Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help needed! Internet Explorer keeps closing


  • Please log in to reply
3 replies to this topic

#1 drmerengue

drmerengue

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:27 PM

Posted 17 July 2005 - 08:26 PM

Hello!

I have a problem with my internet explorer..it keeps closing after 2 seconds everytime i try to open it, also, Mcafee Antivirus keeps telling me it found a trojan named starpage.DU, it says it's deleted but the message keeps coming again and again...what can i do? i tried to eliminate it with adaware and nothing happenned...here's my Hijackthis log...i hope you guys can help me.. :thumbsup:

Thanks in advance!!!


Logfile of HijackThis v1.99.1
Scan saved at 08:35:52 p.m., on 17/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\ARCHIV~1\mcafee.com\vso\mcvsrte.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
c:\ARCHIV~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\S3apphk.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4C1.EXE
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Archivos comunes\Logitech\QCDriver\LVCOMS.EXE
C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
C:\Archivos de programa\QuickTime\qttask.exe
C:\ARCHIV~1\mcafee.com\vso\mcvsshld.exe
C:\ARCHIV~1\mcafee.com\agent\mcagent.exe
C:\Archivos de programa\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ezSP_Px.exe
c:\archiv~1\mcafee.com\vso\mcvsescn.exe
C:\Archivos de programa\Microsoft AntiSpyware\gcasDtServ.exe
C:\Archivos de programa\MSN\MSNCoreFiles\msn6.exe
c:\archiv~1\mcafee.com\vso\mcvsftsn.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\MSN\MSNCoreFiles\msn6.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\appmz32.exe
C:\Archivos de programa\Microsoft Office\OFFICE11\WINWORD.EXE
C:\ARCHIV~1\WINZIP\winzip32.exe
C:\Documents and Settings\Carlos\Configuración local\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\hhlof.dll/sp.html#93256
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\hhlof.dll/sp.html#93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\hhlof.dll/sp.html#93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\hhlof.dll/sp.html#93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\hhlof.dll/sp.html#93256
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\hhlof.dll/sp.html#93256
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\hhlof.dll/sp.html#93256
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://e1.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {02B6F0C0-81BF-128A-F6DD-072EF4DAA259} - C:\WINDOWS\system32\crfc32.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Class - {1A6C73BC-F02B-9148-3393-BE3C72B10CCF} - C:\WINDOWS\apphe.dll
O2 - BHO: Class - {3A3263E7-0846-8433-D51F-3B7BA70255FF} - C:\WINDOWS\sdktk.dll
O2 - BHO: Class - {489CB8A5-F200-EAC7-EB4D-CADBFD62480E} - C:\WINDOWS\mfcbs32.dll
O2 - BHO: Class - {49A8E70A-06F3-30B7-0087-F3EF602D6A45} - C:\WINDOWS\ieat32.dll
O2 - BHO: Class - {4B33972E-DEC1-88EB-5E8B-A204CB6352D3} - C:\WINDOWS\mfcud.dll
O2 - BHO: Class - {5394D52C-B033-52FF-A69C-E6ABFBFBA8FC} - C:\WINDOWS\ntct.dll
O2 - BHO: Class - {55DEE593-7909-3450-F015-41F3C20541E8} - C:\WINDOWS\ntgv.dll
O2 - BHO: Class - {57E6A677-F1C2-427F-A8EB-9D6D26F602D7} - C:\WINDOWS\mfctx32.dll
O2 - BHO: Class - {5994FD3E-5FC2-9A72-EE68-06292ACBFC71} - C:\WINDOWS\system32\ntro32.dll
O2 - BHO: Class - {6259AAB6-979D-83C5-B2DB-ABC95EA1C8B2} - C:\WINDOWS\system32\msny32.dll
O2 - BHO: Class - {66100307-54EE-8324-718F-DA7041322625} - C:\WINDOWS\system32\crnb32.dll
