Foro de Spyware - Ver Mensaje Individual - ola tengo problemas con about:blank me la cambia solo y me sale un popup llamado only

Tema: ola tengo problemas con about:blank me la cambia solo y me sale un popup llamado only

Ver Mensaje Individual

post #1 (permalink)

15/08/05, 12:37:21

xander_edge xander_edge está offline

Usuario

Registrado: ago 2005

Ubicación: chile

Mensajes: 2

ola tengo problemas con about:blank me la cambia solo y me sale un popup llamado only

bueno soy nuevo aqui estube leyendo y voy a dejar un log de mi sistema con el hijackthis para que me ayuden porfavor esto ya es desesperante e probado todo y sin resultados espero que me ayuden como lo an echo con los demas gracias

hay les va

Logfile of HijackThis v1.99.1
Scan saved at 11:37:00, on 15-08-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\ARCHIV~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\ARCHIV~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ntkk32.exe
C:\Archivos de programa\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Symantec_Client_Security\Symantec AntiVirus\VPTray.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Archivos de programa\XoftSpy\XoftSpy.exe
C:\Archivos de programa\HJT\HijackThis.exe
C:\WINDOWS\system32\esclavo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\fgrmw.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\fgrmw.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\fgrmw.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\fgrmw.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\fgrmw.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\fgrmw.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\fgrmw.dll/sp.html#37049
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {6CB55B62-92A9-30DC-1708-C97DEE5E6821} - C:\WINDOWS\javayn32.dll
O2 - BHO: Class - {FBC963C0-47A1-07C0-004E-D8258BEE3766} - C:\WINDOWS\system32\sysoo32.dll
O4 - HKLM\..\Run: [ntkk32.exe] C:\WINDOWS\ntkk32.exe
O4 - HKLM\..\RunOnce: [apizg32.exe] C:\WINDOWS\apizg32.exe
O4 - HKLM\..\RunOnce: [msow32.exe] C:\WINDOWS\msow32.exe
O4 - HKLM\..\RunOnce: [winxx.exe] C:\WINDOWS\winxx.exe
O4 - HKLM\..\RunOnce: [sysdq32.exe] C:\WINDOWS\system32\sysdq32.exe
O4 - HKLM\..\RunOnce: [ipsr32.exe] C:\WINDOWS\system32\ipsr32.exe
O4 - HKLM\..\RunOnce: [atlre32.exe] C:\WINDOWS\atlre32.exe
O4 - HKLM\..\RunOnce: [ipkb.exe] C:\WINDOWS\ipkb.exe
O4 - HKLM\..\RunOnce: [ieth32.exe] C:\WINDOWS\system32\ieth32.exe
O4 - HKLM\..\RunOnce: [ieqc.exe] C:\WINDOWS\system32\ieqc.exe
O4 - HKLM\..\RunOnce: [cryl.exe] C:\WINDOWS\cryl.exe
O4 - HKLM\..\RunOnce: [atlyb.exe] C:\WINDOWS\atlyb.exe
O4 - HKLM\..\RunOnce: [mfcss.exe] C:\WINDOWS\mfcss.exe
O4 - HKLM\..\RunOnce: [sdkrl.exe] C:\WINDOWS\system32\sdkrl.exe
O4 - HKLM\..\RunOnce: [sdkzx32.exe] C:\WINDOWS\system32\sdkzx32.exe
O4 - HKLM\..\RunOnce: [apiyf.exe] C:\WINDOWS\system32\apiyf.exe
O4 - HKLM\..\RunOnce: [ipmp32.exe] C:\WINDOWS\system32\ipmp32.exe
