Autor Tema: SMTP y actividad continua (Leído 11527 veces)

Sandino9 · « **en:** 22 de Mayo de 2009, 04:47:39 pm »

Hola a todos,

Ya me estoy empezando a desesperar. Hace unos dias vi que incluso sin tener ninguna actividad en internet abierta (paginas, p2p, juegos, ni nada) vi que la luz de actividad wifi de mi router estaba parpadeando continuamente. Tengo dos ordenadores, uno xp que esta ya para tirarlo de lo viejo y lento que es, con avast, pero lo utilizan mis padres para poca cosa; otro vista con avg bastante bueno y sin problemas de ningun tipo. El xp esta conectado al router por cable y el vista esta conectado mediante conexion wifi. La red esta bastante protegida (creo yo, vamos), con contraseña buena para entrar al router, WEP, y filtros MAC.

Cuando desconecto la conexion del vista al adaptador suele pararse la actividad wifi del router. He averiguado mas o menos la función del comando netstat y, por intuicion, lo que veo alli cuando hay mucha actividad no mia en el router no parece nada bueno, con cosas de tipo "mta2:smtp" o algo por el estilo, estableciendo conexiones.

Pensé que igual es actividad basica del router, pero he incluso recibido una carta del Centro Nemesys de Telefónica diciendo que puede ser que mi ordenador esté enviando SPAM. Prefiero solucionarlo con vuestra ayuda que con la de una multinacional como Telefónica.

Qué me aconsejáis?

Gracias por la atención,

- Sandino9

Mr_X · « **Respuesta #1 en:** 22 de Mayo de 2009, 05:00:53 pm »

Hola, bienvenido

1.-Pega aquí la salida del comando

Código: [Seleccionar]

NETSTAT -AN

2.-Saca un log del HijackThis (clic aquí)...

Sandino9 · « **Respuesta #2 en:** 22 de Mayo de 2009, 07:09:24 pm »

Aqui esta el netstat -an:

