AYUDA POR FAVOR SEARCHWEB2 (solucionado)

[Osvaldo]

ESTA SUPER LENTA Y TIENE UNA PAGINA DE UN TAL SEARCHWEB2...



OJALA PUEDAN AYUDARME



GRACIAS...



P.D. MAURA..ESTA ES OTRA PC...Y DE RATO PONGO OTRO LOG..DE OTRA...DE ANTEMANO MIL GRACIAS







Logfile of HijackThis v1.99.1

Scan saved at 11:03:10 a.m., on 04/04/2005

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\hijackthis\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.xdcengiyxkjqyrrxhw.org/jkCJqaaXcVuSWRxT_yZgxQWBhD/50UyZQi_ivkj7jdkHya5386xwpDNvYw/NLsRC.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.drbfwwkcxhyy.us/jkCJqaaXcVsfUp8JLKx17Q42Aq8Kmg3Ve0oe7ANgJ6E.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t1msn.com.mx/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\ARCHIVOS DE PROGRAMA\YAHOO!\COMMON\YCOMP5_1_3_0.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: SetupHtml Class - {51641EF3-8A7A-4D84-8659-B0911E947CC8} - C:\WINDOWS\DOWNLO~1\DOWNLO~1.DLL

O2 - BHO: (no name) - {CCCF8CCD-E48F-87EE-9EA7-9670B3DF3CE5} - C:\DOCUME~1\RECEPC~1\DATOSD~1\SEEKFI~1\Locks slow.exe

O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\ARCHIVOS DE PROGRAMA\YAHOO!\COMMON\YCOMP5_1_3_0.DLL

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Archivos de programa\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [ruleforsizepoll] C:\Documents and Settings\All Users\Datos de programa\Intra This Rule For\FastWarn.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Archivos de programa\Messenger Plus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [atom grim] C:\DOCUME~1\RECEPC~1\DATOSD~1\SIZESO~1\nurbboldmess.exe

O4 - HKCU\..\Run: [areslite] "C:\Documents and Settings\Recepcionista\Mis documentos\Mi música\Ares Lite Edition\AresLite.exe" -h

O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV03.EXE

O4 - Global Startup: Digimax Viewer 2.0.lnk = ?

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\Office10\EXCEL.EXE/3000

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\ARCHIVOS DE PROGRAMA\YAHOO!\MESSENGER\YHEXBMES0819.DLL

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\ARCHIVOS DE PROGRAMA\YAHOO!\MESSENGER\YHEXBMES0819.DLL

O9 - Extra button: Coches - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\mcm-fiestaguay\index.html (file missing)

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\MSMSGS.EXE

O9 - Extra button: Messenger7 - {03FBB191-FB50-4154-91D7-587D5E3C0000} - C:\Documents and Settings\Recepcionista\Datos de programa\MATRIX\Messenger7\LanzarDll.exe (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: Messenger7 - {03FBB191-FB50-4154-91D7-587D5E3C0000} - C:\Documents and Settings\Recepcionista\Datos de programa\MATRIX\Messenger7\LanzarDll.exe (file missing) (HKCU)

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {03FBB191-FB50-4154-91D7-587D5E3C3C9A} (Marcador Class) - http://acceso.masminutos.com/software.cab

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab

O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_ES_XP.cab

O16 - DPF: {51641EF3-8A7A-4D84-8659-B0911E947CC8} (SetupHtml Class) - http://www.contenidospc.com/instalador.cab

O16 - DPF: {5F426A93-0821-47D2-A126-5A48A874B289} (DialerWeb Class) - http://212.145.159.194/251065/dialercab/WebRecomendada.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab

O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi.dll

O16 - DPF: {DB3991AA-5E36-428F-AB9E-7A9C613CF578} (OnlineAccess Class) - http://www.grupomarineda.net/auto/OnlineAccess.cab

O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/es/SysWebTelecomInt.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe

[maura63]

Antes de nada intenta conectar con windows update y actualiza



Logfile of HijackThis v1.99.1

Scan saved at 11:03:10 a.m., on 04/04/2005

Platform: [color=red]Windows XP[/color] (WinNT 5.01.2600)

MSIE: [color=red]Internet Explorer v6.00[/color] (6.00.2600.0000)



Te falta el SP1 en windows e IE y muchos parches.



