SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
Ayuda con un Virus Alert!
pelao_veron:
hola:
hace poco k tengo un problema en mi computador, ya k me aparece el mensaje "your compuiter is infected", y no se como cacarlo, el NOD32 no hace nada y el Ad-Aware tampoco, les pido ayuda ya que el mensaje sale a cada rato y es muy molesto, ademas se apodero de mi pagina de inicio de internet.
quisiera si me podian ayudar con este problemita:
les adjunto mis registros y una imagen (http://www.subir-imagenes.com/subir-imagen/1b80996cef.jpg):
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ MessengerPlus3 Messenger Plus! (Verified) Patchou c:\archivos de programa\messengerplus! 3\msgplus.exe
+ nod32kui c:\archivos de programa\eset\nod32kui.exe
+ QuickTime Task QuickTime Task (Not verified) Apple Computer, Inc. c:\archivos de programa\quicktime\qttask.exe
+ TkBellExe RealNetworks Scheduler (Not verified) RealNetworks, Inc. c:\archivos de programa\archivos comunes\real\update_ob\realsched.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
+ Adobe Gamma Loader.lnk Adobe Gamma Loader (Not verified) Adobe Systems, Inc. c:\archivos de programa\archivos comunes\adobe\calibration\adobe gamma loader.exe
C:\Documents and Settings\pelao\Menú Inicio\Programas\Inicio
+ Adobe Gamma.lnk Adobe Gamma Loader (Not verified) Adobe Systems, Inc. c:\archivos de programa\archivos comunes\adobe\calibration\adobe gamma loader.exe
+ ERUNT AutoBackup.lnk c:\archivos de programa\erunt\autoback.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
+ dcomcfg.exe c:\windows\system32\dcomcfg.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
+ application/octet-stream Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-complus Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-msdownload Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
+ ms-itss Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\information retrieval\msitss.dll
+ msnim MSN Messenger Protocol Handler (Not verified) Microsoft Corporation c:\archivos de programa\msn messenger\msgrapp.dll
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
+ acheweed c:\windows\system32\acvgxw.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Extensión de paneo de pantalla del Panel de control File not found: deskpan.dll
+ Fusion Cache Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ GMail Drive GMail File System Shell Namespace Extension (Not verified) Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll
+ GMailFS Context Menu GMail File System Shell Namespace Extension (Not verified) Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll
+ GMailFS Drop Handler GMail File System Shell Namespace Extension (Not verified) Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll
+ GMailFS Property Sheet GMail File System Shell Namespace Extension (Not verified) Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll
+ NeroDigitalIconHandler Nero Digital Shell Extension (Not verified) Nero AG c:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
+ NeroDigitalPropSheetHandler Nero Digital Shell Extension (Not verified) Nero AG c:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
+ NOD32 Context Menu Shell Extension c:\archivos de programa\eset\nodshex.dll
+ Shell Extensions for RealOne Player RealPlayer Shell Extensions (Not verified) RealNetworks, Inc. c:\archivos de programa\real\realplayer\rpshell.dll
+ TuneUp Shredder Shell Context Menu Extension TuneUp Shredder Shell Extension (Not verified) TuneUp Software GmbH c:\archivos de programa\tuneup utilities 2006\sdshelex.dll
+ WinRAR shell extension c:\archivos de programa\winrar\rarext.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ NeroDigitalColumnHandler Class Nero Digital Shell Extension (Not verified) Nero AG c:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
+ PDF Shell Extension PDF Shell Extension (Not verified) Adobe Systems, Inc. c:\archivos de programa\adobe\acrobat 7.0\activex\pdfshell.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ AcroIEHlprObj Class Adobe Acrobat IE Helper Version 7.0 for ActiveX (Verified) Adobe Systems, Incorporated c:\archivos de programa\adobe\acrobat 7.0\activex\acroiehelper.dll
+ Nothing c:\windows\system32\hp100.tmp
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