O2 - BHO: Class - {69B3E2C2-7427-013E-2CAE-3D1CBB040498} - C:\WINDOWS\sdksd.dll
O2 - BHO: Class - {7B1D00B9-B828-5F3C-EB8A-63DF610E0B83} - C:\WINDOWS\windk.dll
O2 - BHO: Class - {9A7083BD-566F-B299-344C-47ABCAB6F765} - C:\WINDOWS\msuu.dll
O2 - BHO: Class - {AEF31B04-E4D2-E8D3-9366-37404CC10854} - C:\WINDOWS\sdkwa.dll
O2 - BHO: Class - {B35C1395-AB2D-BEE6-55AE-F8D331D7F30B} - C:\WINDOWS\system32\iedi32.dll
O2 - BHO: Class - {C458CC4F-5C18-CF54-5A23-59323340458C} - C:\WINDOWS\system32\javabo.dll
O2 - BHO: Class - {CE958B9B-78BD-9AC7-B7C3-F763EB74A464} - C:\WINDOWS\sdkvp.dll
O2 - BHO: Class - {D255DEAC-5FE9-9040-CADA-7E65F2AF6BE4} - C:\WINDOWS\d3cc32.dll
O2 - BHO: Class - {DFC62350-1E0B-BBD2-4CDB-757B623F0FD4} - C:\WINDOWS\system32\msrg.dll
O2 - BHO: Class - {E1008507-7597-E713-6C74-364513A22905} - C:\WINDOWS\sdkjb.dll
O2 - BHO: Class - {EFE2401F-58EB-970A-B52C-25B8387442DA} - C:\WINDOWS\iejk.dll
O2 - BHO: Class - {F75ABCFF-B284-F6ED-A393-097F06754FA7} - C:\WINDOWS\system32\netxp32.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\archiv~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [S3apphk] S3apphk.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [EPSON Stylus C63 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4C1.EXE /P23 "EPSON Stylus C63 Series" /O6 "USB002" /M "Stylus C63"
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Archivos de programa\Archivos comunes\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Archivos de programa\Archivos comunes\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [appmz32.exe] C:\WINDOWS\system32\appmz32.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\ARCHIV~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\ARCHIV~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\ARCHIV~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\ARCHIV~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Archivos de programa\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [atlfy.exe] C:\WINDOWS\system32\atlfy.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [apisl.exe] C:\WINDOWS\system32\apisl.exe
O4 - HKLM\..\RunOnce: [sysve32.exe] C:\WINDOWS\system32\sysve32.exe
O4 - HKLM\..\RunOnce: [winlo32.exe] C:\WINDOWS\winlo32.exe
O4 - HKLM\..\RunOnce: [sdkoq.exe] C:\WINDOWS\sdkoq.exe
O4 - HKLM\..\RunOnce: [mfctk32.exe] C:\WINDOWS\system32\mfctk32.exe
O4 - HKLM\..\RunOnce: [ieqw32.exe] C:\WINDOWS\ieqw32.exe
O4 - HKLM\..\RunOnce: [ntkp32.exe] C:\WINDOWS\system32\ntkp32.exe
O4 - HKLM\..\RunOnce: [d3pr.exe] C:\WINDOWS\d3pr.exe
O4 - HKLM\..\RunOnce: [apppj.exe] C:\WINDOWS\apppj.exe
O4 - HKLM\..\RunOnce: [mfcjb.exe] C:\WINDOWS\mfcjb.exe
O4 - HKLM\..\RunOnce: [winxj32.exe] C:\WINDOWS\system32\winxj32.exe
O4 - HKLM\..\RunOnce: [javakd.exe] C:\WINDOWS\system32\javakd.exe
O4 - HKLM\..\RunOnce: [mfctx.exe] C:\WINDOWS\mfctx.exe
O4 - HKLM\..\RunOnce: [ieyr.exe] C:\WINDOWS\ieyr.exe
O4 - HKLM\..\RunOnce: [netnt.exe] C:\WINDOWS\netnt.exe
O4 - HKLM\..\RunOnce: [sysvz32.exe] C:\WINDOWS\system32\sysvz32.exe
O4 - HKLM\..\RunOnce: [iels32.exe] C:\WINDOWS\iels32.exe
O4 - HKLM\..\RunOnce: [iece32.exe] C:\WINDOWS\system32\iece32.exe
O4 - HKLM\..\RunOnce: [sdkqm.exe] C:\WINDOWS\system32\sdkqm.exe
O4 - HKLM\..\RunOnce: [addzs32.exe] C:\WINDOWS\system32\addzs32.exe
O4 - HKLM\..\RunOnce: [crfm.exe] C:\WINDOWS\system32\crfm.exe
O4 - HKLM\..\RunOnce: [netma.exe] C:\WINDOWS\system32\netma.exe
O4 - HKLM\..\RunOnce: [apips32.exe] C:\WINDOWS\apips32.exe
