safety alert
safety alert
Hola se me a instalado un programa junto al reloj que se llama safety alert y no lo puedo eliminar espero que alguien pueda ayudarme.Gracias
pasate elistara arrancando el pc en modo seguro y luego peganos el log que te dejara en C llamado infosat,txt. y despues de pasarlo posteanos los de hijackthis, te dejo los links saludos
http://www.zonavirus.com/articulos/como-arrancar-en-modo-seguro-o-a-prueba-de-fallos.asp
http://www.zonavirus.com/descargas/elistara.asp
[b]
[color=yellow]HJT : (HiJackThis)[/color] [/b]
[i]¿Como utilizar el Hijackthis ?[/i]
Lo primero que debemos hacer es descargarlo en nuestro ordenador y lócalo en una carpeta propia C:\HijackThis\
Ejecútalo y presiona el botón "[b]Do a system scan and save a logfile[/b]
Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta de este Tema
·[url=http://www.zonavirus.com/descargas/trendmicro-hijackthis.asp][b]Descargar Hijackthis[/b] [/url]
Tras analizarlo, informaremos
[i]¿Como utilizar el Hijackthis ?
Lo primero que debemos hacer es descargarlo en nuestro ordenador y lócalo en una carpeta propia C:\HijackThis\
Ejecútalo y presiona el botón "
Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta de este Tema
·
Tras analizarlo, informaremos
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Ya puestos, como que los FAKE ALERT se instalan ahora fuera de los items que presenta el HJT, posteanos tambien el contenido del C:\SPROCLOG.TXT que te saldrá tras ejecutar el SPROCES.EXE:
SPROCES (herramienta de investigación)
http://www.zonavirus.com/descargas/sproces.asp
y si tenemos suerte lo detectará y eliminará el ELISTARA; pero sino, veremos los dos logs y pediremos muestra del sospechoso que veremos donde aparece, en funcion de la moda que utilice.
saludos
ms, 19-05-2007
SPROCES (herramienta de investigación)
y si tenemos suerte lo detectará y eliminará el ELISTARA; pero sino, veremos los dos logs y pediremos muestra del sospechoso que veremos donde aparece, en funcion de la moda que utilice.
saludos
ms, 19-05-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
safety alert
Hola lucl,ya he realizado todo lo que me as dicho y este es el log que me a salido del HijackThis.Gracias espero respuesta.Logfile of HijackThis v1.99.1
Scan saved at 19:40:20, on 19/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
c:\archivos de programa\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Security Tools\iesmn.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\apvxdwin.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\avciman.exe
C:\Archivos de programa\Security Tools\iesmin.exe
C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
C:\Archivos de programa\QuickTime\qttask.exe
C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe
C:\Archivos de programa\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Archivos de programa\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Archivos de programa\Conceptronic\CTVFMI\RemoteCtl.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
c:\archivos de programa\panda software\panda antivirus + firewall 2007\WebProxy.exe
C:\Archivos de programa\WinZip\WZQKPICK.EXE
C:\Archivos de programa\ZyAIR USB Utility\ZyAIR.exe
C:\ARCHIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Archivos de programa\Logitech\Video\FxSvr2.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqgalry.exe
C:\Archivos de programa\Security Tools\iesmin.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\psimreal.exe
C:\Documents and Settings\Administrador\Mis documentos\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://es.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://www.google.es/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - C:\Archivos de programa\Security Tools\iesplg.dll
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Archivos de programa\Security Tools\iesbpl.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\ARCHIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ChristmasTree] C:\Documents and Settings\Administrador\Configuración local\Temp\Christmas.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: CTVFMI Remote Control.lnk = C:\Archivos de programa\Conceptronic\CTVFMI\RemoteCtl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Inicio rápido de HP Image Zone.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Archivos de programa\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZyAIR USB Utility.lnk = C:\Archivos de programa\ZyAIR USB Utility\ZyAIR.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\ARCHIV~1\Yahoo!\Common\yhexbmeses.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\ARCHIV~1\Yahoo!\Common\yhexbmeses.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\archivos de programa\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
