SHPRRPRT.DLL y KERNER32.DLL

05/05/2005 - 16:01 por Antonio | Informe spam

a.-He entrado a el modo NORMAL
Start>Setting>Control Panel> Me sale el error SHPRRPRT.DLL y cuando borro me
sale el Kerner 32.dll

b.-Entro al modo seguro
Start>Programs>Accesories>System Tools >System Restore>Sale el cuadro de
puntos ha restaurar pero solo me sale la una fecha y no puedo retroceder a
meses o dias pasados pasadas

Por favor ayuda y alternativas para solusionar este problema

Antonio Torres
Miami Florida

Siga el debate

10 respuestas

Tengo una respuesta

Preguntas similare

Leer las respuestas

#6 Antonio

08/05/2005 - 05:28 | Informe spam

Gracias enrique por tu ayuda profesional:
1.-Te envio mi ultimo logfile para tu comentario final
Logfile of HijackThis v1.99.1
Scan saved at 23:10:52, on 07/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\WUAUCLT.EXE
C:\PROGRAM FILES\WEBCAM\WEBCAM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\ES-MX\MSNAPPAU.EXE
C:\PROGRAM FILES\MSN\MSNCOREFILES\MSN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.com/0SEESUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://latam.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://hp.my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.latino.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://resultsmaster.com/SmartOffer...ftPane.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://login.passport.net/uilogin.srf?id=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
(no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN
APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL (file
missing)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM
FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O3 - Toolbar: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL (file
missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no file)
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE"
/checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [mcupdmgr.exe] C:\PROGRAM
FILES\MCAFEE.COM\AGENT\MCUPDMGR.EXE
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe
/embedding
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O15 - Trusted Zone: loginnet.passport.net
O15 - Trusted Zone: services.msn.com
O15 - Trusted Zone: hotmail.msn.com
2.- Si me puedes dar algun tip por que no se por que se ha puesto bien lenta
mi pc
O15 - Trusted Zone: oe.hotmail.com
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: login.passport.net
O15 - Trusted Zone: msnia.passport.net
O15 - Trusted Zone: *.passport.net
O15 - Trusted Zone: loginnet.passport.com
O15 - Trusted Zone: *.passport.com
O15 - Trusted Zone: oe.msn.msnmail.hotmail.com
O15 - Trusted Zone: messenger.hotmail.com
O15 - Trusted Zone: msnialogin.passport.com
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/i...cfscan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/013a10b...xIE601.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
System Class) -
http://download.mcafee.com/molbin/s...insctl.cab
O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver Class) -
http://scpwbc.ops.placeware.com/etc...silver.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
http://viewers.multicastmedia.com/c...rowser.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/P...nPUpld.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration
Class) - http://help.bellsouth.net/sdccommon...gctlcm.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) -
https://rtc3.webresponse.one.micros...EFlash.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory
Class) - http://www.amiuptodate.com/vsc/bin/...Portal.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control)
- http://sc.groups.msn.com/controls/F...snUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} (lgbplay Class) -
https://video.manheim.com/lib/LiveSound.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) -
http://www.errorguard.com/installation/Install.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) -
http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://groups.msn.com/controls/Phot...nPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v1...b32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/s...cgdmgr.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
http://12.38.199.144/activex/AMC.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?lin...lcid=0x409
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class)
- http://photos.t1msn.com.mx/resource...gWebX2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/6...dge-c8.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global...OFILER.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client
Control (redist)) - http://www.tecmiami.com/tsweb/msrdp.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -
http://installs.hotbar.com/installs...btools.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
http://www.errornuker.com/products/...taller.exe

Información del sistema
Resumen de la configuración del sistema
==Sistema operativo Windows ME (4.90.1114.3000)
Internet Explorer 6.00.2800.1106
Cliente MSN 9.10.0011.1703
MSN Market es-mx
MSN Brand MSN [MSNI]
MSN SKU MSN Premium
Programa de correo predeterminado MSN Explorer

Cantidad de memoria 383 MB
Espacio libre en disco C: 32,3 GB

Versiones de componentes
==msn.exe 9.10.0011.1703
msnmetal.dll 9.10.0011.1703
msnmtllc.dll 9.10.0011.1703
msdbx.dll 9.10.0011.1703
sqdll.dll 12.2002.1126.0001
update.exe 9.10.0011.1703
shdocvw.dll 6.00.2800.1612
qmgr.dll 5.04.1103.0004
dw15.exe 10.00.4413.0000
msniasvc.exe Desconocido
custdial.dll Desconocido
msninst.exe 9.10.0375.0001
msninst.dll 9.10.0375.0001
msnsign.dll 9.10.0375.0001
market.mar 9.2005.0106.21
Windows Media Player 9.00.0000.2980
MSN Messenger 7.0 7.00.0777.0000
Macromedia Flash 7.00.0019.0000

Controladores de red
==Dial-Up Adapter
pppmac.vxd (4.90.0000.3000)
Dial-Up Adapter
pppmac.vxd (4.90.0000.3000)
Microsoft Virtual Private Networking Adapter
netpptp.sys (4.90.0000.3000)
Microsoft TV/Video Connection (5.3.0000.900)
NdisIP.sys (5.03.0000.0900)
HP EN1207D-TX PCI 10/100 Fast Ethernet Adapter (1.09.0120.2000)
EN1207D.sys (1.09.0120.2000)

Controladores de módem
==Generic SoftK56 Data,Fax PCI Modem (2.14.06.00)

Estado de actualización automática
==Versión anterior: 9.10.0006.2205
Versión siguiente: (ninguna)
Anonio
Miami Florida

"Enrique [MVP Windows]" wrote:

Bueno, vamos a ver,

1.- Panel de control > Opciones de carpeta > Ver > Mostrar todos los
archivos y carpetas ocultos
2.- Se trataba de ejecutar el HijackThis (pulsando en "Do a system Scan
and save a logfile"), marcar los elementos que te dije, y pulsar en "Fix
checked", para eliminarlos. Pero en el log que me envías, veo algunas
barras (toolbars) que instalan programas spyware. Yo eliminaría los
elementos siguientes:

O2 BHO Realbar
O2 BHO HbTools
O3 Toolbar Realbar
O3 Toolbar H&otbar

Y además utilizaría Ad-aware SE, para que acabara de hacer una buena
limpieza de programas intrusos

3.- Archivos para eliminar. Busca estos archivos en el disco (Inicio >
Buscar), y si existen, elimínalos (todos ellos relacionados con el
programa ShopperReports)

ShprRprt.dll
WhiteList.xippersist.dbs
Config.xml
WhiteList.dbs
ag.xml
ag.xml.dbsend.xml
send.xml.dbHeader.xml
Aliases.dbs
Sites.dbs
shprrprt.log
ShprRprt.dll
smrtshpr.dll
persist.dbs
uninst.exe

4.- Lo de la palomita, no sé a qué te refieres. Debes desactivar
Restaurar sistema (en WMe, me imagino que debe estar en Mi PC >
Propiedades > Restaurar sistema > Desactivar restaurar sistema).