O4 - HKLM\..\RunOnce: [iezj32.exe] C:\WINDOWS\iezj32.exe
O4 - HKLM\..\RunOnce: [mfcrg32.exe] C:\WINDOWS\system32\mfcrg32.exe
O4 - HKLM\..\RunOnce: [sdkwn32.exe] C:\WINDOWS\system32\sdkwn32.exe
O4 - HKLM\..\RunOnce: [crtw32.exe] C:\WINDOWS\crtw32.exe
O4 - HKLM\..\RunOnce: [apiyq.exe] C:\WINDOWS\apiyq.exe
O4 - HKLM\..\RunOnce: [apisj32.exe] C:\WINDOWS\system32\apisj32.exe
O4 - HKLM\..\RunOnce: [atlle32.exe] C:\WINDOWS\system32\atlle32.exe
O4 - HKLM\..\RunOnce: [atldq.exe] C:\WINDOWS\atldq.exe
O4 - HKLM\..\RunOnce: [mfcde.exe] C:\WINDOWS\mfcde.exe
O4 - HKLM\..\RunOnce: [ieqy32.exe] C:\WINDOWS\ieqy32.exe
O4 - HKLM\..\RunOnce: [ntcr32.exe] C:\WINDOWS\ntcr32.exe
O4 - HKLM\..\RunOnce: [atlpt.exe] C:\WINDOWS\atlpt.exe
O4 - HKLM\..\RunOnce: [mfcbc.exe] C:\WINDOWS\system32\mfcbc.exe
O4 - HKLM\..\RunOnce: [sysoe32.exe] C:\WINDOWS\system32\sysoe32.exe
O4 - HKLM\..\RunOnce: [ievb32.exe] C:\WINDOWS\ievb32.exe
O4 - HKLM\..\RunOnce: [netqq.exe] C:\WINDOWS\netqq.exe
O4 - HKLM\..\RunOnce: [d3sy32.exe] C:\WINDOWS\d3sy32.exe
O4 - HKLM\..\RunOnce: [msvl.exe] C:\WINDOWS\msvl.exe
O4 - HKLM\..\RunOnce: [sdkzp.exe] C:\WINDOWS\system32\sdkzp.exe
O4 - HKLM\..\RunOnce: [mfccy.exe] C:\WINDOWS\mfccy.exe
O4 - HKLM\..\RunOnce: [ieqn.exe] C:\WINDOWS\system32\ieqn.exe
O4 - HKLM\..\RunOnce: [ntdh32.exe] C:\WINDOWS\system32\ntdh32.exe
O4 - HKLM\..\RunOnce: [appxg.exe] C:\WINDOWS\system32\appxg.exe
O4 - HKLM\..\RunOnce: [iphu32.exe] C:\WINDOWS\iphu32.exe
O4 - HKLM\..\RunOnce: [netji32.exe] C:\WINDOWS\system32\netji32.exe
O4 - HKLM\..\RunOnce: [winen32.exe] C:\WINDOWS\winen32.exe
O4 - HKLM\..\RunOnce: [crjh32.exe] C:\WINDOWS\crjh32.exe
O4 - HKLM\..\RunOnce: [syshx.exe] C:\WINDOWS\syshx.exe
O4 - HKLM\..\RunOnce: [javanz.exe] C:\WINDOWS\javanz.exe
O4 - HKLM\..\RunOnce: [ipuy.exe] C:\WINDOWS\system32\ipuy.exe
O4 - HKLM\..\RunOnce: [mswy.exe] C:\WINDOWS\mswy.exe
O4 - HKLM\..\RunOnce: [javagd.exe] C:\WINDOWS\javagd.exe
O4 - HKLM\..\RunOnce: [apiux32.exe] C:\WINDOWS\apiux32.exe
O4 - HKLM\..\RunOnce: [mfctt32.exe] C:\WINDOWS\mfctt32.exe
O4 - HKLM\..\RunOnce: [iego.exe] C:\WINDOWS\iego.exe
O4 - HKLM\..\RunOnce: [d3cx.exe] C:\WINDOWS\system32\d3cx.exe
O4 - HKLM\..\RunOnce: [appzk32.exe] C:\WINDOWS\appzk32.exe
O4 - HKLM\..\RunOnce: [ipkh32.exe] C:\WINDOWS\system32\ipkh32.exe
O4 - HKLM\..\RunOnce: [apicn.exe] C:\WINDOWS\system32\apicn.exe
O4 - HKLM\..\RunOnce: [syshh32.exe] C:\WINDOWS\system32\syshh32.exe
O4 - HKLM\..\RunOnce: [ntlc32.exe] C:\WINDOWS\system32\ntlc32.exe
O4 - HKLM\..\RunOnce: [mfcjs.exe] C:\WINDOWS\mfcjs.exe
O4 - HKLM\..\RunOnce: [winqd.exe] C:\WINDOWS\system32\winqd.exe
O4 - HKLM\..\RunOnce: [apija.exe] C:\WINDOWS\apija.exe
O4 - HKLM\..\RunOnce: [ieqk.exe] C:\WINDOWS\ieqk.exe
O4 - HKLM\..\RunOnce: [craq32.exe] C:\WINDOWS\system32\craq32.exe
O4 - HKLM\..\RunOnce: [d3vi32.exe] C:\WINDOWS\d3vi32.exe
O4 - HKLM\..\RunOnce: [netak32.exe] C:\WINDOWS\netak32.exe
O4 - HKLM\..\RunOnce: [ntxi.exe] C:\WINDOWS\system32\ntxi.exe
O4 - HKLM\..\RunOnce: [atlls.exe] C:\WINDOWS\system32\atlls.exe
O4 - HKLM\..\RunOnce: [ieqm32.exe] C:\WINDOWS\system32\ieqm32.exe
O4 - HKLM\..\RunOnce: [appjl32.exe] C:\WINDOWS\system32\appjl32.exe
O4 - HKLM\..\RunOnce: [atlsx.exe] C:\WINDOWS\system32\atlsx.exe
O4 - HKLM\..\RunOnce: [msxr32.exe] C:\WINDOWS\system32\msxr32.exe
O4 - HKLM\..\RunOnce: [sdkiq.exe] C:\WINDOWS\sdkiq.exe
O4 - HKLM\..\RunOnce: [atlvk32.exe] C:\WINDOWS\atlvk32.exe
O4 - HKLM\..\RunOnce: [d3yh.exe] C:\WINDOWS\system32\d3yh.exe
O4 - HKLM\..\RunOnce: [syseh.exe] C:\WINDOWS\syseh.exe
O4 - HKLM\..\RunOnce: [javarb32.exe] C:\WINDOWS\javarb32.exe
