| k4i |  |
|
2005-07-24 03:30 - Respuestas: 16 - Tema nº: 38780
Saludos!!!!
tengo este problema y al principio me pasaba lo del explorer.exe y me daba error pero lo arregle .... eso creo XD.... pero weno ahora el problema me lo da al intentar enviar algun archivo o al recibirlo.... tmb el antivirus me envia avisos de intentos de entrada de lsass y el dcom Exploit .
Pase el hijackthis y aki esta el log.... a x cierto nada + pasarlo se blokea... se guarda el log pero el hijack se queda blokeao y no responde ...
Logfile of HijackThis v1.99.1
Scan saved at 3:19:25, on 24/07/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\Archivos de programa\Winamp\Winampa.exe
C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Archivos de programa\Winamp\winamp.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Ordenador\Mis documentos\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://69.50.182.88/?qq=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://69.50.182.88/?qq=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://msaps.dll/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ORDENA~1\CONFIG~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://69.50.182.88/?qq=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://69.50.182.88/?qq=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://69.50.182.88/?qq=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{FDE3577A-6254-181C-4E11-339E4F746BD3} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Archivos de programa\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
F2 - REG:system.ini: Shell=Explorer.exe, msmsgs.exe
O1 - Hosts: 69.50.136.245 www.madthumbs.com
O1 - Hosts: 69.50.136.245 madthumbs.com www.sexocean.com sexocean.com www.cowlist.com cowlist.com www.easygals.com easygals.com www.muyzorras.com muyzorras.com www.xnxx.com xnxx.com
O1 - Hosts: 69.50.136.245 www.pichunter.com pichunter.com www.88by88.com 88by88.com www.rubias19.com rubias19.com hqgal.com www.hqgal.com petiteteenager.com www.petiteteenager.com petardas.com www.petardas.com
O1 - Hosts: 69.50.136.245 puppykibble.com www.puppykibble.com www.sweetiestgp.com sweetiestgp.com www.bunnyteens.com bunnyteens.com www.amateurcurves.com amateurcurves.com thumbzilla.com www.thumbzilla.com
O1 - Hosts: 69.50.136.245 sexape.com www.sexape.com picwarehouse.com www.picwarehouse.com sublimedirectory.com www.sublimedirectory.com fuckk.com www.fuckk.com youngerbabes.com www.youngerbabes.com 1storgasm.com www.1storgasm.com slickgalleries.com
O1 - Hosts: 69.50.136.245 www.madteenies.com madteenies.com www.slickgalleries.com 10*****.com www.10*****.com smashingthumbs.com www.thumbnailseries.com thumbnailseries.com goatlist.com www.goatlist.com teentiger.com www.teentiger.com
O1 - Hosts: 69.50.136.245 www.worldsex.com worldsex.com www.al4a.com al4a.com www.89.com 89.com www.thumberland.com thumberland.com www.freeheaven.com freeheaven.com www.spyass.com spyass.com www.ampland.com ampland.com secretarygalleries.com
O1 - Hosts: 69.50.136.245 amandalist.com www.amandalist.com www.absolut-series.com absolut-series.com lloronas.com www.lloronas.com p0rno.org www.p0rno.org www.starslist.com starslist.com gigagalleries.com
O1 - Hosts: 69.50.136.245 dianapost.com www.dianapost.com www.zadina.com zadina.com www.frogsex.com frogsex.com teenagesecrets.biz www.teenagesecrets.biz ratemycameltoe.com www.mature-post.com mature-post.com www.call-kelly.com
O1 - Hosts: 69.50.136.245 elreyano.com www.elreyano.com purextc.com www.purextc.com officespy.com www.officespy.com www.secretarygalleries.com www.gigagalleries.com www.croseries.com croseries.com www.top-galleries.com top-galleries.com
O1 - Hosts: 69.50.136.245 *****.org www.*****.org freesmutseries.net www.freesmutseries.net porno-pics-free.com www.porno-pics-free.com catlist.com www.smashingthumbs.com call-kelly.com www.boneme.com boneme.com www.series-xxx.com series-xxx.com
