No se por que, pero limpio todo y luego de unos dias vuelve a fallar algo. No es siempre lo mismo. Tengo actualizado el Windows y el Spybot no da infeccion. Tengo el Zonealarm, el Nod32, pero parece que por algun lado siempre pasan.
Aca les dejo el log para que si pueden lo vean. Gracias.


Logfile of HijackThis v1.99.1
Scan saved at 05:02:47 p.m., on 28/09/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\Archivos de programa\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\CA-80U\ADSL\CnxDslTb.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Archivos de programa\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Archivos de programa\ESET\nod32kui.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Archivos de programa\CA-80U\ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Archivos de programa\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TotalRecorderScheduler] C:\Archivos de programa\HighCriteria\TotalRecorder\TotRecSched.ex e
O4 - HKCU\..\Run: [msnmsgr] "C:\Archivos de programa\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: Get Flash by &Arty Flash Ripper - C:\Archivos de programa\Softdigger\FlashRipper\IEMenu.htm
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127583177029
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender-es.com/scan/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F193D860-B92C-4EC3-AB63-0086E9C9DCDB}: NameServer = 200.42.0.108 200.42.0.109
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Hola diez39, el log no muestra nada relevante.

¿Podrías especificar de que problemas se tratan?


Según tu log:
No tienes ningún Service Pack instalado, es muy importante visitar windowsupdate con regularidad para mantener actualizado el sistema, este paso es muy importante porque va a proveer a nuestro sistema de los parches de seguridad necesarios y actualizaciones criticas como nínimo actualiza el sistema a Service Pack 1 (SP1)

Saludos

__________________

El service pack 1 lo instale hace bastante y hace unos dias visite windows update e instale todo lo que estaba a disposicion. No se por que no figurara.
Los problemas empezaron hace unas semanas, con ventanas que se abrian, cambios en la pagina de inicio, favoritos que se instalaban solos, etc. Pero gracias a sus ayudas lo solucione. Unos dias despues todo funcionaba bien pero al iniciar un programa de torrents, se congelaba la pantalla y tenia que resetear. Tambien me lo solucionaron. Y ahora cuando entro a algunas paginas, el explorer se cierra solo.
No se que puedo hacer.
Gracias.

Descárgate la herramienta MWAV y déjanos un log de esta herramienta. Esta herramienta genera un log muy largo por lo que solo copia las entradas reconocidas como infectadas..

Saludos

__________________

Wed Sep 28 20:47:24 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({371d0743-7a57-11d2-ad5a-00105a17b608})! Action taken: No Action Taken.
Wed Sep 28 20:47:25 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({4f99a075-5227-11d2-ad06-00105a17b608})! Action taken: No Action Taken.
Wed Sep 28 20:47:26 2005 => System found infected with cws.homesearch Browser Hijacker ({6f52aa3b-3e87-c242-6ec0-23373b9c1426})! Action taken: No Action Taken.
Wed Sep 28 20:47:27 2005 => System found infected with smartfinder Spyware/Adware ({9331bd47-3ca2-b77d-8df9-1e8a3da4557f})! Action taken: No Action Taken.
Wed Sep 28 20:47:29 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({ca4fc24b-c65c-11d1-aa6f-000000000000})! Action taken: No Action Taken.
Wed Sep 28 20:47:29 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({ddd136ce-517b-11d2-ad03-00105a17b608})! Action taken: No Action Taken.
Wed Sep 28 20:47:29 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({e9d55102-9683-11d2-ba68-0040053687fe})! Action taken: No Action Taken.
Wed Sep 28 20:47:30 2005 => System found infected with powerstrip Spyware/Adware ({669695bc-a811-4a9d-8cdf-ba8c795f261c})! Action taken: No Action Taken.
Wed Sep 28 20:47:39 2005 => System found infected with powerstrip Spyware/Adware ({669695bc-a811-4a9d-8cdf-ba8c795f261c})! Action taken: No Action Taken.
Wed Sep 28 20:47:41 2005 => Offending Key found: HKLM\Software\gnu !!!
Wed Sep 28 20:47:41 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Wed Sep 28 20:47:41 2005 => Offending Key found: HKLM\Software\kazaa !!!
Wed Sep 28 20:47:41 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Wed Sep 28 20:47:41 2005 => Offending Key found: HKCU\Software\gnu !!!
Wed Sep 28 20:47:41 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Wed Sep 28 20:47:41 2005 => Offending Key found: HKCU\Software\kazaa !!!
Wed Sep 28 20:47:41 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Wed Sep 28 20:47:45 2005 => Offending Key found: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupReg\bullseye network !!!
Wed Sep 28 20:47:45 2005 => Object "bargainbuddy Spyware/Adware" found in File System! Action Taken: No Action Taken.

Wed Sep 28 20:47:47 2005 => Offending file found: C:\WINDOWS\gpinstall.exe
Wed Sep 28 20:47:47 2005 => System found infected with conducent flexpak Spyware/Adware (gpinstall.exe)! Action taken: No Action Taken.

Wed Sep 28 20:47:50 2005 => Offending Folder found: C:\WINDOWS\DOWNLO~1\conflict.1
Wed Sep 28 20:47:50 2005 => Object "180solutions Spyware/Adware" found in File System! Action Taken: No Action Taken.

Wed Sep 28 20:47:50 2005 => Offending file found: C:\WINDOWS\System32\appsj.exe
Wed Sep 28 20:47:50 2005 => System found infected with cws.homesearch Browser Hijacker (appsj.exe)! Action taken: No Action Taken.

Wed Sep 28 20:47:50 2005 => Offending file found: C:\WINDOWS\System32\atlmr32.exe
Wed Sep 28 20:47:50 2005 => System found infected with cws.homesearch Browser Hijacker (atlmr32.exe)! Action taken: No Action Taken.

Wed Sep 28 20:47:51 2005 => Offending file found: C:\WINDOWS\System32\dartsock.dll
Wed Sep 28 20:47:51 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger (dartsock.dll)! Action taken: No Action Taken.

Wed Sep 28 20:47:52 2005 => Offending file found: C:\WINDOWS\System32\usbmonit.exe
Wed Sep 28 20:47:52 2005 => System found infected with purityscan Spyware/Adware (usbmonit.exe)! Action taken: No Action Taken.

Wed Sep 28 20:48:52 2005 => Offending file found: C:\Documents and Settings\usuario\Menú Inicio\programas\inicio\powerreg scheduler.exe
Wed Sep 28 20:48:52 2005 => System found infected with powerreg scheduler Spyware/Adware (powerreg scheduler.exe)! Action taken: No Action Taken.

Wed Sep 28 20:48:53 2005 => Offending file found: C:\Documents and Settings\usuario\Menú Inicio\Programas\inicio\powerreg scheduler.exe
Wed Sep 28 20:48:53 2005 => System found infected with powerreg scheduler Spyware/Adware (powerreg scheduler.exe)! Action taken: No Action Taken.

