Primero quiero felicitar a todos los que crearon y manejan este foro, luego quiero que por favor me den una mano, aparecen popus con la inscripción "only the best" y la verdad no me deja en paz acá les dejo el log que me arrojó el HijackThis, nuevamente muchísimas gracias a todos.

Logfile of HijackThis v1.99.1
Scan saved at 7:59:58 PM, on 24-Aug-05
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\CA\eTrust\Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust\Antivirus\InoRT.exe
C:\Program Files\CA\eTrust\Antivirus\InoTask.exe
C:\WINDOWS\LogWatNT.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\CA\eTrust\Antivirus\realmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\iefp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\mfccw32.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\3082\msoffice.exe
C:\WINDOWS\System32\mdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\FGSantander\My Documents\Utilitarios\Hj\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = proxygye.lanchile.com.ec:3128
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Class - {B5C699C0-04D3-A0F8-00C0-8F9B575E5A03} - C:\WINDOWS\sysku.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TSysSMon] c:\toshiba\sysstability\tsyssmon.exe /detect
O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrust\Antivirus\realmon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinInit] Win86.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iefp.exe] C:\WINDOWS\iefp.exe
O4 - HKLM\..\Run: [NAVNet] "C:\DOCUME~1\FGSANT~1\LOCALS~1\Temp\2E.tmp" /m
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Barra de acceso directo de Microsoft Office.lnk = ?
O4 - Global Startup: VPN Dialer (OnStartup).lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://speedbar.myway.com/menusearch.html?p=MG1
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Casa 3rdPty - jHelp - http://files.citidirect.com/files/citidirect/cabs/461_e105_0918/casahelp.cab
O16 - DPF: Casa 3rdPty - Misc - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casathrdpty.cab
O16 - DPF: Casa 3rdPty - Swing 1 - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casaswing1.cab
O16 - DPF: Casa 3rdPty - Swing 2 - file://D:\CitiDirect\ie\casaswing2.cab
O16 - DPF: Casa Audit - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casaaudit.cab
O16 - DPF: Casa AWT - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casaawt.cab
O16 - DPF: Casa Broadcast - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casabrdcast.cab
O16 - DPF: Casa BTR - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casabtr.cab
O16 - DPF: Casa Cab Verifier - file://D:\CitiDirect\ie\casacabverifier.cab
O16 - DPF: Casa Code Pages - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casacodepage.cab
O16 - DPF: Casa Default - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casadefault.cab
O16 - DPF: Casa File Delivery - http://citidirect-eb.citicorp.com:/cabs/casafiledelivery.cab
O16 - DPF: Casa Framework - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casaframework.cab
O16 - DPF: Casa IBM XML Parser - http://files.citidirect.com/files/citidirect/cabs/461_e105_0918/casaxml.cab
O16 - DPF: Casa Images - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casaimages.cab
O16 - DPF: Casa Infrastructure - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casainfr.cab
O16 - DPF: Casa Language ar_EG - file://D:\CitiDirect\ie\casa_ar_eg.cab
O16 - DPF: Casa Language bg_BG - file://D:\CitiDirect\ie\casa_bg_bg.cab
O16 - DPF: Casa Language cs_CZ - file://D:\CitiDirect\ie\casa_cs_cz.cab
O16 - DPF: Casa Language de_DE - file://D:\CitiDirect\ie\casa_de_de.cab
O16 - DPF: Casa Language el_GR - file://D:\CitiDirect\ie\casa_el_gr.cab
O16 - DPF: Casa Language es_AR - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casa_es_ar.cab
O16 - DPF: Casa Language es_ES - file://D:\CitiDirect\ie\casa_es_es.cab
O16 - DPF: Casa Language fr_FR - file://D:\CitiDirect\ie\casa_fr_fr.cab
O16 - DPF: Casa Language he_IL - file://D:\CitiDirect\ie\casa_he_il.cab
O16 - DPF: Casa Language hu_HU - file://D:\CitiDirect\ie\casa_hu_hu.cab
O16 - DPF: Casa Language it_IT - file://D:\CitiDirect\ie\casa_it_it.cab
O16 - DPF: Casa Language ja_JP - file://D:\CitiDirect\ie\casa_ja_jp.cab
O16 - DPF: Casa Language ko_KP - file://D:\CitiDirect\ie\casa_ko_kp.cab
O16 - DPF: Casa Language nl_NL - file://D:\CitiDirect\ie\casa_nl_nl.cab
O16 - DPF: Casa Language pl_PL - file://D:\CitiDirect\ie\casa_pl_pl.cab
O16 - DPF: Casa Language pt_BR - file://D:\CitiDirect\ie\casa_pt_br.cab
O16 - DPF: Casa Language ro_RO - file://D:\CitiDirect\ie\casa_ro_ro.cab
O16 - DPF: Casa Language ru_RU - file://D:\CitiDirect\ie\casa_ru_ru.cab
O16 - DPF: Casa Language sk_SK - file://D:\CitiDirect\ie\casa_sk_sk.cab
