Utilizamos Cookies de terceros para generar estadísticas de audiencia y mostrar publicidad personalizada analizando tu navegación. Si sigues navegando estarás aceptando su uso. Más información

›

Foro Virus

Desvío de páginas

tordanxa

2007-01-12 18:00 - Respuestas: 16 - Tema nº: 2430927

Vuelve a poner el log del hijackthis

saludos

Posibles soluciones:


	Desvío de páginas

	Desvio de paginas de internet

	Desvio de llamadas

	Desvio de llamadas

	Desvio de llamadas de bb

jor2404

Re: Desvío de páginas - 2007-01-13 00:21 - Respuesta 12

he borrado el paltalk y he hecho otro análisis con hijackthis, todavía sigue mandéndome a otras páginas cuando búsquedas en google aunq ahora menos veces y las páginas siempre están relacionadas con la búsqueda, aquí está el log del último hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 0:19:14, on 13/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\UpdDlg.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\eMule++\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Jorge\Local Settings\Temporary Internet Files\Content.IE5\IRCJMHKB\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe"
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://descargaseguridad.telefonica.terra.es/TC/ESP/VS40/bin/myCioAgt.20060622095000.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DC02FB1-089D-4C02-B54D-698135D106FA}: NameServer = 85.255.116.77,85.255.112.212
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB0BB0C9-40AE-43D0-ADA0-6968DCE29BE4}: NameServer = 85.255.116.77,85.255.112.212
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.77 85.255.112.212
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.77 85.255.112.212
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.77 85.255.112.212
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.0.0.358.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: McAfee Total Protection Agent Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

tordanxa

Re: Desvío de páginas - 2007-01-13 09:53 - Respuesta 13

No se ve nada en el log. Pasa estos online con funciones de red y pegas los informes:

scan online spysweeper
Panda Activescan

saludos

jor2404

Re: Desvío de páginas - 2007-01-13 12:28 - Respuesta 14

Aquí está el log del spy Sweeper, sólo instalé la función de spyware por miedo a que al instalar antivirus entrara en conflicto con mcaffe.
12:17: Traces Found: 3
12:17: Custom Sweep has completed. Elapsed time 00:08:22
12:17: File Sweep Complete, Elapsed Time: 00:07:36
12:17: Warning: Failed to access drive Z:
12:17: Warning: Failed to access drive J:
12:17: Warning: Failed to access drive I:
12:17: Warning: Failed to access drive H:
12:17: Warning: Failed to access drive G:
12:17: Warning: Failed to access drive F:
12:17: Warning: Failed to access drive E:
12:09: Starting File Sweep
12:09: Cookie Sweep Complete, Elapsed Time: 00:00:00
12:09: jorge@-.touchclarity[1].txt (ID = 3566)
12:09: Found Spy Cookie: touchclarity cookie
12:09: jorge@m.webtrends[2].txt (ID = 3669)
12:09: Found Spy Cookie: webtrends cookie
12:09: Starting Cookie Sweep
12:09: Registry Sweep Complete, Elapsed Time:00:00:12
12:09: HKLM\software\classes\txtfile\shellex\contextmenuhandlers\ (ID = 1647324)
12:09: Found Adware: cydoor
12:09: Starting Registry Sweep
12:09: Memory Sweep Complete, Elapsed Time: 00:00:32
12:09: Starting Memory Sweep
12:09: Warning: Files are not scanned for viruses because AV engine failed to load.
12:09: Sweep initiated using definitions version 816
12:09: Spy Sweeper 5.2.3.2138 started
12:09: | Start of Session, sábado, 13 de enero de 2007 |
********
12:09: | End of Session, sábado, 13 de enero de 2007 |
12:08: Program Version 5.2.3.2138 Using Spyware Definitions 816
12:08: Warning: Virus definitions files are invalid, please update your virus definitions. 220
12:08: Spy Sweeper 5.2.3.2138 started
12:08: | Start of Session, sábado, 13 de enero de 2007 |
********

jor2404

Re: Desvío de páginas - 2007-01-13 13:39 - Respuesta 15

aqí está el log del activescan de panda:

Incidencia Estado Elemento

Spyware:Cookie/fe.lea.lycos No desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@fe.lea.lycos[1].txt
Spyware:Cookie/onestat.com No desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@stat.onestat[2].txt

Página:

Anterior

Siguiente

Respuestas relacionadas:


	Desvio de llamadas	Foro

	Desvio sonido altavoces	Foro

	Desvio blackberry 8520 a un num extranjero	Foro

	Desvio de llamadas condicional activado	Foro

	Desvio de llamadas condicional y voz activa	Foro

	Desvio de llamadas en nokia 5130	Foro

	Quitar desvio correo electronico	Foro

	Como quito desvio de llamada en el blackberry 8100	Foro

	Necesito ayuda para desactivar desvio de llamadas	Foro

	Como desvio correos de una cuenta de outlook a yahoo	Foro

Inicio	Secciones
^ Subir	Aviso legal
Política Privacidad
Configurarequipos	22 Noviembre 2024