Hola.
Elimine esas entradas en Modo Seguro.
El Spybot y el avast estan corridos en Modo Normal.
Estos son los nuevos logs:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:35:26 a.m., on 28/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE
C:\Archivos de programa\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe
C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar1.dll
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPSON Stylus CX4100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE /P26 "EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [NBJ] "C:\Archivos de programa\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/english/kavwebscan_unicode.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
http://downloads.ewido.net/ewidoOnlineScan.cabO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scan8/oscan8.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Plug-in 1.4.1_01) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F4DA7E1-10B1-40AF-834F-A27FAFAA6F06}: NameServer = 200.51.212.7 200.51.211.7
O17 - HKLM\System\CS3\Services\Tcpip\..\{3F4DA7E1-10B1-40AF-834F-A27FAFAA6F06}: NameServer = 200.51.212.7 200.51.211.7
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 7215 bytes
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ avast! avast! service GUI component (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashdisp.exe
+ Cmaudio CmiCnfg DLL (Not verified) C-Media Corporation c:\windows\system\cmicnfg.cpl
+ NeroFilterCheck NeroCheck (Not verified) Ahead Software Gmbh c:\windows\system32\nerocheck.exe
+ NvMediaCenter NVIDIA Media Center Library (Not verified) NVIDIA Corporation c:\windows\system32\nvmctray.dll
+ nwiz NVIDIA nView Wizard, Version 61.77 (Not verified) NVIDIA Corporation c:\windows\system32\nwiz.exe
+ QuickTime Task (Not verified) Apple Computer, Inc. c:\archivos de programa\quicktime\qttask.exe
+ SunJavaUpdateSched Java(TM) Platform SE binary (Verified) Sun Microsystems, Inc. c:\archivos de programa\java\jre1.6.0_03\bin\jusched.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
C:\Documents and Settings\JUANCITO\Menú Inicio\Programas\Inicio
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ NBJ Nero BackItUp Scheduler Application (Not verified) Ahead Software AG c:\archivos de programa\ahead\nero backitup\nbj.exe
+ SpybotSD TeaTimer System settings protector (Verified) Safer Networking Ltd. c:\archivos de programa\spybot - search & destroy\teatimer.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
+ application/octet-stream Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-complus Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-msdownload Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
+ 0 File not found: About:Home
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
+ n/a Microsoft .NET IE SECURITY REGISTRATION (Not verified) Microsoft Corporation c:\windows\system32\mscories.dll
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ avast avast! Shell Extension (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashshell.dll
+ axcrypt.File AxCrypt Shell Extension (Not verified) Axantum Software AB c:\archivos de programa\axon data\axcrypt\1.6.3\axcrypt.dll
+ FHRContextMenu c:\windows\system32\shellext\fhrshext.dll
+ SASContextMenu Class SUPERAntiSpyware Context Menu Extension (Not verified) SUPERAntiSpyware.com c:\archivos de programa\superantispyware\sasctxmn.dll
+ WinRAR c:\archivos de programa\winrar\rarext.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
+ avast avast! Shell Extension (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashshell.dll
+ axcrypt.File AxCrypt Shell Extension (Not verified) Axantum Software AB c:\archivos de programa\axon data\axcrypt\1.6.3\axcrypt.dll
+ WinRAR c:\archivos de programa\winrar\rarext.dll
HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
+ FHRContextMenu c:\windows\system32\shellext\fhrshext.dll
+ SASContextMenu Class SUPERAntiSpyware Context Menu Extension (Not verified) SUPERAntiSpyware.com c:\archivos de programa\superantispyware\sasctxmn.dll
+ WinRAR c:\archivos de programa\winrar\rarext.dll
HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
+ 00nView NVIDIA Desktop Explorer, Version 61.77 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ NvCplDesktopContext NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ WIBU-SYSTEMS Shell Extension WIBU-SYSTEMS Shell Extension Handler (Not verified) WIBU-SYSTEMS AG c:\archivos de programa\wibu-systems\system\wibushellext.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ avast avast! Shell Extension (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashshell.dll
+ AxCrypt Privacy Wrapper File AxCrypt Shell Extension (Not verified) Axantum Software AB c:\archivos de programa\axon data\axcrypt\1.6.3\axcrypt.dll
+ CorelDRAW Shell Extension Component Shell Extension DLL (Not verified) Corel Corporation c:\archivos de programa\corel\corel graphics 11\draw\cdrviewer\crlshell110.dll
+ Desktop Explorer NVIDIA Desktop Explorer, Version 61.77 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 61.77 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ Extensión de paneo de pantalla del Panel de control File not found: deskpan.dll
+ Fusion Cache Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ NvCpl DesktopContext Class NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll
+ nView Desktop Context Menu NVIDIA Desktop Explorer, Version 61.77 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ Shell Icon Handler for Application References Application Deployment Support Library (Not verified) Microsoft Corporation c:\windows\system32\dfshim.dll
