Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Hola, he tenido problemas para usar programas que utilizan P2P (bueno, nunca se conectan), estaba utilizando como antivirus el BitDefender pero al intentar escanear la PC se cerraba solo al llegar a al 50% y al hacerlo con el Ad-Aware llegaba a un punto que se inhibía.
Bajé la version beta del Panda 2007 y encontro algunos archivos del sistema infectados y muchos con spyware en C: (como 190). Sin embargo sigo sin poder usar las aplicaciones P2P y algunas cosas que se habían vuelto lentas, sigen estándolo.
Por eso quiero ver si me pueden ayudar revisando mi .log a ver si hay algo malo. lo corrí en modo a prueba de fallos.

De antemano, Gracias.


Logfile of HijackThis v1.99.1
Scan saved at 07:40:27 p.m., on 26/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearflix.com/mx/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: BearShare MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare MediaBar\MediaBar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Samsung Mutimedia Keyboard.lnk = ?
O8 - Extra context menu item: &Search - http://kq.bar.need2find.com/KQ/menusearch.html?p=KQ
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1153071088828
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Hola -ORLO-, te doy la bienvenida al Foro de InfoSpyware

Ya que tu log de HijackThis tiene unos días y puede que haya sufrido algunos cambios, seguí primero estos pasos y luego generas un nuevo log y lo pegas en este mismo mensaje.

Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

Descarga, actualiza y ejecuta

• AVG Antispyware 7.5
• SuperAntiSpyware

Realiza un escaneo online con "Panda ActiveScan Online" y nos dejas sus reportes en este mismo mensaje.

Salu2

Ya hice todos los pasos en el orden que aparecen. Los logs del AVG Antispyware y del SuperAntiSpyware son estos:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 09:52:15 p.m. 30/03/2007

+ Scan result:



HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1\Level_0\Seqn_4492 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0\Seqn_1116 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0\Seqn_1524 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0\Seqn_1553 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0\Seqn_1641 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices\Queue -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices\Status -> Adware.Cydoor : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\ag_ShopperReports.xm l -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\ag_ShopperReports.xm l.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\aggr_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\send_ShopperReports. xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\send_ShopperReports. xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\send_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\orlogq\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\HP_Owner\Start Menu\Programs\WhenU -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\HP_Owner\Start Menu\Programs\WhenU\Learn More About WhenU Save.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\HP_Owner\Start Menu\Programs\WhenU\Learn More About WhenU SaveNow.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\HP_Owner\Start Menu\Programs\WhenU\WhenU.com Website.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@msnportal.112.2 o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc101.txt -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc149.txt -> TrackingCookie.2o7 : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc171.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\orlogq\Cookies\orlogq@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\orlogq\Cookies\orlogq@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc183.txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned.
C:\Documents and Settings\eguerraq\Cookies\eguerraq@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned.
C:\Documents and Settings\orlogq\Cookies\orlogq@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc238.txt -> TrackingCookie.Belstat : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads44.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
C:\Documents and Settings\orlogq\Cookies\orlogq@ads45.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc22.txt -> TrackingCookie.Bpath : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc65.txt -> TrackingCookie.Connextra : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc20.txt -> TrackingCookie.Euroclick : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc113.txt -> TrackingCookie.Gemius : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc84.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@komtrack[2].txt -> TrackingCookie.Komtrack : Cleaned.
C:\Documents and Settings\orlogq\Cookies\orlogq@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@image.mastersta ts[1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc120.txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@feedback.search .msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ie.search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mx.feedback.sea rch.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\orlogq\Cookies\orlogq@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc118.txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@need2find[1].txt -> TrackingCookie.Need2find : Cleaned.
C:\Documents and Settings\eguerraq\Cookies\eguerraq@need2find[1].txt -> TrackingCookie.Need2find : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@data1.perf.over ture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@data2.perf.over ture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\eguerraq\Cookies\eguerraq@data2.perf.over ture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads-205.quarterserver[2].txt -> TrackingCookie.Quarterserver : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@realguide.real[1].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.realcastmed ia[2].txt -> TrackingCookie.Realcastmedia : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc181.txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adopt.specificc lick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1014\Dc5.txt -> TrackingCookie.Starware : Cleaned.
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc205.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server3.web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\eguerraq\Cookies\eguerraq@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end