Scan saved at 19:40:20, on 19/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
c:\archivos de programa\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Security Tools\iesmn.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\apvxdwin.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\avciman.exe
C:\Archivos de programa\Security Tools\iesmin.exe
C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
C:\Archivos de programa\QuickTime\qttask.exe
C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe
C:\Archivos de programa\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Archivos de programa\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Archivos de programa\Conceptronic\CTVFMI\RemoteCtl.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
c:\archivos de programa\panda software\panda antivirus + firewall 2007\WebProxy.exe
C:\Archivos de programa\WinZip\WZQKPICK.EXE
C:\Archivos de programa\ZyAIR USB Utility\ZyAIR.exe
C:\ARCHIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Archivos de programa\Logitech\Video\FxSvr2.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqgalry.exe
C:\Archivos de programa\Security Tools\iesmin.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\psimreal.exe
C:\Documents and Settings\Administrador\Mis documentos\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - C:\Archivos de programa\Security Tools\iesplg.dll
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Archivos de programa\Security Tools\iesbpl.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\ARCHIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ChristmasTree] C:\Documents and Settings\Administrador\Configuración local\Temp\Christmas.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: CTVFMI Remote Control.lnk = C:\Archivos de programa\Conceptronic\CTVFMI\RemoteCtl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Inicio rápido de HP Image Zone.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Archivos de programa\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZyAIR USB Utility.lnk = C:\Archivos de programa\ZyAIR USB Utility\ZyAIR.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\ARCHIV~1\Yahoo!\Common\yhexbmeses.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\ARCHIV~1\Yahoo!\Common\yhexbmeses.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
O18 - Protocol: bw+0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\archivos de programa\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
Safety Alert
Hola de nuevo acabo de pasar tambien el SPROCES y estos son los resultados,gracias de antemano.Saludos.Sat May 19 19:55:35 2007
SProces v2.8 (c)2007 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 2
Internet Explorer: (v6.0.2900.2180) ;SP2;
Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\PAVSRV51.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\AVENGINE.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\TPSRV.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\FIREWALL\PNMSRV.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\PAVFNSVR.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\PANDA SOFTWARE\PAVSHLD\PAVPRSRV.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\PSIMSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESMN.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\APVXDWIN.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\ARCHIVOS DE PROGRAMA\CYBERLINK\POWERDVD\PDVDSERV.EXE
C:\WINDOWS\SYSTEM32\WSCNTFY.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\AVCIMAN.EXE
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESMIN.EXE
C:\ARCHIVOS DE PROGRAMA\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\ARCHIVOS DE PROGRAMA\QUICKTIME\QTTASK.EXE
C:\ARCHIVOS DE PROGRAMA\HP\HPCORETECH\HPCMPMGR.EXE
C:\ARCHIVOS DE PROGRAMA\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM32\LVCOMSX.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\ARCHIVOS DE PROGRAMA\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\LOGITECHDESKTOPMESSENGER.EXE
C:\ARCHIVOS DE PROGRAMA\IVT CORPORATION\BLUESOLEIL\BLUESOLEIL.EXE
C:\ARCHIVOS DE PROGRAMA\CONCEPTRONIC\CTVFMI\REMOTECTL.EXE
C:\ARCHIVOS DE PROGRAMA\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\WEBPROXY.EXE
C:\ARCHIVOS DE PROGRAMA\WINZIP\WZQKPICK.EXE
C:\ARCHIVOS DE PROGRAMA\ZYAIR USB UTILITY\ZYAIR.EXE
