Foro de Spyware - Ver Mensaje Individual - problemas para remover el Startpage.wm.a0

Tema: problemas para remover el Startpage.wm.a0

Ver Mensaje Individual

post #1 (permalink)

22/08/05, 20:24:57

juanjaure

Usuario

Registrado: ago 2005

Ubicación: La pLata

Mensajes: 1

problemas para remover el Startpage.wm.a0

Adjunto el log a ver si alguien me puede dar una mano

Logfile of HijackThis v1.99.1
Scan saved at 06:34:23 p.m., on 22/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Archivos de programa\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\Archivos de programa\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\addpq.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Archivos de programa\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Skype\Phone\Skype.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\DOCUME~1\user\CONFIG~1\Temp\Directorio temporal 1 para hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\luzqq.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\luzqq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\luzqq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\luzqq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\luzqq.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\luzqq.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\luzqq.dll/sp.html#37049
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {F2ED9C90-6F9E-3933-3B86-955D08CA0AF8} - C:\WINDOWS\system32\apptk32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Archivos de programa\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [msmq.exe] C:\WINDOWS\msmq.exe
O4 - HKLM\..\Run: [apivg32.exe] C:\WINDOWS\apivg32.exe
O4 - HKLM\..\Run: [sdkub.exe] C:\WINDOWS\system32\sdkub.exe
O4 - HKLM\..\Run: [sdkzr32.exe] C:\WINDOWS\sdkzr32.exe
O4 - HKLM\..\Run: [mfcei.exe] C:\WINDOWS\mfcei.exe
O4 - HKLM\..\Run: [mfczb.exe] C:\WINDOWS\mfczb.exe
O4 - HKLM\..\Run: [sysru.exe] C:\WINDOWS\sysru.exe
O4 - HKLM\..\Run: [apptk32.exe] C:\WINDOWS\system32\apptk32.exe
O4 - HKLM\..\Run: [ntfj32.exe] C:\WINDOWS\system32\ntfj32.exe
O4 - HKLM\..\Run: [addpq.exe] C:\WINDOWS\system32\addpq.exe
O4 - HKLM\..\RunOnce: [crna32.exe] C:\WINDOWS\crna32.exe
O4 - HKLM\..\RunOnce: [atlip.exe] C:\WINDOWS\atlip.exe
O4 - HKLM\..\RunOnce: [netir32.exe] C:\WINDOWS\netir32.exe
O4 - HKLM\..\RunOnce: [d3tw32.exe] C:\WINDOWS\system32\d3tw32.exe
O4 - HKLM\..\RunOnce: [appgt32.exe] C:\WINDOWS\system32\appgt32.exe
O4 - HKLM\..\RunOnce: [appus32.exe] C:\WINDOWS\appus32.exe