SUPERAntiSpyware Scan Log
Generated 03/30/2007 at 10:58 PM

Application Version : 3.6.1000

Core Rules Database Version : 3210
Trace Rules Database Version: 1220

Scan type : Complete Scan
Total Scan Time : 00:59:49

Memory items scanned : 621
Memory threats detected : 0
Registry items scanned : 6721
Registry threats detected : 0
File items scanned : 73805
File threats detected : 268

Adware.Tracking Cookie
C:\Documents and Settings\betogq\Cookies\betogq@3.adbrite[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@ad-creatividades.infojobs[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@ad.adocean[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@ad.wz[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@ad.zanox[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@adopt.specificclick[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@adrevolver.mtvla[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@ads.adbrite[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@ads.azalorea[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@ads.e-planning[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@ads.superboletos[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@ads.us.e-planning[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@adserving.cpxintera ctive[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@adv.surinter[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@advertstream[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@anad.tacoda[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@atlas.fixionmedia[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@banner.bearflix[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@banner.quesabesde[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@clicksor[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@clicktorrent[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@dsml.clickexperts[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@ecnext.advertserve[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@ehg-youtube.hitbox[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@flixbanner.bearshar e[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@image.masterstats[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@interclick[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@jamster[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@jjr049.tripod[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@kanoodle[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@mediauk[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@msnportal.112.2o7[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@qnsr[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@register.screensave r[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@revsci[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@sales.liveperson[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@sales.liveperson[3].txt
C:\Documents and Settings\betogq\Cookies\betogq@server.cpmstar[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@tripod.lycos[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@webstats.croydon.go v[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@www.addfreestats[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@www.burstnet[2].txt
C:\Documents and Settings\betogq\Cookies\betogq@www.googleadservice s[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@www.jamster[1].txt
C:\Documents and Settings\betogq\Cookies\betogq@www.stats.casio[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@admarketplace[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@adopt.hotbar[2].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.beamfile[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.centraliprom[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.esmas[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.realtechnetwork[2].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.us.e-planning[2].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@adultcheck[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@as.casalemedia[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@athomesexnetwork[2].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@campaign.indieclick[2].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@cs.hotbar[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@data2.perf.overture[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@fixionmedia[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@hotbar[2].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@image.masterstats[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@m1.webstats4u[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@sexinfo101[2].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@sexuality.about[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@tooltips.hotbar[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@tripod.lycos[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@warlog[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@www.adultfreevideos[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@www.burstnet[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@www.sexinfo101[1].txt
C:\Documents and Settings\betogq\el beto\Cookies\el beto@www.sexpositionspics[2].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ad-creatividades.infojobs[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ad.terra.com[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@adopt.hotbar[2].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.as4x.tmcs.t icketmaster[2].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.esmas[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.esmas[2].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.mediaintera ctive.e-planning[2].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.realtechnet work[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.us.e-planning[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.us.e-planning[2].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads3.grupolatin oderadio[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@clicktorrent[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@dsml.clickexper ts[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@lynxtrack[1].txt
C:\Documents and Settings\eguerraq\Cookies\eguerraq@sitestats.tisca li.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@1.primaryads[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@a.websponsors[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@a.websponsors[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.ya[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adinterax[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adknowledge[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adopt.hotbar[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.digitalpoin t[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.esmas[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.joetec[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.realtechnet work[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.tripod.lyco s.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.us.e-planning[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.us.e-planning[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.weblogssl[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adv.surinter[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertpro.ya[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@banner.bearflix[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@banners[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@blue1.bannercon nect[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@creativeby.view point[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ds.clickexperts[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dsml.clickexper ts[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dsml.clickexper ts[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dynamicsitestat s[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@elitemakeup[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@eurus.freestats[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@experclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fixionmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@funwebproducts[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hotbar[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hurricanedigita lmedia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@interclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@lynxtrack[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@m1.webstats4u[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.ps3.ign[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media468[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media4[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediabit[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediamgr.ugo[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@monster.gostats[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@optimost[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@screensavers[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sexalud.terra.c om[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sexalud.terra[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@smileycentral[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@track.effiliati on[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracking.sms[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod.com[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod.com[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod.com[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod.lycos[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@upspiral[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@warlog[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.bannersmult imedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.dirsexo[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.incentaclic k[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.internetmed ia.8k[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.rowise[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.screensaver s[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.screensaver[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.upspiral[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.winfixer[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.xxxgateways[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@ad.ya[2].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@AdBanner[2].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@adopt.hotbar[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@ads.beamfile[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@ads.monster[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@ads.us.e-planning[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@evolnetmedia[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@hotbar[2].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@m1.webstats4u[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@match.starmedia[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@mediacom.net2u[2].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@mediametrics.mpsa[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@optimost[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@richmedia.eresmas[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@serials[2].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@smileycentral[2].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@starmedia[2].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@tooltips.hotbar[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@warlog[2].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@www.dgm2[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@www.screensavers[1].txt
C:\Documents and Settings\orlogq\Cookies\orlogq@yourmedia[1].txt
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1009\Dc3\Cookies\orlo@evolnetmedia[1].txt
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1009\Dc3\Cookies\orlo@richmedia.eresmas[1].txt
C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1009\Dc3\Cookies\orlo@warlog[2].txt