C:\ARCHIV~1\YAHOO!\MESSEN~1\YAHOOM~1.EXE
C:\ARCHIVOS DE PROGRAMA\LOGITECH\VIDEO\FXSVR2.EXE
C:\ARCHIVOS DE PROGRAMA\HP\DIGITAL IMAGING\BIN\HPQGALRY.EXE
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESMIN.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\DOCUMENTS AND SETTINGS\ADMINISTRADOR\MIS DOCUMENTOS\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://es.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.microsoft.com/en/us/default.aspxisapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/en/us/default.aspxisapi/redir.dll?prd=ie&ar=iesearch
R3 - URLSearchHook: Hook de búsqueda de direcciones URL de Microsoft - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\system32\shdocvw.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - C:\Archivos de programa\Security Tools\iesplg.dll
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Archivos de programa\Security Tools\iesbpl.dll (file missing)
O4 - HKLM\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKLM\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKLM\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
O4 - HKLM\..\Run: [Yahoo! Pager] "C:\ARCHIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKLM\..\Run: [ChristmasTree] C:\Documents and Settings\Administrador\Configuración local\Temp\Christmas.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - Startup: desktop.ini
O4 - Global Startup: Adobe Gamma Loader.lnk
O4 - Global Startup: BlueSoleil.lnk
O4 - Global Startup: CTVFMI Remote Control.lnk
O4 - Global Startup: desktop.ini
O4 - Global Startup: HP Digital Imaging Monitor.lnk
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk
O4 - Global Startup: Inicio rápido de HP Image Zone.lnk
O4 - Global Startup: Logitech Desktop Messenger.lnk
O4 - Global Startup: Microsoft Office.lnk
O4 - Global Startup: WinZip Quick Pick.lnk
O4 - Global Startup: ZyAIR USB Utility.lnk
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\ARCHIV~1\Yahoo!\Common\yhexbmeses.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Archivos de programa\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: offline-8876480 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ATIEXTEVENT - ATI2EVXX.DLL
O20 - Winlogon Notify: AVLDR - AVLDR.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Precargador Browseui - %SystemRoot%\system32\browseui.dll
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demonio de caché de las categorías de componente - %SystemRoot%\system32\browseui.dll
O22 - SharedTaskScheduler: {0c5a0fff-9164-493b-93e0-17446374e0a0} - inflexive - C:\WINDOWS\system32\dtjby.dll
Información Adicional:
----------------------
HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Archivos de programa\Security Tools\iesmn.exe
HKLM\..\Policies\Explorer\Run: [rare] C:\Archivos de programa\Security Tools\imsmain.exe
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BtCap, WDM Video Capture (BT848) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\BT848.sys
O23 - Service: BtTuner, WDM TvTuner (BTTUNER) - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\drivers\BTTUNER.sys
O23 - Service: BtXBar, WDM Crossbar (BTXBAR) - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\drivers\BTXBAR.sys
O23 - Service: Panda CPoint Driver (cpoint) - Panda Software - C:\WINDOWS\SYSTEM32\drivers\cpoint.sys
O23 - Service: Iniciador de procesos de servidor DCOM (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost -k DcomLaunch (file missing)
O23 - Service: pavdrv (PAVDRV) - Panda Software International - C:\WINDOWS\SYSTEM32\DRIVERS\pavdrv51.sys
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Driver (PavProc) - Panda Software - C:\WINDOWS\system32\DRIVERS\PavProc.sys
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\archivos de programa\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe
O23 - Service: Llamada a procedimiento remoto (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost -k rpcss (file missing)
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: ati2mtag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys
O23 - Service: Antivirus Filter Driver (AvFlt) - Unknown owner - C:\WINDOWS\system32\drivers\av5flt.sys (file missing)
O23 - Service: Bluetooth Audio Service (BlueletAudio) - IVT Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\blueletaudio.sys
O23 - Service: Bluetooth PAN Network Adapter (BT) - IVT Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\btnetdrv.sys
O23 - Service: Bluetooth USB For Bluetooth Service (Btcsrusb) - IVT Corporation - C:\WINDOWS\SYSTEM32\Drivers\btcusb.sys