O4 - HKLM\..\RunOnce: [d3rp.exe] C:\WINDOWS\system32\d3rp.exe
O4 - HKLM\..\RunOnce: [netwj32.exe] C:\WINDOWS\netwj32.exe
O4 - HKLM\..\RunOnce: [appvx32.exe] C:\WINDOWS\system32\appvx32.exe
O4 - HKLM\..\RunOnce: [netot.exe] C:\WINDOWS\netot.exe
O4 - HKLM\..\RunOnce: [adduv32.exe] C:\WINDOWS\system32\adduv32.exe
O4 - HKLM\..\RunOnce: [d3fw32.exe] C:\WINDOWS\d3fw32.exe
O4 - HKLM\..\RunOnce: [atloc.exe] C:\WINDOWS\atloc.exe
O4 - HKLM\..\RunOnce: [ietw32.exe] C:\WINDOWS\ietw32.exe
O4 - HKLM\..\RunOnce: [apist32.exe] C:\WINDOWS\apist32.exe
O4 - HKLM\..\RunOnce: [winyn.exe] C:\WINDOWS\winyn.exe
O4 - HKLM\..\RunOnce: [mfccp.exe] C:\WINDOWS\system32\mfccp.exe
O4 - HKLM\..\RunOnce: [sdknv.exe] C:\WINDOWS\sdknv.exe
O4 - HKLM\..\RunOnce: [ntrl.exe] C:\WINDOWS\system32\ntrl.exe
O4 - HKLM\..\RunOnce: [javalc.exe] C:\WINDOWS\system32\javalc.exe
O4 - HKLM\..\RunOnce: [apiyk32.exe] C:\WINDOWS\system32\apiyk32.exe
O4 - HKLM\..\RunOnce: [ntah32.exe] C:\WINDOWS\ntah32.exe
O4 - HKLM\..\RunOnce: [apifp32.exe] C:\WINDOWS\system32\apifp32.exe
O4 - HKLM\..\RunOnce: [syslj.exe] C:\WINDOWS\syslj.exe
O4 - HKLM\..\RunOnce: [d3pt32.exe] C:\WINDOWS\system32\d3pt32.exe
O4 - HKLM\..\RunOnce: [addip.exe] C:\WINDOWS\addip.exe
O4 - HKLM\..\RunOnce: [atldm32.exe] C:\WINDOWS\atldm32.exe
O4 - HKLM\..\RunOnce: [crht32.exe] C:\WINDOWS\system32\crht32.exe
O4 - HKLM\..\RunOnce: [sdkoy.exe] C:\WINDOWS\system32\sdkoy.exe
O4 - HKLM\..\RunOnce: [atlbt.exe] C:\WINDOWS\system32\atlbt.exe
O4 - HKLM\..\RunOnce: [winag32.exe] C:\WINDOWS\winag32.exe
O4 - HKLM\..\RunOnce: [javafi32.exe] C:\WINDOWS\system32\javafi32.exe
O4 - HKLM\..\RunOnce: [atltd.exe] C:\WINDOWS\atltd.exe
O4 - HKLM\..\RunOnce: [ieyf.exe] C:\WINDOWS\system32\ieyf.exe
O4 - HKLM\..\RunOnce: [appxa32.exe] C:\WINDOWS\appxa32.exe
O4 - HKLM\..\RunOnce: [mscu.exe] C:\WINDOWS\system32\mscu.exe
O4 - HKLM\..\RunOnce: [iewl.exe] C:\WINDOWS\iewl.exe
O4 - HKLM\..\RunOnce: [sdkbf32.exe] C:\WINDOWS\sdkbf32.exe
O4 - HKLM\..\RunOnce: [apisd.exe] C:\WINDOWS\apisd.exe
O4 - HKLM\..\RunOnce: [apiwq32.exe] C:\WINDOWS\system32\apiwq32.exe
O4 - HKLM\..\RunOnce: [crou.exe] C:\WINDOWS\crou.exe
O4 - HKLM\..\RunOnce: [netuw32.exe] C:\WINDOWS\netuw32.exe
O4 - HKLM\..\RunOnce: [javanv32.exe] C:\WINDOWS\javanv32.exe
O4 - HKLM\..\RunOnce: [mfcsp.exe] C:\WINDOWS\mfcsp.exe
O4 - HKLM\..\RunOnce: [crvz.exe] C:\WINDOWS\crvz.exe
O4 - HKLM\..\RunOnce: [apibb32.exe] C:\WINDOWS\apibb32.exe
O4 - HKLM\..\RunOnce: [addus.exe] C:\WINDOWS\system32\addus.exe
O4 - HKLM\..\RunOnce: [crzm32.exe] C:\WINDOWS\system32\crzm32.exe
O4 - HKLM\..\RunOnce: [addcg32.exe] C:\WINDOWS\system32\addcg32.exe
O4 - HKLM\..\RunOnce: [ntyp32.exe] C:\WINDOWS\ntyp32.exe
O4 - HKLM\..\RunOnce: [atllj.exe] C:\WINDOWS\atllj.exe
O4 - HKLM\..\RunOnce: [winem32.exe] C:\WINDOWS\winem32.exe
O4 - HKLM\..\RunOnce: [apiok32.exe] C:\WINDOWS\system32\apiok32.exe
O4 - HKLM\..\RunOnce: [winte.exe] C:\WINDOWS\system32\winte.exe
O4 - HKLM\..\RunOnce: [javafh.exe] C:\WINDOWS\javafh.exe
O4 - HKLM\..\RunOnce: [addrh.exe] C:\WINDOWS\system32\addrh.exe
O4 - HKLM\..\RunOnce: [crot.exe] C:\WINDOWS\system32\crot.exe
O4 - HKLM\..\RunOnce: [winyp.exe] C:\WINDOWS\winyp.exe
O4 - HKLM\..\RunOnce: [winmm32.exe] C:\WINDOWS\system32\winmm32.exe
O4 - HKLM\..\RunOnce: [sdkpb.exe] C:\WINDOWS\system32\sdkpb.exe
O4 - HKLM\..\RunOnce: [mfcud.exe] C:\WINDOWS\system32\mfcud.exe
O4 - HKLM\..\RunOnce: [sdkca32.exe] C:\WINDOWS\system32\sdkca32.exe
O4 - HKLM\..\RunOnce: [ieej32.exe] C:\WINDOWS\system32\ieej32.exe