O1 - Hosts: 69.50.136.245 teeniefiles.com www.teeniefiles.com jpeg4free.com www.jpeg4free.com www.catlist.com www.ratemycameltoe.com sleazydream.com www.sleazydream.com www.justacthard.com justacthard.com
O1 - Hosts: 69.50.136.245 sexyfotky.cz www.sexyfotky.cz hammervideo.com www.hammervideo.com raw*****.com www.raw*****.com teeniesxxx.com www.teeniesxxx.com porn-view.com www.porn-view.com dailybasis.com www.dailybasis.com
O1 - Hosts: 69.50.136.245 pornstarfinder.net www.pornstarfinder.net jennysbookmarks.com www.jennysbookmarks.com babes4free.com www.babes4free.com 3pic.com www.3pic.com www.freefoto.cz freefoto.cz
O1 - Hosts: 69.50.136.245 searchgals.com www.searchgals.com picsmonster.com www.picsmonster.com sublimepie.com www.sublimepie.com pornhelious.com www.pornhelious.com galleries4free.com www.galleries4free.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {13853142-A0FF-FD5B-D2E7-F90A7A0EA1ED} - (no file)
O2 - BHO: BHOMoneyGainer Class - {2559D0B1-AF60-4BD5-965D-0E51383A6367} - (no file)
O2 - BHO: (no name) - {54432EBF-BBF6-497F-8BE5-C289ED2C97D2} - (no file)
O2 - BHO: ZToolbar Activator Class - {FFF5092F-7172-4018-827B-FA5868FB0478} - (no file)
O3 - Toolbar: Magic Search - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - (no file)
O4 - HKLM\..\Run: [AgenteADSL_15] C:\Archivos de programa\Telefonica\KitAIM\AimExDll.exe AimGestA.dll 10 run
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Archivos de programa\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Platinum Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RegSvr32] C:\WINDOWS\System32\msmsgs.exe
O4 - HKLM\..\Run: [MS taskbar W] task32w.exe
O4 - HKLM\..\RunServices: [Popup Blocker System32c Monitoring] PopUpBlockercd.exe
O4 - HKLM\..\RunServices: [MS taskbar W] task32w.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\Run: [bootreg system] actboost32.exe
O4 - HKCU\..\Run: [Microsoft Connection Firewall Manager/Monitor (Critical)] msnetzfirewallsrv.exe
O4 - HKCU\..\Run: [MS taskbar W] task32w.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYES_ZNxdm745YYES
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\MSMSGS.EXE (file missing)
O12 - Plugin for .WAV: C:\Archivos de programa\Internet Explorer\PLUGINS\npqtplugin.dll
O13 - DefaultPrefix: http://69.50.182.88/?qq=
O15 - Trusted Zone: *.69.50.182.94
O15 - Trusted Zone: *.ifra me dollars.biz
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted IP range: 213.159.117.202
O15 - Trusted IP range: 213.159.117.202 (HKLM)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,910,0
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122154202869
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1122154770315
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FF8A03C-5513-4247-8473-E11175E58F4D}: NameServer = 80.58.61.250 80.58.61.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{66841B7F-C8D9-4BAF-B60E-79AF36FACC51}: NameServer = 80.58.61.250,80.58.61.254
O18 - Filter: text/html - {6053F593-E079-434F-A745-FDE7EFDBEA93} - (no file)
O18 - Filter: text/plain - {6053F593-E079-434F-A745-FDE7EFDBEA93} - (no file)
O20 - AppInit_DLLs: PAVWAIT.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: Panda Antispam Service (PASSRV) - Unknown owner - C:\Archivos de programa\Panda Software\Panda Platinum Internet Security\passrv.exe (file missing)
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Archivos de programa\Panda Software\Panda Platinum Internet Security\pavsrv51.exe
O23 - Service: Panda Imanager Service (PSIMSVC) - Unknown owner - C:\Archivos de programa\Panda Software\Panda Platinum Internet Security\psimsvc.exe (file missing)
PD: ademas todas esas pag q envia el mismo host.... hmm no sé....
aver si me podeis ayudar....