BearShare File Sharing Client
C:\PROGRAM FILES\BEARSHARE APPLICATIONS\BEARSHARE\BEARSHARE.EXE

Adware.HBHelper
C:\PROGRAM FILES\BEARSHARE MEDIABAR\TBHELPER.DLL

Adware.TrustInCash
C:\WINDOWS\ADULT.ICO
C:\WINDOWS\CASINO.ICO
C:\WINDOWS\SPYWAREREMOVAL.ICO

Adware.Unknown Origin
C:\WINDOWS\SHOPPING.ICO

Trace.Known Threat Sources
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\functions.js[2].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\4DWJQ1Y1\CAP0NIR9.gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\CAH4OJPD.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\S9EN8LMF\index[2].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\S9EN8LMF\scanner[1].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\LGD41ZUA\index[3].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\81A745UF\index[4].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\CAHOCFP9.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\PZBLZXF0\CAA7ERA9.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KZINY5YD\index[3].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\CLQRO9ER\functions.js[1].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\scanner[1].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\C923K5AB\checksoft[1].js
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\lc[1].js
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\VLUSUYWG\CAC52N8X.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AF0ZE54B\index[2].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\IJ0FZC9S\CAOLI1JW.gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\CA8XYV01.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KB29SVW5\top_pic_new[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\K1278PER\ico4[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KB29SVW5\CA8XYBSX.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\4DWJQ1Y1\ico2[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\IJ0FZC9S\errorsafe_banner[1].swf
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\button2[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\81A745UF\lc[1].js
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\GLIVOLIB\CANI8FNL.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KB29SVW5\mx[1].png
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\GLIVOLIB\top1_menu[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\ico1[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KZINY5YD\CAQ3E3Q9.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\VLUSUYWG\index[7].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KB29SVW5\spacer[4].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\functions.js[1].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\scanner[1].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\CALG03P5.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\CAY3E3Q9.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\C923K5AB\bar[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\PZBLZXF0\logo[6].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\IJ0FZC9S\styles[1].css
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\CAHCFEJ9.gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AF0ZE54B\CA1CSBPL.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\VLUSUYWG\button2[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\PZBLZXF0\functions.js[1].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\S9EN8LMF\CAMBMZED.htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\S9EN8LMF\ico2[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\top1[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KLMB87MZ\ico3[1].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\spacer[8].gif
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\GHYJODM7\scanner[1].htm
C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\CLQRO9ER\styles[2].css
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\cards[1].gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\bg_star[1].gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\cpay[1].htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\cardid_v2[1].jpg
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\LNR7D94E\order[1].htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\LNR7D94E\star3[1].gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\LNR7D94E\arrow[1].jpg
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\cards[1].gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\button[1].gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\cc_valid_17[1].js
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\customer_valid_17[1].js
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\LNR7D94E\logo2[1].gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\SXEFGLU3\CA94NIZP.gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\W9A7KHUJ\checksoft[1].js
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GHE741YJ\CAQV6JYH.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\CA3A4ZR1.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\8FIZAECC\styles[1].css
