 |
| |||||||
 InfoSpyware sortea una T-Shirts |
| Participa en el sorteo por una
"Camiseta Oficial de InfoSpyware" gracias al amigo
Enjuto Mojamuto |
| Temas Solucionados Casos de HijackThis y Malwares resueltos. (Solo lectura) |
 |
| | Herramientas |
 | 
26/03/07, 22:07:15
|  |
| |||
 problemas con P2P, posible spyware o algo más (Terminado) Hola, he tenido problemas para usar programas que utilizan P2P (bueno, nunca se conectan), estaba utilizando como antivirus el BitDefender pero al intentar escanear la PC se cerraba solo al llegar a al 50% y al hacerlo con el Ad-Aware llegaba a un punto que se inhibía. Bajé la version beta del Panda 2007 y encontro algunos archivos del sistema infectados y muchos con spyware en C: (como 190). Sin embargo sigo sin poder usar las aplicaciones P2P y algunas cosas que se habían vuelto lentas, sigen estándolo. Por eso quiero ver si me pueden ayudar revisando mi .log a ver si hay algo malo. lo corrí en modo a prueba de fallos. De antemano, Gracias. Logfile of HijackThis v1.99.1 Scan saved at 07:40:27 p.m., on 26/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearflix.com/mx/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: BearShare MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare MediaBar\MediaBar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Samsung Mutimedia Keyboard.lnk = ? O8 - Extra context menu item: &Search - http://kq.bar.need2find.com/KQ/menusearch.html?p=KQ O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1153071088828 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - (no CLSID) - (no file) O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)      |
|
28/03/07, 19:01:02
| |
| ||||
| Re: problemas con P2P, posible spyware o algo más Hola -ORLO-, te doy la bienvenida al Foro de InfoSpyware Ya que tu log de HijackThis tiene unos días y puede que haya sufrido algunos cambios, seguí primero estos pasos y luego generas un nuevo log y lo pegas en este mismo mensaje. Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad). Descarga, actualiza y ejecuta Realiza un escaneo online con "Panda ActiveScan Online" y nos dejas sus reportes en este mismo mensaje. Salu2 Ausente por vacaciones hasta el 8/7/08 - Twitteando... Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
31/03/07, 18:04:38
| |
| |||
| Re: problemas con P2P, posible spyware o algo más Ya hice todos los pasos en el orden que aparecen. Los logs del AVG Antispyware y del SuperAntiSpyware son estos: --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 09:52:15 p.m. 30/03/2007 + Scan result: HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_0\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_1\Level_0\Seqn_4492 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_2\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_3\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0\Seqn_1116 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0\Seqn_1524 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0\Seqn_1553 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loc t_4\Level_0\Seqn_1641 -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices\Queue -> Adware.Cydoor : Cleaned with backup (quarantined). HKU\S-1-5-21-4267078074-1597142143-2243397103-1012\Software\Kazaa\Promotions\Cydoor\Adwr_329\Ser vices\Status -> Adware.Cydoor : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\ag_ShopperReports.xm l -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\ag_ShopperReports.xm l.db -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\aggr_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\send_ShopperReports. xml -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\send_ShopperReports. xml.db -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\report\send_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\orlogq\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined). C:\Documents and Settings\HP_Owner\Start Menu\Programs\WhenU -> Adware.SaveNow : Cleaned with backup (quarantined). C:\Documents and Settings\HP_Owner\Start Menu\Programs\WhenU\Learn More About WhenU Save.url -> Adware.SaveNow : Cleaned with backup (quarantined). C:\Documents and Settings\HP_Owner\Start Menu\Programs\WhenU\Learn More About WhenU SaveNow.url -> Adware.SaveNow : Cleaned with backup (quarantined). C:\Documents and Settings\HP_Owner\Start Menu\Programs\WhenU\WhenU.com Website.url -> Adware.SaveNow : Cleaned with backup (quarantined). C:\Documents and Settings\HP_Owner\Cookies\hp_owner@msnportal.112.2 o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc101.txt -> TrackingCookie.2o7 : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc149.txt -> TrackingCookie.2o7 : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc171.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\orlogq\Cookies\orlogq@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned. C:\Documents and Settings\orlogq\Cookies\orlogq@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc183.txt -> TrackingCookie.Adjuggler : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned. C:\Documents and Settings\eguerraq\Cookies\eguerraq@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned. C:\Documents and Settings\orlogq\Cookies\orlogq@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc238.txt -> TrackingCookie.Belstat : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads44.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. C:\Documents and Settings\orlogq\Cookies\orlogq@ads45.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc22.txt -> TrackingCookie.Bpath : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc65.txt -> TrackingCookie.Connextra : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc20.txt -> TrackingCookie.Euroclick : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc113.txt -> TrackingCookie.Gemius : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc84.txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@komtrack[2].txt -> TrackingCookie.Komtrack : Cleaned. C:\Documents and Settings\orlogq\Cookies\orlogq@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@image.mastersta ts[1].txt -> TrackingCookie.Masterstats : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc120.txt -> TrackingCookie.Masterstats : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@feedback.search .msn[2].