 |
| |||||||
 InfoSpyware sortea una T-Shirts |
| Participa en el sorteo por una
"Camiseta Oficial de InfoSpyware" gracias al amigo
Enjuto Mojamuto |
| Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis. |
 |
| | Herramientas |
 | 
18/04/05, 19:28:33
|  |
| |||
 Mi pc esta totalmente infectada! Esta vez creo que mi pc esta muy mal.Resulta que aparte de tener cambiada mi pagina de inicio,no deja que abra programas como el ad-aware,me tira errores todo el tiempo y no deja que entre en el internet explorer,tirandome error y quedando la pantalla en negro.No se que hacer!!!!,ya que la uso para trabajar y estoy preocupadisima. Mando el log: Logfile of HijackThis v1.99.1 Scan saved at 07:54:28 p.m., on 18/04/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v5.00 (5.00.2919.6304) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\EXPLORER.EXE C:\ARCHIVOS DE PROGRAMA\WINZIP\WINZIP32.EXE C:\WINDOWS\TEMP\HIJACKTHIS.EXE R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F1 - win.ini: run=C:\WINDOWS\SYSTEM\svhost.exe O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll O3 - Toolbar: @msdxmLC.dll,-1@3082,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll O3 - Toolbar: (no name) - {44BE0690-5429-47f0-85BB-3FFD8020233E} - (no file) O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\ARCHIV~1\GRISOFT\AVGFRE~1\AVGEMC.EXE O4 - HKLM\..\Run: [AVG7_AMSVR] C:\ARCHIV~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE O4 - HKLM\..\Run: [Startup] WinlogonStartup O4 - HKLM\..\Run: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKLM\..\Run: [System] C:\WINDOWS\SYSTEM\kernels32.exe O4 - HKLM\..\Run: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\SYSTEM\Services\{E203DEC0-B035-11D9-B678-525400E8E660}\SVCHOST.EXE O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s O4 - HKLM\..\Run: [Aoh] C:\WINDOWS\Epi.exe O4 - HKLM\..\Run: [Lud] C:\WINDOWS\Dke.exe O4 - HKLM\..\Run: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKLM\..\Run: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKLM\..\Run: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKLM\..\Run: [Brr] C:\WINDOWS\Tmo.exe O4 - HKLM\..\Run: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKLM\..\Run: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKLM\..\Run: [Nad] C:\WINDOWS\Mje.exe O4 - HKLM\..\Run: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKLM\..\Run: [Kje] C:\WINDOWS\Qcj.exe O4 - HKLM\..\Run: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKLM\..\Run: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKLM\..\Run: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKLM\..\Run: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKLM\..\Run: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKLM\..\Run: [Nrq] C:\WINDOWS\Fej.exe O4 - HKLM\..\Run: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKLM\..\Run: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKLM\..\Run: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKLM\..\Run: [Bse] C:\WINDOWS\Oje.exe O4 - HKLM\..\Run: [Hog] C:\WINDOWS\Ffs.exe O4 - HKLM\..\Run: [Ntf] C:\WINDOWS\Dle.exe O4 - HKLM\..\Run: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKLM\..\Run: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKLM\..\Run: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKLM\..\Run: [Mku] C:\WINDOWS\Vog.exe O4 - HKLM\..\Run: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKLM\..\Run: [Eoa] C:\WINDOWS\Hji.exe O4 - HKLM\..\Run: [Tjb] C:\WINDOWS\Kub.exe O4 - HKLM\..\Run: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKLM\..\Run: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKLM\..\Run: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe O4 - HKLM\..\Run: [sdohar] C:\WINDOWS\sdohar.exe O4 - HKLM\..\Run: [q74W36Q] INIC500.EXE O4 - HKLM\..\Run: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKLM\..\Run: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKLM\..\Run: [Spu] C:\WINDOWS\Ohk.exe O4 - HKLM\..\Run: [Rlo] C:\WINDOWS\Pel.exe O4 - HKLM\..\Run: [Rto] C:\WINDOWS\Kbf.exe O4 - HKLM\..\Run: [Cld] C:\WINDOWS\Teq.exe O4 - HKLM\..\Run: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKLM\..\Run: [Dqq] C:\WINDOWS\Tos.exe O4 - HKLM\..\Run: [Lgu] C:\WINDOWS\Kdr.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [MDM7] "C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE" O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\SYSTEM\kernels32.exe O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\ARCHIVOS DE PROGRAMA\YAHOO!\MESSENGER\ypager.exe -quiet O4 - HKCU\..\Run: [eMuleAutoStart] C:\ARCHIVOS DE PROGRAMA\EMULE\EMULE.EXE -AutoStart O4 - HKCU\..\Run: [Evidence Cleaner] C:\ARCHIVOS DE PROGRAMA\EVIDENCE CLEANER\ecleaner.exe O4 - HKCU\..\Run: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKCU\..\Run: [xserv] C:\WINDOWS\SYSTEM\XSERV\WUJIHBKK.EXE O4 - HKCU\..\Run: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKCU\..\Run: [Aoh] C:\WINDOWS\Epi.exe O4 - HKCU\..\Run: [Lud] C:\WINDOWS\Dke.exe O4 - HKCU\..\Run: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKCU\..\Run: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKCU\..\Run: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKCU\..\Run: [Brr] C:\WINDOWS\Tmo.exe O4 - HKCU\..\Run: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKCU\..\Run: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKCU\..\Run: [Nad] C:\WINDOWS\Mje.exe O4 - HKCU\..\Run: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKCU\..\Run: [Kje] C:\WINDOWS\Qcj.exe O4 - HKCU\..\Run: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKCU\..\Run: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKCU\..\Run: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKCU\..\Run: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKCU\..\Run: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKCU\..\Run: [Nrq] C:\WINDOWS\Fej.exe O4 - HKCU\..\Run: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKCU\..\Run: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKCU\..\Run: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKCU\..\Run: [Bse] C:\WINDOWS\Oje.exe O4 - HKCU\..\Run: [Hog] C:\WINDOWS\Ffs.exe O4 - HKCU\..\Run: [Ntf] C:\WINDOWS\Dle.exe O4 - HKCU\..\Run: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKCU\..\Run: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKCU\..\Run: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKCU\..\Run: [Mku] C:\WINDOWS\Vog.exe O4 - HKCU\..\Run: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKCU\..\Run: [Eoa] C:\WINDOWS\Hji.exe O4 - HKCU\..\Run: [Tjb] C:\WINDOWS\Kub.exe O4 - HKCU\..\Run: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKCU\..\Run: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKCU\..\Run: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKCU\..\Run: [bwv6RWcpT] IMMCTL32.EXE O4 - HKCU\..\Run: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKCU\..\Run: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKCU\..\Run: [Spu] C:\WINDOWS\Ohk.exe O4 - HKCU\..\Run: [Rlo] C:\WINDOWS\Pel.exe O4 - HKCU\..\Run: [Rto] C:\WINDOWS\Kbf.exe O4 - HKCU\..\Run: [Cld] C:\WINDOWS\Teq.exe O4 - HKCU\..\Run: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKCU\..\Run: [Dqq] C:\WINDOWS\Tos.exe O4 - HKCU\..\Run: [Lgu] C:\WINDOWS\Kdr.exe O4 - HKCU\..\RunServices: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\RunServices: [Yahoo! Pager] C:\ARCHIVOS DE PROGRAMA\YAHOO!\MESSENGER\ypager.exe -quiet O4 - HKCU\..\RunServices: [eMuleAutoStart] C:\ARCHIVOS DE PROGRAMA\EMULE\EMULE.EXE -AutoStart O4 - HKCU\..\RunServices: [Evidence Cleaner] C:\ARCHIVOS DE PROGRAMA\EVIDENCE CLEANER\ecleaner.exe O4 - HKCU\..\RunServices: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKCU\..\RunServices: [xserv] C:\WINDOWS\SYSTEM\XSERV\WUJIHBKK.EXE O4 - HKCU\..\RunServices: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKCU\..\RunServices: [Aoh] C:\WINDOWS\Epi.exe O4 - HKCU\..\RunServices: [Lud] C:\WINDOWS\Dke.exe O4 - HKCU\..\RunServices: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKCU\..\RunServices: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKCU\..\RunServices: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKCU\..\RunServices: [Brr] C:\WINDOWS\Tmo.exe O4 - HKCU\..\RunServices: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKCU\..\RunServices: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKCU\..\RunServices: [Nad] C:\WINDOWS\Mje.exe O4 - HKCU\..\RunServices: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKCU\..\RunServices: [Kje] C:\WINDOWS\Qcj.exe O4 - HKCU\..\RunServices: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKCU\..\RunServices: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKCU\..\RunServices: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKCU\..\RunServices: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKCU\..\RunServices: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKCU\..\RunServices: [Nrq] C:\WINDOWS\Fej.exe O4 - HKCU\..