+ Mantenimiento con 1 clic.job TuneUp System Optimizer (Not verified) TuneUp Software GmbH c:\archivos de programa\tuneup utilities 2006\systemoptimizer.exe
HKLM\System\CurrentControlSet\Services
+ NOD32krn c:\archivos de programa\eset\nod32krn.exe
HKLM\System\CurrentControlSet\Services
+ AMON Amon monitor (Not verified) Eset c:\windows\system32\drivers\amon.sys
+ dtscsi c:\windows\system32\drivers\dtscsi.sys
+ Pcouffin File not found: System32\Drivers\Pcouffin.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP (Not verified) Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
+ ScFBPNT3 c:\windows\system32\drivers\scfbpnt3.sys
+ sptd c:\windows\system32\drivers\sptd.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
+ smrgdf c:\archivos de programa\iolo\system mechanic professional 6\ File not found: smrgdf
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImageName
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ NOD32 c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [RAW/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [TCP/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [UDP/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [RSVP TCP Service Provider] c:\windows\system32\imon.dll
+ NOD32 protected [RSVP UDP Service Provider] c:\windows\system32\imon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Microsoft Document Imaging Writer Monitor Microsoft® Document Imaging (Not verified) Microsoft Corporation c:\windows\system32\mdimon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
+ msv1_0 Microsoft Authentication Package v1.0 (Not verified) Microsoft Corporation c:\windows\system32\msv1_0.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
+ msv1_0 Microsoft Authentication Package v1.0 (Not verified) Microsoft Corporation c:\windows\system32\msv1_0.dll
Mr_X:
Haz copia de seguridad del registro, deshabilita el "restaurar el sistema", reinicia en Modo seguro, ejecuta el Autoruns y selecciona con el botón derecho a las siguientes entradas y dale a "Delete":
--- Código: ---+ dcomcfg.exe c:\windows\system32\dcomcfg.exe
+ acheweed c:\windows\system32\acvgxw.dll
+ Nothing c:\windows\system32\hp100.tmp
--- Fin del código ---
reinicia normal, actualiza el NOD y el Adaware y pásalos... Saca un nuevo Log...
pelao_veron:
gracias por la ayuda...
aca esta mis nuevos registros, ya no me sale el molesto cartelito del virus alert
pero me parece k tengo un nuevo programa tipo firewall k me aparece con una ventanita
muy parecida a la del alerta de virus...
me pide o me pregunta si kiero abrir los puertos para los programas k se conectan a internet...
kisiera k me dijeras si tengo instalado este firewall o como eliminarlo gracias por la ayuda del virus
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ MessengerPlus3 Messenger Plus! (Verified) Patchou c:\archivos de programa\messengerplus! 3\msgplus.exe
+ nod32kui c:\archivos de programa\eset\nod32kui.exe
+ QuickTime Task QuickTime Task (Not verified) Apple Computer, Inc. c:\archivos de programa\quicktime\qttask.exe
+ TkBellExe RealNetworks Scheduler (Not verified) RealNetworks, Inc. c:\archivos de programa\archivos comunes\real\update_ob\realsched.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
+ Adobe Gamma Loader.lnk Adobe Gamma Loader (Not verified) Adobe Systems, Inc. c:\archivos de programa\archivos comunes\adobe\calibration\adobe gamma loader.exe
C:\Documents and Settings\pelao\Menú Inicio\Programas\Inicio
+ Adobe Gamma.lnk Adobe Gamma Loader (Not verified) Adobe Systems, Inc. c:\archivos de programa\archivos comunes\adobe\calibration\adobe gamma loader.exe
+ ERUNT AutoBackup.lnk c:\archivos de programa\erunt\autoback.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
+ application/octet-stream Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-complus Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-msdownload Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
+ ms-itss Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\information retrieval\msitss.dll
+ msnim MSN Messenger Protocol Handler (Not verified) Microsoft Corporation c:\archivos de programa\msn messenger\msgrapp.dll
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Extensión de paneo de pantalla del Panel de control File not found: deskpan.dll
+ Fusion Cache Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ GMail Drive GMail File System Shell Namespace Extension (Not verified) Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll
+ GMailFS Context Menu GMail File System Shell Namespace Extension (Not verified) Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll
+ GMailFS Drop Handler GMail File System Shell Namespace Extension (Not verified) Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll
+ GMailFS Property Sheet GMail File System Shell Namespace Extension (Not verified) Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll
+ NeroDigitalIconHandler Nero Digital Shell Extension (Not verified) Nero AG c:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
+ NeroDigitalPropSheetHandler Nero Digital Shell Extension (Not verified) Nero AG c:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
+ NOD32 Context Menu Shell Extension c:\archivos de programa\eset\nodshex.dll
+ Shell Extensions for RealOne Player RealPlayer Shell Extensions (Not verified) RealNetworks, Inc. c:\archivos de programa\real\realplayer\rpshell.dll
+ Shell Icon Handler for Application References Application Deployment Support Library (Not verified) Microsoft Corporation c:\windows\system32\dfshim.dll
+ ShellLink for Application References Application Deployment Support Library (Not verified) Microsoft Corporation c:\windows\system32\dfshim.dll
+ TuneUp Shredder Shell Context Menu Extension TuneUp Shredder Shell Extension (Not verified) TuneUp Software GmbH c:\archivos de programa\tuneup utilities 2006\sdshelex.dll
+ WinRAR shell extension c:\archivos de programa\winrar\rarext.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ NeroDigitalColumnHandler Class Nero Digital Shell Extension (Not verified) Nero AG c:\archivos de programa\archivos comunes\ahead\lib\nerodigitalext.dll
+ PDF Shell Extension PDF Shell Extension (Not verified) Adobe Systems, Inc. c:\archivos de programa\adobe\acrobat 7.0\activex\pdfshell.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ AcroIEHlprObj Class Adobe Acrobat IE Helper Version 7.0 for ActiveX (Verified) Adobe Systems, Incorporated c:\archivos de programa\adobe\acrobat 7.0\activex\acroiehelper.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
+ Mantenimiento con 1 clic.job TuneUp System Optimizer (Not verified) TuneUp Software GmbH c:\archivos de programa\tuneup utilities 2006\systemoptimizer.exe
HKLM\System\CurrentControlSet\Services
+ NOD32krn c:\archivos de programa\eset\nod32krn.exe
HKLM\System\CurrentControlSet\Services
+ AMON Amon monitor (Not verified) Eset c:\windows\system32\drivers\amon.sys
+ dtscsi c:\windows\system32\drivers\dtscsi.sys
+ Pcouffin File not found: System32\Drivers\Pcouffin.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP (Not verified) Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
+ ScFBPNT3 c:\windows\system32\drivers\scfbpnt3.sys
+ sptd c:\windows\system32\drivers\sptd.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
+ smrgdf c:\archivos de programa\iolo\system mechanic professional 6\ File not found: smrgdf
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImageName
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ NOD32 c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [RAW/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [TCP/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [MSAFD Tcpip [UDP/IP]] c:\windows\system32\imon.dll
+ NOD32 protected [RSVP TCP Service Provider] c:\windows\system32\imon.dll
+ NOD32 protected [RSVP UDP Service Provider] c:\windows\system32\imon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Microsoft Document Imaging Writer Monitor Microsoft® Document Imaging (Not verified) Microsoft Corporation c:\windows\system32\mdimon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Mr_X:
¿Usas el Daemon Tools?
Lo único 'raro' que veo es:
--- Código: ---+ ScFBPNT3 c:\windows\system32\drivers\scfbpnt3.sys
+ smrgdf c:\archivos de programa\iolo\system mechanic professional 6\ File not found: smrgdf
--- Fin del código ---
Prueba borrar las entradas...
pelao_veron:
esa es una captura de la imagen k me esta molestando
yo no tengo ningun programa firewall ni nada parecido y me aparece esto y no se k es ni como desintarlarlo...agradesco tu ayuda ya que tengo mi pc casi como antes (de no ser por esta ventanita)
http://www.subir-fotos.com/uploads/73a31e0f7b.jpg
gracias... ! ! !
Navegación
[#] Página Siguiente
Ir a la versión completa