Muchas Gracias por tu ayuda
Segui tus instrucciones, ahora mi save log es
Logfile of HijackThis v1.98.2
Scan saved at 10:52:30 p.m., on 05/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Archivos de programa\Perav\PERVAC.EXE
C:\WINDOWS\System32\pfwsvc.exe
C:\Archivos de programa\SpyKeyLogger\skls.exe
C:\Archivos de programa\HHVcdV5Sys\VC5SecS.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\ACD Systems\EN\DevDetect.exe
C:\Archivos de programa\Winamp\winampa.exe
C:\Archivos de programa\HHVcdV5Sys\VC5Play.exe
C:\ARCHIV~1\Perav\PAV.EXE
C:\Archivos de programa\persystems\perfw\PFWAGENT.EXE
C:\Archivos de programa\SpyKeyLogger\skl.exe
C:\Archivos de programa\Autorun3\Autorun3.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\WinZip\WZQKPICK.EXE
C:\Archivos de programa\Microsoft Office\Office\FINDFAST.EXE
C:\Archivos de programa\Microsoft Office\Office\OSA.EXE
C:\Archivos de programa\Virtual CD v5\System\VC5Tray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\DllHost.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Archivos de programa\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Nueva carpeta\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AdShield.AdShield - {7559B76E-0222-4d77-9499-CCE9EB4EDC2F} - C:\ARCHIV~1\AdShield\AdShield\AdShield.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [Device Detector] "C:\Archivos de programa\Archivos comunes\ACD Systems\EN\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe
O4 - HKLM\..\Run: [VC5Player] C:\Archivos de programa\HHVcdV5Sys\VC5Play.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PAV.EXE] C:\ARCHIV~1\Perav\PAV.EXE
O4 - HKLM\..\Run: [PFWAGENT.EXE] C:\Archivos de programa\persystems\perfw\PFWAGENT.EXE
O4 - HKLM\..\Run: [Spyware Cleaner] C:\Archivos de programa\DreamGroup\sin-espias\No-Spy.exe
O4 - HKLM\..\Run: [Spy-Keylogger] "C:\Archivos de programa\SpyKeyLogger\skl.exe"
O4 - HKCU\..\Run: [SuperAdBlocker] C:\Archivos de programa\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe
O4 - HKCU\..\Run: [Autorun3.exe -s] C:\Archivos de programa\Autorun3\Autorun3.exe -s
O4 - Startup: Búsqueda rápida de Microsoft.lnk = C:\Archivos de programa\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Inicio de Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Actualización de PER Antivirus.lnk = C:\Archivos de programa\Perav\PERUPD.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Archivos de programa\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Maintain Block List... - C:\ARCHIV~1\AdShield\AdShield\maintain.htm
O8 - Extra context menu item: Add to &Block List... - C:\ARCHIV~1\AdShield\AdShield\suppress.htm
O8 - Extra context menu item: Add to &Exclude List... - C:\ARCHIV~1\AdShield\AdShield\restrict.htm
O8 - Extra context menu item: AdShield Option &Settings... - C:\ARCHIV~1\AdShield\AdShield\settings.htm
O9 - Extra button: Remove useless applications with Autorun3 - {278C5E6A-395A-490A-89B7-4828F02655DC} - C:\Archivos de programa\Autorun3\Autorun3.exe
O9 - Extra 'Tools' menuitem: &Autorun3 - protection against useless applications. - {278C5E6A-395A-490A-89B7-4828F02655DC} - C:\Archivos de programa\Autorun3\Autorun3.exe
O9 - Extra button: AdShield - {4FB6C25E-7B37-4c93-B592-16ECD8D18361} - C:\ARCHIV~1\AdShield\AdShield\AdShield.dll (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/es/SysWebTelecom.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D42C23E-12C0-4020-9CAB-812814D81C06}: NameServer = 200.48.225.130,200.48.225.146
O17 - HKLM\System\CS1\Services\Tcpip\..\{1D42C23E-12C0-4020-9CAB-812814D81C06}: NameServer = 200.48.225.130,200.48.225.146
O17 - HKLM\System\CS2\Services\Tcpip\..\{1D42C23E-12C0-4020-9CAB-812814D81C06}: NameServer = 200.48.225.130,200.48.225.146
O17 - HKLM\System\CS3\Services\Tcpip\..\{1D42C23E-12C0-4020-9CAB-812814D81C06}: NameServer = 200.48.225.130,200.48.225.146
********
Otra cosa si te haz dado cuenta también uso el Ad-ware SE, el cual al scanear me da el siguiente resultado
d-Aware SE Build 1.05
Logfile Created on:Martes, 05 de Octubre de 2004 10:48:48 p.m.