\RunServices: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKCU\..\RunServices: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKCU\..\RunServices: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKCU\..\RunServices: [Bse] C:\WINDOWS\Oje.exe O4 - HKCU\..\RunServices: [Hog] C:\WINDOWS\Ffs.exe O4 - HKCU\..\RunServices: [Ntf] C:\WINDOWS\Dle.exe O4 - HKCU\..\RunServices: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKCU\..\RunServices: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKCU\..\RunServices: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKCU\..\RunServices: [Mku] C:\WINDOWS\Vog.exe O4 - HKCU\..\RunServices: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKCU\..\RunServices: [Eoa] C:\WINDOWS\Hji.exe O4 - HKCU\..\RunServices: [Tjb] C:\WINDOWS\Kub.exe O4 - HKCU\..\RunServices: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKCU\..\RunServices: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKCU\..\RunServices: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKCU\..\RunServices: [bwv6RWcpT] IMMCTL32.EXE O4 - HKCU\..\RunServices: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKCU\..\RunServices: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKCU\..\RunServices: [Spu] C:\WINDOWS\Ohk.exe O4 - HKCU\..\RunServices: [Rlo] C:\WINDOWS\Pel.exe O4 - HKCU\..\RunServices: [Rto] C:\WINDOWS\Kbf.exe O4 - HKCU\..\RunServices: [Cld] C:\WINDOWS\Teq.exe O4 - HKCU\..\RunServices: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKCU\..\RunServices: [Dqq] C:\WINDOWS\Tos.exe O4 - HKCU\..\RunServices: [Lgu] C:\WINDOWS\Kdr.exe O4 - HKCU\..\RunOnce: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\RunOnce: [Yahoo! Pager] C:\ARCHIVOS DE PROGRAMA\YAHOO!\MESSENGER\ypager.exe -quiet O4 - HKCU\..\RunOnce: [eMuleAutoStart] C:\ARCHIVOS DE PROGRAMA\EMULE\EMULE.EXE -AutoStart O4 - HKCU\..\RunOnce: [Evidence Cleaner] C:\ARCHIVOS DE PROGRAMA\EVIDENCE CLEANER\ecleaner.exe O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKCU\..\RunOnce: [xserv] C:\WINDOWS\SYSTEM\XSERV\WUJIHBKK.EXE O4 - HKCU\..\RunOnce: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKCU\..\RunOnce: [Aoh] C:\WINDOWS\Epi.exe O4 - HKCU\..\RunOnce: [Lud] C:\WINDOWS\Dke.exe O4 - HKCU\..\RunOnce: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKCU\..\RunOnce: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKCU\..\RunOnce: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKCU\..\RunOnce: [Brr] C:\WINDOWS\Tmo.exe O4 - HKCU\..\RunOnce: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKCU\..\RunOnce: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKCU\..\RunOnce: [Nad] C:\WINDOWS\Mje.exe O4 - HKCU\..\RunOnce: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKCU\..\RunOnce: [Kje] C:\WINDOWS\Qcj.exe O4 - HKCU\..\RunOnce: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKCU\..\RunOnce: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKCU\..\RunOnce: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKCU\..\RunOnce: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKCU\..\RunOnce: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKCU\..\RunOnce: [Nrq] C:\WINDOWS\Fej.exe O4 - HKCU\..\RunOnce: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKCU\..\RunOnce: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKCU\..\RunOnce: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKCU\..\RunOnce: [Bse] C:\WINDOWS\Oje.exe O4 - HKCU\..\RunOnce: [Hog] C:\WINDOWS\Ffs.exe O4 - HKCU\..\RunOnce: [Ntf] C:\WINDOWS\Dle.exe O4 - HKCU\..\RunOnce: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKCU\..\RunOnce: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKCU\..\RunOnce: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKCU\..\RunOnce: [Mku] C:\WINDOWS\Vog.exe O4 - HKCU\..\RunOnce: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKCU\..\RunOnce: [Eoa] C:\WINDOWS\Hji.exe O4 - HKCU\..\RunOnce: [Tjb] C:\WINDOWS\Kub.exe O4 - HKCU\..\RunOnce: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKCU\..\RunOnce: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKCU\..\RunOnce: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKCU\..\RunOnce: [bwv6RWcpT] IMMCTL32.EXE O4 - HKCU\..\RunOnce: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKCU\..\RunOnce: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKCU\..\RunOnce: [Spu] C:\WINDOWS\Ohk.exe O4 - HKCU\..\RunOnce: [Rlo] C:\WINDOWS\Pel.exe O4 - HKCU\..\RunOnce: [Rto] C:\WINDOWS\Kbf.exe O4 - HKCU\..\RunOnce: [Cld] C:\WINDOWS\Teq.exe O4 - HKCU\..\RunOnce: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKCU\..\RunOnce: [Dqq] C:\WINDOWS\Tos.exe O4 - HKCU\..\RunOnce: [Lgu] C:\WINDOWS\Kdr.exe O4 - HKCU\..\RunServicesOnce: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\RunServicesOnce: [Yahoo! Pager] C:\ARCHIVOS DE PROGRAMA\YAHOO!\MESSENGER\ypager.exe -quiet O4 - HKCU\..\RunServicesOnce: [eMuleAutoStart] C:\ARCHIVOS DE PROGRAMA\EMULE\EMULE.EXE -AutoStart O4 - HKCU\..\RunServicesOnce: [Evidence Cleaner] C:\ARCHIVOS DE PROGRAMA\EVIDENCE CLEANER\ecleaner.exe O4 - HKCU\..\RunServicesOnce: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKCU\..\RunServicesOnce: [xserv] C:\WINDOWS\SYSTEM\XSERV\WUJIHBKK.EXE O4 - HKCU\..\RunServicesOnce: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKCU\..\RunServicesOnce: [Aoh] C:\WINDOWS\Epi.exe O4 - HKCU\..\RunServicesOnce: [Lud] C:\WINDOWS\Dke.exe O4 - HKCU\..\RunServicesOnce: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKCU\..\RunServicesOnce: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKCU\..\RunServicesOnce: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKCU\..\RunServicesOnce: [Brr] C:\WINDOWS\Tmo.exe O4 - HKCU\..\RunServicesOnce: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKCU\..\RunServicesOnce: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKCU\..\RunServicesOnce: [Nad] C:\WINDOWS\Mje.exe O4 - HKCU\..\RunServicesOnce: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKCU\..\RunServicesOnce: [Kje] C:\WINDOWS\Qcj.exe O4 - HKCU\..\RunServicesOnce: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKCU\..\RunServicesOnce: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKCU\..\RunServicesOnce: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKCU\..\RunServicesOnce: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKCU\..\RunServicesOnce: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKCU\..\RunServicesOnce: [Nrq] C:\WINDOWS\Fej.exe O4 - HKCU\..\RunServicesOnce: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKCU\..\RunServicesOnce: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKCU\..\RunServicesOnce: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKCU\..\RunServicesOnce: [Bse] C:\WINDOWS\Oje.exe O4 - HKCU\..\RunServicesOnce: [Hog] C:\WINDOWS\Ffs.exe O4 - HKCU\..\RunServicesOnce: [Ntf] C:\WINDOWS\Dle.exe O4 - HKCU\..\RunServicesOnce: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKCU\..\RunServicesOnce: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKCU\..\RunServicesOnce: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKCU\..\RunServicesOnce: [Mku] C:\WINDOWS\Vog.exe O4 - HKCU\..\RunServicesOnce: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKCU\..\RunServicesOnce: [Eoa] C:\WINDOWS\Hji.exe O4 - HKCU\..\RunServicesOnce: [Tjb] C:\WINDOWS\Kub.exe O4 - HKCU\..\RunServicesOnce: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKCU\..\RunServicesOnce: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKCU\..\RunServicesOnce: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKCU\..\RunServicesOnce: [bwv6RWcpT] IMMCTL32.EXE O4 - HKCU\..\RunServicesOnce: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKCU\..\RunServicesOnce: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKCU\..\RunServicesOnce: [Spu] C:\WINDOWS\Ohk.exe O4 - HKCU\..\RunServicesOnce: [Rlo] C:\WINDOWS\Pel.exe O4 - HKCU\..\RunServicesOnce: [Rto] C:\WINDOWS\Kbf.exe O4 - HKCU\..\RunServicesOnce: [Cld] C:\WINDOWS\Teq.exe O4 - HKCU\..\RunServicesOnce: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKCU\..\RunServicesOnce: [Dqq] C:\WINDOWS\Tos.exe O4 - HKCU\..\RunServicesOnce: [Lgu] C:\WINDOWS\Kdr.