SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
Problemas con el cursor del ratón
Mr_X:
Haz copia de seguridad del registro con el ERUNT (clic aquí); reinicia en Modo seguro y saca un log del Autoruns (clic aquí)...
aguss:
Muchas gracias por todo, aquí está el log, un saludo:
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ ccApp Symantec User Session (Not verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\ccapp.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
C:\Documents and Settings\AGUSTÍN\Menú Inicio\Programas\Inicio
+ ERUNT AutoBackup.lnk c:\archivos de programa\erunt\autoback.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
+ C:\WINDOWS\system32\geedd.exe c:\windows\system32\geedd.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ ares Ares p2p for windows (Not verified) Ares Development Group c:\archivos de programa\ares\ares .exe
+ ctfmon.exe CTF Loader (Not verified) Microsoft Corporation c:\windows\system32\ctfmon.exe
+ MessengerPlus3 Messenger Plus! (Not verified) Patchou c:\archivos de programa\messengerplus! 3\msgplus.exe
+ msnmsgr Windows Live Messenger (Not verified) Microsoft Corporation c:\archivos de programa\windows live\messenger\msnmsgr .exe
+ SUPERAntiSpyware SUPERAntiSpyware (Not verified) SUPERAntiSpyware.com c:\documents and settings\agustÍn\mis documentos\otros documentos\superantyspyware\superantispyware.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
+ application/octet-stream Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-complus Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-msdownload Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
+ cdo Microsoft SharePoint Portal Server Object Model (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\web folders\pkmcdo.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
+ 0 File not found: About:Home
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
+ n/a Microsoft .NET IE SECURITY REGISTRATION (Not verified) Microsoft Corporation c:\windows\system32\mscories.dll
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ SABShellExecuteHook Class ShellExecuteHook (Not verified) SuperAdBlocker.com c:\documents and settings\agustÍn\mis documentos\otros documentos\superantyspyware\sasseh.dll
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ IEContextMenu Class Norton AntiVirus Shell Extension Module (Verified) Symantec Corporation c:\archivos de programa\norton internet security\norton antivirus\navshext.dll
+ NeroCoverEdContextMenu Class Cover Designer (Verified) Nero AG c:\archivos de programa\nero\nero8\nero coverdesigner\coveredextension.dll
+ WinRAR c:\archivos de programa\winrar\rarext.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell Extension PDF Shell Extension (Not verified) Adobe Systems, Inc. c:\archivos de programa\archivos comunes\adobe\acrobat\activex\pdfshell.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ AlcoholShellEx AXShlEx.dll (Not verified) Alcohol Soft Development Team c:\documents and settings\agustÍn\mis documentos\otros documentos\nueva carpeta\alcohol 120\axshlex.dll
+ NeroCoverEd Live Icons Cover Designer (Verified) Nero AG c:\archivos de programa\nero\nero8\nero coverdesigner\coveredextension.dll
+ WinRAR shell extension c:\archivos de programa\winrar\rarext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ ActivationManager Class c:\archivos de programa\activationmanager\activationmanager.dll
+ Aplicación auxiliar de vínculos de Adobe PDF Reader Adobe PDF Helper for Internet Explorer (Verified) Adobe Systems, Incorporated c:\archivos de programa\archivos comunes\adobe\acrobat\activex\acroiehelper.dll
+ CNavExtBho Class Norton AntiVirus Shell Extension Module (Verified) Symantec Corporation c:\archivos de programa\norton internet security\norton antivirus\navshext.dll
+ CNisExtBho Class NIS Shell Extension (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\adblocking\nisshext.dll
+ SSVHelper Class Java(TM) 2 Platform Standard Edition binary (Verified) Sun Microsystems, Inc. c:\archivos de programa\java\jre1.5.0_10\bin\ssv.dll
+ TBSB00426 Class IE Toolbar Engine c:\documents and settings\agustÍn\mis documentos\fast web search\fast_web_search.dll
+ {0ee94af7-b981-440f-bed8-9bb6aa2d4bc7} c:\windows\system32\rpyynecx.dll