O4 - HKLM\..\RunOnce: [sdksd.exe] C:\WINDOWS\system32\sdksd.exe
O4 - HKLM\..\RunOnce: [appbv.exe] C:\WINDOWS\appbv.exe
O4 - HKLM\..\RunOnce: [winux32.exe] C:\WINDOWS\winux32.exe
O4 - HKLM\..\RunOnce: [winrq32.exe] C:\WINDOWS\system32\winrq32.exe
O4 - HKLM\..\RunOnce: [ntat32.exe] C:\WINDOWS\ntat32.exe
O4 - HKLM\..\RunOnce: [appgo32.exe] C:\WINDOWS\system32\appgo32.exe
O4 - HKLM\..\RunOnce: [ienr32.exe] C:\WINDOWS\ienr32.exe
O4 - HKLM\..\RunOnce: [sdksl.exe] C:\WINDOWS\sdksl.exe
O4 - HKLM\..\RunOnce: [atlni32.exe] C:\WINDOWS\atlni32.exe
O4 - HKLM\..\RunOnce: [iesc.exe] C:\WINDOWS\iesc.exe
O4 - HKLM\..\RunOnce: [ievu.exe] C:\WINDOWS\ievu.exe
O4 - HKLM\..\RunOnce: [ntao.exe] C:\WINDOWS\ntao.exe
O4 - HKLM\..\RunOnce: [crzb32.exe] C:\WINDOWS\system32\crzb32.exe
O4 - HKLM\..\RunOnce: [apinw.exe] C:\WINDOWS\system32\apinw.exe
O4 - HKLM\..\RunOnce: [mshh.exe] C:\WINDOWS\mshh.exe
O4 - HKLM\..\RunOnce: [appsd32.exe] C:\WINDOWS\system32\appsd32.exe
O4 - HKLM\..\RunOnce: [mfclp32.exe] C:\WINDOWS\system32\mfclp32.exe
O4 - HKLM\..\RunOnce: [sdkwl.exe] C:\WINDOWS\sdkwl.exe
O4 - HKLM\..\RunOnce: [mssx.exe] C:\WINDOWS\system32\mssx.exe
O4 - HKLM\..\RunOnce: [ipxz.exe] C:\WINDOWS\ipxz.exe
O4 - HKLM\..\RunOnce: [crad.exe] C:\WINDOWS\system32\crad.exe
O4 - HKLM\..\RunOnce: [winev.exe] C:\WINDOWS\winev.exe
O4 - HKLM\..\RunOnce: [netid32.exe] C:\WINDOWS\system32\netid32.exe
O4 - HKLM\..\RunOnce: [javazv32.exe] C:\WINDOWS\javazv32.exe
O4 - HKLM\..\RunOnce: [sysav32.exe] C:\WINDOWS\system32\sysav32.exe
O4 - HKLM\..\RunOnce: [sdkfx.exe] C:\WINDOWS\system32\sdkfx.exe
O4 - HKLM\..\RunOnce: [d3tx.exe] C:\WINDOWS\system32\d3tx.exe
O4 - HKLM\..\RunOnce: [ntsk.exe] C:\WINDOWS\ntsk.exe
O4 - HKLM\..\RunOnce: [nthd32.exe] C:\WINDOWS\system32\nthd32.exe
O4 - HKLM\..\RunOnce: [atlff32.exe] C:\WINDOWS\system32\atlff32.exe
O4 - HKLM\..\RunOnce: [iekz.exe] C:\WINDOWS\system32\iekz.exe
O4 - HKLM\..\RunOnce: [syswc.exe] C:\WINDOWS\syswc.exe
O4 - HKLM\..\RunOnce: [apimn.exe] C:\WINDOWS\system32\apimn.exe
O4 - HKLM\..\RunOnce: [syszp32.exe] C:\WINDOWS\syszp32.exe
O4 - HKLM\..\RunOnce: [ntcm.exe] C:\WINDOWS\ntcm.exe
O4 - HKLM\..\RunOnce: [ntxu.exe] C:\WINDOWS\ntxu.exe
O4 - HKLM\..\RunOnce: [atllw32.exe] C:\WINDOWS\atllw32.exe
O4 - HKLM\..\RunOnce: [netqy32.exe] C:\WINDOWS\system32\netqy32.exe
O4 - HKLM\..\RunOnce: [winjr32.exe] C:\WINDOWS\system32\winjr32.exe
O4 - HKLM\..\RunOnce: [apiun.exe] C:\WINDOWS\apiun.exe
O4 - HKLM\..\RunOnce: [iect.exe] C:\WINDOWS\system32\iect.exe
O4 - HKLM\..\RunOnce: [ntio32.exe] C:\WINDOWS\system32\ntio32.exe
O4 - HKLM\..\RunOnce: [crqh.exe] C:\WINDOWS\crqh.exe
O4 - HKLM\..\RunOnce: [sysro32.exe] C:\WINDOWS\system32\sysro32.exe
O4 - HKLM\..\RunOnce: [appjf.exe] C:\WINDOWS\system32\appjf.exe
O4 - HKLM\..\RunOnce: [msph.exe] C:\WINDOWS\system32\msph.exe
O4 - HKLM\..\RunOnce: [crna32.exe] C:\WINDOWS\crna32.exe
O4 - HKLM\..\RunOnce: [netac.exe] C:\WINDOWS\netac.exe
O4 - HKLM\..\RunOnce: [d3wm.exe] C:\WINDOWS\system32\d3wm.exe
O4 - HKLM\..\RunOnce: [appuf.exe] C:\WINDOWS\appuf.exe
O4 - HKLM\..\RunOnce: [mshz32.exe] C:\WINDOWS\system32\mshz32.exe
O4 - HKLM\..\RunOnce: [apidw.exe] C:\WINDOWS\system32\apidw.exe
O4 - HKLM\..\RunOnce: [winqq32.exe] C:\WINDOWS\winqq32.exe
O4 - HKLM\..\RunOnce: [sdkqw32.exe] C:\WINDOWS\system32\sdkqw32.exe
O4 - HKLM\..\RunOnce: [atleq32.exe] C:\WINDOWS\system32\atleq32.exe
O4 - HKLM\..\RunOnce: [ntop.exe] C:\WINDOWS\ntop.exe
O4 - HKLM\..\RunOnce: [atltr32.exe] C:\WINDOWS\atltr32.exe
O4 - HKLM\..\RunOnce: [ipxt32.exe] C:\WINDOWS\system32\ipxt32.exe