O16 - DPF: Casa Language th_TH - file://D:\CitiDirect\ie\casa_th_th.cab
O16 - DPF: Casa Language tr_TR - file://D:\CitiDirect\ie\casa_tr_tr.cab
O16 - DPF: Casa Language zh_CN - file://D:\CitiDirect\ie\casa_zh_cn.cab
O16 - DPF: Casa Language zh_TW - file://D:\CitiDirect\ie\casa_zh_tw.cab
O16 - DPF: Casa Libraries - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casalibs.cab
O16 - DPF: Casa Liquidity - file://D:\CitiDirect\ie\casaliquidity.cab
O16 - DPF: Casa List Manager - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casalistmgr.cab
O16 - DPF: Casa Lockbox - file://D:\CitiDirect\ie\casalockbox.cab
O16 - DPF: Casa Misc - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casamisc.cab
O16 - DPF: Casa PayerApproval - file://D:\CitiDirect\ie\casapayerapproval.cab
O16 - DPF: Casa Payments Banamex - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casapmtsbanamex.cab
O16 - DPF: Casa Payments Common - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casapmtscomm.cab
O16 - DPF: Casa Payments Detail - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casapmtsdtl.cab
O16 - DPF: Casa Payments Disbursements - file://D:\CitiDirect\ie\casadisbursements.cab
O16 - DPF: Casa Payments Libraries - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casapmtslibs.cab
O16 - DPF: Casa Payments Misc - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casapmtsmisc.cab
O16 - DPF: Casa Pref Mgr - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casaprefmgr.cab
O16 - DPF: Casa Receivables Mandates - file://D:\CitiDirect\ie\casareceivablesmandates.cab
O16 - DPF: Casa ReceivablesDirectDebit - file://D:\CitiDirect\ie\casareceivablesdirectdebit.cab
O16 - DPF: Casa ReceivablesInquiries - file://D:\CitiDirect\ie\casareceivablesinquiries.cab
O16 - DPF: Casa Report - http://files.citidirect.com/files/citidirect/cabs/48_e54_0602/casareport.cab
O16 - DPF: Casa Safeword - file://D:\CitiDirect\ie\casasafeword.cab
O16 - DPF: Casa SDR - file://D:\CitiDirect\ie\casasdr.cab
O16 - DPF: Casa Security Admin - file://D:\CitiDirect\ie\casasecurityadmin.cab
O16 - DPF: Casa ServForCollItems - file://D:\CitiDirect\ie\casaservforcollitems.cab
O16 - DPF: Casa ServicesForLR - file://D:\CitiDirect\ie\casaservforrece.cab
O16 - DPF: Casa ServicesProducts - file://D:\CitiDirect\ie\casaservicesproducts.cab
O16 - DPF: Casa Taiwan CBR - file://D:\CitiDirect\ie\casatwcbr.cab
O16 - DPF: Casa Trade FI Common - file://D:\CitiDirect\ie\casaficommon.cab
O16 - DPF: Casa Trade FI Detail - file://D:\CitiDirect\ie\casafidetail.cab
O16 - DPF: Casa Trade FI Lib - file://D:\CitiDirect\ie\casafilib.cab
O16 - DPF: Casa Trade FI Summary - file://D:\CitiDirect\ie\casafisummary.cab
O16 - DPF: CasaReceivablesServices - file://D:\CitiDirect\ie\casareceivablesservices.cab
O16 - DPF: CasaServForProducts - file://D:\CitiDirect\ie\casaservforproducts.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {41678683-7CEC-4FDC-B2FD-63CD2CB93C00} (WebExecute Control) - http://clanportal.lanchile.cl/intranet_sap/botonera/iWebExecute.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1097271346406
O16 - DPF: {9841D1AE-9C0B-11D3-9452-00105A098C21} (Pegasus PrintPRO Control v2.0) - https://www.produbanco.com/GFPNetSeguro/controles/PrntPRO2.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {AAB6F9A1-C408-11D1-BC6D-00C0D1572A7B} (Pegasus ImagXpress Control v3.0) - https://www.produbanco.com/GFPNetSeguro/controles/ImagXpress.cab
O16 - DPF: {C1C03C1E-8F9B-4671-8F9C-C101E872E362} (browser.logoff) - https://200.24.214.206/seguro/distrib/browser.CAB
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f008.mail.lycos.es/app/uploader/FileUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A370DE21-450E-4031-AC23-D033078DD01C}: Domain = lanchile.cl
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = lanchile.cl,lanchile.com.ec,lanchile.com,lanecuado r.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = lanchile.cl,lanchile.com.ec,lanchile.com,lanecuado r.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = lanchile.cl,lanchile.com.ec,lanchile.com,lanecuado r.com
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\mfccw32.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\Antivirus\InoTask.exe
O23 - Service: Event Log Watch (LogWatch) - Unknown owner - C:\WINDOWS\LogWatNT.exe
O23 - Service: Reflection Servers - WRQ, Inc. - C:\Program Files\Reflection\rninetd.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Hola te doy la bienvenida al Foro de InfoSpyware, empeza siguiendo los pasos de el "Tutorial de Spywares" con las herramientas Ewido Security Suite,*Microsoft Antispyware, Ad-Aware SE y SpyBot.

Pásale al menos dos de estos "Antivirus Online" y genera un nuevo log de HijackThis para pegarlo en este mismo mensaje y decirnos los resultados de los análisis de las herramientas.

Salu2