O23 - Service: Bluetooth HID Enumerator (BTHidEnum) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vbtenum.sys
O23 - Service: C-Media WDM Audio Interface (cmuda) - C-Media Inc - C:\WINDOWS\SYSTEM32\drivers\cmuda.sys
O23 - Service: Panda Anti-Dialer (ComFiltr) - Unknown owner - C:\WINDOWS\system32\DRIVERS\COMFiltr.sys (file missing)
O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Microsoft Corp., VERITAS Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: IEEE-1284.4 Driver HPZid412 (HPZid412) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys
O23 - Service: Print Class Driver for IEEE-1284.4 HPZipr12 (HPZipr12) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys
O23 - Service: USB to IEEE-1284.4 Translation Driver HPZius12 (HPZius12) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys
O23 - Service: Logitech USB Monitor Filter (LVUSBSta) - Logitech Inc. - C:\WINDOWS\SYSTEM32\drivers\lvusbsta.sys
O23 - Service: Netgroup Packet Filter (NPF) - Unknown owner - C:\WINDOWS\system32\drivers\packet.sys
O23 - Service: PavSRK.sys - Unknown owner - C:\WINDOWS\system32\PavSRK.sys (file missing)
O23 - Service: PavTPK.sys - Unknown owner - C:\WINDOWS\system32\PavTPK.sys (file missing)
O23 - Service: Logitech QuickCam Express(PID_0928) (PID_0928) - Logitech Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LV561AV.SYS
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Controlador de vínculo paralelo directo (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys
O23 - Service: Secdrv - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys
O23 - Service: Prolific Serial port driver (Ser2pl) - Prolific Technology Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ser2pl.sys
O23 - Service: SiS PCI Fast Ethernet Adapter Driver (SISNIC) - SiS Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sisnic.sys
O23 - Service: Servicios de Terminal Server (TermService) - Unknown owner - C:\WINDOWS\System32\svchost -k DComLaunch (file missing)
O23 - Service: Virtual Serial port driver (VComm) - IVT Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\VComm.sys
O23 - Service: Bluetooth VComm Manager Service (VcommMgr) - IVT Corporation - C:\WINDOWS\SYSTEM32\Drivers\VcommMgr.sys
O23 - Service: ZyAIR B-220 IEEE 802.11b Wireless LAN Driver (USB)(ZyXEL) (ZD1201U(ZyXEL)) - ZyDAS Technology Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\zd1201u.sys
O23 - Service: ZDNDIS5 NDIS Protocol Driver (ZDNDIS5) - Printing Communications Assoc., Inc. (PCAUSA) - C:\WINDOWS\system32\ZDNDIS5.SYS
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: dmboot - Microsoft Corp., Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys
43 Servicios.
15 de Carga Automatica.
27 de Carga Manual.
1 Deshabilitados.
SProces v2.8 (c)2007 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 2
Internet Explorer: (v6.0.2900.2180) ;SP2;
Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\PAVSRV51.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\AVENGINE.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\TPSRV.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\FIREWALL\PNMSRV.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\PAVFNSVR.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\PANDA SOFTWARE\PAVSHLD\PAVPRSRV.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\PSIMSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESMN.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\APVXDWIN.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\ARCHIVOS DE PROGRAMA\CYBERLINK\POWERDVD\PDVDSERV.EXE
C:\WINDOWS\SYSTEM32\WSCNTFY.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\AVCIMAN.EXE
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESMIN.EXE
C:\ARCHIVOS DE PROGRAMA\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\ARCHIVOS DE PROGRAMA\QUICKTIME\QTTASK.EXE
C:\ARCHIVOS DE PROGRAMA\HP\HPCORETECH\HPCMPMGR.EXE
C:\ARCHIVOS DE PROGRAMA\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM32\LVCOMSX.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\ARCHIVOS DE PROGRAMA\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\LOGITECHDESKTOPMESSENGER.EXE
C:\ARCHIVOS DE PROGRAMA\IVT CORPORATION\BLUESOLEIL\BLUESOLEIL.EXE
C:\ARCHIVOS DE PROGRAMA\CONCEPTRONIC\CTVFMI\REMOTECTL.EXE
C:\ARCHIVOS DE PROGRAMA\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE
C:\ARCHIVOS DE PROGRAMA\PANDA SOFTWARE\PANDA ANTIVIRUS + FIREWALL 2007\WEBPROXY.EXE
C:\ARCHIVOS DE PROGRAMA\WINZIP\WZQKPICK.EXE
C:\ARCHIVOS DE PROGRAMA\ZYAIR USB UTILITY\ZYAIR.EXE
C:\ARCHIV~1\YAHOO!\MESSEN~1\YAHOOM~1.EXE