O4 - HKLM\..\RunOnce: [appdn.exe] C:\WINDOWS\system32\appdn.exe
O4 - HKLM\..\RunOnce: [appgc.exe] C:\WINDOWS\system32\appgc.exe
O4 - HKLM\..\RunOnce: [cruf.exe] C:\WINDOWS\cruf.exe
O4 - HKLM\..\RunOnce: [netzz32.exe] C:\WINDOWS\netzz32.exe
O4 - HKLM\..\RunOnce: [ipnb.exe] C:\WINDOWS\ipnb.exe
O4 - HKLM\..\RunOnce: [atlch.exe] C:\WINDOWS\system32\atlch.exe
O4 - HKLM\..\RunOnce: [ievg32.exe] C:\WINDOWS\system32\ievg32.exe
O4 - HKLM\..\RunOnce: [d3ae32.exe] C:\WINDOWS\d3ae32.exe
O4 - HKLM\..\RunOnce: [addmw32.exe] C:\WINDOWS\system32\addmw32.exe
O4 - HKLM\..\RunOnce: [ieog32.exe] C:\WINDOWS\system32\ieog32.exe
O4 - HKLM\..\RunOnce: [atljm.exe] C:\WINDOWS\system32\atljm.exe
O4 - HKLM\..\RunOnce: [addhf32.exe] C:\WINDOWS\system32\addhf32.exe
O4 - HKLM\..\RunOnce: [d3mz.exe] C:\WINDOWS\system32\d3mz.exe
O4 - HKLM\..\RunOnce: [apiac.exe] C:\WINDOWS\system32\apiac.exe
O4 - HKLM\..\RunOnce: [javaqz32.exe] C:\WINDOWS\system32\javaqz32.exe
O4 - HKLM\..\RunOnce: [mspg32.exe] C:\WINDOWS\system32\mspg32.exe
O4 - HKLM\..\RunOnce: [crkk.exe] C:\WINDOWS\system32\crkk.exe
O4 - HKLM\..\RunOnce: [winou.exe] C:\WINDOWS\system32\winou.exe
O4 - HKLM\..\RunOnce: [sdkcz32.exe] C:\WINDOWS\system32\sdkcz32.exe
O4 - HKLM\..\RunOnce: [crnk32.exe] C:\WINDOWS\system32\crnk32.exe
O4 - HKLM\..\RunOnce: [apiso32.exe] C:\WINDOWS\apiso32.exe
O4 - HKLM\..\RunOnce: [d3va.exe] C:\WINDOWS\system32\d3va.exe
O4 - HKLM\..\RunOnce: [wintn32.exe] C:\WINDOWS\system32\wintn32.exe
O4 - HKLM\..\RunOnce: [addtd32.exe] C:\WINDOWS\system32\addtd32.exe
O4 - HKLM\..\RunOnce: [netdw32.exe] C:\WINDOWS\netdw32.exe
O4 - HKLM\..\RunOnce: [iede.exe] C:\WINDOWS\iede.exe
O4 - HKLM\..\RunOnce: [crhi.exe] C:\WINDOWS\crhi.exe
O4 - HKLM\..\RunOnce: [ntro.exe] C:\WINDOWS\ntro.exe
O4 - HKLM\..\RunOnce: [ipao32.exe] C:\WINDOWS\ipao32.exe
O4 - HKLM\..\RunOnce: [netol32.exe] C:\WINDOWS\system32\netol32.exe
O4 - HKLM\..\RunOnce: [addti.exe] C:\WINDOWS\addti.exe
O4 - HKLM\..\RunOnce: [mspu.exe] C:\WINDOWS\system32\mspu.exe
O4 - HKLM\..\RunOnce: [apiya32.exe] C:\WINDOWS\system32\apiya32.exe
O4 - HKLM\..\RunOnce: [addwh.exe] C:\WINDOWS\addwh.exe
O4 - HKLM\..\RunOnce: [crvx32.exe] C:\WINDOWS\crvx32.exe
O4 - HKLM\..\RunOnce: [iplm32.exe] C:\WINDOWS\system32\iplm32.exe
O4 - HKLM\..\RunOnce: [nttu.exe] C:\WINDOWS\system32\nttu.exe
O4 - HKLM\..\RunOnce: [iexm32.exe] C:\WINDOWS\iexm32.exe
O4 - HKLM\..\RunOnce: [sysxu.exe] C:\WINDOWS\sysxu.exe
O4 - HKLM\..\RunOnce: [iefu.exe] C:\WINDOWS\system32\iefu.exe
O4 - HKLM\..\RunOnce: [mfcvj32.exe] C:\WINDOWS\mfcvj32.exe
O4 - HKLM\..\RunOnce: [iplr32.exe] C:\WINDOWS\iplr32.exe
O4 - HKLM\..\RunOnce: [apigd.exe] C:\WINDOWS\apigd.exe
O4 - HKLM\..\RunOnce: [atlke32.exe] C:\WINDOWS\system32\atlke32.exe
O4 - HKLM\..\RunOnce: [addfq.exe] C:\WINDOWS\system32\addfq.exe
O4 - HKLM\..\RunOnce: [d3eg32.exe] C:\WINDOWS\system32\d3eg32.exe
O4 - HKLM\..\RunOnce: [ipcn32.exe] C:\WINDOWS\ipcn32.exe
O4 - HKLM\..\RunOnce: [ntcd.exe] C:\WINDOWS\ntcd.exe
O4 - HKLM\..\RunOnce: [sysfn32.exe] C:\WINDOWS\sysfn32.exe
O4 - HKLM\..\RunOnce: [winfv.exe] C:\WINDOWS\system32\winfv.exe
O4 - HKLM\..\RunOnce: [ieod.exe] C:\WINDOWS\ieod.exe
O4 - HKLM\..\RunOnce: [mfcds.exe] C:\WINDOWS\system32\mfcds.exe
O4 - HKLM\..\RunOnce: [d3yb32.exe] C:\WINDOWS\d3yb32.exe
O4 - HKLM\..\RunOnce: [mfcyj.exe] C:\WINDOWS\system32\mfcyj.exe
O4 - HKLM\..\RunOnce: [apiiz.exe] C:\WINDOWS\system32\apiiz.exe
O4 - HKLM\..\RunOnce: [mfcrz.exe] C:\WINDOWS\mfcrz.exe
O4 - HKLM\..\RunOnce: [javago32.exe] C:\WINDOWS\system32\javago32.exe
