ya estoy desesperado, no logro quitar todo los bichos que tengo en mi ordenador. Llevo 2 dias intentando quitarlo, con ad-aware, spysheriff, spyremover, y aun asi nada de nada.
Me cambia la pagina de inicio cada vez que rearranco, se me ejecuta un archivo WINCTR~.EXE.
Como podria limpiar mi ordenador???
Muchas gracias, aqui os dejo el Log que me ha generado HijackThis.
Logfile of HijackThis v1.99.1
Scan saved at 9:55:37, on 21/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\S24EvMon.exe
E:\Program Files\Sygate\SPF\smc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\ZCfgSvc.exe
E:\WINDOWS\System32\1XConfig.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
E:\WINDOWS\System32\RegSrvc.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
E:\Program Files\Apoint\Apoint.exe
E:\Program Files\Winamp\winampa.exe
E:\Program Files\Java\jre1.5.0\bin\jusched.exe
E:\WINDOWS\System32\popcorn72.exe
E:\Program Files\Apoint\Apntex.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SpySheriff\SpySheriff.exe
E:\Program Files\Siemens\Gigaset WLAN Adapter\WLM.exe
E:\Program Files\3M\PSNLite\PsnLite.exe
E:\PROGRA~1\3M\PSNLite\PSNGive.exe
E:\WINDOWS\System32\wuauclt.exe
E:\Program Files\Neoteris\Host Checker\dsHostChecker.exe
E:\Program Files\Winamp\winamp.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
E:\WINDOWS\msagent\AgentSvr.exe
E:\WINDOWS\system32\ntvdm.exe
E:\Documents and Settings\xmbr0007\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SigmaTel StacMon] E:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SmcService] E:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Apoint] E:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] E:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SoDA Startup] E:\Program Files\Rational\SoDAWord\Wizards\SodaStartup.exe StartUp
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ControlPanel] E:\WINDOWS\System32\popcorn72.exe rundll.dll,LoadMouseProfile
O4 - HKLM\..\Run: [Sin Espias] E:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] E:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = E:\Program Files\Siemens\Gigaset WLAN Adapter\WLM.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = E:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
O16 - DPF: {4CC35DAD-40EA-4640-ACC2-A1A3B6FB3E06} (NeoterisSetup Control) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{02B9D0A4-B1FA-4818-ADA8-018FD7F4DC04}: NameServer = 85.255.114.24,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{68ED1983-F464-47E8-B781-832BB1259853}: NameServer = 85.255.114.24,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB4489A5-4443-420E-8EE5-7DADC779A034}: NameServer = 85.255.114.24,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{BEF2C902-5D1A-4823-9E0F-20C464DF02ED}: NameServer = 85.255.114.24,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{C7DDFF43-88B6-4364-B76B-63A72D2F24A2}: NameServer = 85.255.114.24,85.255.112.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{02B9D0A4-B1FA-4818-ADA8-018FD7F4DC04}: NameServer = 85.255.114.24,85.255.112.100
O17 - HKLM\System\CS2\Services\Tcpip\..\{02B9D0A4-B1FA-4818-ADA8-018FD7F4DC04}: NameServer = 85.255.114.24,85.255.112.100
O18 - Protocol: qrev - {9DE24BAC-FC3C-42C4-9FC4-76B3FAFDBD90} - E:\PROGRA~1\QUESTS~1\TOAD\RNetPin.dll
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\System32\NavLogon.dll
O20 - Winlogon Notify: Sebring - E:\WINDOWS\System32\LgNotify.dll
O20 - Winlogon Notify: style32 - E:\WINDOWS\
O23 - Service: Ati HotKey Poller - Unknown owner - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - E:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: OracleClientCache80 - Unknown owner - E:\ORANT\BIN\ONRSD80.EXE
O23 - Service: RegSrvc - Intel Corporation - E:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - E:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - E:\Program Files\Sygate\SPF\smc.exe
msc hotline sat Virus Research Engineer