SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
paginas que se lanzan solas en mozilla
x-jota:
De momento el autoruns, no puedo apagar en unas horas.
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ Adobe Reader Speed Launcher Adobe Acrobat SpeedLauncher (Verified) Adobe Systems, Incorporated c:\program files\adobe\reader 8.0\reader\reader_sl.exe
+ AVP Kaspersky Anti-Virus (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe
+ ISUSScheduler InstallShield Update Service Scheduler (Not verified) InstallShield Software Corporation c:\program files\common files\installshield\updateservice\issch.exe
+ OutpostFeedBack FeedBack Utility (Not verified) Agnitum Ltd. c:\program files\agnitum\outpost firewall pro\feedback.exe
+ OutpostMonitor Outpost User Interface (Not verified) Agnitum Ltd. c:\program files\agnitum\outpost firewall pro\op_mon.exe
+ QuickTime Task QuickTime Task (Not verified) Apple Inc. c:\program files\quicktime\qttask.exe
+ SoundMan Realtek Sound Manager (Not verified) Realtek Semiconductor Corp. c:\windows\soundman.exe
+ UnlockerAssistant c:\program files\unlocker\unlockerassistant.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
+ LNSS Status Monitor.lnk (Verified) GFI Software Ltd. c:\program files\gfi\languard network security scanner 8.0\statusmonitor.exe
+ WinZip Quick Pick.lnk WinZip Executable (Verified) WinZip Computing c:\program files\winzip\wzqkpick.exe
C:\Users\karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ aplapl c:\users\karlos\appdata\local\aplapl.exe
+ ISUSPM Startup InstallShield Update Service Update Manager (Not verified) InstallShield Software Corporation c:\program files\common files\installshield\updateservice\isuspm.exe
+ SpybotSD TeaTimer System settings protector (Verified) Safer Networking Ltd. c:\program files\spybot - search & destroy\teatimer.exe
+ Uniblue RegistryBooster 2 File not found: c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ Adobe.Acrobat.ContextMenu Adobe Acrobat Context Menu (Verified) Adobe Systems, Incorporated c:\program files\adobe\acrobat 8.0\acrobat elements\contextmenu.dll
+ ASW Outpost Shell Extension (Not verified) Agnitum Ltd. c:\program files\agnitum\outpost firewall pro\op_shell.dll
+ Cover Designer Cover Designer (Verified) Nero AG c:\program files\nero\nero8\nero coverdesigner\coveredextension.dll
+ Kaspersky Anti-Virus Windows Shell Extension (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\shellex.dll
+ NBShellHook Class Nero BackItUp (Verified) Nero AG c:\program files\nero\nero8\nero backitup\nbshell.dll
+ Notepad++ Context Handler Menu for Notepad++ (Not verified) Burgaud.com c:\program files\notepad++\nppcm.dll
+ PowerISO PowerISOShell DLL (Not verified) PowerISO Computing, Inc. c:\program files\poweriso\pwrisosh.dll
+ WinRAR c:\program files\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\program files\winzip\wzshlstb.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
+ Adobe.Acrobat.ContextMenu Adobe Acrobat Context Menu (Verified) Adobe Systems, Incorporated c:\program files\adobe\acrobat 8.0\acrobat elements\contextmenu.dll
+ ASW Outpost Shell Extension (Not verified) Agnitum Ltd. c:\program files\agnitum\outpost firewall pro\op_shell.dll
+ Kaspersky Anti-Virus Windows Shell Extension (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\shellex.dll
+ NBShellHook Class Nero BackItUp (Verified) Nero AG c:\program files\nero\nero8\nero backitup\nbshell.dll
+ PowerISO PowerISOShell DLL (Not verified) PowerISO Computing, Inc. c:\program files\poweriso\pwrisosh.dll
+ WinRAR c:\program files\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\program files\winzip\wzshlstb.dll
HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
+ ASW Outpost Shell Extension (Not verified) Agnitum Ltd. c:\program files\agnitum\outpost firewall pro\op_shell.dll
+ PowerISO PowerISOShell DLL (Not verified) PowerISO Computing, Inc. c:\program files\poweriso\pwrisosh.dll
+ WinRAR c:\program files\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\program files\winzip\wzshlstb.dll
HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ dBpShell Class Provides dBpoweramp Shell Interaction (Not verified) Illustrate c:\program files\illustrate\dbpoweramp\dbshell.dll
+ NeroDigitalColumnHandler Class Nero Digital Shell Extension (Verified) Nero AG c:\program files\common files\nero\lib\nerodigitalext.dll
+ PDF Shell Extension PDF Shell Extension (Not verified) Adobe Systems, Inc. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll
+ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} (Not verified) Sun Microsystems, Inc. c:\program files\openoffice.org 2.3\program\shlxthdl.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
+ Identificador de icono superpuesto para firmas digitales de AutoCAD AcSignIcon Module (Verified) Autodesk, Inc c:\windows\system32\acsignicon.dll
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Adobe.Acrobat.ContextMenu Adobe Acrobat Context Menu (Verified) Adobe Systems, Incorporated c:\program files\adobe\acrobat 8.0\acrobat elements\contextmenu.dll
+ APDFR Context Menu Shell Extension ShellExt Module c:\program files\apdfr\apdfrshl.dll
+ Autodesk Drawing Preview AcThumbnail Module (Verified) Autodesk, Inc c:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll
+ CDR Icon Handler Windows XP Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellxp.dll
+ CDR Property Handler Windows Vista Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellvista.dll
+ CDR Thumbnail Provider Windows XP Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellxp.dll
+ CMX Icon Handler Windows XP Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellxp.dll
+ CMX Thumbnail Provider Windows XP Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellxp.dll
+ Corel Draw Cdr Preview Handler Windows Vista Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellvista.dll
+ CPT Icon Handler Windows XP Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellxp.dll
+ CPT Property Handler Windows Vista Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellvista.dll
+ CPT Thumbnail Provider Windows XP Shell Extension (Verified) Corel Corporation c:\program files\common files\corel\shared\shell extension\shellxp.dll
+ dBpoweramp Music Converter dMC Shell Module (Not verified) Illustrate c:\program files\illustrate\dbpoweramp\dmcshell.dll
+ Estadísticas del componente Web Anti-Virus Script Monitor Internet Explorer plugin (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\scieplgn.dll
+ Identificador de icono superpuesto para firmas digitales de AutoCAD AcSignIcon Module (Verified) Autodesk, Inc c:\windows\system32\acsignicon.dll
+ Macromedia FTP & RDS CfShellFtpRds Module (Not verified) Macromedia, Inc. c:\windows\system32\cfshellftprds.dll
+ NeroCoverEd Live Icons Cover Designer (Verified) Nero AG c:\program files\nero\nero8\nero coverdesigner\coveredextension.dll
+ NeroDigitalIconHandler Nero Digital Shell Extension (Verified) Nero AG c:\program files\common files\nero\lib\nerodigitalext.dll
+ NeroDigitalPropSheetHandler Nero Digital Shell Extension (Verified) Nero AG c:\program files\common files\nero\lib\nerodigitalext.dll
+ Nokia Phone Browser Phone Browser (Not verified) Nokia c:\program files\nokia\nokia pc suite 6\phonebrowser.dll
+ OpenOffice.org Column Handler (Not verified) Sun Microsystems, Inc. c:\program files\openoffice.org 2.3\program\shlxthdl.dll
+ OpenOffice.org Infotip Handler (Not verified) Sun Microsystems, Inc. c:\program files\openoffice.org 2.3\program\shlxthdl.dll
+ OpenOffice.org Property Sheet Handler (Not verified) Sun Microsystems, Inc. c:\program files\openoffice.org 2.3\program\shlxthdl.dll
+ OpenOffice.org Thumbnail Viewer (Not verified) Sun Microsystems, Inc. c:\program files\openoffice.org 2.3\program\shlxthdl.dll
+ PowerISO PowerISOShell DLL (Not verified) PowerISO Computing, Inc. c:\program files\poweriso\pwrisosh.dll
+ UnlockerShellExtension c:\program files\unlocker\unlockercom.dll