O4 - HKLM\..\RunOnce: [sysqn32.exe] C:\WINDOWS\sysqn32.exe
O4 - HKLM\..\RunOnce: [apiuy32.exe] C:\WINDOWS\system32\apiuy32.exe
O4 - HKLM\..\RunOnce: [ntyd.exe] C:\WINDOWS\system32\ntyd.exe
O4 - HKLM\..\RunOnce: [ipzd32.exe] C:\WINDOWS\ipzd32.exe
O4 - HKLM\..\RunOnce: [ieij.exe] C:\WINDOWS\system32\ieij.exe
O4 - HKLM\..\RunOnce: [mfcyy32.exe] C:\WINDOWS\mfcyy32.exe
O4 - HKLM\..\RunOnce: [ipwo.exe] C:\WINDOWS\system32\ipwo.exe
O4 - HKLM\..\RunOnce: [addot.exe] C:\WINDOWS\system32\addot.exe
O4 - HKLM\..\RunOnce: [crtv.exe] C:\WINDOWS\crtv.exe
O4 - HKLM\..\RunOnce: [mfcsa.exe] C:\WINDOWS\system32\mfcsa.exe
O4 - HKLM\..\RunOnce: [ieyc.exe] C:\WINDOWS\system32\ieyc.exe
O4 - HKLM\..\RunOnce: [sysdq32.exe] C:\WINDOWS\system32\sysdq32.exe
O4 - HKLM\..\RunOnce: [appui32.exe] C:\WINDOWS\appui32.exe
O4 - HKLM\..\RunOnce: [ipee.exe] C:\WINDOWS\system32\ipee.exe
O4 - HKLM\..\RunOnce: [mfcgz32.exe] C:\WINDOWS\system32\mfcgz32.exe
O4 - HKLM\..\RunOnce: [ietb.exe] C:\WINDOWS\system32\ietb.exe
O4 - HKLM\..\RunOnce: [crit.exe] C:\WINDOWS\crit.exe
O4 - HKLM\..\RunOnce: [netov32.exe] C:\WINDOWS\netov32.exe
O4 - HKLM\..\RunOnce: [syskv.exe] C:\WINDOWS\syskv.exe
O4 - HKLM\..\RunOnce: [mswf32.exe] C:\WINDOWS\mswf32.exe
O4 - HKLM\..\RunOnce: [ipbz32.exe] C:\WINDOWS\ipbz32.exe
O4 - HKLM\..\RunOnce: [atlrl.exe] C:\WINDOWS\system32\atlrl.exe
O4 - HKLM\..\RunOnce: [mswn.exe] C:\WINDOWS\mswn.exe
O4 - HKLM\..\RunOnce: [addfm.exe] C:\WINDOWS\system32\addfm.exe
O4 - HKLM\..\RunOnce: [appfa.exe] C:\WINDOWS\system32\appfa.exe
O4 - HKLM\..\RunOnce: [neteo32.exe] C:\WINDOWS\system32\neteo32.exe
O4 - HKLM\..\RunOnce: [atlui.exe] C:\WINDOWS\atlui.exe
O4 - HKLM\..\RunOnce: [appsd.exe] C:\WINDOWS\appsd.exe
O4 - HKLM\..\RunOnce: [mfclx32.exe] C:\WINDOWS\mfclx32.exe
O4 - HKLM\..\RunOnce: [mszx.exe] C:\WINDOWS\system32\mszx.exe
O4 - HKLM\..\RunOnce: [appgu.exe] C:\WINDOWS\appgu.exe
O4 - HKLM\..\RunOnce: [ntlw32.exe] C:\WINDOWS\ntlw32.exe
O4 - HKLM\..\RunOnce: [msjr.exe] C:\WINDOWS\msjr.exe
O4 - HKLM\..\RunOnce: [sdkgv32.exe] C:\WINDOWS\system32\sdkgv32.exe
O4 - HKLM\..\RunOnce: [atllx.exe] C:\WINDOWS\system32\atllx.exe
O4 - HKLM\..\RunOnce: [wintm32.exe] C:\WINDOWS\wintm32.exe
O4 - HKLM\..\RunOnce: [crba32.exe] C:\WINDOWS\crba32.exe
O4 - HKLM\..\RunOnce: [ipue32.exe] C:\WINDOWS\ipue32.exe
O4 - HKLM\..\RunOnce: [mfczo.exe] C:\WINDOWS\mfczo.exe
O4 - HKLM\..\RunOnce: [sysei.exe] C:\WINDOWS\sysei.exe
O4 - HKLM\..\RunOnce: [d3xl32.exe] C:\WINDOWS\d3xl32.exe
O4 - HKLM\..\RunOnce: [d3ud32.exe] C:\WINDOWS\system32\d3ud32.exe
O4 - HKLM\..\RunOnce: [d3ep32.exe] C:\WINDOWS\d3ep32.exe
O4 - HKLM\..\RunOnce: [crcg.exe] C:\WINDOWS\system32\crcg.exe
O4 - HKLM\..\RunOnce: [d3ry.exe] C:\WINDOWS\system32\d3ry.exe
O4 - HKLM\..\RunOnce: [ieut32.exe] C:\WINDOWS\system32\ieut32.exe
O4 - HKLM\..\RunOnce: [appdi32.exe] C:\WINDOWS\appdi32.exe
O4 - HKLM\..\RunOnce: [apiqn.exe] C:\WINDOWS\system32\apiqn.exe
O4 - HKLM\..\RunOnce: [sysvp32.exe] C:\WINDOWS\sysvp32.exe
O4 - HKLM\..\RunOnce: [atloo32.exe] C:\WINDOWS\system32\atloo32.exe
O4 - HKLM\..\RunOnce: [msti.exe] C:\WINDOWS\msti.exe
O4 - HKLM\..\RunOnce: [appib32.exe] C:\WINDOWS\appib32.exe
O4 - HKLM\..\RunOnce: [winsg.exe] C:\WINDOWS\winsg.exe
O4 - HKLM\..\RunOnce: [crxa32.exe] C:\WINDOWS\system32\crxa32.exe
O4 - HKLM\..\RunOnce: [addwt32.exe] C:\WINDOWS\addwt32.exe
O4 - HKLM\..\RunOnce: [apice32.exe] C:\WINDOWS\system32\apice32.exe
O4 - HKLM\..\RunOnce: [winfp.exe] C:\WINDOWS\system32\winfp.exe
O4 - HKLM\..\RunOnce: [apiwk32.exe] C:\WINDOWS\system32\apiwk32.exe
