Problemas con mi pagina de inicio y Hijackthis

Estado
Cerrado para nuevas respuestas

Rafito_P

Nuevo Miembro
Miembro
Lo intente con Modo Seguro y no funciono e igual lo intente con una versión anterior del Hijackthis (version 1.982) e igual no funciono.

El error cita algo como esto:

An unexpected error has ocurred at procedure: modMain_FixUNIXHostsFile() Error#62 - Input past end file.

Perdon! por no abrir una nuevo tema.
 

alnitak

Ex-Admin
Miembro
Intenta primero escanearte con el Ad Aware SE y con un antivirus actualizado para que estos vayan limpiando lo que puedan(hazlo preferiblemente entrando al sistema en modo seguro), después bajate el StarUpList y si te funciona toma un log con esta herramienta y copialo aquí para ver lo que podemos hacer por ahí.
 

Rafito_P

Nuevo Miembro
Miembro
Aqui esta el log del programa StarUpList. LLeve a cabo ambos procesos en modo a prueba de fallos (ad-aware SE Personal)(Panda Antivirus) y después uno online.

Espero que se de ayuda. Gracias

StartupList report, 1/12/2005, 3:48:33 PM

StartupList version: 1.52

Started from : C:\DOCUME~1\DAGOBE~1.POL\LOCALS~1\Temp\Temporary Directory 2 for startuplist152.zip\StartupList.EXE

Detected: Windows XP SP2 (WinNT 5.01.2600)

Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)

* Using default options

==================================================

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\RunDll32.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\DOCUME~1\DAGOBE~1.POL\LOCALS~1\Temp\Temporary Directory 2 for startuplist152.zip\StartupList.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:

[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]

Microsoft Office.hta

RealAudio.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

LogitechVideoRepair = C:\Program Files\Logitech\Video\ISStart.exe

LogitechVideoTray = C:\Program Files\Logitech\Video\LogiTray.exe

Cmaudio = RunDll32 cmicnfg.cpl,CMICtrlWnd

Anti Spyware = "C:\Program Files\SinEspias\no-spy.exe" /autorun

--------------------------------------------------

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ares = "C:\Program Files\Ares Lite Edition\Ares.exe" -h

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*

SCRNSAVE.EXE=*INI section not found*

drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe

SCRNSAVE.EXE=*Registry value not found*

drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*

HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

(no name) - C:\WINDOWS\system32\akhm.dll (file missing) - {1240E710-FB18-4447-8C5B-6B718941F218}

(no name) - C:\WINDOWS\system32\ei0obdzvbb.dll - {CE7C3CF0-4B15-11D1-ABED-709549C10020}

--------------------------------------------------

Enumerating Download Program Files:

[{33564D57-0000-0010-8000-00AA00389B71}]

CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[ActiveScan Installer Class]

InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll

CODEBASE = http://www.pandasoftware.com/activescan/as5/asinst.cab

[Shockwave Flash Object]

InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx

CODEBASE = https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll

CDBurn: C:\WINDOWS\system32\SHELL32.dll

WebCheck: C:\WINDOWS\System32\webcheck.dll

SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------

End of report, 4,370 bytes

Report generated in 0.016 seconds

Command line options:

/verbose - to add additional info on each section

/complete - to include empty sections and unsuspicious data

/full - to include several rarely-important sections

/force9x - to include Win9x-only startups even if running on WinNT

/forcent - to include WinNT-only startups even if running on Win9x

/forceall - to include all Win9x and WinNT startups, regardless of platform

/history - to list versión history only
 

alnitak

Ex-Admin
Miembro
Siempre en modo seguro y con todos los navegadores cerrados elimina este archivo:

C:\WINDOWS\system32\ei0obdzvbb.dll

y después ejecuta una limpieza de registro con algún programa tipo regcleaner o jv16

Despuésrestaura las configuraciones predeterminadas en el Internet Explorer
 

Rafito_P

Nuevo Miembro
Miembro
Asi lo hice, segui cada uno de los pasos:

1. Elimine

C:\WINDOWS\system32\ei0obdzvbb.dll

Después

2. Descargue el programa RegCleaner y ejecute una limpieza manual.

3. Restaure el IE a su configuración predeterminada

Y a pesar de ello aun persiste la pagina y todos mis problemas. Cual seria el proximo paso?

De veras que me siento mal por lo que esta pasando y creo que para no causar mas molestia podría simplemente formatear la maquína aunque de esa manera perderia toda mi información y por eso quiero obviar esa opcion, de todas maneras me siento mas que agradecido con usted por su gesto y su atenciones.

Gracias
 

alnitak

Ex-Admin
Miembro
Por molestar no te preocupes que no es el caso, este es un foro y estamos para ayudarnos.