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GL052FCT\CA4PMVS9.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\OTYRK9AN\scanner[1].htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\4R0H5016\CAS56V4P.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\B2CBN5WH\CAB603RH.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\IJCF5MF2\CAW5IZ8T.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\IFGZG529\CAS9AXR4.gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\CACTYH9M.gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\W9A7KHUJ\scanner[1].htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\K5GRGBSN\index[4].htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\I5OJQTQ5\CADOWR9L.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\SXEFGLU3\CASXUF09.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\O2F5XTU4\CASTQZOL.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\IFGZG529\index[1].htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\SXEFGLU3\CA6FUREX.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\W9A7KHUJ\CAER8D6J.gif
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\SXEFGLU3\index[1].htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\W9A7KHUJ\CARAKRRL.htm
C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\IJCF5MF2\CAWTUDVO.gif



Todo se removió o se fue a cuarentena.
El "Panda ActiveScan Online" no encontró nada.

Al final le di scan con el HijackThis y este es el log:

Logfile of HijackThis v1.99.1
Scan saved at 03:55:19 p.m., on 31/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Samsung\Samsung Multimedia Keyboard\mmkbd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Program Files\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearflix.com/mx/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program

Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program

Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital

Imaging\bin\HPDTLK02.dll
O3 - Toolbar: BearShare MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare

MediaBar\MediaBar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows

Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L

ElbyDelay
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite

6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall

2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"

/minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common

Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [swg] C:\Program

Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe

Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat

7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital

Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Samsung Mutimedia Keyboard.lnk = ?
O8 - Extra context menu item: &Search - http://kq.bar.need2find.com/KQ/menusearch.html?p=KQ
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live

Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -

http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1153071088828
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -

http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -

http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -

http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG

Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common

Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program

Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner -

c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common

Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia

Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda

Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program

Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program

Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program

Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda

software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program

Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner -

C:\WINDOWS\system32\UAService7.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program

Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common

Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Hola, lamento la demora en la respuesta. Si los problemas todavía continúan déjanos un nuevo log de HijackThis en este mismo mensaje con un breve comentario sobre los síntomas actuales de tu PC.

Salu2

Bueno primero que nada, decidí hacer una restauración de la pc a su configuración original con una partición del disco duro que viene de fabrica especificamente para esto. Esta restauración NO borra ningun archivo, solamente deja instalados los programas y todas las configuraciones como cuando era nueva.
Creo que el unico problema que sigo teniendo es que no puedo usar programas p2p.

Este es mi log:


Logfile of HijackThis v1.99.1
Scan saved at 08:44:13 a.m., on 12/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Samsung\Samsung Multimedia Keyboard\mmkbd.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\HJT\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Samsung Mutimedia Keyboard.lnk = ?
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\sslaunch.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Hola, el log de HJT esta limpio y me parece que tu problema es mas bien de configuracion del los programas y tu Windows por lo que damos el tema por terminado en HJT y si queres podes abrir un nuevo tema en Software.

Salu2