Repito lo del Ad-aware-SE. Es muy importante utilizar este programa.
Para prevenir estos problemas, utiliza herramientas antispyware, como
estas:

SpywareBlaster
http://www.javacoolsoftware.com/spy...aster.html

Ad-aware Personal, Ad-aware SE
http://www.lavasoftusa.com

SpyBot Search and Destroy
http://www.safer-networking.org/es/...index.html

CWShredder
http://www.intermute.com/spysubtrac...nload.html

HijackThis
http://www.spychecker.com/program/hijackthis.html

PestPatrol Home Users
http://www.pestpatrol.com/Products/PestPatrolHE/

Y mantén alguna de ellas residente, o sea, siempre activa monitoreando
el sistema. Utiliza un antivirus actualizado y residente también. Además
es muy importante utilizar un firewall. HijackThis, que yo sepa, sólo
está en inglés, pero no ofrece ningún problema para su uso.

Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

"Una de las alegrías de la amistad es saber en quien confiar"

Este mensaje se proporciona "como está" sin garantías de ninguna clase,
y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.
________________________________________________________________________________
"Antonio" escribió en el mensaje
news:
Estimado enrique si me puedes detallar lo siguente y mil gracias por tu
ayuda
comprende que yo no soy un profesional en informatica sino un aficionado
con
problemas de conocimientos :

1.Haz visible todos los archivos y carpetas ,desde panel de control ????
2.-Haz un Scan y luego fix a los siguentes elementos'???
3.-Busca estos archivos y los eliminas ???????
4.-Hago la palomita a restaurar sistema
Nota:
a.-Que medidas tomo para prevenir estos problemas
b.Hay alguna version en español del Hijackthis
c.-Te muestro como esta mi pc actualmente han desaparecido el "09"como
te
dars cuenta
Logfile of HijackThis v1.99.1
Scan saved at 6:49:42, on 06/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\WUAUCLT.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar > http://g.msn.com/0SEESUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page > http://latam.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL > http://hp.my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page > http://www.latino.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant > http://resultsmaster.com/SmartOffer...ftPane.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak > http://login.passport.net/uilogin.srf?id=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) -
_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
(no file)
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM
FILES\MSN
APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\PROGRAM
FILES\HBTOOLS\BIN\4.6.2.0\HBTHOSTIE.DLL
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL
O3 - Toolbar: McAfee VirusScan -
{BA52B914-B692-46c4-B683-905236F6F655} -
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM
FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O3 - Toolbar: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} -
C:\PROGRAM
FILES\HBTOOLS\BIN\4.6.2.0\HBTHOSTIE.DLL
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [MCUpdateExe]
C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask]
"C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE"
/checktask
O4 - HKLM\..\Run: [VirusScan Online]
"C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\RunServices: [McVsRte]
C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe
/embedding
O4 - HKLM\..\RunServices: [StillImageMonitor]
C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [*StateMgr]
C:\WINDOWS\System\Restore\StateMgr.exe
O8 - Extra context menu item: Shorten URL -
http://www.cjb.net/menuext.html
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O15 - Trusted Zone: loginnet.passport.net
O15 - Trusted Zone: services.msn.com
O15 - Trusted Zone: hotmail.msn.com
O15 - Trusted Zone: oe.hotmail.com
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: login.passport.net
O15 - Trusted Zone: msnia.passport.net
O15 - Trusted Zone: *.passport.net
O15 - Trusted Zone: loginnet.passport.com
O15 - Trusted Zone: *.passport.com
O15 - Trusted Zone: oe.msn.msnmail.hotmail.com
O15 - Trusted Zone: messenger.hotmail.com
O15 - Trusted Zone: msnialogin.passport.com
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/i...cfscan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/013a10b...xIE601.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
System Class) -
http://download.mcafee.com/molbin/s...insctl.cab
O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver Class) -
http://scpwbc.ops.placeware.com/etc...silver.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
http://viewers.multicastmedia.com/c...rowser.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload
Tool) -
http://sc.groups.msn.com/controls/P...nPUpld.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX
Player) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com
Configuration
Class) - http://help.bellsouth.net/sdccommon...gctlcm.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) -
https://rtc3.webresponse.one.micros...EFlash.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} -
file://c:\counter.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory
Class) - http://www.amiuptodate.com/vsc/bin/...Portal.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload
Control)
- http://sc.groups.msn.com/controls/F...snUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
4.5) -
http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} (lgbplay Class) -
https://video.manheim.com/lib/LiveSound.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) -
http://www.errorguard.com/installation/Install.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) -
http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload
Tool) -
http://groups.msn.com/controls/Phot...nPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v1...b32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr
Class) -
http://download.mcafee.com/molbin/s...cgdmgr.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
http://12.38.199.144/activex/AMC.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) -
http://go.microsoft.com/fwlink/?lin...lcid=0x409
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher
Class)
- http://photos.t1msn.com.mx/resource...gWebX2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/6...dge-c8.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global...OFILER.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client
Control (redist)) - http://www.tecmiami.com/tsweb/msrdp.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -
http://installs.hotbar.com/installs...btools.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
http://www.errornuker.com/products/...taller.exe

"Enrique [MVP Windows]" wrote:

Responder a este mensaje

#7 Enrique [MVP Windows]

08/05/2005 - 19:16 | Informe spam

Bien, pues parece que está bastante limpio.

Inicia el registro de Windows (Inicio > Ejecutar > regedit.exe) y busca
las siguientes claves:

{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
{74CC49F7-EB32-4A08-B204-948962A6E3DB}

Cuando las encuentres, elimínalas y cierra el registro.

Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

"Una de las alegrías de la amistad es saber en quien confiar"

Este mensaje se proporciona "como está" sin garantías de ninguna clase,
y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.
________________________________________________________________________________
"Antonio" escribió en el mensaje
news:
Gracias enrique por tu ayuda profesional:
1.-Te envio mi ultimo logfile para tu comentario final
Logfile of HijackThis v1.99.1
Scan saved at 23:10:52, on 07/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\WUAUCLT.EXE
C:\PROGRAM FILES\WEBCAM\WEBCAM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\ES-MX\MSNAPPAU.EXE
C:\PROGRAM FILES\MSN\MSNCOREFILES\MSN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar http://g.msn.com/0SEESUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page http://latam.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL http://hp.my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page http://www.latino.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant http://resultsmaster.com/SmartOffer...ftPane.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak http://login.passport.net/uilogin.srf?id=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) -
_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
(no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM
FILES\MSN
APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no
file)
O3 - Toolbar: McAfee VirusScan -
{BA52B914-B692-46c4-B683-905236F6F655} -
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM
FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O3 - Toolbar: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no
file)
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [MCUpdateExe]
C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask]
"C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE"
/checktask
O4 - HKLM\..\Run: [VirusScan Online]
"C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [mcupdmgr.exe] C:\PROGRAM
FILES\MCAFEE.COM\AGENT\MCUPDMGR.EXE
O4 - HKLM\..\RunServices: [McVsRte]
C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe
/embedding
O4 - HKLM\..\RunServices: [StillImageMonitor]
C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [*StateMgr]
C:\WINDOWS\System\Restore\StateMgr.exe
O8 - Extra context menu item: Shorten URL -
http://www.cjb.net/menuext.html
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O15 - Trusted Zone: loginnet.passport.net
O15 - Trusted Zone: services.msn.com
O15 - Trusted Zone: hotmail.msn.com
2.- Si me puedes dar algun tip por que no se por que se ha puesto bien
lenta
mi pc
O15 - Trusted Zone: oe.hotmail.com
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: login.passport.net
O15 - Trusted Zone: msnia.passport.net
O15 - Trusted Zone: *.passport.net
O15 - Trusted Zone: loginnet.passport.com
O15 - Trusted Zone: *.passport.com
O15 - Trusted Zone: oe.msn.msnmail.hotmail.com
O15 - Trusted Zone: messenger.hotmail.com
O15 - Trusted Zone: msnialogin.passport.com
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/i...cfscan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/013a10b...xIE601.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
System Class) -
http://download.mcafee.com/molbin/s...insctl.cab
O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver Class) -
http://scpwbc.ops.placeware.com/etc...silver.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
http://viewers.multicastmedia.com/c...rowser.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload
Tool) -
http://sc.groups.msn.com/controls/P...nPUpld.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX
Player) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com
Configuration
Class) - http://help.bellsouth.net/sdccommon...gctlcm.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) -
https://rtc3.webresponse.one.micros...EFlash.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} -
file://c:\counter.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory
Class) - http://www.amiuptodate.com/vsc/bin/...Portal.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload
Control)
- http://sc.groups.msn.com/controls/F...snUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
4.5) -
http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} (lgbplay Class) -
https://video.manheim.com/lib/LiveSound.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) -
http://www.errorguard.com/installation/Install.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) -
http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload
Tool) -
http://groups.msn.com/controls/Phot...nPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v1...b32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr
Class) -
http://download.mcafee.com/molbin/s...cgdmgr.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
http://12.38.199.144/activex/AMC.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) -
http://go.microsoft.com/fwlink/?lin...lcid=0x409
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher
Class)
- http://photos.t1msn.com.mx/resource...gWebX2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/6...dge-c8.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global...OFILER.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client
Control (redist)) - http://www.tecmiami.com/tsweb/msrdp.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -
http://installs.hotbar.com/installs...btools.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
http://www.errornuker.com/products/...taller.exe

Información del sistema
Resumen de la configuración del sistema
==Sistema operativo Windows ME (4.90.1114.3000)
Internet Explorer 6.00.2800.1106
Cliente MSN 9.10.0011.1703
MSN Market es-mx
MSN Brand MSN [MSNI]
MSN SKU MSN Premium
Programa de correo predeterminado MSN Explorer

Cantidad de memoria 383 MB
Espacio libre en disco C: 32,3 GB

Versiones de componentes
==msn.exe 9.10.0011.1703
msnmetal.dll 9.10.0011.1703
msnmtllc.dll 9.10.0011.1703
msdbx.dll 9.10.0011.1703
sqdll.dll 12.2002.1126.0001
update.exe 9.10.0011.1703
shdocvw.dll 6.00.2800.1612
qmgr.dll 5.04.1103.0004
dw15.exe 10.00.4413.0000
msniasvc.exe Desconocido
custdial.dll Desconocido
msninst.exe 9.10.0375.0001
msninst.dll 9.10.0375.0001
msnsign.dll 9.10.0375.0001
market.mar 9.2005.0106.21
Windows Media Player 9.00.0000.2980
MSN Messenger 7.0 7.00.0777.0000
Macromedia Flash 7.00.0019.0000

Controladores de red
==Dial-Up Adapter
pppmac.vxd (4.90.0000.3000)
Dial-Up Adapter
pppmac.vxd (4.90.0000.3000)
Microsoft Virtual Private Networking Adapter
netpptp.sys (4.90.0000.3000)
Microsoft TV/Video Connection (5.3.0000.900)
NdisIP.sys (5.03.0000.0900)
HP EN1207D-TX PCI 10/100 Fast Ethernet Adapter (1.09.0120.2000)
EN1207D.sys (1.09.0120.2000)

Controladores de módem
==Generic SoftK56 Data,Fax PCI Modem (2.14.06.00)

Estado de actualización automática
==Versión anterior: 9.10.0006.2205
Versión siguiente: (ninguna)
Anonio
Miami Florida

"Enrique [MVP Windows]" wrote:

Bueno, vamos a ver,

1.- Panel de control > Opciones de carpeta > Ver > Mostrar todos los
archivos y carpetas ocultos
2.- Se trataba de ejecutar el HijackThis (pulsando en "Do a system
Scan
and save a logfile"), marcar los elementos que te dije, y pulsar en
"Fix
checked", para eliminarlos. Pero en el log que me envías, veo algunas
barras (toolbars) que instalan programas spyware. Yo eliminaría los
elementos siguientes:

O2 BHO Realbar
O2 BHO HbTools
O3 Toolbar Realbar
O3 Toolbar H&otbar

Y además utilizaría Ad-aware SE, para que acabara de hacer una buena
limpieza de programas intrusos

3.- Archivos para eliminar. Busca estos archivos en el disco (Inicio
>
Buscar), y si existen, elimínalos (todos ellos relacionados con el
programa ShopperReports)

ShprRprt.dll
WhiteList.xippersist.dbs
Config.xml
WhiteList.dbs
ag.xml
ag.xml.dbsend.xml
send.xml.dbHeader.xml
Aliases.dbs
Sites.dbs
shprrprt.log
ShprRprt.dll
smrtshpr.dll
persist.dbs
uninst.exe

4.- Lo de la palomita, no sé a qué te refieres. Debes desactivar
Restaurar sistema (en WMe, me imagino que debe estar en Mi PC >
Propiedades > Restaurar sistema > Desactivar restaurar sistema).