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ie.search.msn[1].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mx.feedback.sea rch.msn[1].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@search.msn[1].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\orlogq\Cookies\orlogq@search.msn[1].txt -> TrackingCookie.Msn : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc118.txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@need2find[1].txt -> TrackingCookie.Need2find : Cleaned. C:\Documents and Settings\eguerraq\Cookies\eguerraq@need2find[1].txt -> TrackingCookie.Need2find : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@data1.perf.over ture[1].txt -> TrackingCookie.Overture : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@data2.perf.over ture[1].txt -> TrackingCookie.Overture : Cleaned. C:\Documents and Settings\eguerraq\Cookies\eguerraq@data2.perf.over ture[1].txt -> TrackingCookie.Overture : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads-205.quarterserver[2].txt -> TrackingCookie.Quarterserver : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@realguide.real[1].txt -> TrackingCookie.Real : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.realcastmed ia[2].txt -> TrackingCookie.Realcastmedia : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc181.txt -> TrackingCookie.Revsci : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@skype[1].txt -> TrackingCookie.Skype : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adopt.specificc lick[2].txt -> TrackingCookie.Specificclick : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1014\Dc5.txt -> TrackingCookie.Starware : Cleaned. C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1016\Dc205.txt -> TrackingCookie.Tacoda : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server3.web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned. C:\Documents and Settings\eguerraq\Cookies\eguerraq@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned. C:\Documents and Settings\HP_Owner\Cookies\hp_owner@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. ::Report end |
|
31/03/07, 18:05:49
| |
| |||
| Re: problemas con P2P, posible spyware o algo más SUPERAntiSpyware Scan Log Generated 03/30/2007 at 10:58 PM Application Version : 3.6.1000 Core Rules Database Version : 3210 Trace Rules Database Version: 1220 Scan type : Complete Scan Total Scan Time : 00:59:49 Memory items scanned : 621 Memory threats detected : 0 Registry items scanned : 6721 Registry threats detected : 0 File items scanned : 73805 File threats detected : 268 Adware.Tracking Cookie C:\Documents and Settings\betogq\Cookies\betogq@3.adbrite[2].txt C:\Documents and Settings\betogq\Cookies\betogq@ad-creatividades.infojobs[1].txt C:\Documents and Settings\betogq\Cookies\betogq@ad.adocean[1].txt C:\Documents and Settings\betogq\Cookies\betogq@ad.wz[2].txt C:\Documents and Settings\betogq\Cookies\betogq@ad.zanox[2].txt C:\Documents and Settings\betogq\Cookies\betogq@adopt.specificclick[2].txt C:\Documents and Settings\betogq\Cookies\betogq@adrevolver.mtvla[2].txt C:\Documents and Settings\betogq\Cookies\betogq@ads.adbrite[1].txt C:\Documents and Settings\betogq\Cookies\betogq@ads.azalorea[2].txt C:\Documents and Settings\betogq\Cookies\betogq@ads.e-planning[1].txt C:\Documents and Settings\betogq\Cookies\betogq@ads.superboletos[1].txt C:\Documents and Settings\betogq\Cookies\betogq@ads.us.e-planning[1].txt C:\Documents and Settings\betogq\Cookies\betogq@adserving.cpxintera ctive[2].txt C:\Documents and Settings\betogq\Cookies\betogq@adv.surinter[2].txt C:\Documents and Settings\betogq\Cookies\betogq@advertstream[2].txt C:\Documents and Settings\betogq\Cookies\betogq@anad.tacoda[2].txt C:\Documents and Settings\betogq\Cookies\betogq@atlas.fixionmedia[1].txt C:\Documents and Settings\betogq\Cookies\betogq@banner.bearflix[1].txt C:\Documents and Settings\betogq\Cookies\betogq@banner.quesabesde[1].txt C:\Documents and Settings\betogq\Cookies\betogq@clicksor[1].txt C:\Documents and Settings\betogq\Cookies\betogq@clicktorrent[2].txt C:\Documents and Settings\betogq\Cookies\betogq@dsml.clickexperts[2].txt C:\Documents and Settings\betogq\Cookies\betogq@ecnext.advertserve[1].txt C:\Documents and Settings\betogq\Cookies\betogq@ehg-youtube.hitbox[2].txt C:\Documents and Settings\betogq\Cookies\betogq@flixbanner.bearshar e[1].txt C:\Documents and Settings\betogq\Cookies\betogq@image.masterstats[1].txt C:\Documents and Settings\betogq\Cookies\betogq@interclick[2].txt C:\Documents and Settings\betogq\Cookies\betogq@jamster[1].txt C:\Documents and Settings\betogq\Cookies\betogq@jjr049.tripod[1].txt C:\Documents and Settings\betogq\Cookies\betogq@kanoodle[2].txt C:\Documents and Settings\betogq\Cookies\betogq@mediauk[1].txt C:\Documents and Settings\betogq\Cookies\betogq@msnportal.112.2o7[1].txt C:\Documents and Settings\betogq\Cookies\betogq@qnsr[1].txt C:\Documents and Settings\betogq\Cookies\betogq@register.screensave r[1].txt C:\Documents and Settings\betogq\Cookies\betogq@revsci[1].txt C:\Documents and Settings\betogq\Cookies\betogq@sales.liveperson[2].txt C:\Documents and Settings\betogq\Cookies\betogq@sales.liveperson[3].txt C:\Documents and Settings\betogq\Cookies\betogq@server.cpmstar[2].txt C:\Documents and Settings\betogq\Cookies\betogq@tripod.lycos[1].txt C:\Documents and Settings\betogq\Cookies\betogq@webstats.croydon.go v[1].txt C:\Documents and Settings\betogq\Cookies\betogq@www.addfreestats[1].txt C:\Documents and Settings\betogq\Cookies\betogq@www.burstnet[2].txt C:\Documents and Settings\betogq\Cookies\betogq@www.googleadservice s[1].txt C:\Documents and Settings\betogq\Cookies\betogq@www.jamster[1].txt C:\Documents and Settings\betogq\Cookies\betogq@www.stats.casio[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@admarketplace[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@adopt.hotbar[2].