Tema: Ayuda
Ver Mensaje Individual
  post #3 (permalink)  
Antiguo 18/09/07, 12:50:19
herois114 herois114 está offline
Usuario
  
Registrado: sep 2007
Ubicación: Chile
Mensajes: 2
Re: Ayuda
Gracias por la ayuda me fue de mucha utilidad aqui van los datos:

Sat Sep 08 21:05:32 2007 => ***** Scanning Registry and File system for Adware/Spyware *****
Sat Sep 08 21:05:33 2007 => Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\Hans\CONFIG~1\Temp\spydb.avs, Size: 247506].
Sat Sep 08 21:05:36 2007 => Indexed Spyware Databases Successfully Created...

Sat Sep 08 21:05:41 2007 => System found infected with need2findbar Toolbar ({4d1c4e89-a32a-416b-bcdb-33b3ef3617d3})! Action taken: No Action Taken.
Sat Sep 08 21:05:41 2007 => System found infected with need2findbar Toolbar ({4d1c4e8b-a32a-416b-bcdb-33b3ef3617d3})! Action taken: No Action Taken.
Sat Sep 08 21:05:41 2007 => System found infected with need2findbar Toolbar ({630d6140-04c5-4db0-b27a-020d766ff09b})! Action taken: No Action Taken.
Sat Sep 08 21:05:42 2007 => System found infected with need2findbar Toolbar ({f78b32d6-d6d8-4137-a18f-91ebe1a4aedb})! Action taken: No Action Taken.
Sat Sep 08 21:05:42 2007 => System found infected with kazaa Spyware/Adware ({38c76428-6c9c-4cc6-b747-3ab6a4770225})! Action taken: No Action Taken.
Sat Sep 08 21:05:42 2007 => System found infected with need2findbar Toolbar ({4d1c4e8a-a32a-416b-bcdb-33b3ef3617d3})! Action taken: No Action Taken.
Sat Sep 08 21:05:42 2007 => System found infected with need2findbar Toolbar ({4d1c4e8c-a32a-416b-bcdb-33b3ef3617d3})! Action taken: No Action Taken.
Sat Sep 08 21:05:45 2007 => Offending Key found: HKLM\Software\magnet\handlers\kazaa !!!
Sat Sep 08 21:05:45 2007 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:45 2007 => Offending Key found: HKLM\Software\funwebproducts !!!
Sat Sep 08 21:05:45 2007 => Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:45 2007 => Offending Key found: HKLM\Software\magnet !!!
Sat Sep 08 21:05:45 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:45 2007 => Offending Key found: HKLM\Software\need2find !!!
Sat Sep 08 21:05:45 2007 => Object "need2findbar Toolbar" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:45 2007 => Offending Key found: HKCU\Software\need2find !!!
Sat Sep 08 21:05:45 2007 => Object "need2findbar Toolbar" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:45 2007 => Offending Key found: HKCU\software\microsoft\windows\currentversion\exp lorer\menuorder\start menu2\programs\kazaa !!!
Sat Sep 08 21:05:45 2007 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:45 2007 => Offending Key found: HKCU\software\microsoft\windows\currentversion\exp lorer\menuorder\favorites\autos !!!
Sat Sep 08 21:05:45 2007 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKCU\\magnet !!!
Sat Sep 08 21:05:46 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKCU\\msiede1egate.application.2 !!!
Sat Sep 08 21:05:46 2007 => Object "need2findbar Toolbar" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKCU\\need2findbar.settingsplugin !!!
Sat Sep 08 21:05:46 2007 => Object "need2findbar Toolbar" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKCU\\need2findbar.settingsplugin.1 !!!
Sat Sep 08 21:05:46 2007 => Object "need2findbar Toolbar" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKCU\\need2findbar.toolbarplugin !!!
Sat Sep 08 21:05:46 2007 => Object "need2findbar Toolbar" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKCU\\need2findbar.toolbarplugin.1 !!!
Sat Sep 08 21:05:46 2007 => Object "need2findbar Toolbar" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKLM\System\CurrentControlSet\Services\nwsapagent !!!
Sat Sep 08 21:05:46 2007 => Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKLM\System\ControlSet001\Services\nwsapagent !!!
Sat Sep 08 21:05:46 2007 => Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending Key found: HKLM\System\ControlSet002\Services\nwsapagent !!!
Sat Sep 08 21:05:46 2007 => Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:46 2007 => Offending value found in HKLM\Software\Microsoft\Windows\CurrentVersion\int ernet settings\5.0\user agent\post platform: alexa toolbar !!!
Sat Sep 08 21:05:46 2007 => Object "alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:05:48 2007 => Offending file found: C:\WINDOWS\casino.ico
Sat Sep 08 21:05:48 2007 => System found infected with zlob Trojan-Downloader (casino.ico)! Action taken: No Action Taken.