Repito lo del Ad-aware-SE. Es muy importante utilizar este programa.
Para prevenir estos problemas, utiliza herramientas antispyware, como
estas:

SpywareBlaster
http://www.javacoolsoftware.com/spy...aster.html

Ad-aware Personal, Ad-aware SE
http://www.lavasoftusa.com

SpyBot Search and Destroy
http://www.safer-networking.org/es/...index.html

CWShredder
http://www.intermute.com/spysubtrac...nload.html

HijackThis
http://www.spychecker.com/program/hijackthis.html

PestPatrol Home Users
http://www.pestpatrol.com/Products/PestPatrolHE/

Y mantén alguna de ellas residente, o sea, siempre activa monitoreando
el sistema. Utiliza un antivirus actualizado y residente también.
Además
es muy importante utilizar un firewall. HijackThis, que yo sepa, sólo
está en inglés, pero no ofrece ningún problema para su uso.

Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

"Una de las alegrías de la amistad es saber en quien confiar"

Este mensaje se proporciona "como está" sin garantías de ninguna
clase,
y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.
________________________________________________________________________________
"Antonio" escribió en el mensaje
news:
Estimado enrique si me puedes detallar lo siguente y mil gracias por
tu
ayuda
comprende que yo no soy un profesional en informatica sino un
aficionado
con
problemas de conocimientos :

1.Haz visible todos los archivos y carpetas ,desde panel de control
????
2.-Haz un Scan y luego fix a los siguentes elementos'???
3.-Busca estos archivos y los eliminas ???????
4.-Hago la palomita a restaurar sistema
Nota:
a.-Que medidas tomo para prevenir estos problemas
b.Hay alguna version en español del Hijackthis
c.-Te muestro como esta mi pc actualmente han desaparecido el "09"como
te
dars cuenta
Logfile of HijackThis v1.99.1
Scan saved at 6:49:42, on 06/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\WUAUCLT.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar > http://g.msn.com/0SEESUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page > http://latam.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL > http://hp.my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page > http://www.latino.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant
> http://resultsmaster.com/SmartOffer...ftPane.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak > http://login.passport.net/uilogin.srf?id=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) -
_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
(no file)
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM
FILES\MSN
APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} -
C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} -
C:\PROGRAM
FILES\HBTOOLS\BIN\4.6.2.0\HBTHOSTIE.DLL
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL
O3 - Toolbar: McAfee VirusScan -
{BA52B914-B692-46c4-B683-905236F6F655} -
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM
FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O3 - Toolbar: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} -
C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} -
C:\PROGRAM
FILES\HBTOOLS\BIN\4.6.2.0\HBTHOSTIE.DLL
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [MCUpdateExe]
C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCAgentExe]
C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask]
"C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE"
/checktask
O4 - HKLM\..\Run: [VirusScan Online]
"C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\RunServices: [McVsRte]
C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe
/embedding
O4 - HKLM\..\RunServices: [StillImageMonitor]
C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [*StateMgr]
C:\WINDOWS\System\Restore\StateMgr.exe
O8 - Extra context menu item: Shorten URL -
http://www.cjb.net/menuext.html
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O15 - Trusted Zone: loginnet.passport.net
O15 - Trusted Zone: services.msn.com
O15 - Trusted Zone: hotmail.msn.com
O15 - Trusted Zone: oe.hotmail.com
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: login.passport.net
O15 - Trusted Zone: msnia.passport.net
O15 - Trusted Zone: *.passport.net
O15 - Trusted Zone: loginnet.passport.com
O15 - Trusted Zone: *.passport.com
O15 - Trusted Zone: oe.msn.msnmail.hotmail.com
O15 - Trusted Zone: messenger.hotmail.com
O15 - Trusted Zone: msnialogin.passport.com
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/i...cfscan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/013a10b...xIE601.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com
Operating
System Class) -
http://download.mcafee.com/molbin/s...insctl.cab
O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver
Class) -
http://scpwbc.ops.placeware.com/etc...silver.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
http://viewers.multicastmedia.com/c...rowser.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload
Tool) -
http://sc.groups.msn.com/controls/P...nPUpld.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX
Player) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com
Configuration
Class) - http://help.bellsouth.net/sdccommon...gctlcm.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj
Class) -
https://rtc3.webresponse.one.micros...EFlash.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} -
file://c:\counter.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B}
(McUpdatePortalFactory
Class) - http://www.amiuptodate.com/vsc/bin/...Portal.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload
Control)
- http://sc.groups.msn.com/controls/F...snUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
4.5) -
http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} (lgbplay Class) -
https://video.manheim.com/lib/LiveSound.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) -
http://www.errorguard.com/installation/Install.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money
Charting) -
http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload
Tool) -
http://groups.msn.com/controls/Phot...nPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v1...b32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr
Class) -
http://download.mcafee.com/molbin/s...cgdmgr.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
http://12.38.199.144/activex/AMC.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) -
http://go.microsoft.com/fwlink/?lin...lcid=0x409
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher
Class)
- http://photos.t1msn.com.mx/resource...gWebX2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/6...dge-c8.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global...OFILER.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP
Client
Control (redist)) - http://www.tecmiami.com/tsweb/msrdp.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -
http://installs.hotbar.com/installs...btools.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
http://www.errornuker.com/products/...taller.exe

"Enrique [MVP Windows]" wrote:

Responder a este mensaje

#8 Antonio

09/05/2005 - 13:51 | Informe spam

Estimado Enrique:
Te quiero agradecer si me puedes ayudar como puedo buscar estos registros
por que me salen varias llaves y no se por donde empesar
1.-Inicia el registro de Windows (Inicio > Ejecutar > regedit.exe) y busca
las siguientes claves:

{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
{74CC49F7-EB32-4A08-B204-948962A6E3DB}
2.- Por momentos no se por que se queda congelado la pc pero luego se pone
normal
Parece que todo esta normal solo me falta lo que te he enumerado
Mil gracias por tu atencion
Antonio
Mimai Florida

"Enrique [MVP Windows]" wrote:

Bien, pues parece que está bastante limpio.

Inicia el registro de Windows (Inicio > Ejecutar > regedit.exe) y busca
las siguientes claves:

{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
{74CC49F7-EB32-4A08-B204-948962A6E3DB}

Cuando las encuentres, elimínalas y cierra el registro.

Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

"Una de las alegrías de la amistad es saber en quien confiar"

Este mensaje se proporciona "como está" sin garantías de ninguna clase,
y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.
________________________________________________________________________________
"Antonio" escribió en el mensaje
news:
Gracias enrique por tu ayuda profesional:
1.-Te envio mi ultimo logfile para tu comentario final
Logfile of HijackThis v1.99.1
Scan saved at 23:10:52, on 07/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\WUAUCLT.EXE
C:\PROGRAM FILES\WEBCAM\WEBCAM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\ES-MX\MSNAPPAU.EXE
C:\PROGRAM FILES\MSN\MSNCOREFILES\MSN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar > http://g.msn.com/0SEESUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page > http://latam.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL > http://hp.my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page > http://www.latino.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant > http://resultsmaster.com/SmartOffer...ftPane.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak > http://login.passport.net/uilogin.srf?id=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) -
_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
(no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM
FILES\MSN
APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no
file)
O3 - Toolbar: McAfee VirusScan -
{BA52B914-B692-46c4-B683-905236F6F655} -
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM
FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O3 - Toolbar: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no
file)
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [MCUpdateExe]
C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask]
"C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE"
/checktask
O4 - HKLM\..\Run: [VirusScan Online]
"C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [mcupdmgr.exe] C:\PROGRAM
FILES\MCAFEE.COM\AGENT\MCUPDMGR.EXE
O4 - HKLM\..\RunServices: [McVsRte]
C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe
/embedding
O4 - HKLM\..\RunServices: [StillImageMonitor]
C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [*StateMgr]
C:\WINDOWS\System\Restore\StateMgr.exe
O8 - Extra context menu item: Shorten URL -
http://www.cjb.net/menuext.html
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O15 - Trusted Zone: loginnet.passport.net
O15 - Trusted Zone: services.msn.com
O15 - Trusted Zone: hotmail.msn.com
2.- Si me puedes dar algun tip por que no se por que se ha puesto bien
lenta
mi pc
O15 - Trusted Zone: oe.hotmail.com
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: login.passport.net
O15 - Trusted Zone: msnia.passport.net
O15 - Trusted Zone: *.passport.net
O15 - Trusted Zone: loginnet.passport.com
O15 - Trusted Zone: *.passport.com
O15 - Trusted Zone: oe.msn.msnmail.hotmail.com
O15 - Trusted Zone: messenger.hotmail.com
O15 - Trusted Zone: msnialogin.passport.com
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/i...cfscan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/013a10b...xIE601.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
System Class) -
http://download.mcafee.com/molbin/s...insctl.cab
O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver Class) -
http://scpwbc.ops.placeware.com/etc...silver.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
http://viewers.multicastmedia.com/c...rowser.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload
Tool) -
http://sc.groups.msn.com/controls/P...nPUpld.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX
Player) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com
Configuration
Class) - http://help.bellsouth.net/sdccommon...gctlcm.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) -
https://rtc3.webresponse.one.micros...EFlash.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} -
file://c:\counter.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory
Class) - http://www.amiuptodate.com/vsc/bin/...Portal.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload
Control)
- http://sc.groups.msn.com/controls/F...snUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
4.5) -
http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} (lgbplay Class) -
https://video.manheim.com/lib/LiveSound.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) -
http://www.errorguard.com/installation/Install.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) -
http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload
Tool) -
http://groups.msn.com/controls/Phot...nPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v1...b32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr
Class) -
http://download.mcafee.com/molbin/s...cgdmgr.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
http://12.38.199.144/activex/AMC.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) -
http://go.microsoft.com/fwlink/?lin...lcid=0x409
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher
Class)
- http://photos.t1msn.com.mx/resource...gWebX2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/6...dge-c8.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global...OFILER.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client
Control (redist)) - http://www.tecmiami.com/tsweb/msrdp.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -
http://installs.hotbar.com/installs...btools.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
http://www.errornuker.com/products/...taller.exe

Información del sistema
Resumen de la configuración del sistema
==> Sistema operativo Windows ME (4.90.1114.3000)
Internet Explorer 6.00.2800.1106
Cliente MSN 9.10.0011.1703
MSN Market es-mx
MSN Brand MSN [MSNI]
MSN SKU MSN Premium
Programa de correo predeterminado MSN Explorer

Cantidad de memoria 383 MB
Espacio libre en disco C: 32,3 GB

Versiones de componentes
==> msn.exe 9.10.0011.1703
msnmetal.dll 9.10.0011.1703
msnmtllc.dll 9.10.0011.1703
msdbx.dll 9.10.0011.1703
sqdll.dll 12.2002.1126.0001
update.exe 9.10.0011.1703
shdocvw.dll 6.00.2800.1612
qmgr.dll 5.04.1103.0004
dw15.exe 10.00.4413.0000
msniasvc.exe Desconocido
custdial.dll Desconocido
msninst.exe 9.10.0375.0001
msninst.dll 9.10.0375.0001
msnsign.dll 9.10.0375.0001
market.mar 9.2005.0106.21
Windows Media Player 9.00.0000.2980
MSN Messenger 7.0 7.00.0777.0000
Macromedia Flash 7.00.0019.0000

Controladores de red
==> Dial-Up Adapter
pppmac.vxd (4.90.0000.3000)
Dial-Up Adapter
pppmac.vxd (4.90.0000.3000)
Microsoft Virtual Private Networking Adapter
netpptp.sys (4.90.0000.3000)
Microsoft TV/Video Connection (5.3.0000.900)
NdisIP.sys (5.03.0000.0900)
HP EN1207D-TX PCI 10/100 Fast Ethernet Adapter (1.09.0120.2000)
EN1207D.sys (1.09.0120.2000)

Controladores de módem
==> Generic SoftK56 Data,Fax PCI Modem (2.14.06.00)

Estado de actualización automática
==> Versión anterior: 9.10.0006.2205
Versión siguiente: (ninguna)
Anonio
Miami Florida

"Enrique [MVP Windows]" wrote:

> Bueno, vamos a ver,
>
> 1.- Panel de control > Opciones de carpeta > Ver > Mostrar todos los

Responder a este mensaje

#9 Enrique [MVP Windows]

10/05/2005 - 01:46 | Informe spam

Esas claves corresponden a barras de herramientas, o elementos de
barras, que parece se han eliminado, pero continuan las claves en el
registro. En lugar de utilizar el registro, que es un poco lioso y
peligroso, mejor que hagas lo siguiente:

Inicia el sistema en modo seguro, ejecuta HijackThis, y busca estos dos
elementos:

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no
file)
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no
file)

Los marcas, y pulsa en "Fix Checked". HijackThis te preguntará si
confirmas remover esos objetos. Presiona "Yes" y ya está. Inicia en modo
normal.

Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

"Una de las alegrías de la amistad es saber en quien confiar"

Este mensaje se proporciona "como está" sin garantías de ninguna clase,
y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.
________________________________________________________________________________
"Antonio" escribió en el mensaje
news:
Estimado Enrique:
Te quiero agradecer si me puedes ayudar como puedo buscar estos
registros
por que me salen varias llaves y no se por donde empesar
1.-Inicia el registro de Windows (Inicio > Ejecutar > regedit.exe) y
busca
las siguientes claves:

{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
{74CC49F7-EB32-4A08-B204-948962A6E3DB}
2.- Por momentos no se por que se queda congelado la pc pero luego se
pone
normal
Parece que todo esta normal solo me falta lo que te he enumerado
Mil gracias por tu atencion
Antonio
Mimai Florida

"Enrique [MVP Windows]" wrote:

Bien, pues parece que está bastante limpio.

Inicia el registro de Windows (Inicio > Ejecutar > regedit.exe) y
busca
las siguientes claves:

{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
{74CC49F7-EB32-4A08-B204-948962A6E3DB}

Cuando las encuentres, elimínalas y cierra el registro.

Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

"Una de las alegrías de la amistad es saber en quien confiar"

Este mensaje se proporciona "como está" sin garantías de ninguna
clase,
y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.
________________________________________________________________________________
"Antonio" escribió en el mensaje
news:
Gracias enrique por tu ayuda profesional:
1.-Te envio mi ultimo logfile para tu comentario final
Logfile of HijackThis v1.99.1
Scan saved at 23:10:52, on 07/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\WUAUCLT.EXE
C:\PROGRAM FILES\WEBCAM\WEBCAM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\ES-MX\MSNAPPAU.EXE
C:\PROGRAM FILES\MSN\MSNCOREFILES\MSN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar > http://g.msn.com/0SEESUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page > http://latam.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL > http://hp.my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page > http://www.latino.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant
> http://resultsmaster.com/SmartOffer...ftPane.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak > http://login.passport.net/uilogin.srf?id=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) -
_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
(no file)
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM
FILES\MSN
APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} -
C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no
file)
O3 - Toolbar: McAfee VirusScan -
{BA52B914-B692-46c4-B683-905236F6F655} -
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM
FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O3 - Toolbar: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} -
C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
(file
missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no
file)
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [MCUpdateExe]
C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCAgentExe]
C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask]
"C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE"
/checktask
O4 - HKLM\..\Run: [VirusScan Online]
"C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [mcupdmgr.exe] C:\PROGRAM
FILES\MCAFEE.COM\AGENT\MCUPDMGR.EXE
O4 - HKLM\..\RunServices: [McVsRte]
C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe
/embedding
O4 - HKLM\..\RunServices: [StillImageMonitor]
C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [*StateMgr]
C:\WINDOWS\System\Restore\StateMgr.exe
O8 - Extra context menu item: Shorten URL -
http://www.cjb.net/menuext.html
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O15 - Trusted Zone: loginnet.passport.net
O15 - Trusted Zone: services.msn.com
O15 - Trusted Zone: hotmail.msn.com
2.- Si me puedes dar algun tip por que no se por que se ha puesto bien
lenta
mi pc
O15 - Trusted Zone: oe.hotmail.com
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: login.passport.net
O15 - Trusted Zone: msnia.passport.net
O15 - Trusted Zone: *.passport.net
O15 - Trusted Zone: loginnet.passport.com
O15 - Trusted Zone: *.passport.com
O15 - Trusted Zone: oe.msn.msnmail.hotmail.com
O15 - Trusted Zone: messenger.hotmail.com
O15 - Trusted Zone: msnialogin.passport.com
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/i...cfscan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/013a10b...xIE601.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com
Operating
System Class) -
http://download.mcafee.com/molbin/s...insctl.cab
O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver
Class) -
http://scpwbc.ops.placeware.com/etc...silver.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
http://viewers.multicastmedia.com/c...rowser.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload
Tool) -
http://sc.groups.msn.com/controls/P...nPUpld.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX
Player) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com
Configuration
Class) - http://help.bellsouth.net/sdccommon...gctlcm.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj
Class) -
https://rtc3.webresponse.one.micros...EFlash.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} -
file://c:\counter.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B}
(McUpdatePortalFactory
Class) - http://www.amiuptodate.com/vsc/bin/...Portal.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload
Control)
- http://sc.groups.msn.com/controls/F...snUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
4.5) -
http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} (lgbplay Class) -
https://video.manheim.com/lib/LiveSound.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) -
http://www.errorguard.com/installation/Install.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money
Charting) -
http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload
Tool) -
http://groups.msn.com/controls/Phot...nPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v1...b32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr
Class) -
http://download.mcafee.com/molbin/s...cgdmgr.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
http://12.38.199.144/activex/AMC.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) -
http://go.microsoft.com/fwlink/?lin...lcid=0x409
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher
Class)
- http://photos.t1msn.com.mx/resource...gWebX2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/6...dge-c8.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global...OFILER.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP
Client
Control (redist)) - http://www.tecmiami.com/tsweb/msrdp.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -
http://installs.hotbar.com/installs...btools.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
http://www.errornuker.com/products/...taller.exe

Información del sistema
Resumen de la configuración del sistema
==> Sistema operativo Windows ME (4.90.1114.3000)
Internet Explorer 6.00.2800.1106
Cliente MSN 9.10.0011.1703
MSN Market es-mx
MSN Brand MSN [MSNI]
MSN SKU MSN Premium
Programa de correo predeterminado MSN Explorer

Cantidad de memoria 383 MB
Espacio libre en disco C: 32,3 GB

Versiones de componentes
==> msn.exe 9.10.0011.1703
msnmetal.dll 9.10.0011.1703
msnmtllc.dll 9.10.0011.1703
msdbx.dll 9.10.0011.1703
sqdll.dll 12.2002.1126.0001
update.exe 9.10.0011.1703
shdocvw.dll 6.00.2800.1612
qmgr.dll 5.04.1103.0004
dw15.exe 10.00.4413.0000
msniasvc.exe Desconocido
custdial.dll Desconocido
msninst.exe 9.10.0375.0001
msninst.dll 9.10.0375.0001
msnsign.dll 9.10.0375.0001
market.mar 9.2005.0106.21
Windows Media Player 9.00.0000.2980
MSN Messenger 7.0 7.00.0777.0000
Macromedia Flash 7.00.0019.0000

Controladores de red
==> Dial-Up Adapter
pppmac.vxd (4.90.0000.3000)
Dial-Up Adapter
pppmac.vxd (4.90.0000.3000)
Microsoft Virtual Private Networking Adapter
netpptp.sys (4.90.0000.3000)
Microsoft TV/Video Connection (5.3.0000.900)
NdisIP.sys (5.03.0000.0900)
HP EN1207D-TX PCI 10/100 Fast Ethernet Adapter (1.09.0120.2000)
EN1207D.sys (1.09.0120.2000)

Controladores de módem
==> Generic SoftK56 Data,Fax PCI Modem (2.14.06.00)