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R10 28.09.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
SysWeb-Telecom Dialer(TAC index:5):20 total references
Tracking Cookie(TAC index:3):4 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
05-10-2004 10:48:48 p.m. - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 604
ThreadCreationTime : 06-10-2004 03:35:07 a.m.
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \?\C:\WINDOWS\system32\
ProcessID : 668
ThreadCreationTime : 06-10-2004 03:35:08 a.m.
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \?\C:\WINDOWS\system32\
ProcessID : 696
ThreadCreationTime : 06-10-2004 03:35:11 a.m.
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 740
ThreadCreationTime : 06-10-2004 03:35:11 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Aplicación de servicios y controlador
InternalName : services.exe
LegalCopyright : Copyright © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 752
ThreadCreationTime : 06-10-2004 03:35:11 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 936
ThreadCreationTime : 06-10-2004 03:35:12 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1036
ThreadCreationTime : 06-10-2004 03:35:12 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1116
ThreadCreationTime : 06-10-2004 03:35:13 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1144
ThreadCreationTime : 06-10-2004 03:35:13 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1380
ThreadCreationTime : 06-10-2004 03:35:14 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:11 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1516
ThreadCreationTime : 06-10-2004 03:35:20 a.m.
BasePriority : Normal
FileVersion : 6.14.10.5303
ProductVersion : 6.14.10.5303
ProductName : NVIDIA Driver Helper Service, Version 53.03
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 53.03
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:12 [pervac.exe]
FilePath : C:\Archivos de programa\Perav\
ProcessID : 1544
ThreadCreationTime : 06-10-2004 03:35:21 a.m.
BasePriority : Normal
FileVersion : 8, 8, 0, 0
ProductVersion : 8, 8, 0, 0
ProductName : PER Antivirus
CompanyName : PER Systems S.A.
FileDescription : PER Antivirus - OnAccess Scanner
InternalName : pervac.exe
LegalCopyright : Copyright © 1986-2004 PER Systems S.A.
LegalTrademarks : PER Antivirus en marca registrada de PER Systems S.A.
OriginalFilename : pervac.exe
Comments : PER Antivirus - OnAccess Scanner
#:13 [pfwsvc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1604
ThreadCreationTime : 06-10-2004 03:35:24 a.m.
BasePriority : Normal
#:14 [skls.exe]
FilePath : C:\Archivos de programa\SpyKeyLogger\
ProcessID : 1660
ThreadCreationTime : 06-10-2004 03:35:24 a.m.
BasePriority : Normal
FileVersion : 1.30.1.16
ProductVersion : 1.30
ProductName : Spy-Keylogger
CompanyName : Spy Software
LegalCopyright : © 2002-2004 Spy-Key-Logger.com
#:15 [vc5secs.exe]
FilePath : C:\Archivos de programa\HHVcdV5Sys\
ProcessID : 1708
ThreadCreationTime : 06-10-2004 03:35:24 a.m.
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : Virtual CD
CompanyName : H+H Software GmbH
FileDescription : Virtual CD - Security Service
InternalName : VC5SecS
LegalCopyright : Copyright © 2001 by H+H Software GmbH
OriginalFilename : VC5SecS.exe
#:16 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2016
ThreadCreationTime : 06-10-2004 03:35:34 a.m.
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : EXPLORER.EXE
#:17 [devdetect.exe]
FilePath : C:\Archivos de programa\Archivos comunes\ACD Systems\EN\
ProcessID : 440
ThreadCreationTime : 06-10-2004 03:35:36 a.m.
BasePriority : Normal
FileVersion : 2, 0, 0, 12
ProductVersion : 2, 0, 0, 12
ProductName : Device Detector
CompanyName : ACD Systems, Ltd.
FileDescription : Device Detector
InternalName : DevDetect
LegalCopyright : Copyright © 2003
OriginalFilename : DevDetect.exe
#:18 [winampa.exe]
FilePath : C:\Archivos de programa\Winamp\
ProcessID : 448
ThreadCreationTime : 06-10-2004 03:35:37 a.m.
BasePriority : Normal
#:19 [vc5play.exe]
FilePath : C:\Archivos de programa\HHVcdV5Sys\
ProcessID : 456
ThreadCreationTime : 06-10-2004 03:35:37 a.m.