C:\ARCHIVOS DE PROGRAMA\LOGITECH\VIDEO\FXSVR2.EXE
C:\ARCHIVOS DE PROGRAMA\HP\DIGITAL IMAGING\BIN\HPQGALRY.EXE
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESMIN.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\DOCUMENTS AND SETTINGS\ADMINISTRADOR\MIS DOCUMENTOS\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R3 - URLSearchHook: Hook de búsqueda de direcciones URL de Microsoft - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\system32\shdocvw.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - C:\Archivos de programa\Security Tools\iesplg.dll
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Archivos de programa\Security Tools\iesbpl.dll (file missing)
O4 - HKLM\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKLM\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKLM\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
O4 - HKLM\..\Run: [Yahoo! Pager] "C:\ARCHIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKLM\..\Run: [ChristmasTree] C:\Documents and Settings\Administrador\Configuración local\Temp\Christmas.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - Startup: desktop.ini
O4 - Global Startup: Adobe Gamma Loader.lnk
O4 - Global Startup: BlueSoleil.lnk
O4 - Global Startup: CTVFMI Remote Control.lnk
O4 - Global Startup: desktop.ini
O4 - Global Startup: HP Digital Imaging Monitor.lnk
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk
O4 - Global Startup: Inicio rápido de HP Image Zone.lnk
O4 - Global Startup: Logitech Desktop Messenger.lnk
O4 - Global Startup: Microsoft Office.lnk
O4 - Global Startup: WinZip Quick Pick.lnk
O4 - Global Startup: ZyAIR USB Utility.lnk
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\ARCHIV~1\Yahoo!\Common\yhexbmeses.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
O18 - Protocol: bw+0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Archivos de programa\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: offline-8876480 - {9A95A1FB-A30F-4089-943B-0C92D6C9F740} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ATIEXTEVENT - ATI2EVXX.DLL
O20 - Winlogon Notify: AVLDR - AVLDR.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Precargador Browseui - %SystemRoot%\system32\browseui.dll
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demonio de caché de las categorías de componente - %SystemRoot%\system32\browseui.dll
O22 - SharedTaskScheduler: {0c5a0fff-9164-493b-93e0-17446374e0a0} - inflexive - C:\WINDOWS\system32\dtjby.dll
Información Adicional:
----------------------
HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Archivos de programa\Security Tools\iesmn.exe
HKLM\..\Policies\Explorer\Run: [rare] C:\Archivos de programa\Security Tools\imsmain.exe
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BtCap, WDM Video Capture (BT848) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\BT848.sys
O23 - Service: BtTuner, WDM TvTuner (BTTUNER) - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\drivers\BTTUNER.sys
O23 - Service: BtXBar, WDM Crossbar (BTXBAR) - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\drivers\BTXBAR.sys
O23 - Service: Panda CPoint Driver (cpoint) - Panda Software - C:\WINDOWS\SYSTEM32\drivers\cpoint.sys
O23 - Service: Iniciador de procesos de servidor DCOM (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost -k DcomLaunch (file missing)
O23 - Service: pavdrv (PAVDRV) - Panda Software International - C:\WINDOWS\SYSTEM32\DRIVERS\pavdrv51.sys
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Driver (PavProc) - Panda Software - C:\WINDOWS\system32\DRIVERS\PavProc.sys
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\archivos de programa\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe
O23 - Service: Llamada a procedimiento remoto (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost -k rpcss (file missing)
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: ati2mtag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys
O23 - Service: Antivirus Filter Driver (AvFlt) - Unknown owner - C:\WINDOWS\system32\drivers\av5flt.sys (file missing)
O23 - Service: Bluetooth Audio Service (BlueletAudio) - IVT Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\blueletaudio.sys
O23 - Service: Bluetooth PAN Network Adapter (BT) - IVT Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\btnetdrv.sys
O23 - Service: Bluetooth USB For Bluetooth Service (Btcsrusb) - IVT Corporation - C:\WINDOWS\SYSTEM32\Drivers\btcusb.sys
O23 - Service: Bluetooth HID Enumerator (BTHidEnum) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vbtenum.sys