O4 - HKLM\..\RunOnce: [sysoo32.exe] C:\WINDOWS\system32\sysoo32.exe
O4 - HKLM\..\RunOnce: [atlzk32.exe] C:\WINDOWS\atlzk32.exe
O4 - HKLM\..\RunOnce: [atlce32.exe] C:\WINDOWS\atlce32.exe
O4 - HKLM\..\RunOnce: [syspo32.exe] C:\WINDOWS\syspo32.exe
O4 - HKLM\..\RunOnce: [winwd.exe] C:\WINDOWS\system32\winwd.exe
O4 - HKLM\..\RunOnce: [javayd.exe] C:\WINDOWS\javayd.exe
O4 - HKLM\..\RunOnce: [addhd.exe] C:\WINDOWS\system32\addhd.exe
O4 - HKLM\..\RunOnce: [atlmp.exe] C:\WINDOWS\system32\atlmp.exe
O4 - HKLM\..\RunOnce: [atlse32.exe] C:\WINDOWS\atlse32.exe
O4 - HKLM\..\RunOnce: [apigp.exe] C:\WINDOWS\apigp.exe
O4 - HKLM\..\RunOnce: [apper32.exe] C:\WINDOWS\system32\apper32.exe
O4 - HKLM\..\RunOnce: [msjv32.exe] C:\WINDOWS\system32\msjv32.exe
O4 - HKLM\..\RunOnce: [apidh32.exe] C:\WINDOWS\apidh32.exe
O4 - HKLM\..\RunOnce: [atlhb32.exe] C:\WINDOWS\system32\atlhb32.exe
O4 - HKLM\..\RunOnce: [appww.exe] C:\WINDOWS\appww.exe
O4 - HKLM\..\RunOnce: [msop32.exe] C:\WINDOWS\system32\msop32.exe
O4 - HKLM\..\RunOnce: [syszi.exe] C:\WINDOWS\syszi.exe
O4 - HKLM\..\RunOnce: [addmv32.exe] C:\WINDOWS\addmv32.exe
O4 - HKLM\..\RunOnce: [ntyb.exe] C:\WINDOWS\system32\ntyb.exe
O4 - HKLM\..\RunOnce: [atllb.exe] C:\WINDOWS\system32\atllb.exe
O4 - HKLM\..\RunOnce: [iemw32.exe] C:\WINDOWS\system32\iemw32.exe
O4 - HKLM\..\RunOnce: [atlym32.exe] C:\WINDOWS\atlym32.exe
O4 - HKLM\..\RunOnce: [crly32.exe] C:\WINDOWS\crly32.exe
O4 - HKLM\..\RunOnce: [javaio.exe] C:\WINDOWS\system32\javaio.exe
O4 - HKLM\..\RunOnce: [mfckx32.exe] C:\WINDOWS\mfckx32.exe
O4 - HKLM\..\RunOnce: [sysnq.exe] C:\WINDOWS\sysnq.exe
O4 - HKLM\..\RunOnce: [atlvj32.exe] C:\WINDOWS\atlvj32.exe
O4 - HKLM\..\RunOnce: [javalc.exe] C:\WINDOWS\system32\javalc.exe
O4 - HKLM\..\RunOnce: [ieoc.exe] C:\WINDOWS\system32\ieoc.exe
O4 - HKLM\..\RunOnce: [msqg32.exe] C:\WINDOWS\msqg32.exe
O4 - HKLM\..\RunOnce: [iexi.exe] C:\WINDOWS\system32\iexi.exe
O4 - HKLM\..\RunOnce: [winww32.exe] C:\WINDOWS\winww32.exe
O4 - HKLM\..\RunOnce: [winaj.exe] C:\WINDOWS\winaj.exe
O4 - HKLM\..\RunOnce: [mfcvj.exe] C:\WINDOWS\mfcvj.exe
O4 - HKLM\..\RunOnce: [sysrk32.exe] C:\WINDOWS\system32\sysrk32.exe
O4 - HKLM\..\RunOnce: [winav.exe] C:\WINDOWS\winav.exe
O4 - HKLM\..\RunOnce: [iprz32.exe] C:\WINDOWS\iprz32.exe
O4 - HKLM\..\RunOnce: [atlax32.exe] C:\WINDOWS\atlax32.exe
O4 - HKLM\..\RunOnce: [iput32.exe] C:\WINDOWS\system32\iput32.exe
O4 - HKLM\..\RunOnce: [d3or32.exe] C:\WINDOWS\system32\d3or32.exe
O4 - HKLM\..\RunOnce: [sysbb.exe] C:\WINDOWS\sysbb.exe
O4 - HKLM\..\RunOnce: [javahw32.exe] C:\WINDOWS\system32\javahw32.exe
O4 - HKLM\..\RunOnce: [sysqw32.exe] C:\WINDOWS\sysqw32.exe
O4 - HKLM\..\RunOnce: [mfcap32.exe] C:\WINDOWS\mfcap32.exe
O4 - HKLM\..\RunOnce: [javatb.exe] C:\WINDOWS\system32\javatb.exe
O4 - HKLM\..\RunOnce: [syshk32.exe] C:\WINDOWS\system32\syshk32.exe
O4 - HKLM\..\RunOnce: [netqj.exe] C:\WINDOWS\system32\netqj.exe