+ {5D8001B7-3E8F-41B0-A14E-F8662484963E} c:\windows\system32\geedd.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ Fast Web Search IE Toolbar Engine c:\documents and settings\agustÍn\mis documentos\fast web search\fast_web_search.dll
+ Norton AntiVirus Norton AntiVirus Shell Extension Module (Verified) Symantec Corporation c:\archivos de programa\norton internet security\norton antivirus\navshext.dll
+ Norton Internet Security 2006 NIS Shell Extension (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\adblocking\nisshext.dll
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ &FlashGet File not found: C:\ARCHIV~1\FlashGet\flashget.exe
+ Run IMVU File not found: C:\Documents and Settings\AGUSTÍN\Menú Inicio\Programas\IMVU\Run IMVU.lnk
+ Windows Messenger Windows Messenger (Not verified) Microsoft Corporation c:\archivos de programa\messenger\msmsgs.exe
Task Scheduler
+ At1.job File not found: C:\WINDOWS\dr.exe
+ At2.job c:\windows\patcher.exe
+ At3.job File not found: C:\WINDOWS\user32.exe
+ At4.job File not found: C:\WINDOWS\widupdate.exe
+ At5.job File not found: C:\WINDOWS\dr.exe
+ At6.job File not found: C:\WINDOWS\user32.exe
+ Mantenimiento con 1 clic.job File not found: C:\Archivos de programa\TuneUp Utilities 2007\SystemOptimizer.exe
HKLM\System\CurrentControlSet\Services
+ Apple Mobile Device Proporciona una interfaz con los dispositivos móviles de Apple. (Not verified) Apple, Inc. c:\archivos de programa\archivos comunes\apple\mobile device support\bin\applemobiledeviceservice.exe
+ ccEvtMgr Event propagation and logging service (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\ccevtmgr.exe
+ ccProxy Symantec Proxy Service (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\ccproxy.exe
+ ccSetMgr Settings storage and management service (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\ccsetmgr.exe
+ DomainService DomainService (Not verified) c:\windows\system32\stkkoiyx.exe
+ LiveUpdate Notice Service Manages Norton product notices (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe
+ navapsvc Administra los eventos de Auto-Protect de Norton AntiVirus. (Verified) Symantec Corporation c:\archivos de programa\norton internet security\norton antivirus\navapsvc.exe
+ Nero BackItUp Scheduler 3 Nero BackItUp Scheduler 3 is responsible to control all jobs created using Nero BackItUp 3. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP. (Verified) Nero AG c:\archivos de programa\nero\nero8\nero backitup\nbservice.exe
+ Pml Driver HPZ12 PML Driver (Not verified) HP c:\windows\system32\hpzipm12.exe
+ Programador de LiveUpdate automático Administra la programación de las sesiones de LiveUpdate automático (Verified) Symantec Corporation c:\archivos de programa\symantec\liveupdate\aluschedulersvc.exe
+ SNDSrvc Symantec Network Drivers Service (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\sndsrvc.exe
+ SoundMAX Agent Service (default) SoundMAX service agent component (Not verified) Analog Devices, Inc. c:\archivos de programa\analog devices\soundmax\smagent.exe
+ SPBBCSvc Symantec SPBBC (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\spbbc\spbbcsvc.exe
+ Symantec Core LC Symantec Core LC (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\ccpd-lc\symlcsvc.exe
HKLM\System\CurrentControlSet\Services
+ a12s5ued File not found: C:\WINDOWS\System32\Drivers\a12s5ued.sys
+ a347bus Plug and Play BIOS Extension (Not verified) c:\windows\system32\drivers\a347bus.sys
+ a347scsi SCSI miniport (Not verified) c:\windows\system32\drivers\a347scsi.sys
+ Aspi32 ASPI for WIN32 Kernel Driver (Not verified) Adaptec c:\windows\system32\drivers\aspi32.sys
+ atapi c:\windows\system32\drivers\atapi.sys
+ catchme File not found: C:\DOCUME~1\AGUSTN~1\CONFIG~1\Temp\catchme.sys
+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys
+ CoachUsb USB Driver for Digital Camera (Not verified) FotoNation Ltd. c:\windows\system32\drivers\coachusb.sys
+ CoachVc Video Capture Minidriver for Digital Camera (Not verified) Accapella Ltd. c:\windows\system32\drivers\coachvc.sys
+ cpuidlep c:\windows\system32\drivers\cpuidlep.sys
+ eeCtrl Symantec Eraser Control Driver (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\eengine\eectrl.sys