Toma otro log del Startuplist para ver si me ha pasado algo o si se ha creado otra dll, lamentablemente estoy tan acostumbrado al Hijackthis que ya se me hace dificil hacer las cosas sin poderlo usar.

Por favor, el log tomalo entrando al sistema en modo normal para que salgan todos los procesos.
 

Rafito_P

Nuevo Miembro
Miembro
Hola, perdon por el retraso. Espero que esto se de ayuda, finalmente lo logre.

Logfile of HijackThis v1.99.0

Scan saved at 10:36:23 AM, on 1/13/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\RunDll32.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\notepad.exe

C:\DOCUME~1\DAGOBE~1.POL\LOCALS~1\Temp\Temporary Directory 5 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://0ml.net/cat

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://0ml.net/searchasst.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://0ml.net/cat

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://0ml.net/cat

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://0ml.net/cat

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://0ml.net/cat

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://0ml.net/searchasst.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://0ml.net/cat

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://0ml.net/cat

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://0ml.net/searchasst.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://0ml.net/searchasst.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://0ml.net/searchasst.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://0ml.net/searchasst.html

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://0ml.net/cat

R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://0ml.net/cat

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1240E710-FB18-4447-8C5B-6B718941F218} - C:\WINDOWS\system32\akhm.dll (file missing)

O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10020} - C:\WINDOWS\system32\bndtuyrg3d.dll

O3 - Toolbar: The Simple Toolbar Search - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA99EB} - C:\WINDOWS\system32\um2hh6itdx.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: The Simple Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\WINDOWS\system32\um2hh6itdx.dll

O9 - Extra 'Tools' menuitem: The Simple Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\WINDOWS\system32\um2hh6itdx.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O18 - Protocol: bw+0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {59CA5A35-C0CC-4213-BDA1-C52FD22F229F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
 

alnitak

Ex-Admin
Miembro
NOTA IMPORTANTE: Por favor, no posteen sus logs juntos a los de otra persona porque se prestará a generar confusión, abran un nuevo tema para plantear su problema y posteen su log ahí.
Por favor, bájate e instala el programa Disk Cleaner

Asegúrate que tu sistema operativo muestre los archivos y carpetas ocultos:

Como mostrar archivos ocultos

Desactiva la opción de restaurar el sistema

Como activar/desactivar restaurar el sistema

Ejecuta el HJT > open the misc tools section > delete a file on reboot > selecciona este archivo:

C:\WINDOWS\system32\bndtuyrg3d.dll

Acepta y reinicia el sistema en modo seguro:

Como reiniciar a prueba de fallos

Ejecuta el HijackThis 1.99.0.

Cierra todos los navegadores, tanto los navegadores Web como el Explorador de Windows (es indispensable que los cierres o no resultará)

Corre el HijackThis, dale a Scan , revisa las casillas de las siguientes entradas y dale a fix:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://0ml.net/cat

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://0ml.net/searchasst.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://0ml.net/cat

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://0ml.net/cat

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://0ml.net/cat

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://0ml.net/cat

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://0ml.net/searchasst.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://0ml.net/cat

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://0ml.net/cat

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://0ml.net/searchasst.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://0ml.net/searchasst.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://0ml.net/searchasst.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://0ml.net/searchasst.html

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://0ml.net/cat

R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://0ml.net/cat

O2 - BHO: (no name) - {1240E710-FB18-4447-8C5B-6B718941F218} - C:\WINDOWS\system32\akhm.dll (file missing)

O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10020} - C:\WINDOWS\system32\bndtuyrg3d.dll

O3 - Toolbar: The Simple Toolbar Search - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA99EB} - C:\WINDOWS\system32\um2hh6itdx.dll

O9 - Extra button: The Simple Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\WINDOWS\system32\um2hh6itdx.dll

O9 - Extra 'Tools' menuitem: The Simple Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\WINDOWS\system32\um2hh6itdx.dll



Cierra el HijackThis, elimina los archivos temporales y cookies con el disk cleaner: marcas las casillas System Tempory Files, Tempory Internet Files , Internet Cookies y las demás que te provoque marcar después le das a Clean.

Elimina estos archivos si todavía existen:

C:\WINDOWS\system32\um2hh6itdx.dll

Limpia la papelera.

Reinicia y reactiva la opción de restaurar el sistema.

Instala la ultima versión de Ad Aware SE, actualízalo y escanéate para que termine de limpiar.

Actualiza tu sistema a través del Windows Update y bájate todas las actualizaciones críticas disponibles para tu sistema operativo.

Toma otro log después de seguir todas las instrucciones

NOTA IMPORTANTE: Por favor, no posteen sus logs juntos a los de otra persona porque se prestará a generar confusión, abran un nuevo tema para plantear su problema y posteen su log ahí.
 
Estado
Cerrado para nuevas respuestas
Arriba Pie