (no name) - {3A31B543-9E02-CDE0-2D2A-9F1D0A3016FE} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {8DA5457F-A8AA-4CCF-A842-70E6FD274094} - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll (file missing)

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: (no name) - {00649EC3-E572-11D3-8F5F-00C0DFEF760F} - (no file)

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe

O4 - HKLM\..\Run: [ZTgServerSwitch] "c:\program files\support.com\client\bin\tgcmd.exe" /server

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe

O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe

O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"

O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe

O4 - HKLM\..\Run: [sysu] "C:\progra~1\ddm\sysu.exe"

O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe

O4 - HKLM\..\Run: [Dimension] C:\Program Files\Dimension\Dimension.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe

O4 - HKLM\..\Run: [COPYHEARTAIMDEFAULT] C:\Documents and Settings\All Users\Application Data\BYTESAVECOPYHEART\infomfcd.exe

O4 - HKLM\..\Run: [No Spy] "D:\Program Files\SinEspias\No-Spy.exe" /autorun

O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [DefaultBind] C:\DOCUME~1\monos\APPLIC~1\GPLMET~1\nurb fast bin.exe

O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: 2Wire Wireless Client Manager.lnk = ?

O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe

O4 - Global Startup: Image Transfer.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000

O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll

O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll

O9 - Extra button: Software - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\emule-pillasoft\index.html (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra button: (no name) - CmdMapping- - (no file) (HKCU)

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {00649EC0-E572-11D3-8F5F-00C0DFEF760F} - http://cfm.telepolis.com/usuarios/Alta/Net...pi_2,0,0,12.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab

O16 - DPF: {0FFFFFFF-0FFF-0FFF-0FFF-0FFFFFFFFFFF} - http://www.h-desk-soft.com/hdesk_offer_02/HDeskSetup_A.exe

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab28177.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab

O16 - DPF: {5F426A93-0821-47D2-A126-5A48A874B289} - http://212.145.159.194/251065/dialercab/WebRecomendada.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6596829B-37D4-40AD-971B-1E9041725C52} - http://www.direct-ip.com/deliver/usa/ms.cab

O16 - DPF: {73F0FD85-BD47-4A95-86D1-DE38860462C1} - http://213.254.243.5/data/dialercab/IberoDialerHTML.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {94118C19-B178-4E43-BBE8-0EFDBB391BDB} (SysWebTelecom Class) - http://www.sponsoradulto.com/SysWebTelecom2.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab28177.cab

O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab

O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/eng/check/qdiagh.cab?315

O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/crack.CAB

O23 - Service: .NET Framework Service - Unknown - C:\WINDOWS\svchost.exe (file missing)

O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Servicio Auto-Protect de Norton AntiVirus - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
 

alnitak

Ex-Admin
Miembro
#4
NOTA IMPORTANTE: Por favor, no posteen sus logs juntos a los de otra persona porque se prestará a generar confusión, abran un nuevo tema para plantear su problema y posteen su log ahí.
Hola,
Por favor, Desinstala el sin espia y desactiva o desinstala SPYBOT antes de seguir las instrucciones

si dispones de un punto de restauración anterior a los problemas deberías intentar usarlo y después tomar otro log, es la única manera segura y la más rápida de solucionar el problema. Si no dispones de un punto de restauración sigue las siguientes instrucciones:

Por favor, bájate e instala el Disk Cleaner

Asegúrate que tu sistema operativo muestre los archivos y carpetas ocultos:

Mostrar archivos ocultos

Reinicia el sistema en modo seguro:

Como reiniciar a prueba de fallos

Ejecuta el HijackThis 1.99.0.

Cierra todos los navegadores, tanto los navegadores Web como el Explorador de Windows (es indispensable que los cierres o no resultará)

Corre el HijackThis, dale a Scan , revisa las casillas de las siguientes entradas y dale a fix:

R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {3A31B543-9E02-CDE0-2D2A-9F1D0A3016FE} - (no file)
O2 - BHO: (no name) - {8DA5457F-A8AA-4CCF-A842-70E6FD274094} - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll (file missing)
O3 - Toolbar: (no name) - {00649EC3-E572-11D3-8F5F-00C0DFEF760F} - (no file)
O4 - HKLM\..\Run: [sysu] "C:\progra~1\ddm\sysu.exe"
04 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [COPYHEARTAIMDEFAULT] C:\Documents and Settings\All Users\Application Data\BYTESAVECOPYHEART\infomfcd.exe
O4 - HKCU\..\Run: [DefaultBind] C:\DOCUME~1\monos\APPLIC~1\GPLMET~1\nurb fast bin.exe
O9 - Extra button: Software - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\emule-pillasoft\index.html (file missing)
O16 - DPF: {0FFFFFFF-0FFF-0FFF-0FFF-0FFFFFFFFFFF} - http://www.h-desk-soft.com/hdesk_offer_02/HDeskSetup_A.exe
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {5F426A93-0821-47D2-A126-5A48A874B289} - http://212.145.159.194/251065/dialercab/WebRecomendada.cab
O16 - DPF: {73F0FD85-BD47-4A95-86D1-DE38860462C1} - http://213.254.243.5/data/dialercab/IberoDialerHTML.cab
O16 - DPF: {94118C19-B178-4E43-BBE8-0EFDBB391BDB} (SysWebTelecom Class) - http://www.sponsoradulto.com/SysWebTelecom2.cab
O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/crack.CAB
O23 - Service: .NET Framework Service - Unknown - C:\WINDOWS\svchost.exe (file missing)
Cierra el HijackThis, elimina los archivos temporales y cookies con el disk cleaner: marcas las casillas System Tempory Files,Tempory Internet Files , Internet Cookies y las demás que te provoque marcar después le das a Clean.