O23 - Service: C-Media WDM Audio Interface (cmuda) - C-Media Inc - C:\WINDOWS\SYSTEM32\drivers\cmuda.sys
O23 - Service: Panda Anti-Dialer (ComFiltr) - Unknown owner - C:\WINDOWS\system32\DRIVERS\COMFiltr.sys (file missing)
O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Microsoft Corp., VERITAS Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: IEEE-1284.4 Driver HPZid412 (HPZid412) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys
O23 - Service: Print Class Driver for IEEE-1284.4 HPZipr12 (HPZipr12) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys
O23 - Service: USB to IEEE-1284.4 Translation Driver HPZius12 (HPZius12) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys
O23 - Service: Logitech USB Monitor Filter (LVUSBSta) - Logitech Inc. - C:\WINDOWS\SYSTEM32\drivers\lvusbsta.sys
O23 - Service: Netgroup Packet Filter (NPF) - Unknown owner - C:\WINDOWS\system32\drivers\packet.sys
O23 - Service: PavSRK.sys - Unknown owner - C:\WINDOWS\system32\PavSRK.sys (file missing)
O23 - Service: PavTPK.sys - Unknown owner - C:\WINDOWS\system32\PavTPK.sys (file missing)
O23 - Service: Logitech QuickCam Express(PID_0928) (PID_0928) - Logitech Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LV561AV.SYS
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Controlador de vínculo paralelo directo (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys
O23 - Service: Secdrv - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys
O23 - Service: Prolific Serial port driver (Ser2pl) - Prolific Technology Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ser2pl.sys
O23 - Service: SiS PCI Fast Ethernet Adapter Driver (SISNIC) - SiS Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sisnic.sys
O23 - Service: Servicios de Terminal Server (TermService) - Unknown owner - C:\WINDOWS\System32\svchost -k DComLaunch (file missing)
O23 - Service: Virtual Serial port driver (VComm) - IVT Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\VComm.sys
O23 - Service: Bluetooth VComm Manager Service (VcommMgr) - IVT Corporation - C:\WINDOWS\SYSTEM32\Drivers\VcommMgr.sys
O23 - Service: ZyAIR B-220 IEEE 802.11b Wireless LAN Driver (USB)(ZyXEL) (ZD1201U(ZyXEL)) - ZyDAS Technology Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\zd1201u.sys
O23 - Service: ZDNDIS5 NDIS Protocol Driver (ZDNDIS5) - Printing Communications Assoc., Inc. (PCAUSA) - C:\WINDOWS\system32\ZDNDIS5.SYS
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: dmboot - Microsoft Corp., Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys
43 Servicios.
15 de Carga Automatica.
27 de Carga Manual.
1 Deshabilitados.
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Envianos muestra de estos ficheros para analizar:
C:\Archivos de programa\Security Tools\iesmn.exe
C:\Archivos de programa\Security Tools\iesmin.exe
C:\Documents and Settings\Administrador\Configuración local\Temp\Christmas.exe
C:\Archivos de programa\Security Tools\iesplg.dll
C:\Archivos de programa\Security Tools\iesbpl.dll
->[b] Para ello recordar[/b] https://foros.zonavirus.com/viewtopic.php?f=2&t=45334
justamente algunos están lanzados desde:
HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Archivos de programa\Security Tools\iesmn.exe
HKLM\..\Policies\Explorer\Run: [rare] C:\Archivos de programa\Security Tools\imsmain.exe
lo cual no es visible con el HJT...
y otros desde carpeta temporal ???: O4 - HKLM\..\Run: [ChristmasTree] C:\Documents and Settings\Administrador\Configuración local\Temp\Christmas.exe
lo cual es muy raro y atípico...
De todas formas como que los IES...* podrían estar controlados como variantes del downloader PUPER con el ELISTARA, primero prueba dicha utilidad:
ELISTARA:
http://www.zonavirus.com/descargas/elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
saludos
ms, 19-05-2007
C:\Archivos de programa\Security Tools\iesmn.exe
C:\Archivos de programa\Security Tools\iesmin.exe
C:\Documents and Settings\Administrador\Configuración local\Temp\Christmas.exe
C:\Archivos de programa\Security Tools\iesplg.dll
C:\Archivos de programa\Security Tools\iesbpl.dll
->
justamente algunos están lanzados desde:
HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Archivos de programa\Security Tools\iesmn.exe
HKLM\..\Policies\Explorer\Run: [rare] C:\Archivos de programa\Security Tools\imsmain.exe
lo cual no es visible con el HJT...
y otros desde carpeta temporal ???: O4 - HKLM\..\Run: [ChristmasTree] C:\Documents and Settings\Administrador\Configuración local\Temp\Christmas.exe
lo cual es muy raro y atípico...