+ ShellLink for Application References Application Deployment Support Library (Not verified) Microsoft Corporation c:\windows\system32\dfshim.dll
+ WIBU-SYSTEMS Shell Extension WIBU-SYSTEMS Shell Extension Handler (Not verified) WIBU-SYSTEMS AG c:\archivos de programa\wibu-systems\system\wibushellext.dll
+ WinRAR shell extension c:\archivos de programa\winrar\rarext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ EpsonToolBandKicker Class EPSON Web-To-Page (Not verified) SEIKO EPSON CORPORATION c:\archivos de programa\epson\epson web-to-page\epson web-to-page.dll
+ Google Toolbar Helper Barra Google para los clientes de Internet Explorer (Verified) Google Inc c:\archivos de programa\google\googletoolbar1.dll
+ Spybot-S&D IE Protection SBSD IE Protection (Verified) Safer Networking Ltd. c:\archivos de programa\spybot - search & destroy\sdhelper.dll
+ SSVHelper Class Java(TM) Platform SE binary (Verified) Sun Microsystems, Inc. c:\archivos de programa\java\jre1.6.0_03\bin\ssv.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ &Google Barra Google para los clientes de Internet Explorer (Verified) Google Inc c:\archivos de programa\google\googletoolbar1.dll
+ EPSON Web-To-Page EPSON Web-To-Page (Not verified) SEIKO EPSON CORPORATION c:\archivos de programa\epson\epson web-to-page\epson web-to-page.dll
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ Uninstall BitDefender Online Scanner v8 c:\windows\bdoscandel.exe
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ aswUpdSv Provides automatic updating for the avast! antivirus. (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\aswupdsv.exe
+ avast! Antivirus Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler. (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashserv.exe
HKLM\System\CurrentControlSet\Services
+ Aavmker4 avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP (Verified) ALWIL Software c:\windows\system32\drivers\aavmker4.sys
+ Aspi32 ASPI for WIN32 Kernel Driver (Not verified) Adaptec c:\windows\system32\drivers\aspi32.sys
+ aswMon2 avast! File System Filter Driver for Windows XP (Verified) ALWIL Software c:\windows\system32\drivers\aswmon2.sys
+ aswRdr avast! TDI RDR Driver (Verified) ALWIL Software c:\windows\system32\drivers\aswrdr.sys
+ aswTdi avast! TDI Filter Driver (Verified) ALWIL Software c:\windows\system32\drivers\aswtdi.sys
+ AVG Anti-Rootkit AVG Anti-Rootkit Driver (Not verified) GRISOFT, s.r.o. c:\windows\system32\drivers\avgarkt.sys
+ AvgArCln AVG7 Clean Driver (Not verified) GRISOFT, s.r.o. c:\windows\system32\drivers\avgarcln.sys
+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys
+ cmuda C-Media Audio WDM Driver (Not verified) C-Media Inc c:\windows\system32\drivers\cmuda.sys
+ EverestDriver File not found: C:\DOCUME~1\JUANCITO\CONFIG~1\Temp\Rar$EX00.297\kerneld.wnt
+ GMSIPCI File not found: D:\INSTALL\GMSIPCI.SYS
+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys
+ imagedrv NERO IMAGEDRIVE SCSI miniport (Not verified) Ahead Software AG c:\windows\system32\drivers\imagedrv.sys
+ imagesrv Nero Image Server (Not verified) Ahead Software AG c:\windows\system32\drivers\imagesrv.sys
+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys
+ P2k P2k Driver (Not verified) Motorola Inc c:\windows\system32\drivers\p2k.sys
+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys
+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys
+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys
+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys
+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys
+ pfc Padus(R) ASPI Shell (Not verified) Padus, Inc. c:\windows\system32\drivers\pfc.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP (Not verified) Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
+ SASDIFSV SASDIFSV c:\archivos de programa\superantispyware\sasdifsv.sys
+ SASENUM SuperAntiSpyware (Not verified) SuperAdBlocker, Inc. c:\archivos de programa\superantispyware\sasenum.sys
+ SASKUTIL SASKUTIL.SYS c:\archivos de programa\superantispyware\saskutil.sys
+ sisidex SISIDEX Driver (Not verified) Windows (R) 2000 DDK provider c:\windows\system32\drivers\sisidex.sys
+ sisperf SiS Filter Driver (Not verified) Silicon Integrated Systems Corp. c:\windows\system32\drivers\sisperf.sys
+ sysdrv File not found: C:\WINDOWS\system32\drivers\sysdrv.sys
+ usbsermpt USB Modem Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbsermpt.sys
+ w300bus Sony Ericsson W300 Driver Driver (Not verified) MCCI c:\windows\system32\drivers\w300bus.sys
+ w300mdfl Sony Ericsson W300 USB WMC Modem Filter (Not verified) MCCI c:\windows\system32\drivers\w300mdfl.sys
+ w300mdm Sony Ericsson W300 USB WMC Modem Driver (Not verified) MCCI c:\windows\system32\drivers\w300mdm.sys
+ w300mgmt Sony Ericsson W300 USB WMC Device Management Drivers (WDM) (Not verified) MCCI c:\windows\system32\drivers\w300mgmt.sys
+ w300obex Sony Ericsson W300 USB WMC OBEX Interface (Not verified) MCCI c:\windows\system32\drivers\w300obex.sys
+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys
+ WIBUKEY WIBU-KEY Windows NT Kernel Driver (Not verified) WIBU-SYSTEMS AG c:\windows\system32\drivers\wibukey.sys
+ windrvNT File not found: C:\WINDOWS\system32\windrvNT.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Microsoft Document Imaging Writer Monitor Microsoft® Document Imaging (Not verified) Microsoft Corporation c:\windows\system32\mdimon.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
Tanto el Hijackthis como el Autoruns estan hechos en Modo Normal.
Hay algo raro? Gracias.