Wed Sep 28 20:48:53 2005 => Offending file found: C:\Documents and Settings\usuario\Menú Inicio\Programas\Inicio\powerreg scheduler.exe
Wed Sep 28 20:48:53 2005 => System found infected with powerreg scheduler Spyware/Adware (powerreg scheduler.exe)! Action taken: No Action Taken.

Wed Sep 28 20:49:01 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\archivos temporales de internet\search.html
Wed Sep 28 20:49:01 2005 => System found infected with whenu.sidefinder Spyware/Adware (search.html)! Action taken: No Action Taken.

Wed Sep 28 20:49:04 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\temp\archivos temporales de internet\content.ie5\shsvenkj\index[1].html
Wed Sep 28 20:49:04 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.

Wed Sep 28 20:49:04 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\temp\archivos temporales de internet\content.ie5\shsvenkj\show_ads[2].js
Wed Sep 28 20:49:04 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.

Wed Sep 28 20:49:05 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\Archivos temporales de Internet\search.html
Wed Sep 28 20:49:05 2005 => System found infected with whenu.sidefinder Spyware/Adware (search.html)! Action taken: No Action Taken.

Wed Sep 28 20:49:26 2005 => Offending file found: C:\WINDOWS\iun6002.exe
Wed Sep 28 20:49:27 2005 => System found infected with zipitpro Spyware/Adware (C:\WINDOWS\iun6002.exe)! Action taken: No Action Taken.

Wed Sep 28 20:49:28 2005 => ***** Scanning Registry for errors created because of Adware/Spyware *****
Wed Sep 28 20:49:28 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\bridge.dll". Action Taken: No Action Taken.

Wed Sep 28 20:49:28 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\EPXActiveX.ocx". Action Taken: No Action Taken.

Wed Sep 28 20:49:28 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\EPXActiveX.ocx". Action Taken: No Action Taken.

Wed Sep 28 20:49:28 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:28 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\jao.dll". Action Taken: No Action Taken.

Wed Sep 28 20:49:28 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\WinServAdX.dll". Action Taken: No Action Taken.

Wed Sep 28 20:49:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sh aredDlls" refers to invalid object "C:\WINDOWS\System32\pxsfs.dll". Action Taken: No Action Taken.

Wed Sep 28 20:49:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Paths\Access Animation" refers to invalid object " \Access Animation". Action Taken: No Action Taken.

Wed Sep 28 20:49:44 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts" refers to invalid object ".cue". Action Taken: No Action Taken.

Wed Sep 28 20:49:48 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts" refers to invalid object ".tmp". Action Taken: No Action Taken.

Wed Sep 28 20:49:48 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts" refers to invalid object "OpenWithList". Action Taken: No Action Taken.

Wed Sep 28 20:49:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "7 Sins". Action Taken: No Action Taken.

Wed Sep 28 20:49:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "HSA". Action Taken: No Action Taken.

Wed Sep 28 20:49:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "ieupdate". Action Taken: No Action Taken.

Wed Sep 28 20:49:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "SE". Action Taken: No Action Taken.

Wed Sep 28 20:49:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "SW". Action Taken: No Action Taken.

Wed Sep 28 20:49:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "TotalRecorder". Action Taken: No Action Taken.

Wed Sep 28 20:49:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{8B114997-C963-11D3-BBAD-00C04F5996A7}". Action Taken: No Action Taken.

Wed Sep 28 20:49:52 2005 => Entry "HKCR\CLSID\{0307C2FC-F232-EDE1-4BF8-7624F05D1DEE}" refers to invalid object "C:\WINDOWS\crpv32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:52 2005 => Entry "HKCR\CLSID\{04FC5C29-73C6-99FE-9568-2D6316E0DB4F}" refers to invalid object "C:\WINDOWS\crnr32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:52 2005 => Entry "HKCR\CLSID\{057E1D97-3A53-1F1A-FD6D-FA5C2344A5DF}" refers to invalid object "C:\WINDOWS\d3ib.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:52 2005 => Entry "HKCR\CLSID\{05B85DB3-E432-6A4E-D3D7-5D9E5DFD5431}" refers to invalid object "C:\WINDOWS\system32\ievt32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:54 2005 => Entry "HKCR\CLSID\{0B4E2E69-286C-547A-E9EE-BF0432FD01F7}" refers to invalid object "C:\WINDOWS\system32\crib.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:54 2005 => Entry "HKCR\CLSID\{0B89A942-64AC-11D3-9FEA-C8F1A6C6CF2A}" refers to invalid object "C:\ARCHIV~1\COFFEE~1\GIFANI~1.2\ANIMAT~1.EXE" . Action Taken: No Action Taken.