Sat Sep 08 21:05:48 2007 => Offending file found: C:\WINDOWS\mtu.bat
Sat Sep 08 21:05:48 2007 => System found infected with media tickets Spyware/Adware (mtu.bat)! Action taken: No Action Taken.

Sat Sep 08 21:05:48 2007 => Offending file found: C:\WINDOWS\re12.reg
Sat Sep 08 21:05:48 2007 => System found infected with media tickets Spyware/Adware (re12.reg)! Action taken: No Action Taken.

Sat Sep 08 21:06:13 2007 => Offending Folder found: C:\WINDOWS\system32\cache329
Sat Sep 08 21:06:13 2007 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:06:14 2007 => Offending Folder found: C:\Archivos de programa\funwebproducts
Sat Sep 08 21:06:14 2007 => Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:06:14 2007 => Offending Folder found: C:\Archivos de programa\kazaa
Sat Sep 08 21:06:14 2007 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:06:14 2007 => Offending Folder found: C:\Archivos de programa\need2find
Sat Sep 08 21:06:14 2007 => Object "need2findbar Toolbar" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:06:14 2007 => Offending Folder found: C:\Archivos de programa\Archivos comunes\winsoftware
Sat Sep 08 21:06:14 2007 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:06:22 2007 => Offending Folder found: C:\Documents and Settings\Hans\Favoritos\autos
Sat Sep 08 21:06:22 2007 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:06:32 2007 => Offending file found: C:\Documents and Settings\Hans\Favoritos\error cleaner.url
Sat Sep 08 21:06:32 2007 => System found infected with winfixer/errorsafe Adware (error cleaner.url)! Action taken: No Action Taken.

Sat Sep 08 21:06:42 2007 => Offending file found: C:\Documents and Settings\Hans\Favoritos\privacy protector.url
Sat Sep 08 21:06:42 2007 => System found infected with privacyprotector Corrupted Adware/Spyware (privacy protector.url)! Action taken: No Action Taken.

Sat Sep 08 21:06:42 2007 => Offending file found: C:\Documents and Settings\Hans\Favoritos\spyware&malware protection.url
Sat Sep 08 21:06:42 2007 => System found infected with privacyprotector Corrupted Adware/Spyware (spyware&malware protection.url)! Action taken: No Action Taken.

Sat Sep 08 21:06:59 2007 => Offending file found: C:\Documents and Settings\Hans\Mis documentos\celular\juegos\auto3d\j.class
Sat Sep 08 21:06:59 2007 => System found infected with ipinsight Spyware/Adware (j.class)! Action taken: No Action Taken.

Sat Sep 08 21:06:59 2007 => Offending file found: C:\Documents and Settings\Hans\Mis documentos\celular\juegos\auto3d\k.class
Sat Sep 08 21:06:59 2007 => System found infected with ipinsight Spyware/Adware (k.class)! Action taken: No Action Taken.

Sat Sep 08 21:06:59 2007 => Offending file found: C:\Documents and Settings\Hans\Mis documentos\celular\juegos\auto3d\s.class
Sat Sep 08 21:06:59 2007 => System found infected with whenu.savenow Spyware/Adware (s.class)! Action taken: No Action Taken.

Sat Sep 08 21:06:59 2007 => Offending file found: C:\Documents and Settings\Hans\Mis documentos\celular\juegos\auto3d\t.class
Sat Sep 08 21:06:59 2007 => System found infected with superbar Spyware/Adware (t.class)! Action taken: No Action Taken.

Sat Sep 08 21:06:59 2007 => Offending file found: C:\Documents and Settings\Hans\Mis documentos\celular\juegos\auto3d\u.class
Sat Sep 08 21:06:59 2007 => System found infected with topmoxie Spyware/Adware (u.class)! Action taken: No Action Taken.