+ ElbyCDFL ElbyCDIO Filter Driver (Verified) SlySoft Inc. c:\windows\system32\drivers\elbycdfl.sys
+ ElbyCDIO ElbyCD Windows NT/2000/XP I/O driver (Verified) Elaborate Bytes AG c:\windows\system32\drivers\elbycdio.sys
+ EraserUtilRebootDrv Symantec Eraser Utility Driver (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\eengine\eraserutilrebootdrv.sys
+ FileObjInfo File not found: C:\Documents and Settings\All Users\Datos de programa\Spyware Terminator\FileObjInfo.sys
+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys
+ jnv4_mib File not found: C:\DOCUME~1\AGUSTN~1\CONFIG~1\Temp\jnv4_mib.sys
+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys
+ MMRTKRNL MMRTKRNL.SYS (Not verified) ALCATech c:\windows\system32\drivers\mmrtkrnl.sys
+ NAVENG AV Engine (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\virusdefs\20070410.022\naveng.sys
+ NAVEX15 AV Engine (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\virusdefs\20070410.022\navex15.sys
+ Nokia USB Generic Nokia USB Phone Generic Client (Not verified) Nokia c:\windows\system32\drivers\nmwcdc.sys
+ Nokia USB Modem Nokia USB Phone Modem Client (Not verified) Nokia c:\windows\system32\drivers\nmwcdcm.sys
+ Nokia USB Phone Parent Nokia USB Phone Bus Driver (Not verified) Nokia c:\windows\system32\drivers\nmwcd.sys
+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys
+ pcouffin low level access layer for CD/DVD/BD devices (Not verified) VSO Software c:\windows\system32\drivers\pcouffin.sys
+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys
+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys
+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys
+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP (Verified) Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
+ SASDIFSV SASDIFSV c:\documents and settings\agustÍn\mis documentos\otros documentos\superantyspyware\sasdifsv.sys
+ SASENUM SuperAntiSpyware (Not verified) SuperAdBlocker, Inc. c:\documents and settings\agustÍn\mis documentos\otros documentos\superantyspyware\sasenum.sys
+ SASKUTIL SASKUTIL.SYS c:\documents and settings\agustÍn\mis documentos\otros documentos\superantyspyware\saskutil.sys
+ SAVRT AutoProtect (Verified) Symantec Corporation c:\archivos de programa\norton internet security\norton antivirus\savrt.sys
+ SAVRTPEL SAVRTPEL (Verified) Symantec Corporation c:\archivos de programa\norton internet security\norton antivirus\savrtpel.sys
+ SPBBCDrv SPBBC Driver (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\spbbc\spbbcdrv.sys
+ sptd c:\windows\system32\drivers\sptd.sys
+ SYMDNS DNS Filter Driver (Verified) Symantec Corporation c:\windows\system32\drivers\symdns.sys
+ SymEvent Symantec Event Library (Verified) Symantec Corporation c:\windows\system32\drivers\symevent.sys
+ SYMFW Firewall Filter Driver (Verified) Symantec Corporation c:\windows\system32\drivers\symfw.sys
+ SYMIDS IDS Filter Driver (Verified) Symantec Corporation c:\windows\system32\drivers\symids.sys
+ SYMIDSCO IDS Core Driver (Verified) Symantec Corporation c:\archivos de programa\archivos comunes\symantec shared\symcdata\idsdefs\20071220.001\symidsco.sys
+ symlcbrd Symantec Core Component (Verified) Symantec Corporation c:\windows\system32\drivers\symlcbrd.sys
+ SYMNDIS NDIS Filter Driver (Verified) Symantec Corporation c:\windows\system32\drivers\symndis.sys
+ SYMREDRV Redirector Filter Driver (Verified) Symantec Corporation c:\windows\system32\drivers\symredrv.sys
+ SYMTDI Network Dispatch Driver (Verified) Symantec Corporation c:\windows\system32\drivers\symtdi.sys
+ Tcpip Controlador de protocolo TCP/IP (Not verified) Microsoft Corporation c:\windows\system32\drivers\tcpip.sys
+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
+ C:\DOCUME~1\ALLUSE~1\DATOSD~1\SPYWAR~1\sp_rsdel.exe "\??\C:\DOCUME~1\ALLUSE~1\DATOSD~1\SPYWAR~1\sp_rsdel.dat File not found: C:\DOCUME~1\ALLUSE~1\DATOSD~1\SPYWAR~1\sp_rsdel.exe "\??\C:\DOCUME~1\ALLUSE~1\DATOSD~1\SPYWAR~1\sp_rsdel.dat