Elimina estas carpetas y todo su contenido si todavía existen:

C:\Program Files\Common Files\WinTools\

C:\Documents and Settings\All Users\Application Data\BYTESAVECOPYHEART\

C:\Documents and Settings\monos\Application Data\GPLMET~1\ ve tu el nombre exacto

C:\Program files\ddm\
Limpia la papelera.

Reinicia el sistema.

Instala la ultima versión de Ad Aware SE, actualízalo y escanéate para que termine de limpiar.

Toma otro log después de seguir todas las instrucciones

NOTA IMPORTANTE: Por favor, no posteen sus logs juntos a los de otra persona porque se prestará a generar confusión, abran un nuevo tema para plantear su problema y posteen su log ahí.
 

donochile

Nuevo Miembro
Miembro
#5
una pregunta cuando me dice que lo reinicie ( después de limpiar la papelera) le quito el modo seguro? :confused:

saludos
 

donochile

Nuevo Miembro
Miembro
#7
ya hice todo espero que este bien aquí esta el log

Logfile of HijackThis v1.99.0

Scan saved at 12:46:33 PM, on 1/9/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mmtgbtjtldifzstcnikzppogc.com/d...zPhfz/VqkAb.cgi

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: 66.98.178.19 06272002-dbase.hitcountz.net

O1 - Hosts: 66.98.178.19 1ca.cqcounter.com

O1 - Hosts: 66.98.178.19 2001-007.com

O1 - Hosts: 66.98.178.19 ad-logics.com

O1 - Hosts: 66.98.178.19 ad.trafficmp.com

O1 - Hosts: 66.98.178.19 adclient.rottentomatoes.com

O1 - Hosts: 66.98.178.19 adcounter.globeandmail.com

O1 - Hosts: 66.98.178.19 adcounter.theglobeandmail.com

O1 - Hosts: 66.98.178.19 adlog.com.com

O1 - Hosts: 66.98.178.19 admanmail.com

O1 - Hosts: 66.98.178.19 ads.specificpop.com

O1 - Hosts: 66.98.178.19 adtech.de

O1 - Hosts: 66.98.178.19 askmen.thruport.com

O1 - Hosts: 66.98.178.19 banner.0catch.com

O1 - Hosts: 66.98.178.19 bilbo.counted.com

O1 - Hosts: 66.98.178.19 c1.statcounter.com

O1 - Hosts: 66.98.178.19 c1.thecounter.com

O1 - Hosts: 66.98.178.19 c2.gostats.com

O1 - Hosts: 66.98.178.19 c2.thecounter.com

O1 - Hosts: 66.98.178.19 c3.thecounter.com

O1 - Hosts: 66.98.178.19 c3.xxxcounter.com

O1 - Hosts: 66.98.178.19 cashcounter.com

O1 - Hosts: 66.98.178.19 cgi.hotstat.nl

O1 - Hosts: 66.98.178.19 clit6.sextracker.com

O1 - Hosts: 66.98.178.19 clit8.sextracker.com

O1 - Hosts: 66.98.178.19 cookies.cmpnet.com

O1 - Hosts: 66.98.178.19 counter.aaddzz.com

O1 - Hosts: 66.98.178.19 counter.bloke.com

O1 - Hosts: 66.98.178.19 counter.hitslink.com

O1 - Hosts: 66.98.178.19 counter.yadro.ru

O1 - Hosts: 66.98.178.19 counter14.sextracker.com

O1 - Hosts: 66.98.178.19 counter16.bravenet.com

O1 - Hosts: 66.98.178.19 counter17.bravenet.com

O1 - Hosts: 66.98.178.19 counter2.hitslink.com

O1 - Hosts: 66.98.178.19 counter26.bravenet.com

O1 - Hosts: 66.98.178.19 counter32.bravenet.com

O1 - Hosts: 66.98.178.19 counter34.breavenet.com

O1 - Hosts: 66.98.178.19 counter41.bravenet.com

O1 - Hosts: 66.98.178.19 counter47.bravenet.com

O1 - Hosts: 66.98.178.19 counter6.sextracker.com

O1 - Hosts: 66.98.178.19 counter8.bravenet.com

O1 - Hosts: 66.98.178.19 data.coremetrics.com

O1 - Hosts: 66.98.178.19 delivery.loopingclick.com

O1 - Hosts: 66.98.178.19 dwclick.com

O1 - Hosts: 66.98.178.19 ebay.doubleclick.net

O1 - Hosts: 66.98.178.19 ehg-amerix.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-bestbuy.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-crain.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-dig.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-eckounlimited.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-espn.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-idg.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-liveperson.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-oreilley.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-space.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-sportsline.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-techtarget.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-tigerdirect.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-uniontrib.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-viacom.hitbox.com