Sat Sep 08 21:08:18 2007 => Offending Folder found: C:\Documents and Settings\Hans\Menú Inicio\programas\kazaa
Sat Sep 08 21:08:18 2007 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:18 2007 => Offending Folder found: C:\Documents and Settings\Hans\Menú Inicio\Programas\kazaa
Sat Sep 08 21:08:18 2007 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:42 2007 => Offending file found: C:\ARCHIV~1\NEED2F~1\bar\cache\files.ini
Sat Sep 08 21:08:42 2007 => System found infected with need2findbar Toolbar (C:\ARCHIV~1\NEED2F~1\bar\cache\files.ini)! Action taken: No Action Taken.

Sat Sep 08 21:08:42 2007 => Offending file found: C:\ARCHIV~1\NEED2F~1\bar\history\search
Sat Sep 08 21:08:42 2007 => System found infected with need2findbar Toolbar (C:\ARCHIV~1\NEED2F~1\bar\history\search)! Action taken: No Action Taken.

Sat Sep 08 21:08:42 2007 => Offending file found: C:\ARCHIV~1\ares\ares.exe
Sat Sep 08 21:08:42 2007 => System found infected with killav.nbd Browser Hijacker (C:\ARCHIV~1\ares\ares.exe)! Action taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Checking MountPoints2 Registry Key...
Sat Sep 08 21:08:51 2007 => Invalid Command Found in {0f838add-6782-11db-8cbb-000e50487edf}\Shell\1\Command: F:\.\RECYCLER\RECYCLER\autorun.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{0f838add-6782-11db-8cbb-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Invalid Command Found in {0f838afe-6782-11db-8cbb-000e50487edf}\Shell\1\Command: .\RECYCLER\RECYCLER\autorun.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{0f838afe-6782-11db-8cbb-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Invalid Command Found in {3f74a423-0c5a-11dc-8fb8-000e50487edf}\Shell\Auto\command: sxs.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{3f74a423-0c5a-11dc-8fb8-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Invalid Command Found in {538954c2-4c50-11dc-9630-000e50487edf}\Shell\Auto\command: sxs.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{538954c2-4c50-11dc-9630-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Invalid Command Found in {7a1ef618-2661-11db-8bf4-000e50487edf}\Shell\1\Command: F:\.\RECYCLER\RECYCLER\autorun.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{7a1ef618-2661-11db-8bf4-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Invalid Command Found in {82b3e238-2e71-11dc-9022-000e50487edf}\Shell\Auto\command: sxs.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{82b3e238-2e71-11dc-9022-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Invalid Command Found in {af80972d-daf3-11db-8f2f-000e50487edf}\Shell\Auto\command: sxs.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{af80972d-daf3-11db-8f2f-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Invalid Command Found in {c8b61987-2bc9-11db-8c00-000e50487edf}\Shell\1\Command: F:\.\RECYCLER\RECYCLER\autorun.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{c8b61987-2bc9-11db-8c00-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Invalid Command Found in {ee2fe169-3fab-11dc-824d-000e50487edf}\Shell\Auto\command: F:\sxs.exe
Sat Sep 08 21:08:51 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{ee2fe169-3fab-11dc-824d-000e50487edf} !!!
Sat Sep 08 21:08:51 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Sep 08 21:08:51 2007 => Checking CLSID Reference Entries...
Sat Sep 08 21:08:57 2007 => Checking Module Usage Entries...
Sat Sep 08 21:08:57 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\adv6api.dll". Action Taken: No Action Taken.

Sat Sep 08 21:08:57 2007 => Checking User Trusted External App Entries...
Sat Sep 08 21:08:57 2007 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\ARCHIV~1\Kodak\KODAKS~1\7288971\614~1.37-\Program\REGISTER.EXE". Action Taken: No Action Taken.

Sat Sep 08 21:08:57 2007 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Archivos de programa\Kodak\Kodak Software Updater\7288971\6.1.4.37-7288971L\Program\PrvCnt.exe". Action Taken: No Action Taken.

Sat Sep 08 21:08:57 2007 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\ARCHIV~1\Kodak\KODAKS~1\7288971\632~1.62-\Program\REGISTER.EXE". Action Taken: No Action Taken.