Wed Sep 28 20:49:54 2005 => Entry "HKCR\CLSID\{0E2A69A9-5FBA-A91E-22B2-D2B496C41E4E}" refers to invalid object "C:\WINDOWS\system32\d3us.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:55 2005 => Entry "HKCR\CLSID\{0F8ADB06-4EB6-8A3C-DE38-22A8C372D6EB}" refers to invalid object "C:\WINDOWS\crzf32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:55 2005 => Entry "HKCR\CLSID\{100B3F33-4839-7778-1238-74EE13F324F7}" refers to invalid object "C:\WINDOWS\system32\ipkz.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:55 2005 => Entry "HKCR\CLSID\{125BB876-1BE0-16B1-E66C-93716C994012}" refers to invalid object "C:\WINDOWS\appvy32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:56 2005 => Entry "HKCR\CLSID\{21F83F1C-4069-C383-5D84-80E64CD2AF79}" refers to invalid object "C:\WINDOWS\ieco32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:56 2005 => Entry "HKCR\CLSID\{22945932-93BE-6286-9899-149FD5427F33}" refers to invalid object "C:\WINDOWS\ntjg32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:56 2005 => Entry "HKCR\CLSID\{233DD594-C22F-4E0B-21DD-822D818235E5}" refers to invalid object "C:\WINDOWS\sdkgg.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:57 2005 => Entry "HKCR\CLSID\{2633C5D2-F1A1-BB5A-A0A8-BC901F6D3E9F}" refers to invalid object "C:\WINDOWS\system32\d3ov.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:57 2005 => Entry "HKCR\CLSID\{2B5958DD-EF4D-21F7-CFE8-EFC977C45596}" refers to invalid object "C:\WINDOWS\addir32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:57 2005 => Entry "HKCR\CLSID\{2B7E95AD-F49A-B2B2-7702-10D4ABFF9B32}" refers to invalid object "C:\WINDOWS\d3zx32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:58 2005 => Entry "HKCR\CLSID\{2E69A97A-3E61-D9CE-04E3-8F75C34029D4}" refers to invalid object "C:\WINDOWS\system32\sysog32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:58 2005 => Entry "HKCR\CLSID\{3180D821-86F8-30E2-1F9E-E86CC208792C}" refers to invalid object "C:\WINDOWS\system32\netrj.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:58 2005 => Entry "HKCR\CLSID\{32D827A8-AC2B-29A7-2AD2-6D029B28F264}" refers to invalid object "C:\WINDOWS\system32\msqd32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:58 2005 => Entry "HKCR\CLSID\{34369A99-BB24-798C-41D3-E2FEAD4CB786}" refers to invalid object "C:\WINDOWS\system32\mfcfx32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:58 2005 => Entry "HKCR\CLSID\{35DC4F42-61BD-5398-B54E-0378BD633F51}" refers to invalid object "C:\WINDOWS\system32\sdkoi32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{391C8EAE-00C0-83C1-EA0C-434567DEFC5C}" refers to invalid object "C:\WINDOWS\javaqr32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{39B54573-EB59-BEF3-1EA2-FEAE4FD46A15}" refers to invalid object "C:\WINDOWS\winex32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{3AB6C899-335B-ADD4-4FA2-945932093BE0}" refers to invalid object "C:\WINDOWS\system32\addch32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{3AEAC494-143F-18FA-E0CF-3ADBF1F53EAE}" refers to invalid object "C:\WINDOWS\atlxh32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{3B6BD7CF-A8BD-33C6-B07F-394EDA710FBB}" refers to invalid object "C:\WINDOWS\apprz.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{3BFF80FF-F6C1-A0E4-EB51-809FDEE4D18D}" refers to invalid object "C:\WINDOWS\netpd32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{42846EB1-4CAB-E649-6198-2A960F80442B}" refers to invalid object "C:\WINDOWS\system32\syssv.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{435F3087-0DE1-2ABE-65E1-0B1AC486D760}" refers to invalid object "C:\WINDOWS\javaau.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{44D75927-0FA5-9E4C-7A72-992B03801E56}" refers to invalid object "C:\WINDOWS\mfccb.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{45C669B4-872B-7FF8-754F-0751711C684D}" refers to invalid object "C:\WINDOWS\wingr.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{483EDD6C-EAC5-3EB7-1D5A-D029E3A169E6}" refers to invalid object "C:\WINDOWS\d3qf.exe". Action Taken: No Action Taken.