O1 - Hosts: 66.98.178.19 ehg.commjun.hitbox.com

O1 - Hosts: 66.98.178.19 ehg.hitbox.com

O1 - Hosts: 66.98.178.19 fastclick.net

O1 - Hosts: 66.98.178.19 fcstats.bcentral.com

O1 - Hosts: 66.98.178.19 flycast.com

O1 - Hosts: 66.98.178.19 g-wizzads.net

O1 - Hosts: 66.98.178.19 gostats.com

O1 - Hosts: 66.98.178.19 gtcc1.acecounter.com

O1 - Hosts: 66.98.178.19 hc2.humanclick.com

O1 - Hosts: 66.98.178.19 hit2.hotlog.ru

O1 - Hosts: 66.98.178.19 hit37.chark.dk

O1 - Hosts: 66.98.178.19 hitbox.com

O1 - Hosts: 66.98.178.19 hits.webstat.com

O1 - Hosts: 66.98.178.19 images.dailydiscounts.com

O1 - Hosts: 66.98.178.19 imp.clickability.com

O1 - Hosts: 66.98.178.19 impacts.alliancehub.com

O1 - Hosts: 66.98.178.19 insightfirst.com

O1 - Hosts: 66.98.178.19 int.sitestat.com

O1 - Hosts: 66.98.178.19 jkearns.freestats.com

O1 - Hosts: 66.98.178.19 linktrack.bravenet.com

O1 - Hosts: 66.98.178.19 logs.comics.com

O1 - Hosts: 66.98.178.19 m1.nedstatbasic.net

O1 - Hosts: 66.98.178.19 media101.sitebrand.com

O1 - Hosts: 66.98.178.19 mt122.mtree.com

O1 - Hosts: 66.98.178.19 nedstat.s0.nl

O1 - Hosts: 66.98.178.19 nl.sitestat.com

O1 - Hosts: 66.98.178.19 partner.alerts.aol.com

O1 - Hosts: 66.98.178.19 paxito.sitetracker.com

O1 - Hosts: 66.98.178.19 perso.estat.com

O1 - Hosts: 66.98.178.19 pmg.ad-logics.com

O1 - Hosts: 66.98.178.19 postclick.adcentriconline.com

O1 - Hosts: 66.98.178.19 prof.estat.com

O1 - Hosts: 66.98.178.19 s10.sitemeter.com

O1 - Hosts: 66.98.178.19 s11.sitemeter.com

O1 - Hosts: 66.98.178.19 s12.sitemeter.com

O1 - Hosts: 66.98.178.19 s13.sitemeter.com

O1 - Hosts: 66.98.178.19 s14.sitemeter.com

O1 - Hosts: 66.98.178.19 s15.sitemeter.com

O1 - Hosts: 66.98.178.19 s16.sitemeter.com

O1 - Hosts: 66.98.178.19 s2.statcounter.com

O1 - Hosts: 66.98.178.19 sm1.sitemeter.com

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe

O4 - HKLM\..\Run: [ZTgServerSwitch] "c:\program files\support.com\client\bin\tgcmd.exe" /server

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe

O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe

O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"

O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe

O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"

O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe

O4 - HKLM\..\Run: [Dimension] C:\Program Files\Dimension\Dimension.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe

O4 - HKLM\..\Run: [No Spy] "D:\Program Files\SinEspias\No-Spy.exe" /autorun

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: 2Wire Wireless Client Manager.lnk = ?

O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe

O4 - Global Startup: Image Transfer.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000

O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll

O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra button: (no name) - CmdMapping- - (no file) (HKCU)

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab

O16 - DPF: {00649EC0-E572-11D3-8F5F-00C0DFEF760F} - http://cfm.telepolis.com/usuarios/Alta/Net...pi_2,0,0,12.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab28177.cab

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6596829B-37D4-40AD-971B-1E9041725C52} - http://www.direct-ip.com/deliver/usa/ms.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab28177.cab

O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab

O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/eng/check/qdiagh.cab?315

O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Macromedia Licensing Service - Unknown - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: Servicio Auto-Protect de Norton AntiVirus - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
 

alnitak

Ex-Admin
Miembro
#8
Parece estar limpio.

Todas esas entradas 01 no se de que van, puedes eliminarlas si no las has colocado tu pero no parecen ser maliciosas.
 
Estado
Cerrado para nuevas respuestas
Arriba Pie