Saludos

maura63

[Osvaldo]

OK. EN ESTE MOMENTO HAGO ESAS ACTUALIZACIONES



GRACIAS

[maura63]

Despues de actualizar baja, actualiza y lanzas estos programas



Eliminacion de adwares y spywares



Spybot S&D



Sitio 1 - Descargar Spybot - Search & Destroy 1.3

http://kujoe.com/freeware/spybot.php

------------------------------------------------------------

Sitio 2 - Descargar Spybot - Search & Destroy 1.3 desde zonavirus.com

http://www.zonavirus.com/descargas/spybot-sd.asp









Ad_Aware SE



AD_AWARE SE PERSONAL:



http://www.zonavirus.com/descargas/ad-aware-free-internet-security.asp



Saludos

maura63

[Osvaldo]

OK..

SEGUIRE TUS INSTRUCCIONES....

[maura63]

Si tuvieras problemas de actualizacion, elimina estas entradas



R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm - Nasty

O2 - BHO: SetupHtml Class - {51641EF3-8A7A-4D84-8659-B0911E947CC8} - C:\WINDOWS\DOWNLO~1\DOWNLO~1.DLL - Nasty

O2 - BHO: (no name) - {CCCF8CCD-E48F-87EE-9EA7-9670B3DF3CE5} - C:\DOCUME~1\RECEPC~1\DATOSD~1\SEEKFI~1\Locks slow.exe - Unknown

O4 - HKLM\..\Run: [ruleforsizepoll] C:\Documents and Settings\All Users\Datos de programa\Intra This Rule For\FastWarn.exe - Unknown

O4 - HKCU\..\Run: [atom grim] C:\DOCUME~1\RECEPC~1\DATOSD~1\SIZESO~1\nurbboldmess.exe - Unknown

O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV03.EXE - Unknown

O4 - Global Startup: Digimax Viewer 2.0.lnk = ? - Unknown

O9 - Extra button: Coches - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\mcm-fiestaguay\index.html (file missing) - Possibly nasty

O9 - Extra button: Messenger7 - {03FBB191-FB50-4154-91D7-587D5E3C0000} - C:\Documents and Settings\Recepcionista\Datos de programa\MATRIX\Messenger7\LanzarDll.exe (file missing) (HKCU) - Possibly nasty

O9 - Extra 'Tools' menuitem: Messenger7 - {03FBB191-FB50-4154-91D7-587D5E3C0000} - C:\Documents and Settings\Recepcionista\Datos de programa\MATRIX\Messenger7\LanzarDll.exe (file missing) (HKCU) - Possibly nasty

O16 - DPF: {03FBB191-FB50-4154-91D7-587D5E3C3C9A} (Marcador Class) - http://acceso.masminutos.com/software.cab - Possibly nasty

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab - Nasty

O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_ES_XP.cab - Nasty

O16 - DPF: {51641EF3-8A7A-4D84-8659-B0911E947CC8} (SetupHtml Class) - http://www.contenidospc.com/instalador.cab - Nasty

O16 - DPF: {5F426A93-0821-47D2-A126-5A48A874B289} (DialerWeb Class) - http://212.145.159.194/251065/dialercab/WebRecomendada.cab - Nasty

O16 - DPF: {DB3991AA-5E36-428F-AB9E-7A9C613CF578} (OnlineAccess Class) - http://www.grupomarineda.net/auto/OnlineAccess.cab - Possibly nasty

O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/es/SysWebTelecomInt.cab - Possibly nasty



Saludos

maura63

[Osvaldo]

NO HABIA TENIDO TIEMPO PARA ENTRAR AL FORO....



ASUNTO ARREGLADO



MIL GRACIAS MAURA !!!!



SALUDOS

[maura63]

Pues damos por solucionado el tema.



Se cierra el post....





Saludos

maura63

[msc hotline sat]

solucionado el Tema, se procede a cerrarlo.



saludos



ms, 22-04-2005