O4 - HKLM\..\RunOnce: [d3zn.exe] C:\WINDOWS\d3zn.exe
O4 - HKLM\..\RunOnce: [sdkxk32.exe] C:\WINDOWS\system32\sdkxk32.exe
O4 - HKLM\..\RunOnce: [d3co.exe] C:\WINDOWS\d3co.exe
O4 - HKLM\..\RunOnce: [javaap32.exe] C:\WINDOWS\javaap32.exe
O4 - HKLM\..\RunOnce: [sdkjn32.exe] C:\WINDOWS\system32\sdkjn32.exe
O4 - HKLM\..\RunOnce: [iecu32.exe] C:\WINDOWS\system32\iecu32.exe
O4 - HKLM\..\RunOnce: [appgy.exe] C:\WINDOWS\system32\appgy.exe
O4 - HKLM\..\RunOnce: [sysqz32.exe] C:\WINDOWS\system32\sysqz32.exe
O4 - HKLM\..\RunOnce: [msll.exe] C:\WINDOWS\system32\msll.exe
O4 - HKLM\..\RunOnce: [ntka32.exe] C:\WINDOWS\system32\ntka32.exe
O4 - HKLM\..\RunOnce: [apppu.exe] C:\WINDOWS\apppu.exe
O4 - HKLM\..\RunOnce: [crdr32.exe] C:\WINDOWS\system32\crdr32.exe
O4 - HKLM\..\RunOnce: [msok32.exe] C:\WINDOWS\system32\msok32.exe
O4 - HKLM\..\RunOnce: [ipbe32.exe] C:\WINDOWS\ipbe32.exe
O4 - HKLM\..\RunOnce: [iptg32.exe] C:\WINDOWS\iptg32.exe
O4 - HKLM\..\RunOnce: [sysqj.exe] C:\WINDOWS\sysqj.exe
O4 - HKLM\..\RunOnce: [javavd32.exe] C:\WINDOWS\javavd32.exe
O4 - HKLM\..\RunOnce: [msln32.exe] C:\WINDOWS\msln32.exe
O4 - HKLM\..\RunOnce: [ntqp.exe] C:\WINDOWS\system32\ntqp.exe
O4 - HKLM\..\RunOnce: [cruv.exe] C:\WINDOWS\cruv.exe
O4 - HKLM\..\RunOnce: [apiaq32.exe] C:\WINDOWS\apiaq32.exe
O4 - HKLM\..\RunOnce: [atlvt.exe] C:\WINDOWS\system32\atlvt.exe
O4 - HKLM\..\RunOnce: [cryd.exe] C:\WINDOWS\cryd.exe
O4 - HKLM\..\RunOnce: [apidf32.exe] C:\WINDOWS\apidf32.exe
O4 - HKLM\..\RunOnce: [iedn.exe] C:\WINDOWS\system32\iedn.exe
O4 - HKLM\..\RunOnce: [ntih32.exe] C:\WINDOWS\system32\ntih32.exe
O4 - HKLM\..\RunOnce: [appba32.exe] C:\WINDOWS\system32\appba32.exe
O4 - HKLM\..\RunOnce: [atljq.exe] C:\WINDOWS\system32\atljq.exe
O4 - HKLM\..\RunOnce: [mfcsu32.exe] C:\WINDOWS\mfcsu32.exe
O4 - HKLM\..\RunOnce: [javafa32.exe] C:\WINDOWS\javafa32.exe
O4 - HKLM\..\RunOnce: [javani.exe] C:\WINDOWS\javani.exe
O4 - HKLM\..\RunOnce: [apisk32.exe] C:\WINDOWS\apisk32.exe
O4 - HKLM\..\RunOnce: [crvu32.exe] C:\WINDOWS\crvu32.exe
O4 - HKLM\..\RunOnce: [sysmb.exe] C:\WINDOWS\sysmb.exe
O4 - HKLM\..\RunOnce: [atlqf32.exe] C:\WINDOWS\atlqf32.exe
O4 - HKLM\..\RunOnce: [addzg.exe] C:\WINDOWS\addzg.exe
O4 - HKLM\..\RunOnce: [addfc32.exe] C:\WINDOWS\addfc32.exe
O4 - HKLM\..\RunOnce: [addtz32.exe] C:\WINDOWS\system32\addtz32.exe
O4 - HKLM\..\RunOnce: [cryv32.exe] C:\WINDOWS\cryv32.exe
O4 - HKLM\..\RunOnce: [addth32.exe] C:\WINDOWS\system32\addth32.exe
O4 - HKLM\..\RunOnce: [mfcyl.exe] C:\WINDOWS\mfcyl.exe