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.beamfile[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.centraliprom[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.esmas[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.realtechnetwork[2].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@ads.us.e-planning[2].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@adultcheck[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@as.casalemedia[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@athomesexnetwork[2].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@campaign.indieclick[2].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@cs.hotbar[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@data2.perf.overture[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@fixionmedia[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@hotbar[2].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@image.masterstats[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@m1.webstats4u[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@sexinfo101[2].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@sexuality.about[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@tooltips.hotbar[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@tripod.lycos[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@warlog[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@www.adultfreevideos[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@www.burstnet[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@www.sexinfo101[1].txt C:\Documents and Settings\betogq\el beto\Cookies\el beto@www.sexpositionspics[2].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ad-creatividades.infojobs[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ad.terra.com[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@adopt.hotbar[2].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.as4x.tmcs.t icketmaster[2].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.esmas[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.esmas[2].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.mediaintera ctive.e-planning[2].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.realtechnet work[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.us.e-planning[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads.us.e-planning[2].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@ads3.grupolatin oderadio[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@clicktorrent[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@dsml.clickexper ts[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@lynxtrack[1].txt C:\Documents and Settings\eguerraq\Cookies\eguerraq@sitestats.tisca li.co[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@1.primaryads[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@a.websponsors[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@a.websponsors[3].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.ya[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adinterax[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adknowledge[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adopt.hotbar[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.digitalpoin t[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.esmas[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.joetec[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.realtechnet work[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.tripod.lyco s.co[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.us.e-planning[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.us.e-planning[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.weblogssl[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adv.surinter[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertpro.ya[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@banner.bearflix[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@banners[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@blue1.bannercon nect[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@creativeby.view point[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ds.clickexperts[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dsml.clickexper ts[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dsml.clickexper ts[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dynamicsitestat s[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@elitemakeup[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@eurus.freestats[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@experclick[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fixionmedia[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@funwebproducts[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hotbar[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hurricanedigita lmedia[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@interclick[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@lynxtrack[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@m1.webstats4u[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.ps3.ign[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media468[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media4[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediabit[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediamgr.ugo[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@monster.gostats[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@optimost[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@screensavers[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sexalud.terra.c om[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sexalud.terra[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@smileycentral[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@track.effiliati on[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracking.sms[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod.com[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod.com[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod.com[3].