Wed Sep 28 20:49:59 2005 => Entry "HKCR\CLSID\{4881744A-7E89-6756-786B-AE85F4FB8E7C}" refers to invalid object "C:\WINDOWS\system32\d3qp32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:00 2005 => Entry "HKCR\CLSID\{4CE6205A-FDD2-7C25-0D87-09FFBD331CB9}" refers to invalid object "C:\WINDOWS\winyi.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:00 2005 => Entry "HKCR\CLSID\{4D413F4F-9C20-427C-0CDA-AB9A7146EDD6}" refers to invalid object "C:\WINDOWS\system32\addjz.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:00 2005 => Entry "HKCR\CLSID\{4F3C81D2-7DB3-5AF2-F525-C43DEE2DA6BD}" refers to invalid object "C:\WINDOWS\appnw.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:00 2005 => Entry "HKCR\CLSID\{52BEF183-766B-5D9B-621E-064B1E94D233}" refers to invalid object "C:\WINDOWS\system32\apieh32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:00 2005 => Entry "HKCR\CLSID\{5427F33A-2D98-11A0-C425-E206DD27AEC4}" refers to invalid object "C:\WINDOWS\appei32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:01 2005 => Entry "HKCR\CLSID\{57B3F21F-DE9E-404A-53B9-436E2FC4EF23}" refers to invalid object "C:\WINDOWS\system32\mfcfk.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:01 2005 => Entry "HKCR\CLSID\{57E74291-4915-A30E-D317-E7F1DF8F72A7}" refers to invalid object "C:\WINDOWS\appgt32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:01 2005 => Entry "HKCR\CLSID\{5C1E8BA7-BCE7-4370-8DA5-F7FAF7E479CB}" refers to invalid object "C:\Archivos de programa\TrueDownloader\truedownloader.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:01 2005 => Entry "HKCR\CLSID\{61A0FDEC-6D48-E6CD-D6CA-00C0C15B89E4}" refers to invalid object "C:\WINDOWS\system32\ntew.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:01 2005 => Entry "HKCR\CLSID\{61C76698-2847-152D-1AE7-93E369847CFF}" refers to invalid object "C:\WINDOWS\system32\addcf32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:01 2005 => Entry "HKCR\CLSID\{630C1B29-F81A-6538-9FE6-4A9319D99374}" refers to invalid object "C:\WINDOWS\ipsi32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:02 2005 => Entry "HKCR\CLSID\{6A44E44A-FDF5-F4A9-F321-CB601544CC72}" refers to invalid object "C:\WINDOWS\sdkcr32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:03 2005 => Entry "HKCR\CLSID\{6BCEB52F-5B91-E4D3-057E-35156B39C0BB}" refers to invalid object "C:\WINDOWS\ntxd.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:03 2005 => Entry "HKCR\CLSID\{6CDC9658-B7DD-8FB2-00AC-B29E410121F6}" refers to invalid object "C:\WINDOWS\system32\appsa32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:03 2005 => Entry "HKCR\CLSID\{6D1F6191-9C3D-D481-353B-BD8150DD54D5}" refers to invalid object "C:\WINDOWS\system32\netmm32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:03 2005 => Entry "HKCR\CLSID\{6D847CE3-474E-CC99-2D4B-DC8A6CB82368}" refers to invalid object "C:\WINDOWS\atlqg.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:03 2005 => Entry "HKCR\CLSID\{711763FC-CFE9-D84A-BEE5-7E41C53C8D18}" refers to invalid object "C:\WINDOWS\system32\ievb32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:03 2005 => Entry "HKCR\CLSID\{747A5B77-A3D2-B9B0-6EF0-DC69120377FC}" refers to invalid object "C:\WINDOWS\system32\netsm32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:04 2005 => Entry "HKCR\CLSID\{80085E12-DA4F-D0CD-0E07-C0213F6EFAF0}" refers to invalid object "C:\WINDOWS\system32\crck.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:04 2005 => Entry "HKCR\CLSID\{83D28460-DACB-8486-B02A-41DFD61A43DA}" refers to invalid object "C:\WINDOWS\sdkga.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{83E32FEA-B5FA-1C43-15DD-FA6D7AE7B1BA}" refers to invalid object "C:\WINDOWS\appok32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{843B6D1B-1B12-32CB-EC24-6B1258F6CB92}" refers to invalid object "C:\WINDOWS\system32\appkv32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{87307907-05A3-86D3-794F-CB87A00966ED}" refers to invalid object "C:\WINDOWS\appne32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{877E70C4-FA6C-FE0D-E2FB-E6550B26C41D}" refers to invalid object "C:\WINDOWS\atlxm32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{88ADBF81-E684-3677-0970-6045A18315AA}" refers to invalid object "C:\WINDOWS\d3rc.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{8BA5FFAA-5966-8787-C0C1-DD58D316D46D}" refers to invalid object "C:\WINDOWS\msah32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{8CA1C8EB-CADE-341F-E5E5-6D485768F234}" refers to invalid object "C:\WINDOWS\winlx32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{8D596D1F-6059-BF74-DFC6-5AC991196BA9}" refers to invalid object "C:\WINDOWS\apixv32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{902845E1-73A2-4534-E093-569B5115F18E}" refers to invalid object "C:\WINDOWS\atlit32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:05 2005 => Entry "HKCR\CLSID\{92A81C8B-5149-277C-F9CF-168C65D9A653}" refers to invalid object "C:\WINDOWS\system32\atlce32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:06 2005 => Entry "HKCR\CLSID\{963F47DB-894B-0D83-E961-865D9B1BB7E7}" refers to invalid object "C:\WINDOWS\system32\sysjh.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:06 2005 => Entry "HKCR\CLSID\{99C95C33-4277-7B88-6E19-FEADD02B32FB}" refers to invalid object "C:\WINDOWS\system32\msrz.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:06 2005 => Entry "HKCR\CLSID\{9B6E0B26-ADD7-F6ED-302E-E2B7175B9DB5}" refers to invalid object "C:\WINDOWS\system32\netbz.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:06 2005 => Entry "HKCR\CLSID\{9FBEA8A0-5509-89CE-7DCE-68D29341C6B3}" refers to invalid object "C:\WINDOWS\addvy.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:06 2005 => Entry "HKCR\CLSID\{A147ADF5-6FA8-8823-BFB1-10094EC22A64}" refers to invalid object "C:\WINDOWS\system32\sdkvf32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:06 2005 => Entry "HKCR\CLSID\{A1BBF9BF-169E-22AC-FA8E-6D7C3BA37124}" refers to invalid object "C:\WINDOWS\system32\atldg.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:06 2005 => Entry "HKCR\CLSID\{A5ED1010-4CC4-D2AD-A198-B3366D196EB6}" refers to invalid object "C:\WINDOWS\system32\addjx.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:07 2005 => Entry "HKCR\CLSID\{A8CEB7C1-ABF9-D758-7AF8-779EFE938012}" refers to invalid object "C:\WINDOWS\system32\apivx.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:07 2005 => Entry "HKCR\CLSID\{B1D0D6D5-41A5-1819-733A-367C0901C2BF}" refers to invalid object "C:\WINDOWS\ntni.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:07 2005 => Entry "HKCR\CLSID\{B287A23E-E906-094B-7B6C-AAF6C661AF0C}" refers to invalid object "C:\WINDOWS\system32\ipox32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:07 2005 => Entry "HKCR\CLSID\{B41258BC-C380-7656-0849-983BE2CD8EAB}" refers to invalid object "C:\WINDOWS\system32\mfchc32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:07 2005 => Entry "HKCR\CLSID\{B8508712-092B-249A-BCB4-9FEAE3120034}" refers to invalid object "C:\WINDOWS\appnm32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:07 2005 => Entry "HKCR\CLSID\{BB4CE404-4B19-B1A0-FEB5-14ABD73537CD}" refers to invalid object "C:\WINDOWS\sysiw32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:07 2005 => Entry "HKCR\CLSID\{BD798B29-54D1-6E3B-124B-2E2DE42315FF}" refers to invalid object "C:\WINDOWS\apiyv32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:08 2005 => Entry "HKCR\CLSID\{C2F6800B-CD2C-81A1-C99E-A931743763C4}" refers to invalid object "C:\WINDOWS\system32\sysqn.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:09 2005 => Entry "HKCR\CLSID\{C66A3616-0CC4-44C7-43DE-E98D884A7960}" refers to invalid object "C:\WINDOWS\ntax32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:09 2005 => Entry "HKCR\CLSID\{C94CC0B3-CFDE-917B-D9E1-63F353897ACB}" refers to invalid object "C:\WINDOWS\system32\crop.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:09 2005 => Entry "HKCR\CLSID\{C991016F-27D8-1DFE-DCE6-1C5B7CFF31C9}" refers to invalid object "C:\WINDOWS\system32\atlzp.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:09 2005 => Entry "HKCR\CLSID\{CC5CF194-C644-2D4C-6308-FE15B62594CD}" refers to invalid object "C:\WINDOWS\system32\winxa.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:09 2005 => Entry "HKCR\CLSID\{CF7AE88E-CA0B-46F7-A085-61C72B2E7058}" refers to invalid object "C:\WINDOWS\system32\iegm.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:09 2005 => Entry "HKCR\CLSID\{D30C207E-6CB5-DBEC-6A71-E973BA5F538F}" refers to invalid object "C:\WINDOWS\appmz.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{D5235910-658F-B039-CDB0-61BB04D6D1C2}" refers to invalid object "C:\WINDOWS\system32\mfcll32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{D6E3B9B5-FA74-81A4-F3BD-7CE86BF07130}" refers to invalid object "C:\WINDOWS\system32\atlda32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{D77204CB-321B-10E4-D5A1-AEB84D72850A}" refers to invalid object "C:\WINDOWS\syslj32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{D7A96521-FD3D-55DF-5126-F15D9E5AA1BB}" refers to invalid object "C:\WINDOWS\system32\mfcvg.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{D849D7B8-DACB-6FCC-8044-662633C47DE2}" refers to invalid object "C:\WINDOWS\system32\d3dl.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{D8EA94FA-AA3F-86D1-168D-AEDB088AF55A}" refers to invalid object "C:\WINDOWS\winre.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{DB2E7681-5FAF-53DF-1E94-0094D6C7D539}" refers to invalid object "C:\WINDOWS\sdkrs32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{DCA150CB-4E21-4263-6619-7F0D4770649C}" refers to invalid object "C:\WINDOWS\mfcqx.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{DCA27F32-C5B2-8B2A-DC0F-61A5455E9F68}" refers to invalid object "C:\WINDOWS\msxx32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{DCDD8387-6794-0B02-0372-FA6D4B2B2C2F}" refers to invalid object "C:\WINDOWS\system32\applv.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{DD270B47-EE4F-D263-D276-7EA31BC9040D}" refers to invalid object "C:\WINDOWS\system32\winci32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{DEA899F9-CE61-175D-C435-558B1E932CB7}" refers to invalid object "C:\WINDOWS\system32\javawq32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{E09FC5BD-5DB6-DF96-5713-487680CE66C8}" refers to invalid object "C:\WINDOWS\sdkkx.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{E10D3F6C-5F6F-0C3C-9037-A0A5C2B10E8A}" refers to invalid object "C:\WINDOWS\mstm32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{E2B194D4-E08C-3F49-782F-7B9E430E40EC}" refers to invalid object "C:\WINDOWS\ieip.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{E2D3D070-5945-CCCD-343D-041A1707FBD5}" refers to invalid object "C:\WINDOWS\appay.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{E56141AE-0A73-BD27-9D6E-200284CDFA5F}" refers to invalid object "C:\WINDOWS\system32\addus.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:10 2005 => Entry "HKCR\CLSID\{EF0C1D7B-5AF0-EBC2-6CB7-4E0D9A747F17}" refers to invalid object "C:\WINDOWS\atlbr.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{F5DA8CA1-82EA-1209-81A5-B11958BF6D88}" refers to invalid object "C:\WINDOWS\apiwr32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{F852086B-10E6-4743-9A3F-D8257A0A59E3}" refers to invalid object "C:\Archivos de programa\DAP\DAPBHO.dll". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{F8DC7205-801E-797E-3144-957735C5F605}" refers to invalid object "C:\WINDOWS\system32\sdkei.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{FA085142-7792-EE91-1C4F-2063CF02B2B6}" refers to invalid object "C:\WINDOWS\atljs32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{FA19BAA0-E87A-FD0E-E124-94D86EF27090}" refers to invalid object "C:\WINDOWS\iemx.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{FA47F0E6-8F9D-8D23-CE86-CAB7ADE13266}" refers to invalid object "C:\WINDOWS\system32\mswr32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{FAA77FEF-83E6-CC64-BAD4-BD84B1D066C6}" refers to invalid object "C:\WINDOWS\system32\winuy.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{FB035E66-77FD-5B56-0877-4D55B4D84601}" refers to invalid object "C:\WINDOWS\ipfu.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{FC68B757-7DA9-BB34-0E62-5F572D8C3721}" refers to invalid object "C:\WINDOWS\system32\addgk.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{FE0AAB93-86EB-567D-1206-035BABA516D5}" refers to invalid object "C:\WINDOWS\d3lg32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:11 2005 => Entry "HKCR\CLSID\{FEF3F3C3-EBAC-E160-BD3E-68181BBD3E94}" refers to invalid object "C:\WINDOWS\system32\netox32.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:12 2005 => Entry "HKCR\TypeLib\{210EBF60-63C8-11D3-B8A0-D96282894038}" refers to invalid object "C:\Archivos de programa\CoffeeCup Software\GIF Animator 6.2\Animator6.exe". Action Taken: No Action Taken.