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE10\EXCEL.EXE/3000 O8 - Extra context menu item: &Google Search - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html O8 - Extra context menu item: Translate into English - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html O12 - Plugin for .spop: C:\ARCHIV~1\INTERN~1\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O15 - Trusted Zone: *.addictivetechnologies.com O15 - Trusted Zone: *.sp2fucked.biz O15 - Trusted Zone: *.newiframe.biz O15 - Trusted Zone: *.megapornix.com O15 - Trusted Zone: *.iframe.biz O15 - Trusted Zone: *.sp2admin.biz O15 - Trusted Zone: *.windupdates.com O15 - Trusted Zone: *.c4tdownload.com O15 - Trusted Zone: *.overpro.com O15 - Trusted Zone: *.awmdabest.com O15 - Trusted Zone: *.traffic2cash.biz O15 - Trusted Zone: *.admin2cash.biz O15 - Trusted Zone: *.private-iframe.biz O15 - Trusted Zone: *.private-dialer.biz O15 - Trusted Zone: *.bettersearch.biz O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone (HKLM) O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab O16 - DPF: Yahoo! Games Voice Chat - http://yog55.games.scd.yahoo.com/yog/y/va1_x.cab O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at1_x.cab O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/resources/MsnPUpld.cab O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.184.85,195.225.176.37 O21 - SSODL: OLE Module - {0656A137-B161-CADD-9777-E37A75727E78} - C:\WINDOWS\SYSTEM\thun32.dll -Este es uno de los errores que manda: EXPLORER provocó un error de página no válida en el módulo <desconocido> de 0000:61b85cf6. Registros: EAX=0042bf5a CS=0167 EIP=61b85cf6 EFLGS=00010217 EBX=81714ca0 SS=016f ESP=005fff88 EBP=005fff98 ECX=c1805af0 DS=016f ESI=0042b9eb FS=1ba7 EDX=81714d00 ES=016f EDI=81714988 GS=0000 Bytes en CS:EIP: Volcado de pila: ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x -Tambien manda errores de RUNDLL -Pase el disk cleaner : System Temporary Files (1816 kB; 9 items): cleaned 1816 kB in 9 items. Temporary Internet Files (0 bytes; 0 items): cleaned 0 bytes in 0 items. Internet Cookies (0 bytes; 0 items): cleaned 0 bytes in 0 items. Internet History (0 bytes; 2 items): cleaned 0 bytes in 0 items. Recent Documents (6 kB; 16 items): cleaned 6 kB in 16 items. Run... List (0 bytes; 0 items): cleaned 0 bytes in 0 items. Find Document List (0 bytes; 0 items): cleaned 0 bytes in 0 items. Find Computer List (0 bytes; 0 items): cleaned 0 bytes in 0 items. URLs in IE Address Bar (0 bytes; 0 items): cleaned 0 bytes in 0 items. URLs in Shell Address Bar (0 bytes; 0 items): cleaned 0 bytes in 0 items. Media Player Recent URLs (0 bytes; 0 items): cleaned 0 bytes in 0 items. WinZip Recent Files (0 bytes; 0 items): cleaned 0 bytes in 0 items. WinZip Extract To Folders (0 bytes; 0 items): cleaned 0 bytes in 0 items. Paint Recent Files (0 bytes; 0 items): cleaned 0 bytes in 0 items. WordPad Recent Files (0 bytes; 0 items): cleaned 0 bytes in 0 items. Opera Cookies (0 bytes; 0 items): cleaned 0 bytes in 0 items. Opera History (0 bytes; 0 items): cleaned 0 bytes in 0 items. Opera Cache (0 bytes; 0 items): cleaned 0 bytes in 0 items. Opera Visited Links (0 bytes; 0 items): cleaned 0 bytes in 0 items. Opera Downloaded Files (0 bytes; 0 items): cleaned 0 bytes in 0 items. Recycle Bin (0 bytes; 0 items): cleaned 0 bytes in 0 items. ACDSee (0 bytes; 0 items): cleaned 0 bytes in 0 items. Acrobat Reader 4/5.x/6 (0 bytes; 0 items): cleaned 0 bytes in 0 items. Agent NewsReader (0 bytes; 0 items): cleaned 0 bytes in 0 items. JASC Animation Shop 3.0 (0 bytes; 0 items): cleaned 0 bytes in 0 items. AX-Icons 4.x (0 bytes; 0 items): cleaned 0 bytes in 0 items. BearShare (0 bytes; 0 items): cleaned 0 bytes in 0 items. CoffeeCup GIF Animator (0 bytes; 0 items): cleaned 0 bytes in 0 items. Check Disk File Fragments (0 bytes; 0 items): cleaned 0 bytes in 0 items. Common Dialog MRUs (0 bytes; 0 items): cleaned 0 bytes in 0 items. Copernic 2001 Basic/Plus/Pro (0 bytes; 0 items): cleaned 0 bytes in 0 items. CuteFTP 4.0 (0 bytes; 0 items): cleaned 0 bytes in 0 items. CuteHTML (0 bytes; 0 items): cleaned 0 bytes in 0 items. Divx Player (0 bytes; 0 items): cleaned 0 bytes in 0 items. Flash 5 (0 bytes; 0 items): cleaned 0 bytes in 0 items. Flash Get (0 bytes; 0 items): cleaned 0 bytes in 0 items. FotoCanvas Lite (0 bytes; 0 items): cleaned 0 bytes in 0 items. FreshDownload (0 bytes; 0 items): cleaned 0 bytes in 0 items. Google Tool Bar (0 bytes; 0 items): cleaned 0 bytes in 0 items. ICQ2000A/B (0 bytes; 0 items): cleaned 0 bytes in 0 items. IE Autocomplete Form History (0 bytes; 0 items): cleaned 0 bytes in 0 items. IZArc History (0 bytes; 0 items): cleaned 0 bytes in 0 items. Macromedia Dreamweaver 4.0 (0 bytes; 0 items): cleaned 0 bytes in 0 items. Map Network Drive MRU (0 bytes; 0 items): cleaned 0 bytes in 0 items. Mass Download (0 bytes; 0 items): cleaned 0 bytes in 0 items. Media Player Classic (0 bytes; 0 items): cleaned 0 bytes in 0 items. MS Imaging (0 bytes; 0 items): cleaned 0 bytes in 0 items. Microsoft Photo Editor (0 bytes; 0 items): cleaned 0 bytes in 0 items. Microsoft Publisher (0 bytes; 0 items): cleaned 0 bytes in 0 items. Microsoft Works 4.5 (0 bytes; 0 items): cleaned 0 bytes in 0 items. Netants (0 bytes; 0 items): cleaned 0 bytes in 0 items. NetCaptor (0 bytes; 0 items): cleaned 0 bytes in 0 items. Office 95/97/2000/XP/2003 Recent Files (1 kB; 1 item): cleaned 1 kB in 1 item. Paint Shop Pro 7/8/9 (0 bytes; 0 items): cleaned 0 bytes in 0 items. PowerArchiver (0 bytes; 0 items): cleaned 0 bytes in 0 items. PowerDVD (0 bytes; 0 items): cleaned 0 bytes in 0 items. PowerZip 6.0 (0 bytes; 0 items): cleaned 0 bytes in 0 items. Quicktime Player (0 bytes; 0 items): cleaned 0 bytes in 0 items. RealOne (0 bytes; 0 items): cleaned 0 bytes in 0 items. Realplayer 8.0 (0 bytes; 0 items): cleaned 0 bytes in 0 items. Search History For Windows 2000/XP (0 bytes; 0 items): cleaned 0 bytes in 0 items. SmartDraw 6 (0 bytes; 0 items): cleaned 0 bytes in 0 items. Sonique (0 bytes; 0 items): cleaned 0 bytes in 0 items. SWiSH 2.0 (0 bytes; 0 items): cleaned 0 bytes in 0 items. The Playa (0 bytes; 0 items): cleaned 0 bytes in 0 items. Ulead GIF Animator (0 bytes; 0 items): cleaned 0 bytes in 0 items. WebFerret (0 bytes; 0 items): cleaned 0 bytes in 0 items. Windows Memory Dump (0 bytes; 0 items): cleaned 0 bytes in 0 items. Windows Log Files (31 kB; 5 items): cleaned 31 kB in 5 items. WinRar 2.x (0 bytes; 0 items): cleaned 0 bytes in 0 items. Forced \Windows\Temp cleaner (1816 kB; 9 items): cleaned 0 bytes in 0 items. WordPerfect 7/8/9/10/11 (0 bytes; 0 items): cleaned 0 bytes in 0 items. WinXP prefetch clean (0 bytes; 0 items): cleaned 0 bytes in 0 items. Yahoo! Messenger (608 kB; 112 items): cleaned 0 bytes in 0 items. Zone Alarm Log File (0 bytes; 0 items): cleaned 0 bytes in 0 items. Scheduled 0 file(s) for removal on reboot. Cleaned total of 1856 kB in 31 items. Que no se si esta bien o no. Por favor necesito ayuda de manera urgente ya que no se que hacer.Ni siquiera puedo ingresar a internet. Esta totalmente infectada y no se como arreglarla. Muchas graciassssssss.     |
|
18/04/05, 20:19:04
| |
| ||||
| Re: Mi pc esta totalmente infectada! Hola!!! La verdad que no hay por donde coger ese log  .Sigue esos pasos: 1) Ver archivos ocultos y pasa al menos 2 de estos Antivirus Online 2) Reinicia a prueba de fallos 3) Desinstala desde panel de control--> agregar o quitar programas: 180search assistant 4) Con el administrador de tareas (ctrl+alt+supr) para cualquiera de los procesos que te marco en negrita en las entradas para dar fix con HijackThis, si se están ejecutando. 5) Usa TZ-Kill.inf para eliminar las entradas 015-Trusted. 6) Ejecuta HijackThis con todos los programas cerrados y dale fix a: F1 - win.ini: run=C:\WINDOWS\SYSTEM\svhost.exe O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll O3 - Toolbar: (no name) - {44BE0690-5429-47f0-85BB-3FFD8020233E} - (no file) O4 - HKLM\..\Run: [Startup] WinlogonStartup O4 - HKLM\..\Run: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKLM\..\Run: [System] C:\WINDOWS\SYSTEM\kernels32.exe O4 - HKLM\..\Run: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\SYSTEM\Services\{E203DEC0-B035-11D9-B678-525400E8E660}\SVCHOST.EXE O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s O4 - HKLM\..\Run: [Aoh] C:\WINDOWS\Epi.exe O4 - HKLM\..\Run: [Lud] C:\WINDOWS\Dke.exe O4 - HKLM\..\Run: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKLM\..\Run: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKLM\..\Run: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKLM\..\Run: [Brr] C:\WINDOWS\Tmo.exe O4 - HKLM\..\Run: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKLM\..\Run: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKLM\..\Run: [Nad] C:\WINDOWS\Mje.exe O4 - HKLM\..\Run: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKLM\..\Run: [Kje] C:\WINDOWS\Qcj.exe O4 - HKLM\..\Run: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKLM\..\Run: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKLM\..\Run: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKLM\..\Run: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKLM\..\Run: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKLM\..\Run: [Nrq] C:\WINDOWS\Fej.exe O4 - HKLM\..\Run: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKLM\..\Run: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKLM\..\Run: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKLM\..\Run: [Bse] C:\WINDOWS\Oje.exe O4 - HKLM\..\Run: [Hog] C:\WINDOWS\Ffs.exe O4 - HKLM\..\Run: [Ntf] C:\WINDOWS\Dle.exe O4 - HKLM\..\Run: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKLM\..