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod.lycos[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@upspiral[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@warlog[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.bannersmult imedia[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.dirsexo[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.incentaclic k[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.internetmed ia.8k[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.rowise[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.screensaver s[2].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.screensaver[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.upspiral[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.winfixer[1].txt C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.xxxgateways[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@ad.ya[2].txt C:\Documents and Settings\orlogq\Cookies\orlogq@AdBanner[2].txt C:\Documents and Settings\orlogq\Cookies\orlogq@adopt.hotbar[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@ads.beamfile[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@ads.monster[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@ads.us.e-planning[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@evolnetmedia[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@hotbar[2].txt C:\Documents and Settings\orlogq\Cookies\orlogq@m1.webstats4u[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@match.starmedia[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@mediacom.net2u[2].txt C:\Documents and Settings\orlogq\Cookies\orlogq@mediametrics.mpsa[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@optimost[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@richmedia.eresmas[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@serials[2].txt C:\Documents and Settings\orlogq\Cookies\orlogq@smileycentral[2].txt C:\Documents and Settings\orlogq\Cookies\orlogq@starmedia[2].txt C:\Documents and Settings\orlogq\Cookies\orlogq@tooltips.hotbar[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@warlog[2].txt C:\Documents and Settings\orlogq\Cookies\orlogq@www.dgm2[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@www.screensavers[1].txt C:\Documents and Settings\orlogq\Cookies\orlogq@yourmedia[1].txt C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1009\Dc3\Cookies\orlo@evolnetmedia[1].txt C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1009\Dc3\Cookies\orlo@richmedia.eresmas[1].txt C:\RECYCLER\S-1-5-21-254034616-3148396018-4230953131-1009\Dc3\Cookies\orlo@warlog[2].txt BearShare File Sharing Client C:\PROGRAM FILES\BEARSHARE APPLICATIONS\BEARSHARE\BEARSHARE.EXE Adware.HBHelper C:\PROGRAM FILES\BEARSHARE MEDIABAR\TBHELPER.DLL Adware.TrustInCash C:\WINDOWS\ADULT.ICO C:\WINDOWS\CASINO.ICO C:\WINDOWS\SPYWAREREMOVAL.ICO Adware.Unknown Origin C:\WINDOWS\SHOPPING.ICO Trace.Known Threat Sources C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\functions.js[2].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\4DWJQ1Y1\CAP0NIR9.gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\CAH4OJPD.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\S9EN8LMF\index[2].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\S9EN8LMF\scanner[1].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\LGD41ZUA\index[3].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\81A745UF\index[4].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\CAHOCFP9.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\PZBLZXF0\CAA7ERA9.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KZINY5YD\index[3].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\CLQRO9ER\functions.js[1].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\scanner[1].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\C923K5AB\checksoft[1].js C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\lc[1].js C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\VLUSUYWG\CAC52N8X.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AF0ZE54B\index[2].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\IJ0FZC9S\CAOLI1JW.gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\CA8XYV01.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KB29SVW5\top_pic_new[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\K1278PER\ico4[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KB29SVW5\CA8XYBSX.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\4DWJQ1Y1\ico2[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\IJ0FZC9S\errorsafe_banner[1].swf C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\button2[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\81A745UF\lc[1].js C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\GLIVOLIB\CANI8FNL.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KB29SVW5\mx[1].png C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\GLIVOLIB\top1_menu[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\ico1[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KZINY5YD\CAQ3E3Q9.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\VLUSUYWG\index[7].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KB29SVW5\spacer[4].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\functions.js[1].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\scanner[1].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\CALG03P5.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\CAY3E3Q9.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\C923K5AB\bar[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\PZBLZXF0\logo[6].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\IJ0FZC9S\styles[1].css C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AVQPKBEX\CAHCFEJ9.gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\AF0ZE54B\CA1CSBPL.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\VLUSUYWG\button2[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\PZBLZXF0\functions.js[1].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\S9EN8LMF\CAMBMZED.htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\S9EN8LMF\ico2[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\YHS3U185\top1[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\KLMB87MZ\ico3[1].