Sat Sep 08 21:08:57 2007 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Archivos de programa\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\PrvCnt.exe". Action Taken: No Action Taken.

Sat Sep 08 21:08:57 2007 => Checking Shared DLL Entries...
Sat Sep 08 21:09:20 2007 => Checking Installer Entries...
Sat Sep 08 21:09:30 2007 => Checking Shared Tools Entries...
Sat Sep 08 21:09:30 2007 => Checking File Extension Entries...
Sat Sep 08 21:09:30 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts" refers to invalid object ".mbd". Action Taken: No Action Taken.

Sat Sep 08 21:09:30 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts" refers to invalid object ".sav". Action Taken: No Action Taken.

Sat Sep 08 21:09:30 2007 => Checking Application Cache Entries...
Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{04AD9B45-8D30-480A-B586-86AAF6675EE7}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{0C7C9202-AC9D-4521-89C7-1ADB258BA4F9}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{191D24DA-8FEA-4EF6-8CC3-00B62CA34D49}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{223BA957-0391-409E-A93E-D6E4037276A2}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{2959B9F6-2D49-4E0D-96F4-D684106FE48D}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{2B257128-0B59-4A88-AFDF-BE12E5F5B9A0}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{32971938-65B1-4B38-B483-9A32560B7CF2}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{34910209-2F99-436D-A1B1-37B74EFDD09B}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{47A37384-636B-44B2-BA16-EE5845393294}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{6A6A5A40-FB6D-402C-8516-CC61E6DFE524}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{6EC77255-2E6B-49C0-B730-9C38410E0A85}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{8E37B5B2-10A8-4D75-87E2-9B2A014DCC12}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{91B8E34E-54A1-4574-973D-75EFDFEED13D}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{9EA397A0-9796-417D-B75A-4CBDF502C82C}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{A28A0D1C-C67E-41D6-BC55-5D2763159A6D}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{AA0370C1-BEB2-4C8E-ADFD-B7AFE85F0FBE}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{B945219C-C51C-4BD0-BAD5-A3FED95B555F}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{C602034B-0E04-4A4C-994B-9BE7AEFF5931}". Action Taken: No Action Taken.

Sat Sep 08 21:09:31 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{FB0D4264-E42B-4E9D-B5D0-92C23222D359}". Action Taken: No Action Taken.

aqui el log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:34, on 18-09-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Archivos de programa\Electronics Workbench\NLS\ewbnlss.exe
C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\Archivos de programa\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe
C:\Archivos de programa\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\msiexec.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARCHIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Complemento del Asistente para Internet de Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\2.1.615.5858 \swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Asistente para Internet de Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Archivos de programa\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [EPSON Stylus C87 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA BL.EXE /P23 "EPSON Stylus C87 Series" /O6 "USB004" /M "Stylus C87"
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Siemens SmartSync - ScheduleSync] C:\ARCHIV~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [kis] "C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [GameFace Messenger] C:\Archivos de programa\GameFace Messenger\GameFace.exe
O4 - HKLM\..\Run: [StartCCC] C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [AAWTray] C:\Archivos de programa\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Archivos de programa\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolba rNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [L06EXLRD_3746656] "C:\Archivos de programa\Microsoft Student\Microsoft Student 2006 - DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-21-1275210071-1958367476-725345543-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Estudiante')
O4 - HKUS\S-1-5-21-1275210071-1958367476-725345543-1008\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start (User 'Estudiante')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Google Updater.lnk = C:\Archivos de programa\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Archivos de programa\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Antivirus de la Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.olidata.cl
O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://irc.michat.cl:8000/Java/cfs31235.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/es/4,0,0,83/mcinsctl.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (Web Camera Server Control) - http://webcam1.uoct.cl/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/es/1,0,0,20/mcgdmgr.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D5D8A57-B133-4CCF-9D06-1881180F43F8}: NameServer = 200.28.4.129 200.28.4.130
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARCHIV~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\ARCHIV~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Electronics Workbench Network License Server (EWBNLSS) - Unknown owner - C:\Archivos de programa\Electronics Workbench\NLS\ewbnlss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Archivos de programa\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 11941 bytes


GRACIAS Y SALUDOS.
Responder Con Cita