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ !SASWinLogon SUPERAntiSpyware WinLogon Processor (Not verified) SUPERAntiSpyware.com c:\documents and settings\agustÍn\mis documentos\otros documentos\superantyspyware\saswinlo.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{071F5BD9-875E-486F-9AF0-9EBD6C2AD589}] DATAGRAM 1 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{071F5BD9-875E-486F-9AF0-9EBD6C2AD589}] SEQPACKET 1 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{1FBBEF93-B2E6-4E75-A05D-9B5DACC5A8C3}] DATAGRAM 3 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{1FBBEF93-B2E6-4E75-A05D-9B5DACC5A8C3}] SEQPACKET 3 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{3D97300D-F82B-4344-932B-FB3A77E24109}] DATAGRAM 2 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{3D97300D-F82B-4344-932B-FB3A77E24109}] SEQPACKET 2 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{8D58BA88-290F-450C-91A2-9F2C3EE6BDA5}] DATAGRAM 4 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{8D58BA88-290F-450C-91A2-9F2C3EE6BDA5}] SEQPACKET 4 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{985AA336-4BA0-4B6D-A25F-30CB67227CD5}] DATAGRAM 6 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{985AA336-4BA0-4B6D-A25F-30CB67227CD5}] SEQPACKET 6 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{B5F3BA57-0575-4F74-B9D7-2289176EC328}] DATAGRAM 0 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{B5F3BA57-0575-4F74-B9D7-2289176EC328}] SEQPACKET 0 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{E6536236-CD52-4A62-AEF9-B38D51AF0304}] DATAGRAM 5 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{E6536236-CD52-4A62-AEF9-B38D51AF0304}] SEQPACKET 5 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{EE9AB1E8-690C-4ACA-B2F2-2EE709247518}] DATAGRAM 7 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{EE9AB1E8-690C-4ACA-B2F2-2EE709247518}] SEQPACKET 7 Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [RAW/IP] Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [TCP/IP] Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [UDP/IP] Proveedor de servicios de Microsoft Windows Sockets 2.0 (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ HP Standard TCP/IP Port Standard TCP/IP Port Monitor DLL (Not verified) Hewlett Packard c:\windows\system32\hptcpmon.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
+ C:\WINDOWS\system32\geedd c:\windows\system32\geedd.exe
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
Mr_X:
Deshabilita el Restaurar el sistema (clic aquí); reinicia en Modo seguro, ejecuta el Autoruns, selecciona las siguientes entradas con el botón derecho y dale a 'Delete':
--- Código: ---+ C:\WINDOWS\system32\geedd.exe c:\windows\system32\geedd.exe
+ {0ee94af7-b981-440f-bed8-9bb6aa2d4bc7} c:\windows\system32\rpyynecx.dll
+ {5D8001B7-3E8F-41B0-A14E-F8662484963E} c:\windows\system32\geedd.dll
+ Run IMVU File not found: C:\Documents and Settings\AGUSTÍN\Menú Inicio\Programas\IMVU\Run IMVU.lnk
+ At1.job File not found: C:\WINDOWS\dr.exe
+ At2.job c:\windows\patcher.exe
+ At3.job File not found: C:\WINDOWS\user32.exe
+ At4.job File not found: C:\WINDOWS\widupdate.exe
+ At5.job File not found: C:\WINDOWS\dr.exe
+ At6.job File not found: C:\WINDOWS\user32.exe
+ DomainService DomainService (Not verified) c:\windows\system32\stkkoiyx.exe
+ a12s5ued File not found: C:\WINDOWS\System32\Drivers\a12s5ued.sys
+ catchme File not found: C:\DOCUME~1\AGUSTN~1\CONFIG~1\Temp\catchme.sys
+ jnv4_mib File not found: C:\DOCUME~1\AGUSTN~1\CONFIG~1\Temp\jnv4_mib.sys
--- Fin del código ---
Reinicia normal, actualiza el Norton y pásalo reiniciando en Modo seguro... Saca un nuevo log del Autoruns y del ComboFix...
Te recomiendo desinstalar el Messenger Plus (a no ser que lo hayas instalado sin el 'patrocinador') y el Fast Web Search...
aguss:
Una cosa, el Norton no lo puedo actualizar porque es de 2006 y me caducó al año, creo q ya no puedo actualizarlo.... de todas formas voy a intentarlo a ver si puedo.
¿Sabeis más o menos que le puede ocurrir ami ordenador?
Esque últimamente me aparece un mensaje del norton, el cual me dice que "Norton AntiVirus 2006 no pudo iniciar el analizador de mensajería instantánea. No podrá analizar si las descargas del programa de mensajería instantánea contienen infecciónes"
Hago lo que me dice, que es descargar actualizaciones en LiveUpdate, pero nada, todo sigue igual. Y siempreque inicio el ordenador cuando voy a conectarme a internet me bloquea el messenger y el ares y eso antes no lo hacia.
Mr_X:
¿Hiciste lo que te comenté?
Navegación
[#] Página Siguiente
[*] Página Anterior
Ir a la versión completa