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\49YRO9YF\spacer[8].gif C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\GHYJODM7\scanner[1].htm C:\Documents and Settings\betogq\el beto\Local Settings\Temporary Internet Files\Content.IE5\CLQRO9ER\styles[2].css C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\cards[1].gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\bg_star[1].gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\cpay[1].htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\cardid_v2[1].jpg C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\LNR7D94E\order[1].htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\LNR7D94E\star3[1].gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\LNR7D94E\arrow[1].jpg C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\cards[1].gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\button[1].gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\cc_valid_17[1].js C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\customer_valid_17[1].js C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\LNR7D94E\logo2[1].gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\SXEFGLU3\CA94NIZP.gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\W9A7KHUJ\checksoft[1].js C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GHE741YJ\CAQV6JYH.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\ODYFCDE3\CA3A4ZR1.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\8FIZAECC\styles[1].css C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GL052FCT\CA4PMVS9.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\OTYRK9AN\scanner[1].htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\4R0H5016\CAS56V4P.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\B2CBN5WH\CAB603RH.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\IJCF5MF2\CAW5IZ8T.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\IFGZG529\CAS9AXR4.gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\GFXNEUNT\CACTYH9M.gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\W9A7KHUJ\scanner[1].htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\K5GRGBSN\index[4].htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\I5OJQTQ5\CADOWR9L.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\SXEFGLU3\CASXUF09.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\O2F5XTU4\CASTQZOL.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\IFGZG529\index[1].htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\SXEFGLU3\CA6FUREX.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\W9A7KHUJ\CAER8D6J.gif C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\SXEFGLU3\index[1].htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\W9A7KHUJ\CARAKRRL.htm C:\Documents and Settings\orlogq\Local Settings\Temporary Internet Files\Content.IE5\IJCF5MF2\CAWTUDVO.gif Todo se removió o se fue a cuarentena. El "Panda ActiveScan Online" no encontró nada. |
|
31/03/07, 18:07:28
| |
| |||
| Re: problemas con P2P, posible spyware o algo más Al final le di scan con el HijackThis y este es el log: Logfile of HijackThis v1.99.1 Scan saved at 03:55:19 p.m., on 31/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\AGRSMMSG.exe C:\HP\KBD\KBD.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Samsung\Samsung Multimedia Keyboard\mmkbd.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\WINDOWS\system32\notepad.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Program Files\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearflix.com/mx/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - C:\PROGRA~1\BEARSH~2\MediaBar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: BearShare MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare MediaBar\MediaBar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Samsung Mutimedia Keyboard.lnk = ? O8 - Extra context menu item: &Search - http://kq.bar.need2find.com/KQ/menusearch.html?p=KQ O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1153071088828 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - (no CLSID) - (no file) O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) |
|
04/04/07, 14:13:56
| |
| ||||
| Re: problemas con P2P, posible spyware o algo más Hola, lamento la demora en la respuesta. Si los problemas todavía continúan déjanos un nuevo log de HijackThis en este mismo mensaje con un breve comentario sobre los síntomas actuales de tu PC. Salu2 Ausente por vacaciones hasta el 8/7/08 - Twitteando... Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
12/04/07, 09:54:21
| |
| |||
| Re: problemas con P2P, posible spyware o algo más Bueno primero que nada, decidí hacer una restauración de la pc a su configuración original con una partición del disco duro que viene de fabrica especificamente para esto. Esta restauración NO borra ningun archivo, solamente deja instalados los programas y todas las configuraciones como cuando era nueva. Creo que el unico problema que sigo teniendo es que no puedo usar programas p2p. Este es mi log: Logfile of HijackThis v1.99.1 Scan saved at 08:44:13 a.m., on 12/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\Explorer.EXE c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\hphmon06.exe C:\HP\KBD\KBD.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Ares\Ares.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Samsung\Samsung Multimedia Keyboard\mmkbd.exe C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe C:\Program Files\iPod\bin\iPodService.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\InterMute\SpySubtract\SpySub.exe C:\Program Files\Opera\Opera.exe C:\Program Files\HJT\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Samsung Mutimedia Keyboard.lnk = ? O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\sslaunch.exe O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe |
|
13/04/07, 15:46:59
| |
| ||||
| Re: problemas con P2P, posible spyware o algo más Hola, el log de HJT esta limpio y me parece que tu problema es mas bien de configuracion del los programas y tu Windows por lo que damos el tema por terminado en HJT y si queres podes abrir un nuevo tema en Software. Salu2 Ausente por vacaciones hasta el 8/7/08 - Twitteando... Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