\Run: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKLM\..\Run: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKLM\..\Run: [Mku] C:\WINDOWS\Vog.exe O4 - HKLM\..\Run: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKLM\..\Run: [Eoa] C:\WINDOWS\Hji.exe O4 - HKLM\..\Run: [Tjb] C:\WINDOWS\Kub.exe O4 - HKLM\..\Run: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKLM\..\Run: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKLM\..\Run: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe O4 - HKLM\..\Run: [sdohar] C:\WINDOWS\sdohar.exe O4 - HKLM\..\Run: [q74W36Q] INIC500.EXE O4 - HKLM\..\Run: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKLM\..\Run: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKLM\..\Run: [Spu] C:\WINDOWS\Ohk.exe O4 - HKLM\..\Run: [Rlo] C:\WINDOWS\Pel.exe O4 - HKLM\..\Run: [Rto] C:\WINDOWS\Kbf.exe O4 - HKLM\..\Run: [Cld] C:\WINDOWS\Teq.exe O4 - HKLM\..\Run: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKLM\..\Run: [Dqq] C:\WINDOWS\Tos.exe O4 - HKLM\..\Run: [Lgu] C:\WINDOWS\Kdr.exe O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\SYSTEM\kernels32.exe O4 - HKCU\..\Run: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKCU\..\Run: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKCU\..\Run: [Aoh] C:\WINDOWS\Epi.exe O4 - HKCU\..\Run: [Lud] C:\WINDOWS\Dke.exe O4 - HKCU\..\Run: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKCU\..\Run: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKCU\..\Run: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKCU\..\Run: [Brr] C:\WINDOWS\Tmo.exe O4 - HKCU\..\Run: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKCU\..\Run: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKCU\..\Run: [Nad] C:\WINDOWS\Mje.exe O4 - HKCU\..\Run: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKCU\..\Run: [Kje] C:\WINDOWS\Qcj.exe O4 - HKCU\..\Run: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKCU\..\Run: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKCU\..\Run: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKCU\..\Run: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKCU\..\Run: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKCU\..\Run: [Nrq] C:\WINDOWS\Fej.exe O4 - HKCU\..\Run: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKCU\..\Run: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKCU\..\Run: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKCU\..\Run: [Bse] C:\WINDOWS\Oje.exe O4 - HKCU\..\Run: [Hog] C:\WINDOWS\Ffs.exe O4 - HKCU\..\Run: [Ntf] C:\WINDOWS\Dle.exe O4 - HKCU\..\Run: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKCU\..\Run: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKCU\..\Run: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKCU\..\Run: [Mku] C:\WINDOWS\Vog.exe O4 - HKCU\..\Run: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKCU\..\Run: [Eoa] C:\WINDOWS\Hji.exe O4 - HKCU\..\Run: [Tjb] C:\WINDOWS\Kub.exe O4 - HKCU\..\Run: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKCU\..\Run: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKCU\..\Run: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKCU\..\Run: [bwv6RWcpT] IMMCTL32.EXE O4 - HKCU\..\Run: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKCU\..\Run: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKCU\..\Run: [Spu] C:\WINDOWS\Ohk.exe O4 - HKCU\..\Run: [Rlo] C:\WINDOWS\Pel.exe O4 - HKCU\..\Run: [Rto] C:\WINDOWS\Kbf.exe O4 - HKCU\..\Run: [Cld] C:\WINDOWS\Teq.exe O4 - HKCU\..\Run: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKCU\..\Run: [Dqq] C:\WINDOWS\Tos.exe O4 - HKCU\..\Run: [Lgu] C:\WINDOWS\Kdr.exe O4 - HKCU\..\RunServices: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKCU\..\RunServices: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKCU\..\RunServices: [Aoh] C:\WINDOWS\Epi.exe O4 - HKCU\..\RunServices: [Lud] C:\WINDOWS\Dke.exe O4 - HKCU\..\RunServices: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKCU\..\RunServices: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKCU\..\RunServices: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKCU\..\RunServices: [Brr] C:\WINDOWS\Tmo.exe O4 - HKCU\..\RunServices: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKCU\..\RunServices: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKCU\..\RunServices: [Nad] C:\WINDOWS\Mje.exe O4 - HKCU\..\RunServices: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKCU\..\RunServices: [Kje] C:\WINDOWS\Qcj.exe O4 - HKCU\..\RunServices: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKCU\..\RunServices: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKCU\..\RunServices: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKCU\..\RunServices: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKCU\..\RunServices: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKCU\..\RunServices: [Nrq] C:\WINDOWS\Fej.exe O4 - HKCU\..\RunServices: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKCU\..\RunServices: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKCU\..\RunServices: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKCU\..\RunServices: [Bse] C:\WINDOWS\Oje.exe O4 - HKCU\..\RunServices: [Hog] C:\WINDOWS\Ffs.exe O4 - HKCU\..\RunServices: [Ntf] C:\WINDOWS\Dle.exe O4 - HKCU\..\RunServices: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKCU\..\RunServices: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKCU\..\RunServices: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKCU\..\RunServices: [Mku] C:\WINDOWS\Vog.exe O4 - HKCU\..\RunServices: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKCU\..\RunServices: [Eoa] C:\WINDOWS\Hji.exe O4 - HKCU\..\RunServices: [Tjb] C:\WINDOWS\Kub.exe O4 - HKCU\..\RunServices: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKCU\..\RunServices: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKCU\..\RunServices: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKCU\..\RunServices: [bwv6RWcpT] IMMCTL32.EXE O4 - HKCU\..\RunServices: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKCU\..\RunServices: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKCU\..\RunServices: [Spu] C:\WINDOWS\Ohk.exe O4 - HKCU\..\RunServices: [Rlo] C:\WINDOWS\Pel.exe O4 - HKCU\..\RunServices: [Rto] C:\WINDOWS\Kbf.exe O4 - HKCU\..\RunServices: [Cld] C:\WINDOWS\Teq.exe O4 - HKCU\..\RunServices: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKCU\..\RunServices: [Dqq] C:\WINDOWS\Tos.exe O4 - HKCU\..\RunServices: [Lgu] C:\WINDOWS\Kdr.exe O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKCU\..\RunOnce: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKCU\..\RunOnce: [Aoh] C:\WINDOWS\Epi.exe O4 - HKCU\..\RunOnce: [Lud] C:\WINDOWS\Dke.exe O4 - HKCU\..\RunOnce: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKCU\..\RunOnce: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKCU\..\RunOnce: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKCU\..\RunOnce: [Brr] C:\WINDOWS\Tmo.exe O4 - HKCU\..\RunOnce: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKCU\..\RunOnce: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKCU\..\RunOnce: [Nad] C:\WINDOWS\Mje.exe O4 - HKCU\..\RunOnce: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKCU\..\RunOnce: [Kje] C:\WINDOWS\Qcj.exe O4 - HKCU\..\RunOnce: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKCU\..\RunOnce: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKCU\..\RunOnce: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKCU\..\RunOnce: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKCU\..\RunOnce: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKCU\..\RunOnce: [Nrq] C:\WINDOWS\Fej.exe O4 - HKCU\..\RunOnce: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKCU\..\RunOnce: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKCU\..\RunOnce: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKCU\..\RunOnce: [Bse] C:\WINDOWS\Oje.exe O4 - HKCU\..\RunOnce: [Hog] C:\WINDOWS\Ffs.exe O4 - HKCU\..\RunOnce: [Ntf] C:\WINDOWS\Dle.exe O4 - HKCU\..\RunOnce: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKCU\..\RunOnce: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKCU\..\RunOnce: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKCU\..\RunOnce: [Mku] C:\WINDOWS\Vog.exe O4 - HKCU\..\RunOnce: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKCU\..\RunOnce: [Eoa] C:\WINDOWS\Hji.exe O4 - HKCU\..\RunOnce: [Tjb] C:\WINDOWS\Kub.exe O4 - HKCU\..\RunOnce: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKCU\..\RunOnce: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKCU\..\RunOnce: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKCU\..\RunOnce: [bwv6RWcpT] IMMCTL32.EXE O4 - HKCU\..\RunOnce: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKCU\..\RunOnce: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKCU\..\RunOnce: [Spu] C:\WINDOWS\Ohk.exe O4 - HKCU\..\RunOnce: [Rlo] C:\WINDOWS\Pel.exe O4 - HKCU\..\RunOnce: [Rto] C:\WINDOWS\Kbf.exe O4 - HKCU\..