O4 - HKLM\..\RunOnce: [atlhm32.exe] C:\WINDOWS\system32\atlhm32.exe
O4 - HKLM\..\RunOnce: [appvi32.exe] C:\WINDOWS\appvi32.exe
O4 - HKLM\..\RunOnce: [msaf.exe] C:\WINDOWS\system32\msaf.exe
O4 - HKLM\..\RunOnce: [javawr.exe] C:\WINDOWS\javawr.exe
O4 - HKLM\..\RunOnce: [systg32.exe] C:\WINDOWS\system32\systg32.exe
O4 - HKLM\..\RunOnce: [atlkn32.exe] C:\WINDOWS\system32\atlkn32.exe
O4 - HKLM\..\RunOnce: [addfz.exe] C:\WINDOWS\addfz.exe
O4 - HKLM\..\RunOnce: [creh32.exe] C:\WINDOWS\creh32.exe
O4 - HKLM\..\RunOnce: [ipcw32.exe] C:\WINDOWS\system32\ipcw32.exe
O4 - HKLM\..\RunOnce: [ntcm.exe] C:\WINDOWS\ntcm.exe
O4 - HKLM\..\RunOnce: [ipkn.exe] C:\WINDOWS\system32\ipkn.exe
O4 - HKLM\..\RunOnce: [ieut32.exe] C:\WINDOWS\system32\ieut32.exe
O4 - HKLM\..\RunOnce: [javaka.exe] C:\WINDOWS\javaka.exe
O4 - HKLM\..\RunOnce: [mfcjq32.exe] C:\WINDOWS\mfcjq32.exe
O4 - HKLM\..\RunOnce: [winhf32.exe] C:\WINDOWS\system32\winhf32.exe
O4 - HKLM\..\RunOnce: [addhn.exe] C:\WINDOWS\system32\addhn.exe
O4 - HKLM\..\RunOnce: [winqw.exe] C:\WINDOWS\winqw.exe
O4 - HKLM\..\RunOnce: [apifl32.exe] C:\WINDOWS\system32\apifl32.exe
O4 - HKLM\..\RunOnce: [sdkvs32.exe] C:\WINDOWS\system32\sdkvs32.exe
O4 - HKLM\..\RunOnce: [ipqw.exe] C:\WINDOWS\system32\ipqw.exe
O4 - HKLM\..\RunOnce: [addpm32.exe] C:\WINDOWS\system32\addpm32.exe
O4 - HKLM\..\RunOnce: [msob32.exe] C:\WINDOWS\msob32.exe
O4 - HKLM\..\RunOnce: [ienj.exe] C:\WINDOWS\ienj.exe
O4 - HKLM\..\RunOnce: [mswr.exe] C:\WINDOWS\system32\mswr.exe
O4 - HKLM\..\RunOnce: [appmh.exe] C:\WINDOWS\appmh.exe
O4 - HKLM\..\RunOnce: [winbo32.exe] C:\WINDOWS\winbo32.exe
O4 - HKLM\..\RunOnce: [addmh.exe] C:\WINDOWS\system32\addmh.exe
O4 - HKLM\..\RunOnce: [apiql32.exe] C:\WINDOWS\system32\apiql32.exe
O4 - HKLM\..\RunOnce: [atlal.exe] C:\WINDOWS\system32\atlal.exe
O4 - HKLM\..\RunOnce: [javavj32.exe] C:\WINDOWS\system32\javavj32.exe
O4 - HKLM\..\RunOnce: [mfcnr.exe] C:\WINDOWS\system32\mfcnr.exe
O4 - HKLM\..\RunOnce: [ipat.exe] C:\WINDOWS\system32\ipat.exe
O4 - HKLM\..\RunOnce: [sysat32.exe] C:\WINDOWS\sysat32.exe
O4 - HKLM\..\RunOnce: [appdu.exe] C:\WINDOWS\appdu.exe
O4 - HKLM\..\RunOnce: [ipwq.exe] C:\WINDOWS\system32\ipwq.exe
O4 - HKLM\..\RunOnce: [d3kz.exe] C:\WINDOWS\system32\d3kz.exe
O4 - HKLM\..\RunOnce: [ntuu.exe] C:\WINDOWS\ntuu.exe
O4 - HKLM\..\RunOnce: [netwo.exe] C:\WINDOWS\netwo.exe
O4 - HKLM\..\RunOnce: [winnh32.exe] C:\WINDOWS\winnh32.exe
O4 - HKLM\..\RunOnce: [appmr.exe] C:\WINDOWS\system32\appmr.exe
O4 - HKLM\..\RunOnce: [javabm.exe] C:\WINDOWS\system32\javabm.exe