Wed Sep 28 20:50:13 2005 => Entry "HKCR\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}" refers to invalid object "C:\WINDOWS\system32\AniGIF.ocx". Action Taken: No Action Taken.

Wed Sep 28 20:50:16 2005 => Entry "HKCR\.UMX" refers to invalid object "Winamp3.File". Action Taken: No Action Taken.

Wed Sep 28 20:50:18 2005 => Entry "HKCR\DAIE.DownloadAcceleratorIE" refers to invalid object "{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}". Action Taken: No Action Taken.

Wed Sep 28 20:50:18 2005 => Entry "HKCR\DAIE.DownloadAcceleratorIE.1" refers to invalid object "{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E}". Action Taken: No Action Taken.

Wed Sep 28 20:50:18 2005 => Entry "HKCR\DAPBHO.DAPHelper" refers to invalid object "{0000CC75-ACF3-4cac-A0A9-DD3868E06852}". Action Taken: No Action Taken.

Wed Sep 28 20:50:18 2005 => Entry "HKCR\DAPBHO.DAPHelper.1" refers to invalid object "{0000CC75-ACF3-4cac-A0A9-DD3868E06852}". Action Taken: No Action Taken.

Wed Sep 28 20:50:21 2005 => Entry "HKCR\KoolMoves.Document\shell\open\command" refers to invalid object "C:\ARCHIV~1\KOOLMO~1\KOOLMO~1.EXE "%1"". Action Taken: No Action Taken.



sigue...

