 |
| |||||||
 InfoSpyware sortea una T-Shirts |
| Participa en el sorteo por una
"Camiseta Oficial de InfoSpyware" gracias al amigo
Enjuto Mojamuto |
| Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis. |
 |
| | Herramientas |
 | 
22/02/05, 02:41:40
|  |
| |||
| win min + find4u tengo el problema de que cuando se apaga o reinicia el ordenador me sale una ventana diciendo, cerrando win min y cada vez que entro en internet me sale de pagina de inicio www.find4u.net he pasado el hijackthis y este es el log, que debo borrar? Logfile of HijackThis v1.99.1 Scan saved at 8:57:35, on 21/02/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Panda Software\AVTC\PasSrv.exe C:\Program Files\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe C:\Program Files\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe C:\Program Files\Panda Software\Panda Administrator 3\Pav_Agent\pagentwd.exe C:\Program Files\Panda Software\AVTC\PavSrv51.exe C:\Program Files\Panda Software\AVTC\AVENGINE.EXE C:\Program Files\Panda Software\AVTC\PsImSvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Panda Software\AVTC\ClShield.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe C:\Program Files\Internet Explorer\IEeng.exe C:\Program Files\Panda Software\AVTC\SRVLOAD.EXE C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE C:\Compaq\EAKDRV\EAUSBKBD.EXE C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe C:\Program Files\Panda Software\AVTC\WebProxy.exe C:\Documents and Settings\Nllop\My Documents\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://thenewsearch.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://thenewsearch.com/search.html R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://thenewsearch.com/search.html R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://thenewsearch.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://thenewsearch.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://find4u.net/sp.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://find4u.net/index.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://find4u.net/index.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://thenewsearch.com/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://find4u.net/sp.htm R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://find4u.net/index.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.compaq.com/1Q00CDT/0409/bl7.asp O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-717765721306} - C:\WINDOWS\System32\wer1306.dll (file missing) O2 - BHO: (no name) - {EC944C28-541D-4D3A-98CE-64EC2C936FBE} - C:\WINDOWS\system32\mjcg.dll (file missing) O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\AVTC\ClShield.exe" O4 - HKCU\..\Run: [IEengine] C:\Program Files\Internet Explorer\IEeng.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {11010101-1001-1111-1000-110112345678} - ms-its:mhtml:file://c:\nosuch.mht!http://69.50.173.250/howtosearch.ch...archinfoxyz.exe O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nosuch.mht!http://66.230.167.218/search/files.chm::/file.exe O16 - DPF: {22222222-2222-2222-2222-222222222222} - file://c:\x.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Sh...bin/AvSniff.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...b?1096305686656 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/...n/bin/cabsa.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Panda AntiSpam Server Service (PasSrv) - Unknown owner - C:\Program Files\Panda Software\AVTC\PasSrv.exe O23 - Service: Panda AdminSecure Communications Agent (PAVAGENTE) - Panda Software - C:\Program Files\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe O23 - Service: Panda AdminSecure Scheduler (PavAtScheduler) - Panda Software - C:\Program Files\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe O23 - Service: Panda Antivirus Report Service (PavReport) - Panda Software - C:\Program Files\Panda Software\Panda Administrator 3\PavReport\PavReport.exe O23 - Service: Panda Antivirus Service (PavSrv) - Panda Software - C:\Program Files\Panda Software\AVTC\PavSrv51.exe O23 - Service: Panda IManager Service (PsImSvc) - Panda Software Internacional - C:\Program Files\Panda Software\AVTC\PsImSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe     |
|
22/02/05, 12:57:54
| |
| ||||
| Re: win min + find4u Te doy la bienvenida al Foro de Spyware, realiza los siguientes pasos. 1- Apaga el "Restaurar Sistema" 2- Prende la opción de "Ver archivos ocultos y del sistema" 3- Con todos los programas cerrados ejecuta el HijackThis y dale  a estas entradas:R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://thenewsearch.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://thenewsearch.com/search.html R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://thenewsearch.com/search.html R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://thenewsearch.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://thenewsearch.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://find4u.net/sp.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://find4u.net/index.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://find4u.net/index.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://thenewsearch.com/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://find4u.net/sp.htm R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://find4u.net/index.htm O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-717765721306} - C:\WINDOWS\System32\wer1306.dll (file missing) O2 - BHO: (no name) - {EC944C28-541D-4D3A-98CE-64EC2C936FBE} - C:\WINDOWS\system32\mjcg.dll (file missing) O4 - HKCU\..\Run: [IEengine] C:\Program Files\Internet Explorer\IEeng.exe O16 - DPF: {11010101-1001-1111-1000-110112345678} - ms-its:mhtml:file://c:\nosuch.mht!http://69.50.173.250/howtosearch.ch...archinfo xyz.exe O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nosuch.mht!http://66.230.167.218/search/files.chm::/file. exe O16 - DPF: {22222222-2222-2222-2222-222222222222} - file://c:\x.cab 4- Reinicia eh inicia en "Modo a prueba de fallos" (modo seguro) 5- Busca y elimina estos archivos manualmente C:\Program Files\Internet Explorer\IEeng.exe 6- Usa el Disk Cleaner para limpiar cookies y temporales 7- Pásale Ad-Aware SE actualizado. 8- Reinicia y después nos contas los resultados. Salu2 Ausente por vacaciones hasta el 8/7/08 - Twitteando... Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
« Tema Anterior
|
Próximo Tema »
| Herramientas | |
| |
Todas las horas son GMT -4. La hora es 09:58:04.