\RunOnce: [Cld] C:\WINDOWS\Teq.exe O4 - HKCU\..\RunOnce: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKCU\..\RunOnce: [Dqq] C:\WINDOWS\Tos.exe O4 - HKCU\..\RunOnce: [Lgu] C:\WINDOWS\Kdr.exe O4 - HKCU\..\RunServicesOnce: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe O4 - HKCU\..\RunServicesOnce: [Ots] C:\WINDOWS\SYSTEM\Top.exe O4 - HKCU\..\RunServicesOnce: [Aoh] C:\WINDOWS\Epi.exe O4 - HKCU\..\RunServicesOnce: [Lud] C:\WINDOWS\Dke.exe O4 - HKCU\..\RunServicesOnce: [Iho] C:\WINDOWS\SYSTEM\Lqo.exe O4 - HKCU\..\RunServicesOnce: [Ijk] C:\WINDOWS\SYSTEM\Ubo.exe O4 - HKCU\..\RunServicesOnce: [Ghb] C:\WINDOWS\SYSTEM\Rmd.exe O4 - HKCU\..\RunServicesOnce: [Brr] C:\WINDOWS\Tmo.exe O4 - HKCU\..\RunServicesOnce: [Ggi] C:\WINDOWS\SYSTEM\Chj.exe O4 - HKCU\..\RunServicesOnce: [Kfk] C:\WINDOWS\Fcv.exe O4 - HKCU\..\RunServicesOnce: [Nad] C:\WINDOWS\Mje.exe O4 - HKCU\..\RunServicesOnce: [Bru] C:\WINDOWS\SYSTEM\Din.exe O4 - HKCU\..\RunServicesOnce: [Kje] C:\WINDOWS\Qcj.exe O4 - HKCU\..\RunServicesOnce: [Hvs] C:\WINDOWS\Mrm.exe O4 - HKCU\..\RunServicesOnce: [Dis] C:\WINDOWS\SYSTEM\Idq.exe O4 - HKCU\..\RunServicesOnce: [Igb] C:\WINDOWS\SYSTEM\Kpl.exe O4 - HKCU\..\RunServicesOnce: [Mbl] C:\WINDOWS\SYSTEM\Oqm.exe O4 - HKCU\..\RunServicesOnce: [Dpa] C:\WINDOWS\Jdv.exe O4 - HKCU\..\RunServicesOnce: [Nrq] C:\WINDOWS\Fej.exe O4 - HKCU\..\RunServicesOnce: [Tcu] C:\WINDOWS\SYSTEM\Psp.exe O4 - HKCU\..\RunServicesOnce: [Ksb] C:\WINDOWS\Qlq.exe O4 - HKCU\..\RunServicesOnce: [Mng] C:\WINDOWS\SYSTEM\Pvt.exe O4 - HKCU\..\RunServicesOnce: [Bse] C:\WINDOWS\Oje.exe O4 - HKCU\..\RunServicesOnce: [Hog] C:\WINDOWS\Ffs.exe O4 - HKCU\..\RunServicesOnce: [Ntf] C:\WINDOWS\Dle.exe O4 - HKCU\..\RunServicesOnce: [Cpd] C:\WINDOWS\SYSTEM\Ulb.exe O4 - HKCU\..\RunServicesOnce: [Gtn] C:\WINDOWS\SYSTEM\Aja.exe O4 - HKCU\..\RunServicesOnce: [Hdq] C:\WINDOWS\SYSTEM\Ngb.exe O4 - HKCU\..\RunServicesOnce: [Mku] C:\WINDOWS\Vog.exe O4 - HKCU\..\RunServicesOnce: [Igo] C:\WINDOWS\SYSTEM\Tir.exe O4 - HKCU\..\RunServicesOnce: [Eoa] C:\WINDOWS\Hji.exe O4 - HKCU\..\RunServicesOnce: [Tjb] C:\WINDOWS\Kub.exe O4 - HKCU\..\RunServicesOnce: [Vfd] C:\WINDOWS\Vvl.exe O4 - HKCU\..\RunServicesOnce: [Upt] C:\WINDOWS\SYSTEM\Srg.exe O4 - HKCU\..\RunServicesOnce: [Sng] C:\WINDOWS\SYSTEM\Luh.exe O4 - HKCU\..\RunServicesOnce: [bwv6RWcpT] IMMCTL32.EXE O4 - HKCU\..\RunServicesOnce: [Qmj] C:\WINDOWS\Dcg.exe O4 - HKCU\..\RunServicesOnce: [Qnv] C:\WINDOWS\Mfo.exe O4 - HKCU\..\RunServicesOnce: [Spu] C:\WINDOWS\Ohk.exe O4 - HKCU\..\RunServicesOnce: [Rlo] C:\WINDOWS\Pel.exe O4 - HKCU\..\RunServicesOnce: [Rto] C:\WINDOWS\Kbf.exe O4 - HKCU\..\RunServicesOnce: [Cld] C:\WINDOWS\Teq.exe O4 - HKCU\..\RunServicesOnce: [Opb] C:\WINDOWS\SYSTEM\Hks.exe O4 - HKCU\..\RunServicesOnce: [Dqq] C:\WINDOWS\Tos.exe O4 - HKCU\..\RunServicesOnce: [Lgu] C:\WINDOWS\Kdr.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present --> esto es una rstriccion, si no la pusiste tu dale fix O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O15 - Trusted Zone: *.addictivetechnologies.com O15 - Trusted Zone: *.sp2fucked.biz O15 - Trusted Zone: *.newiframe.biz O15 - Trusted Zone: *.megapornix.com O15 - Trusted Zone: *.iframe.biz O15 - Trusted Zone: *.sp2admin.biz O15 - Trusted Zone: *.windupdates.com O15 - Trusted Zone: *.c4tdownload.com O15 - Trusted Zone: *.overpro.com O15 - Trusted Zone: *.awmdabest.com O15 - Trusted Zone: *.traffic2cash.biz O15 - Trusted Zone: *.admin2cash.biz O15 - Trusted Zone: *.private-iframe.biz O15 - Trusted Zone: *.private-dialer.biz O15 - Trusted Zone: *.bettersearch.biz O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone (HKLM) O21 - SSODL: OLE Module - {0656A137-B161-CADD-9777-E37A75727E78} - C:\WINDOWS\SYSTEM\thun32.dll 7) Elimina cualquiera de los archivos que encuentres marcados en negrita en el paso 6 y además esta carpeta: c:\program files\180search assistant\ 8) Limpia el registro con RegSeeker y pasa Ad-Aware actualizado. 9) Elimina cookies y temporales de internet con Disk Cleaner y vacia la papelera. 10) Reinicia normal y nos cuentas los resultados. (dejanos tu nuevo log) Me maree nada mas con mirar tu log  Saludos Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
19/04/05, 19:49:33
| |
| |||
| Re: Mi pc esta totalmente infectada! Hice todo lo que me dijiste.Igual al reiniciarla y poner la contraseña me aparece un cartel de Explorer(Este programa ha efectuado una operacion no admitida y sera interrumpido)y pongo en detalles y me dice: EXPLORER provocó un error de página no válida en el módulo <desconocido> de 0000:61b85cf6. Registros: EAX=0042bf5a CS=0167 EIP=61b85cf6 EFLGS=00010217 EBX=81713cd0 SS=016f ESP=0080ff88 EBP=0080ff98 ECX=c14f7af0 DS=016f ESI=0042b9eb FS=253f EDX=81713d30 ES=016f EDI=81715f34 GS=0000 Bytes en CS:EIP: Volcado de pila: ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x ,08x Porque es que me sigue apareciendo este cartel????,sera un virus?ya que actualize el windows y el explorer y me continua apareciendo.Cuando lo quiero cerrar me aparece toda la pantalla en negro y tengo que volver a reiniciar de nuevo....y otra vez lo mismo. Mando el nuevo log luego de hacer lo que me dijiste en el foro. Logfile of HijackThis v1.99.1 Scan saved at 08:46:53 p.m., on 19/04/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\LOADQM.EXE C:\ARCHIVOS DE PROGRAMA\GRISOFT\AVG FREE\AVGCC.EXE C:\ARCHIVOS DE PROGRAMA\GRISOFT\AVG FREE\AVGEMC.EXE C:\ARCHIVOS DE PROGRAMA\GRISOFT\AVG FREE\AVGAMSVR.EXE C:\WINDOWS\SYSTEM\COL.EXE C:\WINDOWS\SYSTEM\UID.EXE C:\WINDOWS\MPP.EXE C:\WINDOWS\ASQ.EXE C:\WINDOWS\VRC.EXE C:\WINDOWS\BAE.EXE C:\WINDOWS\MKI.EXE C:\WINDOWS\SYSTEM\AHS.EXE C:\WINDOWS\DLG.EXE C:\WINDOWS\SYSTEM\MGM.EXE C:\WINDOWS\JFR.EXE C:\WINDOWS\AKO.EXE C:\WINDOWS\VJT.EXE C:\WINDOWS\BMN.EXE C:\WINDOWS\HMM.EXE C:\WINDOWS\SYSTEM\FGI.EXE C:\WINDOWS\SYSTEM\DID.EXE C:\WINDOWS\CBI.EXE C:\WINDOWS\SYSTEM\VBK.EXE C:\WINDOWS\QQF.EXE C:\WINDOWS\VSF.EXE C:\WINDOWS\SYSTEM\EGS.EXE C:\WINDOWS\SYSTEM\AMT.EXE C:\WINDOWS\NDI.EXE C:\WINDOWS\SYSTEM\GPP.EXE C:\WINDOWS\FAD.EXE C:\WINDOWS\SYSTEM\AMC.EXE C:\WINDOWS\FAO.EXE C:\WINDOWS\SYSTEM\HVN.EXE C:\WINDOWS\SYSTEM\FSJ.EXE C:\WINDOWS\SYSTEM\GIE.EXE C:\WINDOWS\OGP.EXE C:\WINDOWS\SYSTEM\DEF.EXE C:\WINDOWS\QCK.EXE C:\WINDOWS\KAB.EXE C:\WINDOWS\IOI.EXE C:\WINDOWS\SYSTEM\BBC.EXE C:\WINDOWS\SYSTEM\GOR.EXE C:\WINDOWS\SYSTEM\IEH.EXE C:\WINDOWS\SYSTEM\UQS.EXE C:\WINDOWS\SYSTEM\UMK.EXE C:\WINDOWS\SYSTEM\IMC.EXE C:\WINDOWS\GTU.EXE C:\WINDOWS\HEE.EXE C:\WINDOWS\SYSTEM\GCP.EXE C:\WINDOWS\SYSTEM\THN.EXE C:\WINDOWS\SYSTEM\CTFMON.EXE C:\WINDOWS\SYSTEM\LOADWC.EXE C:\WINDOWS\SYSTEM\COL.EXE C:\WINDOWS\SYSTEM\UID.EXE C:\WINDOWS\MPP.EXE C:\WINDOWS\ASQ.EXE C:\WINDOWS\VRC.EXE C:\WINDOWS\BAE.EXE C:\WINDOWS\MKI.EXE C:\WINDOWS\SYSTEM\AHS.EXE C:\WINDOWS\DLG.EXE C:\WINDOWS\SYSTEM\MGM.EXE C:\WINDOWS\JFR.EXE C:\WINDOWS\AKO.EXE C:\WINDOWS\VJT.EXE C:\WINDOWS\BMN.EXE C:\WINDOWS\HMM.EXE C:\WINDOWS\SYSTEM\FGI.EXE C:\WINDOWS\SYSTEM\DID.EXE C:\WINDOWS\CBI.EXE C:\WINDOWS\SYSTEM\VBK.EXE C:\WINDOWS\QQF.EXE C:\WINDOWS\VSF.EXE C:\WINDOWS\SYSTEM\EGS.EXE C:\WINDOWS\SYSTEM\AMT.EXE C:\WINDOWS\NDI.EXE C:\WINDOWS\SYSTEM\XSERV\WUHGGNDN.EXE C:\WINDOWS\SYSTEM\GPP.EXE C:\WINDOWS\FAD.EXE C:\WINDOWS\SYSTEM\AMC.EXE C:\WINDOWS\FAO.EXE C:\WINDOWS\SYSTEM\HVN.EXE C:\WINDOWS\SYSTEM\FSJ.EXE C:\WINDOWS\SYSTEM\GIE.EXE C:\WINDOWS\OGP.EXE C:\WINDOWS\SYSTEM\DEF.EXE C:\WINDOWS\QCK.EXE C:\WINDOWS\KAB.EXE C:\WINDOWS\IOI.EXE C:\WINDOWS\SYSTEM\BBC.EXE C:\WINDOWS\SYSTEM\GOR.EXE C:\WINDOWS\SYSTEM\IEH.EXE C:\WINDOWS\SYSTEM\UQS.EXE C:\WINDOWS\SYSTEM\UMK.EXE C:\WINDOWS\SYSTEM\IMC.EXE C:\WINDOWS\GTU.EXE C:\WINDOWS\HEE.EXE C:\WINDOWS\SYSTEM\GCP.EXE C:\WINDOWS\SYSTEM\THN.EXE C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TEMP\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.ar/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - C:\WINDOWS\SYSTEM\BHOMOD.DLL O3 - Toolbar: @msdxmLC.dll,-1@3082,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\ARCHIV~1\GRISOFT\AVGFRE~1\AVGEMC.EXE O4 - HKLM\..\Run: [AVG7_AMSVR] C:\ARCHIV~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE O4 - HKLM\..\Run: [Utv] C:\WINDOWS\SYSTEM\Col.exe O4 - HKLM\..\Run: [Rgv] C:\WINDOWS\SYSTEM\Uid.exe O4 - HKLM\..\Run: [Odd] C:\WINDOWS\Mpp.exe O4 - HKLM\..\Run: [Bau] C:\WINDOWS\Asq.exe O4 - HKLM\..\Run: [Eai] C:\WINDOWS\Vrc.exe O4 - HKLM\..\Run: [Cfi] C:\WINDOWS\Bae.exe O4 - HKLM\..\Run: [Kpl] C:\WINDOWS\Mki.exe O4 - HKLM\..\Run: [Gas] C:\WINDOWS\SYSTEM\Ahs.exe O4 - HKLM\..\Run: [Odm] C:\WINDOWS\Dlg.exe O4 - HKLM\..\Run: [Iaj] C:\WINDOWS\SYSTEM\Mgm.exe O4 - HKLM\..\Run: [Umj] C:\WINDOWS\Jfr.exe O4 - HKLM\..\Run: [Vks] C:\WINDOWS\Ako.exe O4 - HKLM\..\Run: [Cun] C:\WINDOWS\Vjt.exe O4 - HKLM\..\Run: [Bqh] C:\WINDOWS\Bmn.exe O4 - HKLM\..\Run: [Som] C:\WINDOWS\Hmm.exe O4 - HKLM\..\Run: [Ifj] C:\WINDOWS\SYSTEM\Fgi.exe O4 - HKLM\..\Run: [Kkd] C:\WINDOWS\SYSTEM\Did.exe O4 - HKLM\..\Run: [Rld] C:\WINDOWS\Cbi.exe O4 - HKLM\..\Run: [Dea] C:\WINDOWS\SYSTEM\Vbk.exe O4 - HKLM\..\Run: [Ktb] C:\WINDOWS\Qqf.exe O4 - HKLM\..\Run: [Bck] C:\WINDOWS\Vsf.exe O4 - HKLM\..\Run: [Rqo] C:\WINDOWS\SYSTEM\Egs.exe O4 - HKLM\..\Run: [Uqt] C:\WINDOWS\SYSTEM\Amt.exe O4 - HKLM\..\Run: [Dbo] C:\WINDOWS\Ndi.exe O4 - HKLM\..\Run: [Smj] C:\WINDOWS\SYSTEM\Gpp.exe O4 - HKLM\..\Run: [Ohs] C:\WINDOWS\Fad.exe O4 - HKLM\..\Run: [Tff] C:\WINDOWS\SYSTEM\Amc.exe O4 - HKLM\..\Run: [Fkh] C:\WINDOWS\Fao.exe O4 - HKLM\..\Run: [Mcm] C:\WINDOWS\SYSTEM\Hvn.exe O4 - HKLM\..\Run: [Hqv] C:\WINDOWS\SYSTEM\Fsj.exe O4 - HKLM\..\Run: [Suq] C:\WINDOWS\SYSTEM\Gie.exe O4 - HKLM\..\Run: [Ciq] C:\WINDOWS\Ogp.exe O4 - HKLM\..\Run: [Sgf] C:\WINDOWS\SYSTEM\Def.exe O4 - HKLM\..\Run: [Emd] C:\WINDOWS\Qck.exe O4 - HKLM\..\Run: [Udi] C:\WINDOWS\Kab.exe O4 - HKLM\..\Run: [Nsk] C:\WINDOWS\Ioi.exe O4 - HKLM\..\Run: [Bld] C:\WINDOWS\SYSTEM\Bbc.exe O4 - HKLM\..\Run: [Svg] C:\WINDOWS\SYSTEM\Gor.exe O4 - HKLM\..\Run: [Gdd] C:\WINDOWS\SYSTEM\Ieh.exe O4 - HKLM\..\Run: [Bao] C:\WINDOWS\SYSTEM\Uqs.exe O4 - HKLM\..\Run: [Ofr] C:\WINDOWS\SYSTEM\Umk.exe O4 - HKLM\..\Run: [Jsh] C:\WINDOWS\SYSTEM\Imc.exe O4 - HKLM\..\Run: [Nnu] C:\WINDOWS\Gtu.exe O4 - HKLM\..\Run: [Ddc] C:\WINDOWS\Hee.exe O4 - HKLM\..\Run: [Efu] C:\WINDOWS\SYSTEM\Gcp.exe O4 - HKLM\..\Run: [Mqr] C:\WINDOWS\SYSTEM\Thn.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [MDM7] "C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE" O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\ARCHIVOS DE PROGRAMA\YAHOO!\MESSENGER\ypager.exe -quiet O4 - HKCU\..\Run: [eMuleAutoStart] C:\ARCHIVOS DE PROGRAMA\EMULE\EMULE.EXE -AutoStart O4 - HKCU\..\Run: [Evidence Cleaner] C:\ARCHIVOS DE PROGRAMA\EVIDENCE CLEANER\ecleaner.exe O4 - HKCU\..\Run: [xserv] C:\WINDOWS\SYSTEM\XSERV\WUHGGNDN.EXE O4 - HKCU\..\Run: [Utv] C:\WINDOWS\SYSTEM\Col.exe O4 - HKCU\..\Run: [Rgv] C:\WINDOWS\SYSTEM\Uid.exe O4 - HKCU\..\Run: [Odd] C:\WINDOWS\Mpp.exe O4 - HKCU\..\Run: [Bau] C:\WINDOWS\Asq.exe O4 - HKCU\..\Run: [Eai] C:\WINDOWS\Vrc.exe O4 - HKCU\..\Run: [Cfi] C:\WINDOWS\Bae.exe O4 - HKCU\..\Run: [Kpl] C:\WINDOWS\Mki.exe O4 - HKCU\..\Run: [Gas] C:\WINDOWS\SYSTEM\Ahs.exe O4 - HKCU\..\Run: [Odm] C:\WINDOWS\Dlg.exe O4 - HKCU\..\Run: [Iaj] C:\WINDOWS\SYSTEM\Mgm.exe O4 - HKCU\..\Run: [Umj] C:\WINDOWS\Jfr.exe O4 - HKCU\..\Run: [Vks] C:\WINDOWS\Ako.exe O4 - HKCU\..\Run: [Cun] C:\WINDOWS\Vjt.exe O4 - HKCU\..\Run: [Bqh] C:\WINDOWS\Bmn.exe O4 - HKCU\..\Run: [Som] C:\WINDOWS\Hmm.exe O4 - HKCU\..\Run: [Ifj] C:\WINDOWS\SYSTEM\Fgi.exe O4 - HKCU\..\Run: [Kkd] C:\WINDOWS\SYSTEM\Did.exe O4 - HKCU\..\Run: [Rld] C:\WINDOWS\Cbi.exe O4 - HKCU\..\Run: [Dea] C:\WINDOWS\SYSTEM\Vbk.exe O4 - HKCU\..\Run: [Ktb] C:\WINDOWS\Qqf.exe O4 - HKCU\..\Run: [Bck] C:\WINDOWS\Vsf.exe O4 - HKCU\..\Run: [Rqo] C:\WINDOWS\SYSTEM\Egs.exe O4 - HKCU\..\Run: [Uqt] C:\WINDOWS\SYSTEM\Amt.exe O4 - HKCU\..\Run: [Dbo] C:\WINDOWS\Ndi.exe O4 - HKCU\..\Run: [Smj] C:\WINDOWS\SYSTEM\Gpp.exe O4 - HKCU\..\Run: [Ohs] C:\WINDOWS\Fad.exe O4 - HKCU\..\Run: [Tff] C:\WINDOWS\SYSTEM\Amc.exe O4 - HKCU\..\Run: [Fkh] C:\WINDOWS\Fao.exe O4 - HKCU\..\Run: [Mcm] C:\WINDOWS\SYSTEM\Hvn.exe O4 - HKCU\..\Run: [Hqv] C:\WINDOWS\SYSTEM\Fsj.exe O4 - HKCU\..\Run: [Suq] C:\WINDOWS\SYSTEM\Gie.exe O4 - HKCU\..\Run: [Ciq] C:\WINDOWS\Ogp.exe O4 - HKCU\..\Run: [Sgf] C:\WINDOWS\SYSTEM\Def.exe O4 - HKCU\..\Run: [Emd] C:\WINDOWS\Qck.exe O4 - HKCU\..\Run: [Udi] C:\WINDOWS\Kab.exe O4 - HKCU\..\Run: [Nsk] C:\WINDOWS\Ioi.exe O4 - HKCU\..\Run: [Bld] C:\WINDOWS\SYSTEM\Bbc.exe O4 - HKCU\..\Run: [Svg] C:\WINDOWS\SYSTEM\Gor.exe O4 - HKCU\..\Run: [Gdd] C:\WINDOWS\SYSTEM\Ieh.exe O4 - HKCU\..\Run: [Bao] C:\WINDOWS\SYSTEM\Uqs.exe O4 - HKCU\..\Run: [Ofr] C:\WINDOWS\SYSTEM\Umk.exe O4 - HKCU\..\Run: [Jsh] C:\WINDOWS\SYSTEM\Imc.exe O4 - HKCU\..\Run: [Nnu] C:\WINDOWS\Gtu.exe O4 - HKCU\..\Run: [Ddc] C:\WINDOWS\Hee.exe O4 - HKCU\..\Run: [Efu] C:\WINDOWS\SYSTEM\Gcp.exe O4 - HKCU\..\Run: [Mqr] C:\WINDOWS\SYSTEM\Thn.exe O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE10\EXCEL.EXE/3000 O8 - Extra context menu item: &Google Search - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html O8 - Extra context menu item: Translate into English - res://C:\ARCHIVOS DE PROGRAMA\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O12 - Plugin for .spop: C:\ARCHIV~1\INTERN~1\Plugins\NPDocBox.dll O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab O16 - DPF: Yahoo! Games Voice Chat - http://yog55.games.scd.yahoo.com/yog/y/va1_x.cab O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at1_x.cab O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/resources/MsnPUpld.cab O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.184.85,195.225.176.37 Bueno,por favor necesito que me ayuden con esto de los carteles. MUCHAS GRACIASSSSS NUEVAMENTE.  |
|
20/04/05, 14:24:57
| |
| ||||
| Re: Mi pc esta totalmente infectada! Hola!!! ¿Sabes tu a qué pertenece esta entrada? O4 - HKCU\..\Run: [xserv] C:\WINDOWS\SYSTEM\XSERV\WUHGGNDN.EXE Busca la carpeta XSERV y el archivo WUHGGNDN.EXE y pidele las propiedades...a ver si me puedes dar información sobre a que pertenecen. Saludos Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
20/04/05, 19:31:17
| |
| |||
| Re: Mi pc esta totalmente infectada! No dice nada de donde son.La cuestion es que mi pc esta arruinada.El log es un testamento,me aparecen ventanas de Warning,errores de explorer y rundll. Mi log actual es el siguiente:Logfile of HijackThis v1.99.1 Scan saved at 08:24:30 p.m., on 20/04/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v5.00 (5.00.2919.6304) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\COL.EXE C:\WINDOWS\SYSTEM\UID.EXE C:\WINDOWS\MPP.EXE C:\WINDOWS\ASQ.EXE C:\WINDOWS\VRC.EXE C:\WINDOWS\BAE.EXE C:\WINDOWS\MKI.EXE C:\WINDOWS\SYSTEM\AHS.EXE C:\WINDOWS\DLG.EXE C:\WINDOWS\SYSTEM\MGM.EXE C:\WINDOWS\JFR.EXE C:\WINDOWS\AKO.EXE C:\WINDOWS\VJT.EXE C:\WINDOWS\BMN.EXE C:\WINDOWS\HMM.EXE C:\WINDOWS\SYSTEM\FGI.EXE C:\WINDOWS\SYSTEM\DID.EXE C:\WINDOWS\CBI.EXE C:\WINDOWS\SYSTEM\VBK.EXE C:\WINDOWS\QQF.EXE C:\WINDOWS\VSF.EXE C:\WINDOWS\SYSTEM\EGS.EXE C:\WINDOWS\SYSTEM\AMT.EXE C:\WINDOWS\NDI.EXE C:\WINDOWS\SYSTEM\GPP.EXE C:\WINDOWS\FAD.EXE C:\WINDOWS\SYSTEM\AMC.EXE C:\WINDOWS\FAO.EXE C:\WINDOWS\SYSTEM\HVN.EXE C:\WINDOWS\SYSTEM\FSJ.EXE C:\WINDOWS\SYSTEM\GIE.EXE C:\WINDOWS\OGP.EXE C:\WINDOWS\SYSTEM\DEF.EXE C:\WINDOWS\QCK.EXE C:\WINDOWS\KAB.EXE C:\WINDOWS\IOI.EXE C:\WINDOWS\SYSTEM\BBC.EXE C:\WINDOWS\SYSTEM\GOR.EXE C:\WINDOWS\SYSTEM\IEH.EXE C:\WINDOWS\SYSTEM\UQS.EXE C:\WINDOWS\SYSTEM\UMK.EXE C:\WINDOWS\SYSTEM\IMC.EXE C:\WINDOWS\GTU.EXE C:\WINDOWS\HEE.EXE C:\WINDOWS\SYSTEM\GCP.EXE C:\WINDOWS\SYSTEM\THN.EXE C:\WINDOWS\SYSTEM\AOF.EXE C:\WINDOWS\RUNDLL32.EXE C:\WINDOWS\SYSTEM\FKH.EXE C:\WINDOWS\SYSTEM\DQJ.EXE C:\WINDOWS\LOF.EXE C:\WINDOWS\SYSTEM\PET.EXE C:\WINDOWS\SYSTEM\NQS.EXE C:\WINDOWS\PTE.EXE C:\WINDOWS\QNB.EXE C:\WINDOWS\SYSTEM\DDC.EXE C:\WINDOWS\JQR.EXE C:\WINDOWS\RJD.EXE C:\WINDOWS\SYSTEM\FUA.EXE C:\WINDOWS\SYSTEM\FRM.EXE C:\WINDOWS\SYSTEM\STT.EXE C:\WINDOWS\SYSTEM\OMO.EXE C:\WINDOWS\SYSTEM\UBV.EXE C:\WINDOWS\JBM.EXE C:\WINDOWS\SYSTEM\EFN.EXE C:\WINDOWS\ELC.EXE C:\WINDOWS\NHM.EXE C:\WINDOWS\NRG.EXE C:\WINDOWS\PIM.EXE C:\WINDOWS\NDU.EXE C:\WINDOWS\SYSTEM\PUR.EXE C:\WINDOWS\AUD.EXE C:\WINDOWS\EUU.EXE C:\WINDOWS\KVQ.EXE C:\WINDOWS\SYSTEM\CCH.EXE C:\WINDOWS\SYSTEM\JPF.EXE C:\WINDOWS\SYSTEM\CPE.EXE C:\WINDOWS\IVD.EXE C:\WINDOWS\FBN.EXE C:\WINDOWS\UKI.EXE C:\WINDOWS\SYSTEM\RDA.EXE C:\WINDOWS\VTB.EXE C:\WINDOWS\SYSTEM\LRU.EXE C:\WINDOWS\SYSTEM\MPA.EXE C:\WINDOWS\SYSTEM\QKA.EXE C:\WINDOWS\NUA.EXE C:\WINDOWS\SYSTEM\SBG.EXE C:\WINDOWS\QAK.EXE C:\WINDOWS\IMJ.EXE C:\WINDOWS\SYSTEM\DKD.EXE C:\WINDOWS\FHI.EXE C:\WINDOWS\SYSTEM\SPB.EXE C:\WINDOWS\SYSTEM\PJR.EXE C:\WINDOWS\SYSTEM\HTJ.EXE C:\WINDOWS\SYSTEM\TMO.EXE C:\WINDOWS\SYSTEM\CTFMON.EXE C:\WINDOWS\SYSTEM\COL.EXE C:\WINDOWS\SYSTEM\UID.EXE C:\WINDOWS\MPP.EXE C:\WINDOWS\ASQ.EXE C:\WINDOWS\VRC.EXE C:\WINDOWS\BAE.EXE C:\WINDOWS\MKI.EXE C:\WINDOWS\SYSTEM\AHS.EXE C:\WINDOWS\DLG.EXE C:\WINDOWS\SYSTEM\MGM.EXE C:\WINDOWS\JFR.EXE C:\WINDOWS\AKO.EXE C:\WINDOWS\VJT.EXE C:\WINDOWS\BMN.EXE C:\WINDOWS\HMM.EXE C:\WINDOWS\SYSTEM\FGI.EXE C:\WINDOWS\SYSTEM\DID.EXE C:\WINDOWS\CBI.EXE C:\WINDOWS\SYSTEM\VBK.EXE C:\WINDOWS\QQF.EXE C:\WINDOWS\VSF.EXE C:\WINDOWS\SYSTEM\EGS.EXE C:\WINDOWS\SYSTEM\AMT.EXE C:\WINDOWS\NDI.EXE C:\WINDOWS\SYSTEM\GPP.EXE C:\WINDOWS\FAD.EXE C:\WINDOWS\SYSTEM\XSERV\WUAGDABF.EXE C:\WINDOWS\SYSTEM\AMC.EXE C:\WINDOWS\FAO.EXE C:\WINDOWS\SYSTEM\HVN.EXE C:\WINDOWS\SYSTEM\FSJ.EXE C:\WINDOWS\SYSTEM\GIE.EXE C:\WINDOWS\OGP.EXE C:\WINDOWS\SYSTEM\DEF.EXE C:\WINDOWS\QCK.EXE C:\WINDOWS\KAB.EXE C:\WINDOWS\IOI.EXE C:\WINDOWS\SYSTEM\BBC.EXE C:\WINDOWS\SYSTEM\GOR.EXE C:\WINDOWS\SYSTEM\IEH.EXE C:\WINDOWS\SYSTEM\UQS.EXE C:\WINDOWS\SYSTEM\UMK.EXE C:\WINDOWS\SYSTEM\IMC.EXE C:\WINDOWS\GTU.EXE C:\WINDOWS\HEE.EXE C:\WINDOWS\SYSTEM\GCP.EXE C:\WINDOWS\SYSTEM\THN.EXE C:\WINDOWS\SYSTEM\AOF.EXE C:\WINDOWS\SYSTEM\FKH.EXE C:\WINDOWS\SYSTEM\DQJ.EXE C:\WINDOWS\LOF.EXE C:\WINDOWS\SYSTEM\PET.EXE C:\WINDOWS\SYSTEM\NQS.EXE C:\WINDOWS\PTE.EXE C:\WINDOWS\QNB.EXE C:\WINDOWS\SYSTEM\DDC.EXE C:\WINDOWS\JQR.EXE C:\WINDOWS\RJD.EXE C:\WINDOWS\SYSTEM\FUA.EXE C:\WINDOWS\SYSTEM\FRM.EXE C:\WINDOWS\SYSTEM\STT.EXE C:\WINDOWS\SYSTEM\OMO.EXE C:\WINDOWS\SYSTEM\UBV.EXE C:\WINDOWS\JBM.EXE C:\WINDOWS\SYSTEM\EFN.EXE C:\WINDOWS\ELC.EXE C:\WINDOWS\NHM.EXE C:\WINDOWS\NRG.EXE C:\WINDOWS\PIM.EXE C:\WINDOWS\NDU.EXE C:\WINDOWS\SYSTEM\PUR.EXE C:\WINDOWS\AUD.EXE C:\WINDOWS\EUU.EXE C:\WINDOWS\KVQ.EXE C:\WINDOWS\SYSTEM\CCH.EXE C:\WINDOWS\SYSTEM\JPF.EXE C:\WINDOWS\SYSTEM\CPE.EXE C:\WINDOWS\IVD.EXE C:\WINDOWS\FBN.EXE C:\WINDOWS\UKI.EXE C:\WINDOWS\SYSTEM\RDA.EXE C:\WINDOWS\VTB.EXE C:\WINDOWS\SYSTEM\LRU.EXE C:\WINDOWS\SYSTEM\MPA.EXE C:\WINDOWS\SYSTEM\QKA.EXE C:\WINDOWS\NUA.EXE C:\WINDOWS\SYSTEM\SBG.EXE C:\WINDOWS\QAK.EXE C:\WINDOWS\IMJ.EXE C:\WINDOWS\SYSTEM\DKD.EXE C:\WINDOWS\FHI.EXE C:\WINDOWS\SYSTEM\SPB.EXE C:\WINDOWS\SYSTEM\PJR.EXE C:\WINDOWS\SYSTEM\HTJ.EXE C:\WINDOWS\SYSTEM\TMO.EXE C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE C:\ARCHIVOS DE PROGRAMA\KAZAA LITE K++\KAZAALITE.KPP C:\ARCHIVOS DE PROGRAMA\MSN MESSENGER\MSNMSGR.EXE C:\WINDOWS\SYSTEM\RUNONCE.EXE C:\ARCHIVOS DE PROGRAMA\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE C:\WINDOWS\TEMP\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.ar/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - Default URLSearchHook is missing O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - C:\WINDOWS\SYSTEM\BHOMOD.DLL O2 - BHO: (no name) - {18233E2F-B116-11D9-B678-525423BDD067} - C:\WINDOWS\SYSTEM\CBCME.DLL (file missing) O3 - Toolbar: @msdxmLC.dll,-1@3082,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [Utv] C:\WINDOWS\SYSTEM\Col.exe O4 - HKLM\..\Run: [Rgv] C:\WINDOWS\SYSTEM\Uid.exe O4 - HKLM\..\Run: [Odd] C:\WINDOWS\Mpp.exe O4 - HKLM\..\Run: [Bau] C:\WINDOWS\Asq.exe O4 - HKLM\..\Run: [Eai] C:\WINDOWS\Vrc.exe O4 - HKLM\..\Run: [Cfi] C:\WINDOWS\Bae.exe O4 - HKLM\..\Run: [Kpl] C:\WINDOWS\Mki.exe O4 - HKLM\..\Run: [Gas] C:\WINDOWS\SYSTEM\Ahs.exe O4 - HKLM\..\Run: [Odm] C:\WINDOWS\Dlg.exe O4 - HKLM\..\Run: [Iaj] C:\WINDOWS\SYSTEM\Mgm.exe O4 - HKLM\..\Run: [Umj] C:\WINDOWS\Jfr.exe O4 - HKLM\..\Run: [Vks] C:\WINDOWS\Ako.exe O4 - HKLM\..\Run: [Cun] C:\WINDOWS\Vjt.exe O4 - HKLM\..\Run: [Bqh] C:\WINDOWS\Bmn.exe O4 - HKLM\..\Run: [Som] C:\WINDOWS\Hmm.exe O4 - HKLM\..\Run: [Ifj] C:\WINDOWS\SYSTEM\Fgi.exe O4 - HKLM\..\Run: [Kkd] C:\WINDOWS\SYSTEM\Did.exe O4 - HKLM\..\Run: [Rld] C:\WINDOWS\Cbi.exe O4 - HKLM\..\Run: [Dea] C:\WINDOWS\SYSTEM\Vbk.exe O4 - HKLM\..\Run: [Ktb] C:\WINDOWS\Qqf.exe O4 - HKLM\..\Run: [Bck] C:\WINDOWS\Vsf.exe O4 - HKLM\..\Run: [Rqo] C:\WINDOWS\SYSTEM\Egs.exe O4 - HKLM\..\Run: [Uqt] C:\WINDOWS\SYSTEM\Amt.exe O4 - HKLM\..\Run: [Dbo] C:\WINDOWS\Ndi.exe O4 - HKLM\..\Run: [Smj] C:\WINDOWS\SYSTEM\Gpp.exe O4 - HKLM\..\Run: [Ohs] C:\WINDOWS\Fad.exe O4 - HKLM\..\Run: [Tff] C:\WINDOWS\SYSTEM\Amc.exe O4 - HKLM\..\Run: [Fkh] C:\WINDOWS\Fao.exe O4 - HKLM\..\Run: [Mcm] C:\WINDOWS\SYSTEM\Hvn.exe O4 - HKLM\..\Run: [Hqv] C:\WINDOWS\SYSTEM\Fsj.exe O4 - HKLM\..\Run: [Suq] C:\WINDOWS\SYSTEM\Gie.exe O4 - HKLM\..\Run: [Ciq] C:\WINDOWS\Ogp.exe O4 - HKLM\..\Run: [Sgf] C:\WINDOWS\SYSTEM\Def.exe O4 - HKLM\..\Run: [Emd] C:\WINDOWS\Qck.exe O4 - HKLM\..\Run: [Udi] C:\WINDOWS\Kab.exe O4 - HKLM\..\Run: [Nsk] C:\WINDOWS\Ioi.exe O4 - HKLM\..\Run: [Bld] C:\WINDOWS\SYSTEM\Bbc.exe O4 - HKLM\..\Run: [Svg] C:\WINDOWS\SYSTEM\Gor.exe O4 - HKLM\..\Run: [Gdd] C:\WINDOWS\SYSTEM\Ieh.exe O4 - HKLM\..\Run: [Bao] C:\WINDOWS\SYSTEM\Uqs.exe O4 - HKLM\..\Run: [Ofr] C:\WINDOWS\SYSTEM\Umk.exe O4 - HKLM\..\Run: [Jsh] C:\WINDOWS\SYSTEM\Imc.exe O4 - HKLM\..\Run: [Nnu] C:\WINDOWS\Gtu.exe O4 - HKLM\..\Run: [Ddc] C:\WINDOWS\Hee.exe O4 - HKLM\..\Run: [Efu] C:\WINDOWS\SYSTEM\Gcp.exe O4 - HKLM\..\Run: [Mqr] C:\WINDOWS\SYSTEM\Thn.exe O4 - HKLM\..\Run: [Rdl] C:\WINDOWS\SYSTEM\Aof.exe O4 - HKLM\..\Run: [Sau] C:\WINDOWS\SYSTEM\Fkh.exe O4 - HKLM\..\Run: [Too] C:\WINDOWS\SYSTEM\Dqj.exe O4 - HKLM\..\Run: [Afv] C:\WINDOWS\Lof.exe O4 - HKLM\..\Run: [Aou] C:\WINDOWS\SYSTEM\Pet.exe O4 - HKLM\..\Run: [Gfh] C:\WINDOWS\SYSTEM\Nqs.exe O4 - HKLM\..\Run: [And] C:\WINDOWS\Pte.exe O4 - HKLM\..\Run: [Kmo] C:\WINDOWS\Qnb.exe O4 - HKLM\..\Run: [Nfu] C:\WINDOWS\SYSTEM\Ddc.exe O4 - HKLM\..\Run: [Ngb] C:\WINDOWS\Jqr.exe O4 - HKLM\..\Run: [Jhb] C:\WINDOWS\Rjd.exe O4 - HKLM\..\Run: [Tmr] C:\WINDOWS\SYSTEM\Fua.exe O4 - HKLM\..\Run: [Kar] C:\WINDOWS\SYSTEM\Frm.exe O4 - HKLM\..\Run: [Gje] C:\WINDOWS\SYSTEM\Stt.exe O4 - HKLM\..\Run: [Bth] C:\WINDOWS\SYSTEM\Omo.exe O4 - HKLM\..\Run: [Ibh] C:\WINDOWS\SYSTEM\Ubv.exe O4 - HKLM\..\Run: [Mhl] C:\WINDOWS\Jbm.exe O4 - HKLM\..\Run: [Bng] C:\WINDOWS\SYSTEM\Efn.exe O4 - HKLM\..\Run: [Vfp] C:\WINDOWS\Elc.exe O4 - HKLM\..\Run: [Sol] C:\WINDOWS\Nhm.exe O4 - HKLM\..\Run: [Hbe] C:\WINDOWS\Nrg.exe O4 - HKLM\..\Run: [Mfg] C:\WINDOWS\Pim.exe O4 - HKLM\..\Run: [Phc] C:\WINDOWS\Ndu.exe O4 - HKLM\..\Run: [Bqq] C:\WINDOWS\SYSTEM\Pur.exe O4 - HKLM\..\Run: [Gef] C:\WINDOWS\Aud.exe O4 - HKLM\..\Run: [Teb] C:\WINDOWS\Euu.exe O4 - HKLM\..\Run: [Mki] C:\WINDOWS\Kvq.exe O4 - HKLM\..\Run: [Jeg] C:\WINDOWS\SYSTEM\Cch.exe O4 - HKLM\..\Run: [Ggg] C:\WINDOWS\SYSTEM\Jpf.exe O4 - HKLM\..\Run: [iamapp] C:\Archivos de programa\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [Llu] C:\WINDOWS\SYSTEM\Cpe.exe O4 - HKLM\..\Run: [Tna] C:\WINDOWS\Ivd.exe O4 - HKLM\..\Run: [Een] C:\WINDOWS\Fbn.exe O4 - HKLM\..\Run: [Cjl] C:\WINDOWS\Uki.exe O4 - HKLM\..\Run: [Nob] C:\WINDOWS\SYSTEM\Rda.exe O4 - HKLM\..\Run: [Cve] C:\WINDOWS\Vtb.exe O4 - HKLM\..\Run: [Rdc] C:\WINDOWS\SYSTEM\Lru.exe O4 - HKLM\..\Run: [Knb] C:\WINDOWS\SYSTEM\Mpa.exe O4 - HKLM\..\Run: [Ipu] C:\WINDOWS\SYSTEM\Qka.exe O4 - HKLM\..\Run: [Vss] C:\WINDOWS\Nua.exe O4 - HKLM\..\Run: [Scb] C:\WINDOWS\SYSTEM\Sbg.exe O4 - HKLM\..\Run: [Trs] C:\WINDOWS\Qak.exe O4 - HKLM\..\Run: [Dms] C:\WINDOWS\Imj.exe O4 - HKLM\..\Run: [Abh] C:\WINDOWS\SYSTEM\Dkd.exe O4 - HKLM\..\Run: [Tsq] C:\WINDOWS\Fhi.exe O4 - HKLM\..\Run: [Drp] C:\WINDOWS\SYSTEM\Spb.exe O4 - HKLM\..\Run: [Rkp] C:\WINDOWS\SYSTEM\Pjr.exe O4 - HKLM\..\Run: [Avn] C:\WINDOWS\SYSTEM\Htj.exe O4 - HKLM\..\Run: [Rji] C:\WINDOWS\SYSTEM\Tmo.exe O4 - HKLM\..\Run: [Gja] C:\WINDOWS\SYSTEM\Vls.exe O4 - HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall O4 - HKLM\..\Run: [Jtm] C:\WINDOWS\Lus.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [MDM7] "C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE" O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [nisserv] C:\Archivos de programa\Norton Internet Security\NISSERV.EXE O4 - HKLM\..\RunOnce: [GrpConv] grpconv.exe -o O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\ARCHIVOS DE PROGRAMA\YAHOO!\MESSENGER\ypager.exe -quiet O4 - HKCU\..\Run: [eMuleAutoStart] C:\ARCHIVOS DE PROGRAMA\EMULE\EMULE.EXE -AutoStart O4 - HKCU\..\Run: [Evidence Cleaner] C:\ARCHIVOS DE PROGRAMA\EVIDENCE CLEANER\ecleaner.exe O4 - HKCU\..\Run: [xserv] C:\WINDOWS\SYSTEM\XSERV\WUAGDABF.EXE O4 - HKCU\..\Run: [Utv] C:\WINDOWS\SYSTEM\Col.exe O4 - HKCU\..\Run: [Rgv] C:\WINDOWS\SYSTEM\Uid.exe O4 - HKCU\..\Run: [Odd] C:\WINDOWS\Mpp.exe O4 - HKCU\..\Run: [Bau] C:\WINDOWS\Asq.exe O4 - HKCU\..\Run: [Eai] C:\WINDOWS\Vrc.exe O4 - HKCU\..\Run: [Cfi] C:\WINDOWS\Bae.exe O4 - HKCU\..\Run: [Kpl] C:\WINDOWS\Mki.exe O4 - HKCU\..\Run: [Gas] C:\WINDOWS\SYSTEM\Ahs.exe O4 - HKCU\..\Run: [Odm] C:\WINDOWS\Dlg.exe O4 - HKCU\..\Run: [Iaj] C:\WINDOWS\SYSTEM\Mgm.exe O4 - HKCU\..\Run: [Umj] C:\WINDOWS\Jfr.exe O4 - HKCU\..\Run: [Vks] C:\WINDOWS\Ako.exe O4 - HKCU\..\Run: [Cun] C:\WINDOWS\Vjt.exe O4 - HKCU\..\Run: [Bqh] C:\WINDOWS\Bmn.exe O4 - HKCU\..\Run: [Som] C:\WINDOWS\Hmm.exe O4 - HKCU\..\Run: [Ifj] C:\WINDOWS\SYSTEM\Fgi.exe O4 - HKCU\..\Run: [Kkd] C:\WINDOWS\SYSTEM\Did.exe O4 - HKCU\..\Run: [Rld] C:\WINDOWS\Cbi.exe O4 - HKCU\..\Run: [Dea] C:\WINDOWS\SYSTEM\Vbk.exe O4 - HKCU\..\Run: [Ktb] C:\WINDOWS\Qqf.exe O4 - HKCU\..\Run: [Bck] C:\WINDOWS\Vsf.exe O4 - HKCU\..\Run: [Rqo] C:\WINDOWS\SYSTEM\Egs.exe O4 - HKCU\..\Run: [Uqt] C:\WINDOWS\SYSTEM\Amt.exe O4 - HKCU\..\Run: [Dbo] C:\WINDOWS\Ndi.exe O4 - HKCU\..\Run: [Smj] C:\WINDOWS\SYSTEM\Gpp.exe O4 - HKCU\..\Run: [Ohs] C:\WINDOWS\Fad.exe O4 - HKCU\..\Run: [Tff] C:\WINDOWS\SYSTEM\Amc.exe O4 - HKCU\..\Run: [Fkh] C:\WINDOWS\Fao.exe O4 - HKCU\..\Run: [Mcm] C:\WINDOWS\SYSTEM\Hvn.exe O4 - HKCU\..\Run: [Hqv] C:\WINDOWS\SYSTEM\Fsj.exe O4 - HKCU\..\Run: [Suq] C:\WINDOWS\SYSTEM\Gie.exe O4 - HKCU\..\Run: [Ciq] C:\WINDOWS\Ogp.exe O4 - HKCU\..\Run: [Sgf] C:\WINDOWS\SYSTEM\Def.exe O4 - HKCU\..\Run: [Emd] C:\WINDOWS\Qck.exe O4 - HKCU\..\Run: [Udi] C:\WINDOWS\Kab.exe O4 - HKCU\..\Run: [Nsk] C:\WINDOWS\Ioi.exe O4 - HKCU\..\Run: [Bld] C:\WINDOWS\SYSTEM\Bbc.exe O4 - HKCU\..\Run: [Svg] C:\WINDOWS\SYSTEM\Gor.exe O4 - HKCU\..\Run: [Gdd] C:\WINDOWS\SYSTEM\Ieh.exe O4 - HKCU\..\Run: [Bao] C:\WINDOWS\SYSTEM\Uqs.exe O4 - HKCU\..\Run: [Ofr] C:\WINDOWS\SYSTEM\Umk.exe O4 - HKCU\..\Run: [Jsh] C:\WINDOWS\SYSTEM\Imc.exe O4 - HKCU\..