O4 - HKLM\..\RunOnce: [addfh32.exe] C:\WINDOWS\system32\addfh32.exe
O4 - HKLM\..\RunOnce: [netxv.exe] C:\WINDOWS\system32\netxv.exe
O4 - HKLM\..\RunOnce: [appzy.exe] C:\WINDOWS\appzy.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Software Gratuito - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\geop-pillasoftware\index.html (file missing)
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra button: LiveCams Planet - {1FCB1885-FEC4-73A0-CB34-D947F2EA6DB5} - C:\Archivos de programa\LiveCams Planet\lcp.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: &LiveCams Planet - {1FCB1885-FEC4-73A0-CB34-D947F2EA6DB5} - C:\Archivos de programa\LiveCams Planet\lcp.exe (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.cantv.net
O16 - DPF: ConferenceRoom Java Client - http://dune.webchat.org:8000/java/cr.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) - http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary/Upwords.cab31267.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/assets/activ...ALStreaming.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/124aed24d9edffca7801/...RdxIE601_es.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers...ll/pinstall.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/...login-devel.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {C4660846-8760-4852-8154-82438E33E383} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O23 - Service: Workstation NetLogon Service ( 11Fßä #•ºÄÖ`I) - Unknown owner - C:\WINDOWS\d3pr.exe" /s (file missing)
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\ARCHIV~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\ARCHIV~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\ARCHIV~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe

BC AdBot (Login to Remove)

 


#2 drmerengue

drmerengue
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:27 PM

Posted 17 July 2005 - 10:17 PM

bump! :thumbsup:

Pleeeeease...need some help here!

Thanks again!

#3 drmerengue

drmerengue
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:27 PM

Posted 18 July 2005 - 07:42 AM

bump!
:huh

//Mod edit: Every time you attempt to bump your log, you only
put yourself farther back in the time sequence. Logs are analyzed on a first in,
first worked basis. All HJT Techs are volunteers. Please be patient.

Edited by KoanYorel, 18 July 2005 - 09:52 PM.


#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,572 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:27 PM

Posted 19 July 2005 - 04:17 PM

Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

First:
Please download ewido security suite it is a trial version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido, there should be an icon on your desktop double-click it.
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Then click on Start Update
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update ewido.
http://www.ewido.net/en/download/updates/

Once the updates are installed close the Ewido program.

Reboot your computer into Safe Mode

Once in safe mode, start Ewido and do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • While the scan is in progress you will be prompted to clean files, click OK
  • When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report.txt file to your desktop.
Now close ewido security suite.

Reboot back to normal mode, open report.txt and post it as a reply to this post along with a new hijackthis log.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users