O4 - HKLM\..\RunOnce: [winnb32.exe] C:\WINDOWS\system32\winnb32.exe
O4 - HKLM\..\RunOnce: [ipin32.exe] C:\WINDOWS\ipin32.exe
O4 - HKLM\..\RunOnce: [d3sl32.exe] C:\WINDOWS\system32\d3sl32.exe
O4 - HKLM\..\RunOnce: [atlnx32.exe] C:\WINDOWS\atlnx32.exe
O4 - HKLM\..\RunOnce: [sdkqh32.exe] C:\WINDOWS\sdkqh32.exe
O4 - HKLM\..\RunOnce: [ipui32.exe] C:\WINDOWS\ipui32.exe
O4 - HKLM\..\RunOnce: [atlvx32.exe] C:\WINDOWS\system32\atlvx32.exe
O4 - HKLM\..\RunOnce: [mfcpo32.exe] C:\WINDOWS\mfcpo32.exe
O4 - HKLM\..\RunOnce: [sdkql.exe] C:\WINDOWS\system32\sdkql.exe
O4 - HKLM\..\RunOnce: [appbj32.exe] C:\WINDOWS\appbj32.exe
O4 - HKLM\..\RunOnce: [sdkkz.exe] C:\WINDOWS\sdkkz.exe
O4 - HKLM\..\RunOnce: [mfcds32.exe] C:\WINDOWS\system32\mfcds32.exe
O4 - HKLM\..\RunOnce: [appqg32.exe] C:\WINDOWS\appqg32.exe
O4 - HKLM\..\RunOnce: [d3vi.exe] C:\WINDOWS\d3vi.exe
O4 - HKLM\..\RunOnce: [ntuv.exe] C:\WINDOWS\system32\ntuv.exe
O4 - HKLM\..\RunOnce: [d3kd32.exe] C:\WINDOWS\system32\d3kd32.exe
O4 - HKLM\..\RunOnce: [sdkct.exe] C:\WINDOWS\sdkct.exe
O4 - HKLM\..\RunOnce: [javaml.exe] C:\WINDOWS\system32\javaml.exe
O4 - HKLM\..\RunOnce: [nttk32.exe] C:\WINDOWS\nttk32.exe
O4 - HKLM\..\RunOnce: [appye.exe] C:\WINDOWS\appye.exe
O4 - HKLM\..\RunOnce: [msrv32.exe] C:\WINDOWS\system32\msrv32.exe
O4 - HKLM\..\RunOnce: [mfcxm.exe] C:\WINDOWS\system32\mfcxm.exe
O4 - HKLM\..\RunOnce: [windw.exe] C:\WINDOWS\system32\windw.exe
O4 - HKLM\..\RunOnce: [javaqy32.exe] C:\WINDOWS\javaqy32.exe
O4 - HKLM\..\RunOnce: [ielw.exe] C:\WINDOWS\ielw.exe
O4 - HKLM\..\RunOnce: [d3vd32.exe] C:\WINDOWS\d3vd32.exe
O4 - HKLM\..\RunOnce: [netjx.exe] C:\WINDOWS\netjx.exe
O4 - HKLM\..\RunOnce: [winoc.exe] C:\WINDOWS\system32\winoc.exe
O4 - HKLM\..\RunOnce: [apihq32.exe] C:\WINDOWS\apihq32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Archivos de programa\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: GStartup.lnk = C:\Archivos de programa\Archivos comunes\GMT\GMT.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{464F0CB3-D0C9-4CB5-A88A-F15374D9A709}: NameServer = 192.168.0.1,0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CF83E5A-BDC4-47AE-B54D-9B1DE8A96EF5}: NameServer = 200.51.212.7 200.51.211.7
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\crna32.exe" /s (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: DefWatch - Symantec Corporation - C:\Archivos de programa\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Archivos de programa\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe