Options
Home search assistent - Pichel
Hi everybody, I hope you can help me with this.
Home search assistent, shopping wizard and search extended are in my computer and I don't know what to do.
I've already ran Spybot, ad-aware SE and CWShredder and they couldn't fix it.
Please help me
This is HJT log:
Logfile of HijackThis v1.98.2
Scan saved at 10:59:50 a.m., on 26/11/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\VENTANA\SYSTEM\KERNEL32.DLL
C:\VENTANA\SYSTEM\MSGSRV32.EXE
C:\VENTANA\SYSTEM\SPOOL32.EXE
C:\VENTANA\SYSTEM\MPREXE.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\VENTANA\SYSTEM\MSTASK.EXE
C:\ARCHIVOS DE PROGRAMA\ESET\NOD32KRN.EXE
C:\VENTANA\SYSTEM\mmtask.tsk
C:\VENTANA\SYSTEM\MSRI32.EXE
C:\VENTANA\SYSTEM\SDKDH32.EXE
C:\VENTANA\D3SL.EXE
C:\VENTANA\CRHY32.EXE
C:\VENTANA\SYSTEM\ADDQO32.EXE
C:\VENTANA\SYSTEM\PSTORES.EXE
C:\VENTANA\CRAZ32.EXE
C:\VENTANA\SYSTEM\CRKV32.EXE
C:\VENTANA\APPYK.EXE
C:\VENTANA\SYSTEM\CREE.EXE
C:\VENTANA\EXPLORER.EXE
C:\VENTANA\SYSTEM\MSSZ.EXE
C:\VENTANA\SYSTEM\WINAQ.EXE
C:\VENTANA\CRFI32.EXE
C:\VENTANA\SYSTEM\D3KT.EXE
C:\VENTANA\IEPF.EXE
C:\VENTANA\SYSTEM\D3TS.EXE
C:\VENTANA\SYSTEM\CRBM32.EXE
C:\VENTANA\APPIJ.EXE
C:\VENTANA\SYSTEM\WINXG.EXE
C:\VENTANA\SYSTEM\APIFT.EXE
C:\VENTANA\SYSTEM\WINFW32.EXE
C:\VENTANA\SDKUT32.EXE
C:\VENTANA\SYSTEM\WINCJ32.EXE
C:\VENTANA\ADDIV.EXE
C:\VENTANA\SYSTEM\NETSU32.EXE
C:\VENTANA\WINAI32.EXE
C:\VENTANA\ATLCV.EXE
C:\VENTANA\SYSTEM\SDKTY32.EXE
C:\VENTANA\SYSTEM\APIJF.EXE
C:\VENTANA\SYSTEM\IENG.EXE
C:\VENTANA\SYSOM.EXE
C:\VENTANA\SYSMI32.EXE
C:\VENTANA\SYSTEM\APIIM.EXE
C:\VENTANA\SDKYQ.EXE
C:\VENTANA\ATLGU.EXE
C:\VENTANA\NETDY.EXE
C:\VENTANA\SYSTE32.EXE
C:\VENTANA\NETEG32.EXE
C:\VENTANA\ADDQA.EXE
C:\VENTANA\SYSTEM\MFCQN32.EXE
C:\VENTANA\SYSTEM\IPEN32.EXE
C:\VENTANA\SYSTEM\SDKBR.EXE
C:\VENTANA\SYSTEM\MSYT.EXE
C:\VENTANA\APIKL32.EXE
C:\VENTANA\SYSTEM\JAVATG32.EXE
C:\VENTANA\SYSTEM\WINJJ.EXE
C:\VENTANA\SYSTEM\SDKHV32.EXE
C:\VENTANA\WINXO32.EXE
C:\VENTANA\SYSTEM\JAVAHF.EXE
C:\VENTANA\APPJP32.EXE
C:\VENTANA\SYSTEM\NETMH32.EXE
C:\VENTANA\SYSTEM\ATLZN32.EXE
C:\VENTANA\SYSTEM\ADDOK32.EXE
C:\VENTANA\NETGY32.EXE
C:\VENTANA\SYSTEM\D3AO32.EXE
C:\VENTANA\MSMP.EXE
C:\VENTANA\SYSTEM\MFCAI32.EXE
C:\VENTANA\SYSTEM\SDKDW32.EXE
C:\VENTANA\SYSTEM\IPBP.EXE
C:\VENTANA\SYSTEM\ATLBZ32.EXE
C:\VENTANA\SYSTEM\NTEF32.EXE
C:\VENTANA\SYSTEM\JAVAEA.EXE
C:\VENTANA\SYSTEM\ATLFO32.EXE
C:\VENTANA\D3AB.EXE
C:\VENTANA\SYSTEM\SYSTRAY.EXE
C:\VENTANA\SYSTEM\JAVARP32.EXE
C:\VENTANA\PCTVOICE.EXE
C:\VENTANA\LOADQM.EXE
C:\ARCHIVOS DE PROGRAMA\VIAUDIOI\SBADECK\ADECK.EXE
C:\ARCHIVOS DE PROGRAMA\ESET\NOD32KUI.EXE
C:\VENTANA\SYSTEM\CTFMON.EXE
C:\VENTANA\SYSTEM\WMIEXE.EXE
C:\VENTANA\SYSTEM\DDHELP.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\VENTANA\SYSTEM\ATLFO32.EXE
C:\VENTANA\SYSTEM\ATLFO32.EXE
C:\VENTANA\MSDI.EXE
C:\MIS DOCUMENTOS\HJT\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\VENTANA\SYSTEM\vw-concesionarios.com.mx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\ARCHIVOS DE PROGRAMA\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Class - {8A826347-4574-E801-74CA-3622825961CD} - C:\VENTANA\SYSTEM\NTTZ32.DLL
O3 - Toolbar: @msdxmLC.dll,-1@3082,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\VENTANA\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [PCTVOICE] pctvoice.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [QuickTime Task] "C:\VENTANA\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NOD32POP3] "C:\Archivos de programa\Eset\pop3scan.exe" /uninstall
O4 - HKLM\..\Run: [AudioDeck] C:\ARCHIVOS DE PROGRAMA\VIAUDIOI\SBADECK\ADECK.EXE 1
O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunServices: [MOSearch] C:\ARCHIV~1\ARCHIV~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Archivos de programa\Eset\nod32krn.exe"
O4 - HKLM\..\RunServices: [MSRI32.EXE] C:\VENTANA\SYSTEM\MSRI32.EXE
O4 - HKLM\..\RunServices: [ADDQO32.EXE] C:\VENTANA\SYSTEM\ADDQO32.EXE
O4 - HKLM\..\RunServices: [CRHY32.EXE] C:\VENTANA\CRHY32.EXE
O4 - HKLM\..\RunServices: [D3SL.EXE] C:\VENTANA\D3SL.EXE
O4 - HKLM\..\RunServices: [SDKDH32.EXE] C:\VENTANA\SYSTEM\SDKDH32.EXE
O4 - HKLM\..\RunServices: [CRAZ32.EXE] C:\VENTANA\CRAZ32.EXE
O4 - HKLM\..\RunServices: [CRKV32.EXE] C:\VENTANA\SYSTEM\CRKV32.EXE
O4 - HKLM\..\RunServices: [MSSZ.EXE] C:\VENTANA\SYSTEM\MSSZ.EXE
O4 - HKLM\..\RunServices: [APPYK.EXE] C:\VENTANA\APPYK.EXE
O4 - HKLM\..\RunServices: [CREE.EXE] C:\VENTANA\SYSTEM\CREE.EXE
O4 - HKLM\..\RunServices: [CRFI32.EXE] C:\VENTANA\CRFI32.EXE
O4 - HKLM\..\RunServices: [WINAQ.EXE] C:\VENTANA\SYSTEM\WINAQ.EXE
O4 - HKLM\..\RunServices: [IEPF.EXE] C:\VENTANA\IEPF.EXE
O4 - HKLM\..\RunServices: [D3KT.EXE] C:\VENTANA\SYSTEM\D3KT.EXE
O4 - HKLM\..\RunServices: [WINXG.EXE] C:\VENTANA\SYSTEM\WINXG.EXE
O4 - HKLM\..\RunServices: [APIFT.EXE] C:\VENTANA\SYSTEM\APIFT.EXE
O4 - HKLM\..\RunServices: [D3TS.EXE] C:\VENTANA\SYSTEM\D3TS.EXE
O4 - HKLM\..\RunServices: [CRBM32.EXE] C:\VENTANA\SYSTEM\CRBM32.EXE
O4 - HKLM\..\RunServices: [APPIJ.EXE] C:\VENTANA\APPIJ.EXE
O4 - HKLM\..\RunServices: [WINFW32.EXE] C:\VENTANA\SYSTEM\WINFW32.EXE
O4 - HKLM\..\RunServices: [ADDIV.EXE] C:\VENTANA\ADDIV.EXE
O4 - HKLM\..\RunServices: [NETSU32.EXE] C:\VENTANA\SYSTEM\NETSU32.EXE
O4 - HKLM\..\RunServices: [SDKUT32.EXE] C:\VENTANA\SDKUT32.EXE
O4 - HKLM\..\RunServices: [WINCJ32.EXE] C:\VENTANA\SYSTEM\WINCJ32.EXE
O4 - HKLM\..\RunServices: [WINAI32.EXE] C:\VENTANA\WINAI32.EXE
O4 - HKLM\..\RunServices: [ATLCV.EXE] C:\VENTANA\ATLCV.EXE
O4 - HKLM\..\RunServices: [APIJF.EXE] C:\VENTANA\SYSTEM\APIJF.EXE
O4 - HKLM\..\RunServices: [SDKTY32.EXE] C:\VENTANA\SYSTEM\SDKTY32.EXE
O4 - HKLM\..\RunServices: [IENG.EXE] C:\VENTANA\SYSTEM\IENG.EXE
O4 - HKLM\..\RunServices: [SYSMI32.EXE] C:\VENTANA\SYSMI32.EXE
O4 - HKLM\..\RunServices: [SYSOM.EXE] C:\VENTANA\SYSOM.EXE
O4 - HKLM\..\RunServices: [ATLGU.EXE] C:\VENTANA\ATLGU.EXE
O4 - HKLM\..\RunServices: [APIIM.EXE] C:\VENTANA\SYSTEM\APIIM.EXE
O4 - HKLM\..\RunServices: [SDKYQ.EXE] C:\VENTANA\SDKYQ.EXE
O4 - HKLM\..\RunServices: [NETDY.EXE] C:\VENTANA\NETDY.EXE
O4 - HKLM\..\RunServices: [NETEG32.EXE] C:\VENTANA\NETEG32.EXE
O4 - HKLM\..\RunServices: [SYSTE32.EXE] C:\VENTANA\SYSTE32.EXE
O4 - HKLM\..\RunServices: [ADDQA.EXE] C:\VENTANA\ADDQA.EXE
O4 - HKLM\..\RunServices: [MFCQN32.EXE] C:\VENTANA\SYSTEM\MFCQN32.EXE
O4 - HKLM\..\RunServices: [IPEN32.EXE] C:\VENTANA\SYSTEM\IPEN32.EXE
O4 - HKLM\..\RunServices: [SDKBR.EXE] C:\VENTANA\SYSTEM\SDKBR.EXE
O4 - HKLM\..\RunServices: [MSYT.EXE] C:\VENTANA\SYSTEM\MSYT.EXE
O4 - HKLM\..\RunServices: [APIKL32.EXE] C:\VENTANA\APIKL32.EXE
O4 - HKLM\..\RunServices: [SDKHV32.EXE] C:\VENTANA\SYSTEM\SDKHV32.EXE
O4 - HKLM\..\RunServices: [JAVAHF.EXE] C:\VENTANA\SYSTEM\JAVAHF.EXE
O4 - HKLM\..\RunServices: [WINJJ.EXE] C:\VENTANA\SYSTEM\WINJJ.EXE
O4 - HKLM\..\RunServices: [JAVATG32.EXE] C:\VENTANA\SYSTEM\JAVATG32.EXE
O4 - HKLM\..\RunServices: [WINXO32.EXE] C:\VENTANA\WINXO32.EXE
O4 - HKLM\..\RunServices: [APPJP32.EXE] C:\VENTANA\APPJP32.EXE
O4 - HKLM\..\RunServices: [NETMH32.EXE] C:\VENTANA\SYSTEM\NETMH32.EXE
O4 - HKLM\..\RunServices: [ATLZN32.EXE] C:\VENTANA\SYSTEM\ATLZN32.EXE
O4 - HKLM\..\RunServices: [ADDOK32.EXE] C:\VENTANA\SYSTEM\ADDOK32.EXE
O4 - HKLM\..\RunServices: [MFCAI32.EXE] C:\VENTANA\SYSTEM\MFCAI32.EXE
O4 - HKLM\..\RunServices: [D3AO32.EXE] C:\VENTANA\SYSTEM\D3AO32.EXE
O4 - HKLM\..\RunServices: [NETGY32.EXE] C:\VENTANA\NETGY32.EXE
O4 - HKLM\..\RunServices: [MSMP.EXE] C:\VENTANA\MSMP.EXE
O4 - HKLM\..\RunServices: [SDKDW32.EXE] C:\VENTANA\SYSTEM\SDKDW32.EXE
O4 - HKLM\..\RunServices: [IPBP.EXE] C:\VENTANA\SYSTEM\IPBP.EXE
O4 - HKLM\..\RunServices: [ATLFO32.EXE] C:\VENTANA\SYSTEM\ATLFO32.EXE
O4 - HKLM\..\RunServices: [ATLBZ32.EXE] C:\VENTANA\SYSTEM\ATLBZ32.EXE
O4 - HKLM\..\RunServices: [NTEF32.EXE] C:\VENTANA\SYSTEM\NTEF32.EXE
O4 - HKLM\..\RunServices: [JAVARP32.EXE] C:\VENTANA\SYSTEM\JAVARP32.EXE
O4 - HKLM\..\RunServices: [JAVAEA.EXE] C:\VENTANA\SYSTEM\JAVAEA.EXE
O4 - HKLM\..\RunServices: [D3AB.EXE] C:\VENTANA\D3AB.EXE
O4 - HKLM\..\RunServices: [MSDI.EXE] C:\VENTANA\MSDI.EXE
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O4 - Startup: Inventario.lnk = C:\VENTANA\SYSTEM\SHELL32.DLL
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: Corel Network monitor worker - {3EAE2080-281A-11D9-84F4-000D87AE3A3C} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {3EAE2080-281A-11D9-84F4-000D87AE3A3C} - (no file)
O9 - Extra button: Corel Network monitor worker - {3EAE2080-281A-11D9-84F4-000D87AE3A3C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {3EAE2080-281A-11D9-84F4-000D87AE3A3C} - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com.mx/
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/zuma/popcaploader_v5.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
Home search assistent, shopping wizard and search extended are in my computer and I don't know what to do.
I've already ran Spybot, ad-aware SE and CWShredder and they couldn't fix it.
Please help me
This is HJT log:
Logfile of HijackThis v1.98.2
Scan saved at 10:59:50 a.m., on 26/11/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\VENTANA\SYSTEM\KERNEL32.DLL
C:\VENTANA\SYSTEM\MSGSRV32.EXE
C:\VENTANA\SYSTEM\SPOOL32.EXE
C:\VENTANA\SYSTEM\MPREXE.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\VENTANA\SYSTEM\MSTASK.EXE
C:\ARCHIVOS DE PROGRAMA\ESET\NOD32KRN.EXE
C:\VENTANA\SYSTEM\mmtask.tsk
C:\VENTANA\SYSTEM\MSRI32.EXE
C:\VENTANA\SYSTEM\SDKDH32.EXE
C:\VENTANA\D3SL.EXE
C:\VENTANA\CRHY32.EXE
C:\VENTANA\SYSTEM\ADDQO32.EXE
C:\VENTANA\SYSTEM\PSTORES.EXE
C:\VENTANA\CRAZ32.EXE
C:\VENTANA\SYSTEM\CRKV32.EXE
C:\VENTANA\APPYK.EXE
C:\VENTANA\SYSTEM\CREE.EXE
C:\VENTANA\EXPLORER.EXE
C:\VENTANA\SYSTEM\MSSZ.EXE
C:\VENTANA\SYSTEM\WINAQ.EXE
C:\VENTANA\CRFI32.EXE
C:\VENTANA\SYSTEM\D3KT.EXE
C:\VENTANA\IEPF.EXE
C:\VENTANA\SYSTEM\D3TS.EXE
C:\VENTANA\SYSTEM\CRBM32.EXE
C:\VENTANA\APPIJ.EXE
C:\VENTANA\SYSTEM\WINXG.EXE
C:\VENTANA\SYSTEM\APIFT.EXE
C:\VENTANA\SYSTEM\WINFW32.EXE
C:\VENTANA\SDKUT32.EXE
C:\VENTANA\SYSTEM\WINCJ32.EXE
C:\VENTANA\ADDIV.EXE
C:\VENTANA\SYSTEM\NETSU32.EXE
C:\VENTANA\WINAI32.EXE
C:\VENTANA\ATLCV.EXE
C:\VENTANA\SYSTEM\SDKTY32.EXE
C:\VENTANA\SYSTEM\APIJF.EXE
C:\VENTANA\SYSTEM\IENG.EXE
C:\VENTANA\SYSOM.EXE
C:\VENTANA\SYSMI32.EXE
C:\VENTANA\SYSTEM\APIIM.EXE
C:\VENTANA\SDKYQ.EXE
C:\VENTANA\ATLGU.EXE
C:\VENTANA\NETDY.EXE
C:\VENTANA\SYSTE32.EXE
C:\VENTANA\NETEG32.EXE
C:\VENTANA\ADDQA.EXE
C:\VENTANA\SYSTEM\MFCQN32.EXE
C:\VENTANA\SYSTEM\IPEN32.EXE
C:\VENTANA\SYSTEM\SDKBR.EXE
C:\VENTANA\SYSTEM\MSYT.EXE
C:\VENTANA\APIKL32.EXE
C:\VENTANA\SYSTEM\JAVATG32.EXE
C:\VENTANA\SYSTEM\WINJJ.EXE
C:\VENTANA\SYSTEM\SDKHV32.EXE
C:\VENTANA\WINXO32.EXE
C:\VENTANA\SYSTEM\JAVAHF.EXE
C:\VENTANA\APPJP32.EXE
C:\VENTANA\SYSTEM\NETMH32.EXE
C:\VENTANA\SYSTEM\ATLZN32.EXE
C:\VENTANA\SYSTEM\ADDOK32.EXE
C:\VENTANA\NETGY32.EXE
C:\VENTANA\SYSTEM\D3AO32.EXE
C:\VENTANA\MSMP.EXE
C:\VENTANA\SYSTEM\MFCAI32.EXE
C:\VENTANA\SYSTEM\SDKDW32.EXE
C:\VENTANA\SYSTEM\IPBP.EXE
C:\VENTANA\SYSTEM\ATLBZ32.EXE
C:\VENTANA\SYSTEM\NTEF32.EXE
C:\VENTANA\SYSTEM\JAVAEA.EXE
C:\VENTANA\SYSTEM\ATLFO32.EXE
C:\VENTANA\D3AB.EXE
C:\VENTANA\SYSTEM\SYSTRAY.EXE
C:\VENTANA\SYSTEM\JAVARP32.EXE
C:\VENTANA\PCTVOICE.EXE
C:\VENTANA\LOADQM.EXE
C:\ARCHIVOS DE PROGRAMA\VIAUDIOI\SBADECK\ADECK.EXE
C:\ARCHIVOS DE PROGRAMA\ESET\NOD32KUI.EXE
C:\VENTANA\SYSTEM\CTFMON.EXE
C:\VENTANA\SYSTEM\WMIEXE.EXE
C:\VENTANA\SYSTEM\DDHELP.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\VENTANA\SYSTEM\ATLFO32.EXE
C:\VENTANA\SYSTEM\ATLFO32.EXE
C:\VENTANA\MSDI.EXE
C:\MIS DOCUMENTOS\HJT\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\VENTANA\system\jyfor.dll/sp.html#32526
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\VENTANA\SYSTEM\vw-concesionarios.com.mx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\ARCHIVOS DE PROGRAMA\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Class - {8A826347-4574-E801-74CA-3622825961CD} - C:\VENTANA\SYSTEM\NTTZ32.DLL
O3 - Toolbar: @msdxmLC.dll,-1@3082,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\VENTANA\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [PCTVOICE] pctvoice.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [QuickTime Task] "C:\VENTANA\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NOD32POP3] "C:\Archivos de programa\Eset\pop3scan.exe" /uninstall
O4 - HKLM\..\Run: [AudioDeck] C:\ARCHIVOS DE PROGRAMA\VIAUDIOI\SBADECK\ADECK.EXE 1
O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunServices: [MOSearch] C:\ARCHIV~1\ARCHIV~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Archivos de programa\Eset\nod32krn.exe"
O4 - HKLM\..\RunServices: [MSRI32.EXE] C:\VENTANA\SYSTEM\MSRI32.EXE
O4 - HKLM\..\RunServices: [ADDQO32.EXE] C:\VENTANA\SYSTEM\ADDQO32.EXE
O4 - HKLM\..\RunServices: [CRHY32.EXE] C:\VENTANA\CRHY32.EXE
O4 - HKLM\..\RunServices: [D3SL.EXE] C:\VENTANA\D3SL.EXE
O4 - HKLM\..\RunServices: [SDKDH32.EXE] C:\VENTANA\SYSTEM\SDKDH32.EXE
O4 - HKLM\..\RunServices: [CRAZ32.EXE] C:\VENTANA\CRAZ32.EXE
O4 - HKLM\..\RunServices: [CRKV32.EXE] C:\VENTANA\SYSTEM\CRKV32.EXE
O4 - HKLM\..\RunServices: [MSSZ.EXE] C:\VENTANA\SYSTEM\MSSZ.EXE
O4 - HKLM\..\RunServices: [APPYK.EXE] C:\VENTANA\APPYK.EXE
O4 - HKLM\..\RunServices: [CREE.EXE] C:\VENTANA\SYSTEM\CREE.EXE
O4 - HKLM\..\RunServices: [CRFI32.EXE] C:\VENTANA\CRFI32.EXE
O4 - HKLM\..\RunServices: [WINAQ.EXE] C:\VENTANA\SYSTEM\WINAQ.EXE
O4 - HKLM\..\RunServices: [IEPF.EXE] C:\VENTANA\IEPF.EXE
O4 - HKLM\..\RunServices: [D3KT.EXE] C:\VENTANA\SYSTEM\D3KT.EXE
O4 - HKLM\..\RunServices: [WINXG.EXE] C:\VENTANA\SYSTEM\WINXG.EXE
O4 - HKLM\..\RunServices: [APIFT.EXE] C:\VENTANA\SYSTEM\APIFT.EXE
O4 - HKLM\..\RunServices: [D3TS.EXE] C:\VENTANA\SYSTEM\D3TS.EXE
O4 - HKLM\..\RunServices: [CRBM32.EXE] C:\VENTANA\SYSTEM\CRBM32.EXE
O4 - HKLM\..\RunServices: [APPIJ.EXE] C:\VENTANA\APPIJ.EXE
O4 - HKLM\..\RunServices: [WINFW32.EXE] C:\VENTANA\SYSTEM\WINFW32.EXE
O4 - HKLM\..\RunServices: [ADDIV.EXE] C:\VENTANA\ADDIV.EXE
O4 - HKLM\..\RunServices: [NETSU32.EXE] C:\VENTANA\SYSTEM\NETSU32.EXE
O4 - HKLM\..\RunServices: [SDKUT32.EXE] C:\VENTANA\SDKUT32.EXE
O4 - HKLM\..\RunServices: [WINCJ32.EXE] C:\VENTANA\SYSTEM\WINCJ32.EXE
O4 - HKLM\..\RunServices: [WINAI32.EXE] C:\VENTANA\WINAI32.EXE
O4 - HKLM\..\RunServices: [ATLCV.EXE] C:\VENTANA\ATLCV.EXE
O4 - HKLM\..\RunServices: [APIJF.EXE] C:\VENTANA\SYSTEM\APIJF.EXE
O4 - HKLM\..\RunServices: [SDKTY32.EXE] C:\VENTANA\SYSTEM\SDKTY32.EXE
O4 - HKLM\..\RunServices: [IENG.EXE] C:\VENTANA\SYSTEM\IENG.EXE
O4 - HKLM\..\RunServices: [SYSMI32.EXE] C:\VENTANA\SYSMI32.EXE
O4 - HKLM\..\RunServices: [SYSOM.EXE] C:\VENTANA\SYSOM.EXE
O4 - HKLM\..\RunServices: [ATLGU.EXE] C:\VENTANA\ATLGU.EXE
O4 - HKLM\..\RunServices: [APIIM.EXE] C:\VENTANA\SYSTEM\APIIM.EXE
O4 - HKLM\..\RunServices: [SDKYQ.EXE] C:\VENTANA\SDKYQ.EXE
O4 - HKLM\..\RunServices: [NETDY.EXE] C:\VENTANA\NETDY.EXE
O4 - HKLM\..\RunServices: [NETEG32.EXE] C:\VENTANA\NETEG32.EXE
O4 - HKLM\..\RunServices: [SYSTE32.EXE] C:\VENTANA\SYSTE32.EXE
O4 - HKLM\..\RunServices: [ADDQA.EXE] C:\VENTANA\ADDQA.EXE
O4 - HKLM\..\RunServices: [MFCQN32.EXE] C:\VENTANA\SYSTEM\MFCQN32.EXE
O4 - HKLM\..\RunServices: [IPEN32.EXE] C:\VENTANA\SYSTEM\IPEN32.EXE
O4 - HKLM\..\RunServices: [SDKBR.EXE] C:\VENTANA\SYSTEM\SDKBR.EXE
O4 - HKLM\..\RunServices: [MSYT.EXE] C:\VENTANA\SYSTEM\MSYT.EXE
O4 - HKLM\..\RunServices: [APIKL32.EXE] C:\VENTANA\APIKL32.EXE
O4 - HKLM\..\RunServices: [SDKHV32.EXE] C:\VENTANA\SYSTEM\SDKHV32.EXE
O4 - HKLM\..\RunServices: [JAVAHF.EXE] C:\VENTANA\SYSTEM\JAVAHF.EXE
O4 - HKLM\..\RunServices: [WINJJ.EXE] C:\VENTANA\SYSTEM\WINJJ.EXE
O4 - HKLM\..\RunServices: [JAVATG32.EXE] C:\VENTANA\SYSTEM\JAVATG32.EXE
O4 - HKLM\..\RunServices: [WINXO32.EXE] C:\VENTANA\WINXO32.EXE
O4 - HKLM\..\RunServices: [APPJP32.EXE] C:\VENTANA\APPJP32.EXE
O4 - HKLM\..\RunServices: [NETMH32.EXE] C:\VENTANA\SYSTEM\NETMH32.EXE
O4 - HKLM\..\RunServices: [ATLZN32.EXE] C:\VENTANA\SYSTEM\ATLZN32.EXE
O4 - HKLM\..\RunServices: [ADDOK32.EXE] C:\VENTANA\SYSTEM\ADDOK32.EXE
O4 - HKLM\..\RunServices: [MFCAI32.EXE] C:\VENTANA\SYSTEM\MFCAI32.EXE
O4 - HKLM\..\RunServices: [D3AO32.EXE] C:\VENTANA\SYSTEM\D3AO32.EXE
O4 - HKLM\..\RunServices: [NETGY32.EXE] C:\VENTANA\NETGY32.EXE
O4 - HKLM\..\RunServices: [MSMP.EXE] C:\VENTANA\MSMP.EXE
O4 - HKLM\..\RunServices: [SDKDW32.EXE] C:\VENTANA\SYSTEM\SDKDW32.EXE
O4 - HKLM\..\RunServices: [IPBP.EXE] C:\VENTANA\SYSTEM\IPBP.EXE
O4 - HKLM\..\RunServices: [ATLFO32.EXE] C:\VENTANA\SYSTEM\ATLFO32.EXE
O4 - HKLM\..\RunServices: [ATLBZ32.EXE] C:\VENTANA\SYSTEM\ATLBZ32.EXE
O4 - HKLM\..\RunServices: [NTEF32.EXE] C:\VENTANA\SYSTEM\NTEF32.EXE
O4 - HKLM\..\RunServices: [JAVARP32.EXE] C:\VENTANA\SYSTEM\JAVARP32.EXE
O4 - HKLM\..\RunServices: [JAVAEA.EXE] C:\VENTANA\SYSTEM\JAVAEA.EXE
O4 - HKLM\..\RunServices: [D3AB.EXE] C:\VENTANA\D3AB.EXE
O4 - HKLM\..\RunServices: [MSDI.EXE] C:\VENTANA\MSDI.EXE
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O4 - Startup: Inventario.lnk = C:\VENTANA\SYSTEM\SHELL32.DLL
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: Corel Network monitor worker - {3EAE2080-281A-11D9-84F4-000D87AE3A3C} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {3EAE2080-281A-11D9-84F4-000D87AE3A3C} - (no file)
O9 - Extra button: Corel Network monitor worker - {3EAE2080-281A-11D9-84F4-000D87AE3A3C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {3EAE2080-281A-11D9-84F4-000D87AE3A3C} - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com.mx/
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/zuma/popcaploader_v5.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
0
Comments
HSA took over my PC, and I had to do it
I´m sure you were working on my case and I appreciate it, THXS