Gracias de toas formas
Un Saludo! | |
|
|
| tordanxa |  |
|
Re: Tengo tmb ese problema - 2005-07-24 16:56 - Respuesta 2
Primero: Dices tengo ese problema ¿como cual? Por favor si quieres responder a un post presiona el botón responder. Eso es lo que pretendo que hagas con este cuando te conteste
Segundo: T ordenador es la golosina de los programas espia. Así que antes de pegar el log del hijackThis como no veo huellas de que hayas pasado programas antiespías, utiliza estos:
Pasa a tu ordenador los siguientes programas actualizados y en modo a prueba de fallos:
Spybot S&D
Ad Aware SE (pack de lenguajes )
CwShredder
Microsoft antispyware
El Ad-Aware pásalo con la opción Realizar exploración completa del sistema
Limpia el ordenador de archivos y entradas de registro innecesarias
EasyCleaner
Regcleaner
Ahora ya puedes pegar de nuevo el log del HIjackThis.
tercero: Actualiza tu sistema operativo.
Saludos y espero tu respuesta | |
|
|
| k4i | |
|
Re: Tengo tmb ese problema - 2005-07-24 20:21 - Respuesta 3
saludos!!!
al inentar bajarme el microsoft anti espias..... x - se me blokea el ordenador y se me cierra el iexplorer.exe a causa del dwwin.exe
si me dices otro lugar para bajarlo....
gracias de todas formas!
| |
|
|
| tordanxa | |
|
Re: Tengo tmb ese problema - 2005-07-24 21:46 - Respuesta 4
Pues olvídate del microsoft antispyware y pasa únicamente los otros antes de pegar el log
Saludos | |
|
|
| k4i | |
|
Re: Tengo tmb ese problema - 2005-07-26 22:00 - Respuesta 5
hola de nuevo!!!
pase los otros antispy... y el adaware me detecto una cosilla nada + y el csw otra....
el log veo q aya cambiado muxo aki esta de todas formas
Logfile of HijackThis v1.99.1
Scan saved at 21:32:12, on 26/07/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Ordenador\Mis documentos\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://69.50.182.88/?qq=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://msaps.dll/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ORDENA~1\CONFIG~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://69.50.182.88/?qq=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://69.50.182.88/?qq=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://69.50.182.88/?qq=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{FDE3577A-6254-181C-4E11-339E4F746BD3} - (no file)
O1 - Hosts: 69.50.136.245 www.madthumbs.com
O1 - Hosts: 69.50.136.245 www.pichunter.com pichunter.com www.88by88.com 88by88.com www.rubias19.com rubias19.com hqgal.com www.hqgal.com petiteteenager.com www.petiteteenager.com petardas.com www.petardas.com
O1 - Hosts: 69.50.136.245 puppykibble.com www.puppykibble.com www.sweetiestgp.com sweetiestgp.com www.bunnyteens.com bunnyteens.com www.amateurcurves.com amateurcurves.com thumbzilla.com www.thumbzilla.com
O1 - Hosts: 69.50.136.245 sexape.com www.sexape.com picwarehouse.com www.picwarehouse.com sublimedirectory.com www.sublimedirectory.com fuckk.com www.fuckk.com youngerbabes.com www.youngerbabes.com 1storgasm.com www.1storgasm.com slickgalleries.com
O1 - Hosts: 69.50.136.245 www.madteenies.com madteenies.com www.slickgalleries.com 10*****.com www.10*****.com smashingthumbs.com www.thumbnailseries.com thumbnailseries.com goatlist.com www.goatlist.com teentiger.com www.teentiger.com
O1 - Hosts: 69.50.136.245 www.worldsex.com worldsex.com www.al4a.com al4a.com www.89.com 89.com www.thumberland.com thumberland.com www.freeheaven.com freeheaven.com www.spyass.com spyass.com www.ampland.com ampland.com secretarygalleries.com
O1 - Hosts: 69.50.136.245 amandalist.com www.amandalist.com www.absolut-series.com absolut-series.com lloronas.com www.lloronas.com p0rno.org www.p0rno.org www.starslist.com starslist.com gigagalleries.com