\Run: [Nnu] C:\WINDOWS\Gtu.exe O4 - HKCU\..\Run: [Ddc] C:\WINDOWS\Hee.exe O4 - HKCU\..\Run: [Efu] C:\WINDOWS\SYSTEM\Gcp.exe O4 - HKCU\..\Run: [Mqr] C:\WINDOWS\SYSTEM\Thn.exe O4 - HKCU\..\Run: [Rdl] C:\WINDOWS\SYSTEM\Aof.exe O4 - HKCU\..\Run: [Sau] C:\WINDOWS\SYSTEM\Fkh.exe O4 - HKCU\..\Run: [Too] C:\WINDOWS\SYSTEM\Dqj.exe O4 - HKCU\..\Run: [Afv] C:\WINDOWS\Lof.exe O4 - HKCU\..\Run: [Aou] C:\WINDOWS\SYSTEM\Pet.exe O4 - HKCU\..\Run: [Gfh] C:\WINDOWS\SYSTEM\Nqs.exe O4 - HKCU\..\Run: [And] C:\WINDOWS\Pte.exe O4 - HKCU\..\Run: [Kmo] C:\WINDOWS\Qnb.exe O4 - HKCU\..\Run: [Nfu] C:\WINDOWS\SYSTEM\Ddc.exe O4 - HKCU\..\Run: [Ngb] C:\WINDOWS\Jqr.exe O4 - HKCU\..\Run: [Jhb] C:\WINDOWS\Rjd.exe O4 - HKCU\..\Run: [Tmr] C:\WINDOWS\SYSTEM\Fua.exe O4 - HKCU\..\Run: [Kar] C:\WINDOWS\SYSTEM\Frm.exe O4 - HKCU\..\Run: [Gje] C:\WINDOWS\SYSTEM\Stt.exe O4 - HKCU\..\Run: [Bth] C:\WINDOWS\SYSTEM\Omo.exe O4 - HKCU\..\Run: [Ibh] C:\WINDOWS\SYSTEM\Ubv.exe O4 - HKCU\..\Run: [Mhl] C:\WINDOWS\Jbm.exe O4 - HKCU\..\Run: [Bng] C:\WINDOWS\SYSTEM\Efn.exe O4 - HKCU\..\Run: [Vfp] C:\WINDOWS\Elc.exe O4 - HKCU\..\Run: [Sol] C:\WINDOWS\Nhm.exe O4 - HKCU\..\Run: [Hbe] C:\WINDOWS\Nrg.exe O4 - HKCU\..\Run: [Mfg] C:\WINDOWS\Pim.exe O4 - HKCU\..\Run: [Phc] C:\WINDOWS\Ndu.exe O4 - HKCU\..\Run: [Bqq] C:\WINDOWS\SYSTEM\Pur.exe O4 - HKCU\..\Run: [Gef] C:\WINDOWS\Aud.exe O4 - HKCU\..\Run: [Teb] C:\WINDOWS\Euu.exe O4 - HKCU\..\Run: [Mki] C:\WINDOWS\Kvq.exe O4 - HKCU\..\Run: [Jeg] C:\WINDOWS\SYSTEM\Cch.exe O4 - HKCU\..\Run: [Ggg] C:\WINDOWS\SYSTEM\Jpf.exe O4 - HKCU\..\Run: [Llu] C:\WINDOWS\SYSTEM\Cpe.exe O4 - HKCU\..\Run: [Tna] C:\WINDOWS\Ivd.exe O4 - HKCU\..\Run: [Een] C:\WINDOWS\Fbn.exe O4 - HKCU\..\Run: [Cjl] C:\WINDOWS\Uki.exe O4 - HKCU\..\Run: [Nob] C:\WINDOWS\SYSTEM\Rda.exe O4 - HKCU\..\Run: [Cve] C:\WINDOWS\Vtb.exe O4 - HKCU\..\Run: [Rdc] C:\WINDOWS\SYSTEM\Lru.exe O4 - HKCU\..\Run: [Knb] C:\WINDOWS\SYSTEM\Mpa.exe O4 - HKCU\..\Run: [Ipu] C:\WINDOWS\SYSTEM\Qka.exe O4 - HKCU\..\Run: [Vss] C:\WINDOWS\Nua.exe O4 - HKCU\..\Run: [Scb] C:\WINDOWS\SYSTEM\Sbg.exe O4 - HKCU\..\Run: [Trs] C:\WINDOWS\Qak.exe O4 - HKCU\..\Run: [Dms] C:\WINDOWS\Imj.exe O4 - HKCU\..\Run: [Abh] C:\WINDOWS\SYSTEM\Dkd.exe O4 - HKCU\..\Run: [Tsq] C:\WINDOWS\Fhi.exe O4 - HKCU\..\Run: [Drp] C:\WINDOWS\SYSTEM\Spb.exe O4 - HKCU\..\Run: [Rkp] C:\WINDOWS\SYSTEM\Pjr.exe O4 - HKCU\..\Run: [Avn] C:\WINDOWS\SYSTEM\Htj.exe O4 - HKCU\..\Run: [Rji] C:\WINDOWS\SYSTEM\Tmo.exe O4 - HKCU\..\Run: [Gja] C:\WINDOWS\SYSTEM\Vls.exe O4 - HKCU\..\Run: [Jtm] C:\WINDOWS\Lus.exe O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_01\bin\npjpi150_01.dll O12 - Plugin for .spop: C:\ARCHIV~1\INTERN~1\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab O16 - DPF: Yahoo! Games Voice Chat - http://yog55.games.scd.yahoo.com/yog/y/va1_x.cab O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at1_x.cab O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/resources/MsnPUpld.cab O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.184.85,195.225.176.37 Diganme que hacer para solucionar esto!,por favorrrrrr.... Graciasssss. |
|
20/04/05, 20:03:20
| |
| ||||
| Re: Mi pc esta totalmente infectada! Sigue estos pasos: 1) Ver archivos ocultos 2) Reinicia a prueba de fallos 3) Ejecuta HiajckThis y dale fix a estas entradas: R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - Default URLSearchHook is missing O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - C:\WINDOWS\SYSTEM\BHOMOD.DLL O2 - BHO: (no name) - {18233E2F-B116-11D9-B678-525423BDD067} - C:\WINDOWS\SYSTEM\CBCME.DLL (file missing) O4 - HKLM\..\Run: [Utv] C:\WINDOWS\SYSTEM\Col.exe O4 - HKLM\..\Run: [Rgv] C:\WINDOWS\SYSTEM\Uid.exe O4 - HKLM\..\Run: [Odd] C:\WINDOWS\Mpp.exe O4 - HKLM\..\Run: [Bau] C:\WINDOWS\Asq.exe O4 - HKLM\..\Run: [Eai] C:\WINDOWS\Vrc.exe O4 - HKLM\..\Run: [Cfi] C:\WINDOWS\Bae.exe O4 - HKLM\..\Run: [Kpl] C:\WINDOWS\Mki.exe O4 - HKLM\..\Run: [Gas] C:\WINDOWS\SYSTEM\Ahs.exe O4 - HKLM\..\Run: [Odm] C:\WINDOWS\Dlg.exe O4 - HKLM\..\Run: [Iaj] C:\WINDOWS\SYSTEM\Mgm.exe O4 - HKLM\..\Run: [Umj] C:\WINDOWS\Jfr.exe O4 - HKLM\..\Run: [Vks] C:\WINDOWS\Ako.exe O4 - HKLM\..\Run: [Cun] C:\WINDOWS\Vjt.exe O4 - HKLM\..\Run: [Bqh] C:\WINDOWS\Bmn.exe O4 - HKLM\..\Run: [Som] C:\WINDOWS\Hmm.exe O4 - HKLM\..\Run: [Ifj] C:\WINDOWS\SYSTEM\Fgi.exe O4 - HKLM\..\Run: [Kkd] C:\WINDOWS\SYSTEM\Did.exe O4 - HKLM\..\Run: [Rld] C:\WINDOWS\Cbi.exe O4 - HKLM\..\Run: [Dea] C:\WINDOWS\SYSTEM\Vbk.exe O4 - HKLM\..\Run: [Ktb] C:\WINDOWS\Qqf.exe O4 - HKLM\..\Run: [Bck] C:\WINDOWS\Vsf.exe O4 - HKLM\..\Run: [Rqo] C:\WINDOWS\SYSTEM\Egs.exe O4 - HKLM\..\Run: [Uqt] C:\WINDOWS\SYSTEM\Amt.exe O4 - HKLM\..\Run: [Dbo] C:\WINDOWS\Ndi.exe O4 - HKLM\..\Run: [Smj] C:\WINDOWS\SYSTEM\Gpp.exe O4 - HKLM\..\Run: [Ohs] C:\WINDOWS\Fad.exe O4 - HKLM\..\Run: [Tff] C:\WINDOWS\SYSTEM\Amc.exe O4 - HKLM\..\Run: [Fkh] C:\WINDOWS\Fao.exe O4 - HKLM\..\Run: [Mcm] C:\WINDOWS\SYSTEM\Hvn.exe O4 - HKLM\..\Run: [Hqv] C:\WINDOWS\SYSTEM\Fsj.exe O4 - HKLM\..\Run: [Suq] C:\WINDOWS\SYSTEM\Gie.exe O4 - HKLM\..\Run: [Ciq] C:\WINDOWS\Ogp.exe O4 - HKLM\..\Run: [Sgf] C:\WINDOWS\SYSTEM\Def.exe O4 - HKLM\..\Run: [Emd] C:\WINDOWS\Qck.exe O4 - HKLM\..\Run: [Udi] C:\WINDOWS\Kab.exe O4 - HKLM\..\Run: [Nsk] C:\WINDOWS\Ioi.exe O4 - HKLM\..\Run: [Bld] C:\WINDOWS\SYSTEM\Bbc.exe O4 - HKLM\..\Run: [Svg] C:\WINDOWS\SYSTEM\Gor.exe O4 - HKLM\..\Run: [Gdd] C:\WINDOWS\SYSTEM\Ieh.exe O4 - HKLM\..\Run: [Bao] C:\WINDOWS\SYSTEM\Uqs.exe O4 - HKLM\..\Run: [Ofr] C:\WINDOWS\SYSTEM\Umk.exe O4 - HKLM\..\Run: [Jsh] C:\WINDOWS\SYSTEM\Imc.exe O4 - HKLM\..\Run: [Nnu] C:\WINDOWS\Gtu.exe O4 - HKLM\..\Run: [Ddc] C:\WINDOWS\Hee.exe O4 - HKLM\..\Run: [Efu] C:\WINDOWS\SYSTEM\Gcp.exe O4 - HKLM\..\Run: [Mqr] C:\WINDOWS\SYSTEM\Thn.exe O4 - HKLM\..\Run: [Rdl] C:\WINDOWS\SYSTEM\Aof.exe O4 - HKLM\..\Run: [Sau] C:\WINDOWS\SYSTEM\Fkh.exe O4 - HKLM\..\Run: [Too] C:\WINDOWS\SYSTEM\Dqj.exe O4 - HKLM\..\Run: [Afv] C:\WINDOWS\Lof.exe O4 - HKLM\..\Run: [Aou] C:\WINDOWS\SYSTEM\Pet.exe O4 - HKLM\..\Run: [Gfh] C:\WINDOWS\SYSTEM\Nqs.exe O4 - HKLM\..\Run: [And] C:\WINDOWS\Pte.exe O4 - HKLM\..\Run: [Kmo] C:\WINDOWS\Qnb.exe O4 - HKLM\..\Run: [Nfu] C:\WINDOWS\SYSTEM\Ddc.exe O4 - HKLM\..\Run: [Ngb] C:\WINDOWS\Jqr.exe O4 - HKLM\..\Run: [Jhb] C:\WINDOWS\Rjd.exe O4 - HKLM\..\Run: [Tmr] C:\WINDOWS\SYSTEM\Fua.exe O4 - HKLM\..\Run: [Kar] C:\WINDOWS\SYSTEM\Frm.exe O4 - HKLM\..\Run: [Gje] C:\WINDOWS\SYSTEM\Stt.exe O4 - HKLM\..\Run: [Bth] C:\WINDOWS\SYSTEM\Omo.exe O4 - HKLM\..\Run: [Ibh] C:\WINDOWS\SYSTEM\Ubv.exe O4 - HKLM\..\Run: [Mhl] C:\WINDOWS\Jbm.exe O4 - HKLM\..\Run: [Bng] C:\WINDOWS\SYSTEM\Efn.exe O4 - HKLM\..\Run: [Vfp] C:\WINDOWS\Elc.exe O4 - HKLM\..\Run: [Sol] C:\WINDOWS\Nhm.exe O4 - HKLM\..\Run: [Hbe] C:\WINDOWS\Nrg.exe O4 - HKLM\..\Run: [Mfg] C:\WINDOWS\Pim.exe O4 - HKLM\..\Run: [Phc] C:\WINDOWS\Ndu.exe O4 - HKLM\..\Run: [Bqq] C:\WINDOWS\SYSTEM\Pur.exe O4 - HKLM\..\Run: [Gef] C:\WINDOWS\Aud.exe O4 - HKLM\..\Run: [Teb] C:\WINDOWS\Euu.exe O4 - HKLM\..\Run: [Mki] C:\WINDOWS\Kvq.exe O4 - HKLM\..\Run: [Jeg] C:\WINDOWS\SYSTEM\Cch.exe O4 - HKLM\..\Run: [Ggg] C:\WINDOWS\SYSTEM\Jpf.exe O4 - HKLM\..\Run: [Llu] C:\WINDOWS\SYSTEM\Cpe.exe O4 - HKLM\..\Run: [Tna] C:\WINDOWS\Ivd.exe O4 - HKLM\..\Run: [Een] C:\WINDOWS\Fbn.exe O4 - HKLM\..\Run: [Cjl] C:\WINDOWS\Uki.exe O4 - HKLM\..\Run: [Nob] C:\WINDOWS\SYSTEM\Rda.exe O4 - HKLM\..\Run: [Cve] C:\WINDOWS\Vtb.exe O4 - HKLM\..\Run: [Rdc] C:\WINDOWS\SYSTEM\Lru.exe O4 - HKLM\..\Run: [Knb] C:\WINDOWS\SYSTEM\Mpa.exe O4 - HKLM\..\Run: [Ipu] C:\WINDOWS\SYSTEM\Qka.exe O4 - HKLM\..\Run: [Vss] C:\WINDOWS\Nua.exe O4 - HKLM\..\Run: [Scb] C:\WINDOWS\SYSTEM\Sbg.exe O4 - HKLM\..\Run: [Trs] C:\WINDOWS\Qak.exe O4 - HKLM\..\Run: [Dms] C:\WINDOWS\Imj.exe O4 - HKLM\..\Run: [Abh] C:\WINDOWS\SYSTEM\Dkd.exe O4 - HKLM\..\Run: [Tsq] C:\WINDOWS\Fhi.exe O4 - HKLM\..\Run: [Drp] C:\WINDOWS\SYSTEM\Spb.exe O4 - HKLM\..\Run: [Rkp] C:\WINDOWS\SYSTEM\Pjr.exe O4 - HKLM\..\Run: [Avn] C:\WINDOWS\SYSTEM\Htj.exe O4 - HKLM\..\Run: [Rji] C:\WINDOWS\SYSTEM\Tmo.exe O4 - HKLM\..\Run: [Gja] C:\WINDOWS\SYSTEM\Vls.exe O4 - HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall O4 - HKLM\..\Run: [Jtm] C:\WINDOWS\Lus.exe O4 - HKCU\..\Run: [xserv] C:\WINDOWS\SYSTEM\XSERV\WUAGDABF.EXE O4 - HKCU\..\Run: [Utv] C:\WINDOWS\SYSTEM\Col.exe O4 - HKCU\..\Run: [Rgv] C:\WINDOWS\SYSTEM\Uid.exe O4 - HKCU\..\Run: [Odd] C:\WINDOWS\Mpp.exe O4 - HKCU\..\Run: [Bau] C:\WINDOWS\Asq.exe O4 - HKCU\..\Run: [Eai] C:\WINDOWS\Vrc.exe O4 - HKCU\..\Run: [Cfi] C:\WINDOWS\Bae.exe O4 - HKCU\..\Run: [Kpl] C:\WINDOWS\Mki.exe O4 - HKCU\..\Run: [Gas] C:\WINDOWS\SYSTEM\Ahs.exe O4 - HKCU\..\Run: [Odm] C:\WINDOWS\Dlg.exe O4 - HKCU\..\Run: [Iaj] C:\WINDOWS\SYSTEM\Mgm.exe O4 - HKCU\..\Run: [Umj] C:\WINDOWS\Jfr.exe O4 - HKCU\..\Run: [Vks] C:\WINDOWS\Ako.exe O4 - HKCU\..\Run: [Cun] C:\WINDOWS\Vjt.exe O4 - HKCU\..\Run: [Bqh] C:\WINDOWS\Bmn.exe O4 - HKCU\..\Run: [Som] C:\WINDOWS\Hmm.exe O4 - HKCU\..\Run: [Ifj] C:\WINDOWS\SYSTEM\Fgi.ex |