BasePriority : Normal
FileVersion : 5, 0, 0, 1
ProductVersion : 5, 0, 0, 0
ProductName : Virtual CD v5
CompanyName : H+H Software GmbH
FileDescription : Virtual CD - Player
InternalName : VC5Play
LegalCopyright : Copyright © 2001-2002 by H+H Software GmbH
OriginalFilename : VC5Play.EXE
#:20 [pav.exe]
FilePath : C:\ARCHIV~1\Perav\
ProcessID : 480
ThreadCreationTime : 06-10-2004 03:35:37 a.m.
BasePriority : Normal
FileVersion : 8, 8, 0, 0
ProductVersion : 8, 8, 0, 0
ProductName : PER Antivirus - Agent
CompanyName : PER Systems S.A.
FileDescription : PER Antivirus - Agent
InternalName : pav.exe
LegalCopyright : Copyright © 1986-2004 PER Systems S.A.
LegalTrademarks : PER Antivirus es marca registrada de PER Systems S.A.
OriginalFilename : pav.exe
Comments : PER Antivirus - Agent
#:21 [pfwagent.exe]
FilePath : C:\Archivos de programa\persystems\perfw\
ProcessID : 488
ThreadCreationTime : 06-10-2004 03:35:37 a.m.
BasePriority : Normal
FileVersion : 1, 0, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : PER Firewall
CompanyName : PER SYSTEMS S.A.
FileDescription : PER Firewall - Agent
InternalName : pfwagent.exe
LegalCopyright : Copyright © 1986-2004 PER SYSTEMS S.A.
LegalTrademarks : PER Firewall es marca registrada de PER SYSTEMS S.A.
OriginalFilename : pfwagent.exe
Comments : PER Firewall - Agent
#:22 [skl.exe]
FilePath : C:\Archivos de programa\SpyKeyLogger\
ProcessID : 504
ThreadCreationTime : 06-10-2004 03:35:37 a.m.
BasePriority : Normal
FileVersion : 1.30.1.91
ProductVersion : 1.30
ProductName : Spy-Keylogger
CompanyName : Spy Software
LegalCopyright : © 2002-2004 Spy-Key-Logger.com
#:23 [autorun3.exe]
FilePath : C:\Archivos de programa\Autorun3\
ProcessID : 520
ThreadCreationTime : 06-10-2004 03:35:37 a.m.
BasePriority : Normal
FileVersion : 3.0.0.51
ProductName : Autorun3
CompanyName : Patrick Kata
FileDescription : Main Executable for Autorun3
InternalName : autorun
LegalCopyright : ©2004 Patrick Kata. All rights reserved.
OriginalFilename : autorun
Comments : This application is freeware.
#:24 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 540
ThreadCreationTime : 06-10-2004 03:35:38 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:25 [wzqkpick.exe]
FilePath : C:\Archivos de programa\WinZip\
ProcessID : 640
ThreadCreationTime : 06-10-2004 03:35:40 a.m.
BasePriority : Normal
FileVersion : 1.0 (32-bit)
ProductVersion : 9.0 (6028)
ProductName : WinZip
CompanyName : WinZip Computing, Inc.
FileDescription : WinZip Executable
InternalName : WZQKPICK.EXE
LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2004 - All Rights Reserved
LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc
OriginalFilename : WZQKPICK.EXE
Comments : StringFileInfo: U.S. English
#:26 [findfast.exe]
FilePath : C:\Archivos de programa\Microsoft Office\Office\
ProcessID : 116
ThreadCreationTime : 06-10-2004 03:35:50 a.m.
BasePriority : Normal
FileVersion : 8.0
ProductVersion : 8.0
ProductName : Búsqueda rápida de Microsoft®
CompanyName : Microsoft Corporation
FileDescription : Búsqueda rápida de Microsoft Office
InternalName : FINDFAST
LegalCopyright : Copyright © Microsoft Corp. 1995-1997
OriginalFilename : FINDFAST.EXE
#:27 [osa.exe]
FilePath : C:\Archivos de programa\Microsoft Office\Office\
ProcessID : 952
ThreadCreationTime : 06-10-2004 03:35:50 a.m.
BasePriority : Normal
#:28 [vc5tray.exe]
FilePath : C:\Archivos de programa\Virtual CD v5\System\
ProcessID : 1804
ThreadCreationTime : 06-10-2004 03:35:58 a.m.
BasePriority : Normal
FileVersion : 5, 0, 0, 1
ProductVersion : 5, 0, 0, 0
ProductName : Virtual CD
CompanyName : H+H Software GmbH
FileDescription : Virtual CD - Quick Start Utility
InternalName : VTSTray
LegalCopyright : Copyright © 2000-2003 by H+H Software GmbH
OriginalFilename : VT5Tray.exe
#:29 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1880
ThreadCreationTime : 06-10-2004 03:36:41 a.m.