Estado de actualización automática
==> Versión anterior: 9.10.0006.2205
Versión siguiente: (ninguna)
Anonio
Miami Florida

"Enrique [MVP Windows]" wrote:

> Bueno, vamos a ver,
>
> 1.- Panel de control > Opciones de carpeta > Ver > Mostrar todos
> los

Responder a este mensaje

#10 Antonio

10/05/2005 - 04:36 | Informe spam

Enrique mil gracias por tu atencion:
1.-no te olvides de darme algun alcanse de por que por momentos se congela
la pc
2.-Te envio el ultimo LOG
Logfile of HijackThis v1.99.1
Scan saved at 22:30:49, on 09/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\WUAUCLT.EXE
C:\PROGRAM FILES\MSN\MSNCOREFILES\MSN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE
C:\PROGRAM FILES\WEBCAM\WEBCAM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.com/0SEESUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://latam.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://hp.my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.latino.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://resultsmaster.com/SmartOffer...ftPane.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://login.passport.net/uilogin.srf?id=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
(no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN
APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL (file
missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM
FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
O3 - Toolbar: Barra de Herramientas MSDN -
{4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} - C:\WINDOWS\DOWNLO~1\BHMSDN.DLL (file
missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE"
/checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [mcupdmgr.exe] C:\PROGRAM
FILES\MCAFEE.COM\AGENT\MCUPDMGR.EXE
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe
/embedding
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O15 - Trusted Zone: loginnet.passport.net
O15 - Trusted Zone: services.msn.com
O15 - Trusted Zone: hotmail.msn.com
O15 - Trusted Zone: oe.hotmail.com
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: login.passport.net
O15 - Trusted Zone: msnia.passport.net
O15 - Trusted Zone: *.passport.net
O15 - Trusted Zone: loginnet.passport.com
O15 - Trusted Zone: *.passport.com
O15 - Trusted Zone: oe.msn.msnmail.hotmail.com
O15 - Trusted Zone: messenger.hotmail.com
O15 - Trusted Zone: msnialogin.passport.com
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/i...cfscan.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/013a10b...xIE601.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
System Class) -
http://download.mcafee.com/molbin/s...insctl.cab
O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver Class) -
http://scpwbc.ops.placeware.com/etc...silver.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
http://viewers.multicastmedia.com/c...rowser.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/P...nPUpld.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration
Class) - http://help.bellsouth.net/sdccommon...gctlcm.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) -
https://rtc3.webresponse.one.micros...EFlash.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory
Class) - http://www.amiuptodate.com/vsc/bin/...Portal.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control)
- http://sc.groups.msn.com/controls/F...snUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} (lgbplay Class) -
https://video.manheim.com/lib/LiveSound.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) -
http://www.errorguard.com/installation/Install.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) -
http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binar...b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://groups.msn.com/controls/Phot...nPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v1...b32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/s...cgdmgr.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
http://12.38.199.144/activex/AMC.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?lin...lcid=0x409
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class)
- http://photos.t1msn.com.mx/resource...gWebX2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/m...loader.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/6...dge-c8.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global...OFILER.CAB
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client
Control (redist)) - http://www.tecmiami.com/tsweb/msrdp.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -
http://installs.hotbar.com/installs...btools.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
http://www.errornuker.com/products/...taller.exe

"Enrique [MVP Windows]" wrote:

Esas claves corresponden a barras de herramientas, o elementos de
barras, que parece se han eliminado, pero continuan las claves en el
registro. En lugar de utilizar el registro, que es un poco lioso y
peligroso, mejor que hagas lo siguiente:

Inicia el sistema en modo seguro, ejecuta HijackThis, y busca estos dos
elementos:

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no
file)
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no
file)

Los marcas, y pulsa en "Fix Checked". HijackThis te preguntará si
confirmas remover esos objetos. Presiona "Yes" y ya está. Inicia en modo
normal.

Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

"Una de las alegrías de la amistad es saber en quien confiar"

Este mensaje se proporciona "como está" sin garantías de ninguna clase,
y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.
________________________________________________________________________________
"Antonio" escribió en el mensaje
news:
Estimado Enrique:
Te quiero agradecer si me puedes ayudar como puedo buscar estos
registros
por que me salen varias llaves y no se por donde empesar
1.-Inicia el registro de Windows (Inicio > Ejecutar > regedit.exe) y
busca
las siguientes claves:

{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
{74CC49F7-EB32-4A08-B204-948962A6E3DB}
2.- Por momentos no se por que se queda congelado la pc pero luego se
pone
normal
Parece que todo esta normal solo me falta lo que te he enumerado
Mil gracias por tu atencion
Antonio
Mimai Florida

"Enrique [MVP Windows]" wrote:

> Bien, pues parece que está bastante limpio.
>
> Inicia el registro de Windows (Inicio > Ejecutar > regedit.exe) y
> busca
> las siguientes claves:
>
> {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
> {74CC49F7-EB32-4A08-B204-948962A6E3DB}
>
> Cuando las encuentres, elimínalas y cierra el registro.
>
>
>
> Saludos,
> Enrique Cortés
> Microsoft MVP - Windows - IE/OE
> (quita la Z)
>
> "Una de las alegrías de la amistad es saber en quien confiar"
>
> Este mensaje se proporciona "como está" sin garantías de ninguna
> clase,
> y no otorga ningún derecho.
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> ________________________________________________________________________________
> "Antonio" escribió en el mensaje
> news:
> Gracias enrique por tu ayuda profesional:
> 1.-Te envio mi ultimo logfile para tu comentario final
> Logfile of HijackThis v1.99.1
> Scan saved at 23:10:52, on 07/05/2005
> Platform: Windows ME (Win9x 4.90.3000)
> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
> Running processes:
> C:\WINDOWS\SYSTEM\KERNEL32.DLL
> C:\WINDOWS\SYSTEM\MSGSRV32.EXE
> C:\WINDOWS\SYSTEM\SPOOL32.EXE
> C:\WINDOWS\SYSTEM\MPREXE.EXE
> C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
> C:\WINDOWS\SYSTEM\STIMON.EXE
> C:\WINDOWS\SYSTEM\mmtask.tsk
> C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
> C:\WINDOWS\EXPLORER.EXE
> C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
> C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
> C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
> C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
> C:\WINDOWS\SYSTEM\MSTASK.EXE
> C:\WINDOWS\SYSTEM\LVCOMSX.EXE
> C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE
> C:\WINDOWS\SYSTEM\SYSTRAY.EXE
> C:\WINDOWS\TASKMON.EXE
> C:\WINDOWS\SYSTEM\WMIEXE.EXE
> C:\PROGRAM FILES\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
> C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
> C:\WINDOWS\WUAUCLT.EXE
> C:\PROGRAM FILES\WEBCAM\WEBCAM.EXE
> C:\WINDOWS\RUNDLL32.EXE
> C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\ES-MX\MSNAPPAU.EXE
> C:\PROGRAM FILES\MSN\MSNCOREFILES\MSN.EXE
> C:\WINDOWS\SYSTEM\PSTORES.EXE
> C:\WINDOWS\SYSTEM\DDHELP.EXE
> C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
> C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE
> C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
> C:\WINDOWS\TEMP\HIJACKTHIS.EXE
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar > > http://g.msn.com/0SEESUS/SAOS01
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page > > http://latam.msn.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL > > http://hp.my.yahoo.com
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page > > http://www.latino.msn.com/
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant
> > > http://resultsmaster.com/SmartOffer...ftPane.htm
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak > > http://login.passport.net/uilogin.srf?id=2
> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
> Settings,ProxyOverride = localhost
> R3 - URLSearchHook: (no name) -
> _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -
> (no file)
> O2 - BHO: AcroIEHlprObj Class -
> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
> C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
> O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
> C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
> O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM
> FILES\MSN
> APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
> O2 - BHO: Barra de Herramientas MSDN -
> {4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} -
> C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
> (file
> missing)
> O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no
> file)
> O3 - Toolbar: McAfee VirusScan -
> {BA52B914-B692-46c4-B683-905236F6F655} -
> C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
> O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
> C:\PROGRAM
> FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-US\MSNTB.DLL
> O3 - Toolbar: Barra de Herramientas MSDN -
> {4E7BD74F-2B8D-469E-DCFA-EC61BC97FA7D} -
> C:\WINDOWS\DOWNLO~1\BHMSDN.DLL
> (file
> missing)
> O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
> C:\WINDOWS\SYSTEM\MSDXM.OCX
> O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no
> file)
> O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
> O4 - HKLM\..\Run: [MCUpdateExe]
> C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
> O4 - HKLM\..\Run: [MCAgentExe]
> C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
> O4 - HKLM\..\Run: [VSOCheckTask]
> "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE"
> /checktask
> O4 - HKLM\..\Run: [VirusScan Online]
> "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
> O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
> Files\Logitech\Video\ISStart.exe
> O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
> O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
> Files\Logitech\Video\LogiTray.exe
> O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
> O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
> powrprof.dll,LoadCurrentPwrScheme
> O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
> O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
> O4 - HKLM\..\Run: [mcupdmgr.exe] C:\PROGRAM
> FILES\MCAFEE.COM\AGENT\MCUPDMGR.EXE
> O4 - HKLM\..\RunServices: [McVsRte]
> C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe
> /embedding
> O4 - HKLM\..\RunServices: [StillImageMonitor]
> C:\WINDOWS\SYSTEM\STIMON.EXE
> O4 - HKLM\..\RunServices: [*StateMgr]
> C:\WINDOWS\System\Restore\StateMgr.exe
> O8 - Extra context menu item: Shorten URL -
> http://www.cjb.net/menuext.html
> O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
> O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
> O15 - Trusted Zone: loginnet.passport.net
> O15 - Trusted Zone: services.msn.com
> O15 - Trusted Zone: hotmail.msn.com
> 2.- Si me puedes dar algun tip por que no se por que se ha puesto bien
> lenta
> mi pc
> O15 - Trusted Zone: oe.hotmail.com
> O15 - Trusted Zone: *.hotmail.com
> O15 - Trusted Zone: login.passport.net
> O15 - Trusted Zone: msnia.passport.net
> O15 - Trusted Zone: *.passport.net
> O15 - Trusted Zone: loginnet.passport.com
> O15 - Trusted Zone: *.passport.com
> O15 - Trusted Zone: oe.msn.msnmail.hotmail.com
> O15 - Trusted Zone: messenger.hotmail.com
> O15 - Trusted Zone: msnialogin.passport.com
> O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
> http://download.mcafee.com/molbin/i...cfscan.cab
> O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
> http://software-dl.real.com/013a10b...xIE601.cab
> O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com
> Operating
> System Class) -
> http://download.mcafee.com/molbin/s...insctl.cab
> O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver
> Class) -
> http://scpwbc.ops.placeware.com/etc...silver.cab
> O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
> http://viewers.multicastmedia.com/c...rowser.CAB
> O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload
> Tool) -
> http://sc.groups.msn.com/controls/P...nPUpld.cab
> O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX
> Player) -
> http://www.cult3d.com/download/cult.cab
> O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com
> Configuration
> Class) - http://help.bellsouth.net/sdccommon...gctlcm.cab
> O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj
> Class) -
> https://rtc3.webresponse.one.micros...EFlash.CAB
> O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
> http://fdl.msn.com/public/investor/v13/ticker.cab
> O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} -
> file://c:\counter.cab
> O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B}
> (McUpdatePortalFactory
> Class) - http://www.amiuptodate.com/vsc/bin/...Portal.cab
> O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
> (MessengerStatsClient
> Class) -
> http://messenger.zone.msn.com/binar...b31267.cab
> O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload
> Control)
> - http://sc.groups.msn.com/controls/F...snUpld.cab
> O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
> 4.5) -
> http://chat.msn.com/controls/msnchat45.cab
> O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} (lgbplay Class) -
> https://video.manheim.com/lib/LiveSound.dll
> O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) -
> http://www.errorguard.com/installation/Install.cab
> O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money
> Charting) -
> http://moneycentral.msn.com/cabs/pmupdate2.exe
> O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
> http://messenger.zone.msn.com/binar...b31267.cab
> O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload
> Tool) -
> http://groups.msn.com/controls/Phot...nPUpld.cab
> O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
> http://zone.msn.com/binFramework/v1...b32846.cab
> O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr
> Class) -
> http://download.mcafee.com/molbin/s...cgdmgr.cab
> O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
> http://12.38.199.144/activex/AMC.cab
> O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
> Advantage
> Validation Tool) -
> http://go.microsoft.com/fwlink/?lin...lcid=0x409
> O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher
> Class)
> - http://photos.t1msn.com.mx/resource...gWebX2.cab
> O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
> (MsnMessengerSetupDownloadControl Class) -
> http://messenger.msn.com/download/m...loader.cab
> O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
> http://static.windupdates.com/cab/6...dge-c8.cab
> O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
> http://support.euro.dell.com/global...OFILER.CAB
> O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP
> Client
> Control (redist)) - http://www.tecmiami.com/tsweb/msrdp.cab

Siga el debate Respuesta

Responder a este mensaje

Ads by Google

Hacer una pregunta

Tengo una respuesta

1 2

Busqueda sugerida