Wed Sep 28 20:50:36 2005 => Archivo C:\WINDOWS\addeo32.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:37 2005 => Archivo C:\WINDOWS\addnm.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:37 2005 => Archivo C:\WINDOWS\addxu.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:38 2005 => Archivo C:\WINDOWS\addyk32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:39 2005 => File C:\WINDOWS\apilf.dll tagged as "not-a-virus:AdWare.Searcher.o". Action Taken: No Action Taken.
Wed Sep 28 20:50:40 2005 => Archivo C:\WINDOWS\apixw.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:41 2005 => Archivo C:\WINDOWS\apppn32.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:41 2005 => Archivo C:\WINDOWS\atllf.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:42 2005 => Archivo C:\WINDOWS\atlyj32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:42 2005 => Archivo C:\WINDOWS\atlyv32.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:45 2005 => Archivo C:\WINDOWS\crgs.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:45 2005 => Archivo C:\WINDOWS\crre32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:46 2005 => Archivo C:\WINDOWS\d3jr.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:46 2005 => Archivo C:\WINDOWS\d3qq32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:46 2005 => Archivo C:\WINDOWS\d3ug32.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:47 2005 => Archivo C:\WINDOWS\d3yg.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:58 2005 => Archivo C:\WINDOWS\iebe32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:50:59 2005 => Archivo C:\WINDOWS\ieuu.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:01 2005 => Archivo C:\WINDOWS\ipcs.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:01 2005 => Archivo C:\WINDOWS\ipph32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:01 2005 => Archivo C:\WINDOWS\ipxa.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:05 2005 => Archivo C:\WINDOWS\javajw32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:05 2005 => Archivo C:\WINDOWS\javapf32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:05 2005 => Archivo C:\WINDOWS\javapo.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:09 2005 => Archivo C:\WINDOWS\mfcgm.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:09 2005 => Archivo C:\WINDOWS\mfclp32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:09 2005 => Archivo C:\WINDOWS\mfcow.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:10 2005 => Archivo C:\WINDOWS\mfcyf32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:11 2005 => Archivo C:\WINDOWS\msjh.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:11 2005 => Archivo C:\WINDOWS\msng.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:11 2005 => Archivo C:\WINDOWS\mspz.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:12 2005 => Archivo C:\WINDOWS\mssx.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:12 2005 => Archivo C:\WINDOWS\msuo.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:13 2005 => Archivo C:\WINDOWS\msws32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:13 2005 => Archivo C:\WINDOWS\mszx32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:14 2005 => Archivo C:\WINDOWS\netaj32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:15 2005 => Archivo C:\WINDOWS\netnm.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:15 2005 => Archivo C:\WINDOWS\netzf.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:16 2005 => Archivo C:\WINDOWS\ntaq.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:17 2005 => Archivo C:\WINDOWS\ntku.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:25 2005 => Archivo C:\WINDOWS\sdkam.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:26 2005 => Archivo C:\WINDOWS\sdked32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:26 2005 => Archivo C:\WINDOWS\sdkop.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:29 2005 => Archivo C:\WINDOWS\sysvz32.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:36 2005 => Archivo C:\WINDOWS\wingm32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:37 2005 => Archivo C:\WINDOWS\winpf.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:39 2005 => Archivo C:\WINDOWS\System32\.pif infectado por "Trojan-Downloader.BAT.Ftp.z" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:43 2005 => Archivo C:\WINDOWS\System32\apidt32.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:43 2005 => Archivo C:\WINDOWS\System32\apivg.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:43 2005 => Archivo C:\WINDOWS\System32\apiwi32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:44 2005 => Archivo C:\WINDOWS\System32\appcy32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:44 2005 => Archivo C:\WINDOWS\System32\appph.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:45 2005 => Archivo C:\WINDOWS\System32\apppt.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:46 2005 => Archivo C:\WINDOWS\System32\atlhr32.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:51:46 2005 => Archivo C:\WINDOWS\System32\atlii.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:01 2005 => Archivo C:\WINDOWS\System32\criw.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:01 2005 => Archivo C:\WINDOWS\System32\crjo32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:02 2005 => Archivo C:\WINDOWS\System32\crjq32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:02 2005 => Archivo C:\WINDOWS\System32\crlf.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:02 2005 => Archivo C:\WINDOWS\System32\crlo.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:06 2005 => Archivo C:\WINDOWS\System32\d3ve.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:47 2005 => Archivo C:\WINDOWS\System32\iezh32.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:54 2005 => Archivo C:\WINDOWS\System32\ipqi32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:57 2005 => Archivo C:\WINDOWS\System32\javahp.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:57 2005 => Archivo C:\WINDOWS\System32\javahs.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:52:58 2005 => Archivo C:\WINDOWS\System32\javare.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:15 2005 => Archivo C:\WINDOWS\System32\mfcax.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:16 2005 => Archivo C:\WINDOWS\System32\mfchs32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:16 2005 => Archivo C:\WINDOWS\System32\mfclv32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:26 2005 => Archivo C:\WINDOWS\System32\msdn.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:27 2005 => Archivo C:\WINDOWS\System32\msfo.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:30 2005 => Archivo C:\WINDOWS\System32\mskn.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:37 2005 => Archivo C:\WINDOWS\System32\msze32.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:39 2005 => Archivo C:\WINDOWS\System32\netff32.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:40 2005 => Archivo C:\WINDOWS\System32\netmv32.exe infectado por "Trojan.Win32.Agent.bi" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:41 2005 => Archivo C:\WINDOWS\System32\netws32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:41 2005 => Archivo C:\WINDOWS\System32\netyb32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:41 2005 => Archivo C:\WINDOWS\System32\netyy32.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:43 2005 => Archivo C:\WINDOWS\System32\ntcy.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:53:46 2005 => Archivo C:\WINDOWS\System32\ntqe.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:54:12 2005 => Archivo C:\WINDOWS\System32\sdkum.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:54:22 2005 => Archivo C:\WINDOWS\System32\sysog.exe infectado por "Trojan-Downloader.Win32.Agent.bq" Virus. Acción Tomada: No Action Taken.
Wed Sep 28 20:54:22 2005 => Archivo C:\WINDOWS\System32\sysrt.dll infectado por "Trojan-Downloader.Win32.Agent.bc" Virus. Acción Tomada: No Action Taken.



No se si era esto lo que pedias que copie.

Saludos.

Hola nuevamente, sigue estos pasos:

- Sigue los 11 pasos fundamentales para una buena eliminacion, no te saltes ningun paso.

- Pasa al menos 2 Antivirus Online de preferencia Kaspersky, Trend Micro y EWIDO.

- Pasa el Regseeker para Limpiar el Registro pásalo hasta q no quede nada para eliminar.

- Pasa el MWAV y pega otro reporte, pero solo los que se muestran como infectados por favor.

- Reinicia la maquina y nos cuentas los resultados.

Saludos

__________________

El regseeker me da una ventana que dice "Indice de liste hors limites (0)". No se si esta bien o no?

Por el momento vamos a saltarnos ese inconveniente con el regseeker y pega otro reporte de MWAV pero solo pega las entradas reconocidas como infectadas.

Saludos

__________________

Aca te dejo lo que pedias.

Sun Oct 02 2258 2005 => ERROR!!! Invalid Entry \SystemRoot\system32\drivers\av5flt.sys in SYSTEM\CurrentControlSet\Services\AvFlt...
Sun Oct 02 22:11:55 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({371d0743-7a57-11d2-ad5a-00105a17b608})! Action taken: No Action Taken.
Sun Oct 02 22:11:58 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({4f99a075-5227-11d2-ad06-00105a17b608})! Action taken: No Action Taken.
Sun Oct 02 22:11:59 2005 => System found infected with cws.homesearch Browser Hijacker ({6f52aa3b-3e87-c242-6ec0-23373b9c1426})! Action taken: No Action Taken.
Sun Oct 02 22:12:01 2005 => System found infected with smartfinder Spyware/Adware ({9331bd47-3ca2-b77d-8df9-1e8a3da4557f})! Action taken: No Action Taken.
Sun Oct 02 22:12:07 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({ca4fc24b-c65c-11d1-aa6f-000000000000})! Action taken: No Action Taken.
Sun Oct 02 22:12:08 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({ddd136ce-517b-11d2-ad03-00105a17b608})! Action taken: No Action Taken.
Sun Oct 02 22:12:08 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger ({e9d55102-9683-11d2-ba68-0040053687fe})! Action taken: No Action Taken.
Sun Oct 02 22:12:09 2005 => System found infected with powerstrip Spyware/Adware ({669695bc-a811-4a9d-8cdf-ba8c795f261c})! Action taken: No Action Taken.
Sun Oct 02 22:12:09 2005 => System found infected with powerstrip Spyware/Adware ({669695bc-a811-4a9d-8cdf-ba8c795f261c})! Action taken: No Action Taken.
Sun Oct 02 22:12:17 2005 => System found infected with powerstrip Spyware/Adware ({669695bc-a811-4a9d-8cdf-ba8c795f261c})! Action taken: No Action Taken.
Sun Oct 02 22:12:19 2005 => Offending Key found: HKLM\Software\gnu !!!
Sun Oct 02 22:12:19 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sun Oct 02 22:12:19 2005 => Offending Key found: HKLM\Software\kazaa !!!
Sun Oct 02 22:12:19 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sun Oct 02 22:12:20 2005 => Offending Key found: HKCU\Software\gnu !!!
Sun Oct 02 22:12:20 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sun Oct 02 22:12:20 2005 => Offending Key found: HKCU\Software\kazaa !!!
Sun Oct 02 22:12:20 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sun Oct 02 22:12:22 2005 => Offending Key found: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupReg\bullseye network !!!
Sun Oct 02 22:12:22 2005 => Object "bargainbuddy Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sun Oct 02 22:12:26 2005 => Offending file found: C:\WINDOWS\gpinstall.exe
Sun Oct 02 22:12:26 2005 => System found infected with conducent flexpak Spyware/Adware (gpinstall.exe)! Action taken: No Action Taken.