+ WinRAR shell extension c:\program files\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\program files\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\program files\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\program files\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing LP c:\program files\winzip\wzshlstb.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ Adobe PDF Conversion Toolbar Helper Adobe PDF Toolbar for Internet Explorer (Verified) Adobe Systems, Incorporated c:\program files\adobe\acrobat 8.0\acrobat\acroiefavclient.dll
+ Aplicación auxiliar de vínculos de Adobe PDF Reader Adobe PDF Helper for Internet Explorer (Verified) Adobe Systems, Incorporated c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
+ Spybot-S&D IE Protection SBSD IE Protection (Verified) Safer Networking Ltd. c:\program files\spybot - search & destroy\sdhelper.dll
+ SSVHelper Class Java(TM) 2 Platform Standard Edition binary (Not verified) Sun Microsystems, Inc. c:\program files\java\jre1.5.0_07\bin\ssv.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ 2nd &Speech Center c:\program files\2nd speech center\tts4ie.dll
+ Adobe PDF Adobe PDF Toolbar for Internet Explorer (Verified) Adobe Systems, Incorporated c:\program files\adobe\acrobat 8.0\acrobat\acroiefavclient.dll
+ LEC LEC IE Translation Extension.dll (Not verified) Language Engineering Corporation, LLC c:\program files\power translator 10\applications\lec ie translation extension.dll
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
+ \Uniblue SpeedUpMyPC SpeedUpMyPC (Verified) Uniblue Systems c:\program files\uniblue\speedupmypc 3\speedupmypc.exe
+ \Uniblue SpeedUpMyPC Nag SpeedUpMyPC (Verified) Uniblue Systems c:\program files\uniblue\speedupmypc 3\speedupmypc.exe
HKLM\System\CurrentControlSet\Services
+ aawservice Protects your computer from spyware (Verified) Lavasoft AB c:\program files\lavasoft\ad-aware 2007\aawservice.exe
+ acssrv Agnitum Client Security Service (Not verified) Agnitum Ltd. c:\program files\agnitum\outpost firewall pro\acs.exe
+ AVP Ofrece protección contra virus y otros programas peligrosos. (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe
+ FileZilla Server File not found: C:\Program Files\FileZilla Server\FileZilla Server.exe
+ gfi_lnss8_attservice Starts common sub-processes which are required by GFI products. (Verified) GFI Software Ltd. c:\program files\gfi\languard network security scanner 8.0\lnssatt.exe
+ LVCOMSer Logitech Video COM Service (Verified) Logitech Inc c:\program files\common files\logishrd\lvcomser\lvcomser.exe
+ LVPrcSrv Injector service (Verified) Logitech Inc c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe
+ LVSrvLauncher Launcher for Logitech Video Components. (Verified) Logitech Inc c:\program files\common files\logishrd\srvlnch\srvlnch.exe
+ Nero BackItUp Scheduler 3 Nero BackItUp Scheduler 3 is responsible to control all jobs created using Nero BackItUp 3. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP. (Verified) Nero AG c:\program files\nero\nero8\nero backitup\nbservice.exe
+ olMntrService Este servicio permite gestionar la Toolbox (Not verified) Olivetti c:\program files\olivetti\any_way\olmntrservice.exe
+ ProtexisLicensing Protexis Licensing Service c:\program files\common files\protexis\license service\psiservice.exe
+ PSI_SVC_2 This service provides Protexis licensing functionalty. (Verified) Protexis Inc. c:\program files\common files\protexis\license service\psiservice_2.exe
+ SBSDWSCService Spybot-S&D Security Center integration (Verified) Safer Networking Ltd. c:\program files\spybot - search & destroy\sdwinsec.exe
+ ssoftservice This is a service needed for Cryptainer volume to load. If this service is stopped or disabled, Cryptainer will not function on this computer. (Not verified) Cypherix Software (India) Pvt. Ltd. c:\windows\system32\cryptainersrv.exe
HKLM\System\CurrentControlSet\Services
+ aaop3njv File not found: C:\Windows\System32\Drivers\aaop3njv.sys
+ ALCXWDM Realtek AC'97 Audio Driver (WDM) (Verified) Realtek Semiconductor Corp c:\windows\system32\drivers\rtkvac.sys
+ ASWFilt Agnitum Kernel Mode Anti-Spyware SandBox plug-in (Verified) Agnitum Ltd. c:\windows\system32\filt\aswfilt.dll
+ ElbyCDIO ElbyCD Windows NT/2000/XP I/O driver (Verified) Elaborate Bytes AG c:\windows\system32\drivers\elbycdio.sys
+ ElbyDelay Elby Delay Lower Filter Driver (Verified) Elaborate Bytes AG c:\windows\system32\drivers\elbydelay.sys