O4 - HKLM\..\RunOnce: [ntck32.exe] C:\WINDOWS\ntck32.exe
O4 - HKLM\..\RunOnce: [mfcgu.exe] C:\WINDOWS\mfcgu.exe
O4 - HKLM\..\RunOnce: [mses32.exe] C:\WINDOWS\mses32.exe
O4 - HKLM\..\RunOnce: [ieyb32.exe] C:\WINDOWS\system32\ieyb32.exe
O4 - HKLM\..\RunOnce: [ntzm32.exe] C:\WINDOWS\system32\ntzm32.exe
O4 - HKLM\..\RunOnce: [atlkl32.exe] C:\WINDOWS\atlkl32.exe
O4 - HKLM\..\RunOnce: [msec.exe] C:\WINDOWS\msec.exe
O4 - HKLM\..\RunOnce: [apiyo.exe] C:\WINDOWS\apiyo.exe
O4 - HKLM\..\RunOnce: [appnd.exe] C:\WINDOWS\appnd.exe
O4 - HKLM\..\RunOnce: [atlqs.exe] C:\WINDOWS\atlqs.exe
O4 - HKLM\..\RunOnce: [d3jd32.exe] C:\WINDOWS\system32\d3jd32.exe
O4 - HKLM\..\RunOnce: [d3bh32.exe] C:\WINDOWS\system32\d3bh32.exe
O4 - HKLM\..\RunOnce: [nttw32.exe] C:\WINDOWS\nttw32.exe
O4 - HKLM\..\RunOnce: [iejl32.exe] C:\WINDOWS\iejl32.exe
O4 - HKLM\..\RunOnce: [netei.exe] C:\WINDOWS\netei.exe
O4 - HKLM\..\RunOnce: [winwq.exe] C:\WINDOWS\system32\winwq.exe
O4 - HKLM\..\RunOnce: [javamc.exe] C:\WINDOWS\system32\javamc.exe
O4 - HKLM\..\RunOnce: [addpl.exe] C:\WINDOWS\system32\addpl.exe
O4 - HKLM\..\RunOnce: [apiqx32.exe] C:\WINDOWS\system32\apiqx32.exe
O4 - HKLM\..\RunOnce: [javayx.exe] C:\WINDOWS\system32\javayx.exe
O4 - HKLM\..\RunOnce: [ntwq32.exe] C:\WINDOWS\system32\ntwq32.exe
O4 - HKLM\..\RunOnce: [ipll32.exe] C:\WINDOWS\ipll32.exe
O4 - HKLM\..\RunOnce: [addnk.exe] C:\WINDOWS\addnk.exe
O4 - HKLM\..\RunOnce: [d3ix32.exe] C:\WINDOWS\system32\d3ix32.exe
O4 - HKLM\..\RunOnce: [mfcnq32.exe] C:\WINDOWS\system32\mfcnq32.exe
O4 - HKLM\..\RunOnce: [atlbf.exe] C:\WINDOWS\system32\atlbf.exe
O4 - HKLM\..\RunOnce: [atlwu.exe] C:\WINDOWS\atlwu.exe
O4 - HKLM\..\RunOnce: [ntkx.exe] C:\WINDOWS\ntkx.exe
O4 - HKLM\..\RunOnce: [d3ma32.exe] C:\WINDOWS\d3ma32.exe
O4 - HKLM\..\RunOnce: [sdkvs32.exe] C:\WINDOWS\system32\sdkvs32.exe
O4 - HKLM\..\RunOnce: [msxn.exe] C:\WINDOWS\msxn.exe
O4 - HKLM\..\RunOnce: [apihr.exe] C:\WINDOWS\apihr.exe
O4 - HKLM\..\RunOnce: [sysmt32.exe] C:\WINDOWS\sysmt32.exe
O4 - HKLM\..\RunOnce: [iegz32.exe] C:\WINDOWS\iegz32.exe
O4 - HKLM\..\RunOnce: [wincr32.exe] C:\WINDOWS\wincr32.exe
O4 - HKLM\..\RunOnce: [sdkdd32.exe] C:\WINDOWS\system32\sdkdd32.exe
O4 - HKLM\..\RunOnce: [addaw.exe] C:\WINDOWS\system32\addaw.exe
O4 - HKLM\..\RunOnce: [winss.exe] C:\WINDOWS\system32\winss.exe
O4 - HKCU\..\RunServices: [p2pnetwork] p2pnetwork.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_04\bin\npjpi150_04.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\apizg32.exe" /s (file missing)
O23 - Service: CWShredder Service - Unknown owner - C:\Documents and Settings\Win XP\Escritorio\CWShredder 2.15.exe (file missing)
O23 - Service: DefWatch - Symantec Corporation - C:\ARCHIV~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Cargador del Terminal (escSrv) - Unknown owner - C:\WINDOWS\system32\escsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\ARCHIV~1\SYMANT~1\SYMANT~1\Rtvscan.exe