O1 - Hosts: 69.50.136.245 dianapost.com www.dianapost.com www.zadina.com zadina.com www.frogsex.com frogsex.com teenagesecrets.biz www.teenagesecrets.biz ratemycameltoe.com www.mature-post.com mature-post.com www.call-kelly.com
O1 - Hosts: 69.50.136.245 elreyano.com www.elreyano.com purextc.com www.purextc.com officespy.com www.officespy.com www.secretarygalleries.com www.gigagalleries.com www.croseries.com croseries.com www.top-galleries.com top-galleries.com
O1 - Hosts: 69.50.136.245 *****.org www.*****.org freesmutseries.net www.freesmutseries.net porno-pics-free.com www.porno-pics-free.com catlist.com www.smashingthumbs.com call-kelly.com www.boneme.com boneme.com www.series-xxx.com series-xxx.com
O1 - Hosts: 69.50.136.245 sexyfotky.cz www.sexyfotky.cz hammervideo.com www.hammervideo.com raw*****.com www.raw*****.com teeniesxxx.com www.teeniesxxx.com porn-view.com www.porn-view.com dailybasis.com www.dailybasis.com
O1 - Hosts: 69.50.136.245 pornstarfinder.net www.pornstarfinder.net jennysbookmarks.com www.jennysbookmarks.com babes4free.com www.babes4free.com 3pic.com www.3pic.com www.freefoto.cz freefoto.cz
O1 - Hosts: 69.50.136.245 searchgals.com www.searchgals.com picsmonster.com www.picsmonster.com sublimepie.com www.sublimepie.com pornhelious.com www.pornhelious.com galleries4free.com www.galleries4free.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {13853142-A0FF-FD5B-D2E7-F90A7A0EA1ED} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {54432EBF-BBF6-497F-8BE5-C289ED2C97D2} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Archivos de programa\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Platinum Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MS taskbar W] task32w.exe
O4 - HKLM\..\RunServices: [Popup Blocker System32c Monitoring] PopUpBlockercd.exe
O4 - HKLM\..\RunServices: [MS taskbar W] task32w.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\Run: [bootreg system] actboost32.exe
O4 - HKCU\..\Run: [Microsoft Connection Firewall Manager/Monitor (Critical)] msnetzfirewallsrv.exe
O4 - HKCU\..\Run: [MS taskbar W] task32w.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\MSMSGS.EXE (file missing)
O12 - Plugin for .WAV: C:\Archivos de programa\Internet Explorer\PLUGINS\npqtplugin.dll
O15 - Trusted Zone: *.69.50.182.94
O15 - Trusted Zone: *.i-f-r-a-m-edollars.biz
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted IP range: 213.159.117.202
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,910,0
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122154202869
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1122154770315
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{66841B7F-C8D9-4BAF-B60E-79AF36FACC51}: NameServer = 80.58.61.250,80.58.61.254
O20 - AppInit_DLLs: PAVWAIT.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: Panda Antispam Service (PASSRV) - Unknown owner - C:\Archivos de programa\Panda Software\Panda Platinum Internet Security\passrv.exe (file missing)
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Archivos de programa\Panda Software\Panda Platinum Internet Security\pavsrv51.exe
O23 - Service: Panda Imanager Service (PSIMSVC) - Unknown owner - C:\Archivos de programa\Panda Software\Panda Platinum Internet Security\psimsvc.exe (file missing)
Weno gracias x tu ayuda!!!!
El problema sigue xq me sale avisos del antivirus blokeando konstantemente el DCOM Exploit y el lsass Exploit...
tienen q ver kon el sasser o algo.... pero me baje un parxe para arreglarlo pero siguen los avisos
Algun consejo??
Gracias
Xao!! | |
|
|
|