Sun Oct 02 22:12:28 2005 => Offending Folder found: C:\WINDOWS\DOWNLO~1\conflict.1
Sun Oct 02 22:12:28 2005 => Object "180solutions Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sun Oct 02 22:12:29 2005 => Offending file found: C:\WINDOWS\System32\appsj.exe
Sun Oct 02 22:12:29 2005 => System found infected with cws.homesearch Browser Hijacker (appsj.exe)! Action taken: No Action Taken.

Sun Oct 02 22:12:29 2005 => Offending file found: C:\WINDOWS\System32\atlmr32.exe
Sun Oct 02 22:12:29 2005 => System found infected with cws.homesearch Browser Hijacker (atlmr32.exe)! Action taken: No Action Taken.

Sun Oct 02 22:12:29 2005 => Offending file found: C:\WINDOWS\System32\dartsock.dll
Sun Oct 02 22:12:29 2005 => System found infected with spywareno!/spysheriff Commercial KeyLogger (dartsock.dll)! Action taken: No Action Taken.

Sun Oct 02 22:12:31 2005 => Offending file found: C:\WINDOWS\System32\usbmonit.exe
Sun Oct 02 22:12:31 2005 => System found infected with purityscan Spyware/Adware (usbmonit.exe)! Action taken: No Action Taken.

Sun Oct 02 22:13:39 2005 => Offending file found: C:\Documents and Settings\usuario\Menú Inicio\programas\inicio\powerreg scheduler.exe
Sun Oct 02 22:13:40 2005 => System found infected with powerreg scheduler Spyware/Adware (powerreg scheduler.exe)! Action taken: No Action Taken.

Sun Oct 02 22:13:41 2005 => Offending file found: C:\Documents and Settings\usuario\Menú Inicio\Programas\inicio\powerreg scheduler.exe
Sun Oct 02 22:13:41 2005 => System found infected with powerreg scheduler Spyware/Adware (powerreg scheduler.exe)! Action taken: No Action Taken.

Sun Oct 02 22:13:41 2005 => Offending file found: C:\Documents and Settings\usuario\Menú Inicio\Programas\Inicio\powerreg scheduler.exe
Sun Oct 02 22:13:41 2005 => System found infected with powerreg scheduler Spyware/Adware (powerreg scheduler.exe)! Action taken: No Action Taken.

Sun Oct 02 22:13:42 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\archivos temporales de internet\content.ie5\4x2jkroj\index[1].html
Sun Oct 02 22:13:42 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.

Sun Oct 02 22:13:42 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\archivos temporales de internet\content.ie5\4x2jkroj\show_ads[2].js
Sun Oct 02 22:13:42 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.

Sun Oct 02 22:13:43 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\archivos temporales de internet\content.ie5\5td4y51x\index[1].html
Sun Oct 02 22:13:43 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.

Sun Oct 02 22:13:45 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\archivos temporales de internet\content.ie5\q56bqvsf\stylesheet[1].css
Sun Oct 02 22:13:45 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken.

Sun Oct 02 22:13:48 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\archivos temporales de internet\search.html
Sun Oct 02 22:13:48 2005 => System found infected with whenu.sidefinder Spyware/Adware (search.html)! Action taken: No Action Taken.

Sun Oct 02 22:13:50 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\temp\archivos temporales de internet\content.ie5\elwp4vof\index[1].html
Sun Oct 02 22:13:50 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.

Sun Oct 02 22:13:50 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\temp\archivos temporales de internet\content.ie5\shsvenkj\index[1].html
Sun Oct 02 22:13:50 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.

Sun Oct 02 22:13:51 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\temp\archivos temporales de internet\content.ie5\shsvenkj\show_ads[2].js
Sun Oct 02 22:13:51 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.

Sun Oct 02 22:13:52 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\Archivos temporales de Internet\content.ie5\4x2jkroj\index[1].html
Sun Oct 02 22:13:52 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.

Sun Oct 02 22:13:52 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\Archivos temporales de Internet\content.ie5\4x2jkroj\show_ads[2].js
Sun Oct 02 22:13:52 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.

Sun Oct 02 22:13:52 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\Archivos temporales de Internet\content.ie5\5td4y51x\index[1].html
Sun Oct 02 22:13:52 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.

Sun Oct 02 22:13:52 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\Archivos temporales de Internet\content.ie5\q56bqvsf\stylesheet[1].css
Sun Oct 02 22:13:52 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken.

Sun Oct 02 22:13:52 2005 => Offending file found: C:\Documents and Settings\usuario\Configuración local\Archivos temporales de Internet\search.html
Sun Oct 02 22:13:52 2005 => System found infected with whenu.sidefinder Spyware/Adware (search.html)! Action taken: No Action Taken.

Sun Oct 02 22:14:31 2005 => Offending file found: C:\WINDOWS\iun6002.exe
Sun Oct 02 22:14:32 2005 => System found infected with zipitpro Spyware/Adware (C:\WINDOWS\iun6002.exe)! Action taken: No Action Taken.


Sun Oct 02 22:14:37 2005 => ***** Scanning Registry for errors created because of Adware/Spyware *****
Sun Oct 02 22:14:37 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\bridge.dll". Action Taken: No Action Taken.

Sun Oct 02 22:14:37 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\EPXActiveX.ocx". Action Taken: No Action Taken.

Sun Oct 02 22:14:37 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\EPXActiveX.ocx". Action Taken: No Action Taken.

Sun Oct 02 22:14:37 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\exe". Action Taken: No Action Taken.

Sun Oct 02 22:14:37 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\jao.dll". Action Taken: No Action Taken.

Sun Oct 02 22:14:38 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Mo duleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\WinServAdX.dll". Action Taken: No Action Taken.

Sun Oct 02 22:14:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sh aredDlls" refers to invalid object "C:\WINDOWS\System32\pxsfs.dll". Action Taken: No Action Taken.

Sun Oct 02 22:14:49 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Paths\Access Animation" refers to invalid object " \Access Animation". Action Taken: No Action Taken.

Sun Oct 02 22:15:06 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts" refers to invalid object ".cue". Action Taken: No Action Taken.

Sun Oct 02 22:15:09 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts" refers to invalid object ".tmp". Action Taken: No Action Taken.

Sun Oct 02 22:15:10 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts" refers to invalid object "OpenWithList". Action Taken: No Action Taken.

Sun Oct 02 22:15:10 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "7 Sins". Action Taken: No Action Taken.

Sun Oct 02 22:15:10 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "HSA". Action Taken: No Action Taken.

Sun Oct 02 22:15:10 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "ieupdate". Action Taken: No Action Taken.

Sun Oct 02 22:15:11 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "SE". Action Taken: No Action Taken.