De todas formas como que los IES...* podrían estar controlados como variantes del downloader PUPER con el ELISTARA, primero prueba dicha utilidad:
ELISTARA:
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
saludos
ms, 19-05-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Safety alert
Hola de nuevo ya envie las muestras,pero el elistara no puedo pasarlo al llevar un rato funcionamiento el PC se me apaga.Saludos
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Pues es importante que pruebes el ELISTARA por lo del iesmin...
Y como que eso que se cierra no es propio del virus, mirale la temperatura de la CPU, no sea caso que sobrepase los 50 o 55 ºC:
https://foros.zonavirus.com/viewtopic.php?f=5&t=11159
saludos
ms, 20-5-2007
Y como que eso que se cierra no es propio del virus, mirale la temperatura de la CPU, no sea caso que sobrepase los 50 o 55 ºC:
saludos
ms, 20-5-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Analizadas las muestras resultan ser variantes del Downloader Puper que pasamos a controlar con la version 14.02 del ELISTARA de hoy:
ELISTARA:
http://www.zonavirus.com/descargas/elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
A partir de las 20 h GMT estara disponible en esta web para evaluacion en el foro de zonavirus
saludos
ms, 21-05-2007
ELISTARA:
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
A partir de las 20 h GMT estara disponible en esta web para evaluacion en el foro de zonavirus
saludos
ms, 21-05-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
safety alert
Hola acabo de pasarl el ELISTARA 14.02 pero sigo teniendo el icono junto
Mon May 21 20:05:29 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "virus@satinfo.es ". Gracias.
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
Eliminada Class, "{B8C5186E-EC37-4889-9C2E-F73649FFB7BB}" -> C:\Archivos de programa\Security Tools\iesplg.dll
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:11:21 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "virus@satinfo.es ". Gracias.
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
Eliminada Class, "{B8C5186E-EC37-4889-9C2E-F73649FFB7BB}" -> C:\Archivos de programa\Security Tools\iesplg.dll
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:26:33 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "virus@satinfo.es ". Gracias.
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:28:21 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "virus@satinfo.es ". Gracias.
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:29:11 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "virus@satinfo.es ". Gracias.
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:50:30 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Archivos de programa\Security Tools\IESMIN.EXE --> Eliminado, Puper-Ies
C:\Archivos de programa\Security Tools\IESMN.EXE --> Eliminado, Puper-Ies
C:\Archivos de programa\Security Tools\IESPLG.DLL --> Eliminado, Puper-Ies(BHO)
al reloj .Este es el resultado
Mon May 21 20:05:29 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
Eliminada Class, "{B8C5186E-EC37-4889-9C2E-F73649FFB7BB}" -> C:\Archivos de programa\Security Tools\iesplg.dll
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:11:21 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
Eliminada Class, "{B8C5186E-EC37-4889-9C2E-F73649FFB7BB}" -> C:\Archivos de programa\Security Tools\iesplg.dll
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:26:33 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:28:21 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:29:11 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
[SharedTaskScheduler "{0c5a0fff-9164-493b-93e0-17446374e0a0}"]
Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL
a "
C:\ARCHIVOS DE PROGRAMA\SECURITY TOOLS\IESPLG.DLL --> Puper-Ies(BHO) Acceso Denegado.
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-070 de Microsoft instalado. (SServidor)
ALERTA. WindowsUpdate Incompleto.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon May 21 20:50:30 2007
EliStartPage v14.02 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Archivos de programa\Security Tools\IESMIN.EXE --> Eliminado, Puper-Ies
C:\Archivos de programa\Security Tools\IESMN.EXE --> Eliminado, Puper-Ies
C:\Archivos de programa\Security Tools\IESPLG.DLL --> Eliminado, Puper-Ies(BHO)
al reloj .Este es el resultado
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Se te está pidiendo que nos envies muestra de un fichero para analizar...
"Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL "
procede a ello y procederemos
->[b] Para ello recordar[/b] https://foros.zonavirus.com/viewtopic.php?f=2&t=45334
saludos
ms, 21-05-2007
"Por favor, envienos una muestra del fichero
C:\Muestras\DTJBY.DLL "
procede a ello y procederemos
->
saludos
ms, 21-05-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Recibida la muestra, efectivamente es un Fake Alert que pasamos a controlar con la nueva verison de hoy del ELISTARA 14.04
SALUDOS
ms, 23-05-2007
SALUDOS
ms, 23-05-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online