ya pase los antivirus y estos fueron los resultados

__________________________________________________
ewido security suite online scanner
http://www.ewido.net
__________________________________________________


Name: TrackingCookie.Burstnet
Path: :mozilla.60:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Casalemedia
Path: :mozilla.71:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Casalemedia
Path: :mozilla.72:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Casalemedia
Path: :mozilla.73:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Casalemedia
Path: :mozilla.74:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Casalemedia
Path: :mozilla.75:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Casalemedia
Path: :mozilla.76:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Statcounter
Path: :mozilla.324:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Statcounter
Path: :mozilla.325:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Tacoda
Path: :mozilla.328:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Tacoda
Path: :mozilla.329:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Tacoda
Path: :mozilla.330:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Zedo
Path: :mozilla.393:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Zedo
Path: :mozilla.394:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Zedo
Path: :mozilla.395:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Yieldmanager
Path: :mozilla.422:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Yieldmanager
Path: :mozilla.423:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Yieldmanager
Path: :mozilla.424:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Yieldmanager
Path: :mozilla.425:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Yieldmanager
Path: :mozilla.426:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Yieldmanager
Path: :mozilla.427:C:\Documents and Settings\javier\Datos de programa\Mozilla\Firefox\Profiles\pktr2phm.default \cookies.txt
Risk: Medium




reporte del kaspersky


c:\!KillBox\service.exe infected:Trojan.win32.StartPage.kr

C:\WINDOWS\system32\mcfdrv.sys Infected: Trojan-Spy.Win32.Goldun.bn



Todos los archivos encontrados por los dos antivirus fueron eliminados satisfactoriamente.



Aqui va el log del hijackthis




Logfile of HijackThis v1.99.1
Scan saved at 14:15:17, on 27/02/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Java\jre1.5.0_04\bin\jusched.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://foro.zoomby.cl/index.php?showforum=853
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Archivos de programa\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SmcService] C:\ARCHIV~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Archivos de programa\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Bajar web con LeechGet - file://C:\Archivos de programa\LeechGet 2004\\Parser.html
O8 - Extra context menu item: Descargar usando el Asistente de Descargas - file://C:\Archivos de programa\LeechGet 2004\\Wizard.html
O8 - Extra context menu item: Descargar usando LeechGet - file://C:\Archivos de programa\LeechGet 2004\\AddUrl.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_04\bin\npjpi150_04.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/11278c97039b2eb32822/netzip/RdxIE601_es.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB38A857-D987-47B5-A6C3-4BF2EB2EF050}: NameServer = 200.72.1.11 200.72.1.5
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARCHIV~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Archivos de programa\Sygate\SPF\smc.exe