+ hotcore3 Hotbackup helper driver (Verified) Paragon Technologie GmbH c:\windows\system32\drivers\hotcore3.sys
+ IpInIp IP in IP Tunnel Driver File not found: system32\DRIVERS\ipinip.sys
+ NwlnkFlt IPX Traffic Filter Driver File not found: system32\DRIVERS\nwlnkflt.sys
+ NwlnkFwd IPX Traffic Forwarder Driver File not found: system32\DRIVERS\nwlnkfwd.sys
+ OemBiosDevice Release Build v1.00 (Not verified) PARADOX c:\windows\system32\drivers\royal.sys
+ SandBox Agnitum Host Protection Component (Verified) Agnitum Ltd. c:\windows\system32\drivers\sandbox.sys
+ SCDEmu PowerISO Virtual Drive (Not verified) PowerISO Computing, Inc. c:\windows\system32\drivers\scdemu.sys
+ sptd c:\windows\system32\drivers\sptd.sys
+ ssoftnt4 Cryptainer Driver (Verified) Cypherix Software c:\windows\system32\drivers\ssoftnt4.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
+ autocheck lsdelete c:\windows\system32\lsdelete.exe
+ OODBS File not found: OODBS
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
+ c:\progra~1\agnitum\outpos~1\wl_hook.dll Outost Hooking Module (Not verified) Agnitum Ltd. c:\program files\agnitum\outpost firewall pro\wl_hook.dll
+ C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll Kaspersky Anti-Virus Ring 3 Hooker (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\r3hook.dll
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ klogon Logon Visualizer (Verified) Kaspersky Lab c:\windows\system32\klogon.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Adobe PDF Port Acrobat ® PDF Port (Verified) Adobe Systems, Incorporated c:\windows\system32\adobepdf.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
C:\Users\karlos\AppData\Local\Microsoft\Windows Sidebar\Settings.ini
+ Contactos Ver una lista de contactos de Windows, buscar un contacto o seleccionar un contacto para mostrar la dirección de correo electrónico y los números de teléfono. (Not verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\Contacts.Gadget\es-ES\Gadget.xml
+ Medidor de CPU Ver la CPU y la memoria del sistema (RAM) actuales en el equipo. (Not verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\es-ES\Gadget.xml
+ Notas Capturar ideas, notas y avisos de una forma rápida y sencilla. (Not verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\Notes.Gadget\es-ES\Gadget.xml
+ Traductor Traduce texto hacia una variedad de lenguajes. (Not verified) Julio Casal C:\Users\karlos\AppData\Local\Microsoft\Windows Sidebar\Gadgets\TraductorGadget-1.gadget\Gadget.xml
x-jota:
y ahí va hijackthis en modo seguro:
....he eliminado las entradas de GFI languard desde autoruns porque no puedo desistalarlo ni si quiera desde CCLEANER como administrador en modo seguro.
Logfile of Trend Micro HijackThis v2.0.2
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode
Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 10\Applications\LEC IE Translation Extension.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: 2nd &Speech Center - {CFE40ED8-564E-4693-A9D9-80DB70C8E460} - C:\PROGRA~1\2NDSPE~1\tts4ie.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKCU\..\Run: [aplapl] c:\users\karlos\appdata\local\aplapl.exe aplapl
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OP_CACHE.ATR
O4 - Startup: OP_CACHE.IDX
O4 - Global Startup: OP_CACHE.ATR
O4 - Global Startup: OP_CACHE.IDX
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Estadísticas del componente Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.e-rol.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Olivetti Monitor Service (olMntrService) - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix Software (India) Pvt. Ltd. - C:\Windows\SYSTEM32\cryptainersrv.exe
--
End of file - 9104 bytes
x-jota:
he descubierto a través del autorun que es esta la entrada. El caso es que la elimino, guardo los cambios y
me vuelve a aparecer al reiniciar.
Tampoco aparece el fichero en el directorio.
¿cómo hago para eliminar el virus definitivamente?
npsvxfqyt.exe....c:\user\app\data.npsvxfqyt.exe
bueno, un saludo.
Navegación
[*] Página Anterior
Ir a la versión completa