Sun Oct 02 22:15:11 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "SW". Action Taken: No Action Taken.

Sun Oct 02 22:15:11 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "TotalRecorder". Action Taken: No Action Taken.

Sun Oct 02 22:15:11 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ap p Management\ARPCache" refers to invalid object "{8B114997-C963-11D3-BBAD-00C04F5996A7}". Action Taken: No Action Taken.

Sun Oct 02 22:15:13 2005 => Entry "HKCR\CLSID\{027B9E65-68EB-75C0-A5E9-2C012E239AE9}" refers to invalid object "C:\WINDOWS\apppn32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:13 2005 => Entry "HKCR\CLSID\{0307C2FC-F232-EDE1-4BF8-7624F05D1DEE}" refers to invalid object "C:\WINDOWS\crpv32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:13 2005 => Entry "HKCR\CLSID\{03FE902B-EC6C-21E6-091F-066D322A5D80}" refers to invalid object "C:\WINDOWS\system32\criw.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:14 2005 => Entry "HKCR\CLSID\{044B07DC-D9CD-5676-8F67-6BB1B83AEAA2}" refers to invalid object "C:\WINDOWS\atlyv32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:14 2005 => Entry "HKCR\CLSID\{04FC5C29-73C6-99FE-9568-2D6316E0DB4F}" refers to invalid object "C:\WINDOWS\crnr32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:14 2005 => Entry "HKCR\CLSID\{057E1D97-3A53-1F1A-FD6D-FA5C2344A5DF}" refers to invalid object "C:\WINDOWS\d3ib.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:14 2005 => Entry "HKCR\CLSID\{05B85DB3-E432-6A4E-D3D7-5D9E5DFD5431}" refers to invalid object "C:\WINDOWS\system32\ievt32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:16 2005 => Entry "HKCR\CLSID\{0AEA011A-C897-2D3F-C986-EC75AD013C2F}" refers to invalid object "C:\WINDOWS\system32\netmv32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:16 2005 => Entry "HKCR\CLSID\{0B4E2E69-286C-547A-E9EE-BF0432FD01F7}" refers to invalid object "C:\WINDOWS\system32\crib.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:16 2005 => Entry "HKCR\CLSID\{0B89A942-64AC-11D3-9FEA-C8F1A6C6CF2A}" refers to invalid object "C:\ARCHIV~1\COFFEE~1\GIFANI~1.2\ANIMAT~1.EXE" . Action Taken: No Action Taken.

Sun Oct 02 22:15:16 2005 => Entry "HKCR\CLSID\{0E2A69A9-5FBA-A91E-22B2-D2B496C41E4E}" refers to invalid object "C:\WINDOWS\system32\d3us.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:17 2005 => Entry "HKCR\CLSID\{0F8ADB06-4EB6-8A3C-DE38-22A8C372D6EB}" refers to invalid object "C:\WINDOWS\crzf32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:17 2005 => Entry "HKCR\CLSID\{100B3F33-4839-7778-1238-74EE13F324F7}" refers to invalid object "C:\WINDOWS\system32\ipkz.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:17 2005 => Entry "HKCR\CLSID\{125BB876-1BE0-16B1-E66C-93716C994012}" refers to invalid object "C:\WINDOWS\appvy32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:17 2005 => Entry "HKCR\CLSID\{1330D447-4374-E3AD-E16D-E44BD63F035B}" refers to invalid object "C:\WINDOWS\d3ug32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:19 2005 => Entry "HKCR\CLSID\{21F83F1C-4069-C383-5D84-80E64CD2AF79}" refers to invalid object "C:\WINDOWS\ieco32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:19 2005 => Entry "HKCR\CLSID\{22945932-93BE-6286-9899-149FD5427F33}" refers to invalid object "C:\WINDOWS\ntjg32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:20 2005 => Entry "HKCR\CLSID\{233DD594-C22F-4E0B-21DD-822D818235E5}" refers to invalid object "C:\WINDOWS\sdkgg.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:21 2005 => Entry "HKCR\CLSID\{2633C5D2-F1A1-BB5A-A0A8-BC901F6D3E9F}" refers to invalid object "C:\WINDOWS\system32\d3ov.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:23 2005 => Entry "HKCR\CLSID\{2B5958DD-EF4D-21F7-CFE8-EFC977C45596}" refers to invalid object "C:\WINDOWS\addir32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:23 2005 => Entry "HKCR\CLSID\{2B7E95AD-F49A-B2B2-7702-10D4ABFF9B32}" refers to invalid object "C:\WINDOWS\d3zx32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:23 2005 => Entry "HKCR\CLSID\{2E69A97A-3E61-D9CE-04E3-8F75C34029D4}" refers to invalid object "C:\WINDOWS\system32\sysog32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:24 2005 => Entry "HKCR\CLSID\{3180D821-86F8-30E2-1F9E-E86CC208792C}" refers to invalid object "C:\WINDOWS\system32\netrj.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:24 2005 => Entry "HKCR\CLSID\{32D827A8-AC2B-29A7-2AD2-6D029B28F264}" refers to invalid object "C:\WINDOWS\system32\msqd32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:24 2005 => Entry "HKCR\CLSID\{34369A99-BB24-798C-41D3-E2FEAD4CB786}" refers to invalid object "C:\WINDOWS\system32\mfcfx32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:25 2005 => Entry "HKCR\CLSID\{35DC4F42-61BD-5398-B54E-0378BD633F51}" refers to invalid object "C:\WINDOWS\system32\sdkoi32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:26 2005 => Entry "HKCR\CLSID\{391C8EAE-00C0-83C1-EA0C-434567DEFC5C}" refers to invalid object "C:\WINDOWS\javaqr32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:26 2005 => Entry "HKCR\CLSID\{39B54573-EB59-BEF3-1EA2-FEAE4FD46A15}" refers to invalid object "C:\WINDOWS\winex32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:26 2005 => Entry "HKCR\CLSID\{3AB6C899-335B-ADD4-4FA2-945932093BE0}" refers to invalid object "C:\WINDOWS\system32\addch32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:26 2005 => Entry "HKCR\CLSID\{3AEAC494-143F-18FA-E0CF-3ADBF1F53EAE}" refers to invalid object "C:\WINDOWS\atlxh32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:26 2005 => Entry "HKCR\CLSID\{3B6BD7CF-A8BD-33C6-B07F-394EDA710FBB}" refers to invalid object "C:\WINDOWS\apprz.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:26 2005 => Entry "HKCR\CLSID\{3BFF80FF-F6C1-A0E4-EB51-809FDEE4D18D}" refers to invalid object "C:\WINDOWS\netpd32.exe". Action Taken: No Action Taken.

Sun Oct 02 22:15:28 2005 => Entry "HKCR\CLSID\{42846EB1-4CAB-E649-6198-2A960F80442B}" refers to invalid object "C:\WINDOWS\system32\syssv.exe". Action Taken: No A