BasePriority : Normal
FileVersion : 5.4.3630.1106 (xpsp1.020828-1920)
ProductVersion : 5.4.3630.1106
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Cliente de actualización automática de Windows Update
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : wuauclt.exe
#:30 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ProcessID : 1824
ThreadCreationTime : 06-10-2004 03:41:36 a.m.
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : IEXPLORE.EXE
#:31 [dllhost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2008
ThreadCreationTime : 06-10-2004 03:41:38 a.m.
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : dllhost.exe
#:32 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ProcessID : 2588
ThreadCreationTime : 06-10-2004 03:43:36 a.m.
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : IEXPLORE.EXE
#:33 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2500
ThreadCreationTime : 06-10-2004 03:48:36 a.m.
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{efb22865-f3bc-4309-adfa-c8e078a7f762}
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{efb22865-f3bc-4309-adfa-c8e078a7f762}
Value :
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{639581d0-8376-4073-b73b-45993fa45156}
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{639581d0-8376-4073-b73b-45993fa45156}
Value :
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{66b0c472-a6b5-4e86-8330-f4875af90929}
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{66b0c472-a6b5-4e86-8330-f4875af90929}
Value :
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : syswebtelecom.syswebtelecom
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : syswebtelecom.syswebtelecom
Value :
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{21de6877-97c0-4fc7-9c16-666b996db4a2}
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1214440339-1993962763-854245398-1004\software\syswebtelecom
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\code store database\distribution units\{efb22865-f3bc-4309-adfa-c8e078a7f762}
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\code store database\distribution units\{efb22865-f3bc-4309-adfa-c8e078a7f762}
Value : SystemComponent
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\code store database\distribution units\{efb22865-f3bc-4309-adfa-c8e078a7f762}
Value : Installer
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1214440339-1993962763-854245398-1004\\software\syswebtelecom
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 14
Objects found so far: 14
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINDOWS/Downloaded Program Files/SysWebTelecom.dll
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINDOWS/Downloaded Program Files/SysWebTelecom.dll
Value : .Owner
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINDOWS/Downloaded Program Files/SysWebTelecom.dll
Value : {EFB22865-F3BC-4309-ADFA-C8E078A7F762}
SysWeb-Telecom Dialer Object Recognized!
Type : File
Data : /windows/downloaded program files/syswebtelecom.dll
Category : Malware
Comment :
Object : c:\
SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data : C:\WINDOWS\Downloaded Program Files\SysWebTelecom.dll
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\SysWebTelecom.dll
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 19
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
nene@promo.match[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:nene@promo.match.com/
Expires : 08-10-2004 11:07:34 p.m.
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
nene@ads.tripod.lycos[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:nene@ads.tripod.lycos.es/
Expires : 05-10-2004 10:20:54 p.m.
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
nene@cgi-bin[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:nene@imrworldwide.com/cgi-bin
Expires : 02-10-2014 10:36:12 p.m.
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
nene@adserver.terra[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:nene@adserver.terra.com/
Expires : 23-10-2072 11:35:14 p.m.
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 23
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Disk Scan Result for C:\WINDOWS\System32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Disk Scan Result for C:\DOCUME~1\nene\CONFIG~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 23
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\nvidia corporation\global\nview\windowmanagement
Description : nvidia nview cached application window positions
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\adobe\photoshop\7.0\visiteddirs
Description : adobe photoshop 7 recent work folders
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : S-1-5-21-1214440339-1993962763-854245398-1004\software\microsoft\windows media\wmsdk\general
Description : Windows media sdk
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SysWeb-Telecom Dialer Object Recognized!
Type : File
Data : SysWebTelecom.dll
Category : Malware
Comment :
Object : C:\WINDOWS\downloaded program files\
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 39
10:50:43 p.m. Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:55.686
Objects scanned:53735
Objects identified:24
Objects ignored:0
New critical objects:24
------------------
me salen unos avisos como de araÑitas, pienso que son virus
Ademas cuando uso el Spybot - Search & Destroy me sale que tengo unos exploit,
los corrijo, pero nuevamente aparecen
MUCHAS GRACIAS
por tu atencion, espero tu pronta respuesta
Te dire que me fascina este mundo de internet, como hay cerebros que buscan destruir, malograr, espiar, etc. y hay cerebros como tu que se dedican a ayudar.