Citar

TCP 192.168.1.3:63891 64.18.4.10:25 TIME_WAIT
TCP 192.168.1.3:63892 202.99.33.36:25 TIME_WAIT
TCP 192.168.1.3:63893 218.216.120.168:25 TIME_WAIT
TCP 192.168.1.3:63894 12.154.55.40:25 ESTABLISHED
TCP 192.168.1.3:63895 58.246.136.41:25 TIME_WAIT
TCP 192.168.1.3:63896 208.65.144.13:25 TIME_WAIT
TCP 192.168.1.3:63897 205.161.14.52:25 TIME_WAIT
TCP 192.168.1.3:63898 203.209.228.230:25 TIME_WAIT
TCP 192.168.1.3:63899 72.14.164.85:25 TIME_WAIT
TCP 192.168.1.3:63900 64.18.5.10:25 TIME_WAIT
TCP 192.168.1.3:63901 61.135.132.110:25 TIME_WAIT
TCP 192.168.1.3:63902 77.75.72.42:25 TIME_WAIT
TCP 192.168.1.3:63903 202.248.238.10:25 TIME_WAIT
TCP 192.168.1.3:63904 205.234.150.178:25 TIME_WAIT
TCP 192.168.1.3:63905 217.22.226.193:25 TIME_WAIT
TCP 192.168.1.3:63906 62.249.212.196:25 TIME_WAIT
TCP 192.168.1.3:63907 116.228.52.134:25 TIME_WAIT
TCP 192.168.1.3:63908 68.167.25.99:25 TIME_WAIT
TCP 192.168.1.3:63909 66.234.224.28:25 TIME_WAIT
TCP 192.168.1.3:63910 208.89.132.28:25 TIME_WAIT
TCP 192.168.1.3:63911 194.134.42.41:25 TIME_WAIT
TCP 192.168.1.3:63912 219.239.98.77:25 TIME_WAIT
TCP 192.168.1.3:63913 202.248.175.6:25 TIME_WAIT
TCP 192.168.1.3:63914 38.113.244.146:25 ESTABLISHED
TCP 192.168.1.3:63915 193.252.22.142:25 TIME_WAIT
TCP 192.168.1.3:63916 200.255.9.10:25 TIME_WAIT
TCP 192.168.1.3:63917 211.43.212.206:25 TIME_WAIT
TCP 192.168.1.3:63918 63.217.87.11:25 TIME_WAIT
TCP 192.168.1.3:63919 195.154.194.122:25 TIME_WAIT
TCP 192.168.1.3:63922 193.164.131.35:25 TIME_WAIT
TCP 192.168.1.3:63925 207.115.64.104:25 TIME_WAIT
TCP 192.168.1.3:63926 208.65.144.13:25 TIME_WAIT
TCP 192.168.1.3:63927 213.186.33.29:25 ESTABLISHED
TCP 192.168.1.3:63932 213.36.80.90:25 TIME_WAIT
TCP 192.168.1.3:63933 200.87.100.30:25 TIME_WAIT
TCP 192.168.1.3:63938 208.65.144.13:25 TIME_WAIT
TCP 192.168.1.3:63939 70.151.177.34:25 TIME_WAIT
TCP 192.168.1.3:63940 200.34.175.4:25 TIME_WAIT
TCP 192.168.1.3:63941 220.232.130.170:25 TIME_WAIT
TCP 192.168.1.3:63942 165.139.70.1:25 TIME_WAIT
TCP 192.168.1.3:63943 201.238.246.125:25 TIME_WAIT
TCP 192.168.1.3:63944 202.148.1.15:25 TIME_WAIT
TCP 192.168.1.3:63945 192.146.1.50:25 TIME_WAIT
TCP 192.168.1.3:63946 200.57.64.98:25 ESTABLISHED
TCP 192.168.1.3:63947 147.32.127.218:25 TIME_WAIT
TCP 192.168.1.3:63950 200.142.58.27:25 TIME_WAIT
TCP 192.168.1.3:63952 213.186.33.73:25 ESTABLISHED
TCP 192.168.1.3:63954 208.240.15.24:25 TIME_WAIT
TCP 192.168.1.3:63955 210.142.243.98:25 TIME_WAIT
TCP 192.168.1.3:63956 209.85.219.38:25 TIME_WAIT
TCP 192.168.1.3:63957 195.98.230.101:25 TIME_WAIT
TCP 192.168.1.3:63958 216.82.118.94:25 TIME_WAIT
TCP 192.168.1.3:63959 130.218.102.215:25 TIME_WAIT
TCP 192.168.1.3:63960 74.43.119.9:25 TIME_WAIT
TCP 192.168.1.3:63961 66.175.131.131:25 TIME_WAIT
TCP 192.168.1.3:63963 193.230.192.1:25 TIME_WAIT
TCP 192.168.1.3:63964 208.104.244.55:25 TIME_WAIT
TCP 192.168.1.3:63966 81.31.160.34:25 TIME_WAIT
TCP 192.168.1.3:63967 192.146.1.52:25 TIME_WAIT
TCP 192.168.1.3:63968 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:63969 72.14.164.85:25 TIME_WAIT
TCP 192.168.1.3:63970 64.18.7.10:25 TIME_WAIT
TCP 192.168.1.3:63971 207.97.249.207:25 TIME_WAIT
TCP 192.168.1.3:63972 151.1.196.76:25 TIME_WAIT
TCP 192.168.1.3:63974 70.159.40.50:25 TIME_WAIT
TCP 192.168.1.3:63975 193.252.22.142:25 TIME_WAIT
TCP 192.168.1.3:63976 192.146.1.51:25 TIME_WAIT
TCP 192.168.1.3:63977 67.112.74.101:25 ESTABLISHED
TCP 192.168.1.3:63978 69.129.39.234:25 TIME_WAIT
TCP 192.168.1.3:63979 209.85.219.1:25 TIME_WAIT
TCP 192.168.1.3:63980 137.53.6.170:25 TIME_WAIT
TCP 192.168.1.3:63981 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:63982 82.85.25.135:25 TIME_WAIT
TCP 192.168.1.3:63983 66.117.202.205:25 TIME_WAIT
TCP 192.168.1.3:63984 65.193.218.2:25 FIN_WAIT_2
TCP 192.168.1.3:63985 64.18.5.10:25 TIME_WAIT
TCP 192.168.1.3:63987 206.213.176.68:25 TIME_WAIT
TCP 192.168.1.3:63988 213.176.128.18:25 TIME_WAIT
TCP 192.168.1.3:63989 72.32.252.23:25 TIME_WAIT
TCP 192.168.1.3:63990 194.60.217.72:25 TIME_WAIT
TCP 192.168.1.3:63991 206.47.106.136:25 TIME_WAIT
TCP 192.168.1.3:63992 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:63993 64.179.37.210:25 TIME_WAIT
TCP 192.168.1.3:63994 84.96.69.150:25 TIME_WAIT
TCP 192.168.1.3:63995 202.90.141.3:25 TIME_WAIT
TCP 192.168.1.3:63996 66.170.45.71:25 TIME_WAIT
TCP 192.168.1.3:63997 94.190.189.1:25 TIME_WAIT
TCP 192.168.1.3:63998 167.206.51.75:25 TIME_WAIT
TCP 192.168.1.3:64001 69.15.160.61:25 TIME_WAIT
TCP 192.168.1.3:64002 210.134.58.73:25 TIME_WAIT
TCP 192.168.1.3:64003 209.250.64.25:25 TIME_WAIT
TCP 192.168.1.3:64004 85.10.193.17:25 TIME_WAIT
TCP 192.168.1.3:64005 209.85.107.138:25 TIME_WAIT
TCP 192.168.1.3:64007 66.119.15.4:25 TIME_WAIT
TCP 192.168.1.3:64008 217.22.232.6:25 TIME_WAIT
TCP 192.168.1.3:64009 202.108.252.141:25 TIME_WAIT
TCP 192.168.1.3:64010 218.40.30.114:25 TIME_WAIT
TCP 192.168.1.3:64012 199.6.139.15:25 TIME_WAIT
TCP 192.168.1.3:64013 202.238.53.197:25 TIME_WAIT
TCP 192.168.1.3:64014 207.36.201.109:25 TIME_WAIT
TCP 192.168.1.3:64015 208.65.144.12:25 TIME_WAIT
TCP 192.168.1.3:64016 212.23.3.232:25 TIME_WAIT
TCP 192.168.1.3:64017 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:64018 64.18.5.10:25 TIME_WAIT
TCP 192.168.1.3:64019 200.144.6.202:25 TIME_WAIT
TCP 192.168.1.3:64020 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:64021 80.208.145.5:25 TIME_WAIT
TCP 192.168.1.3:64022 165.138.78.150:25 TIME_WAIT
TCP 192.168.1.3:64023 212.241.210.94:25 TIME_WAIT
TCP 192.168.1.3:64024 62.42.230.187:25 TIME_WAIT
TCP 192.168.1.3:64025 208.65.145.2:25 TIME_WAIT
TCP 192.168.1.3:64026 210.193.194.3:25 TIME_WAIT
TCP 192.168.1.3:64027 200.254.131.245:25 TIME_WAIT
TCP 192.168.1.3:64028 174.133.249.194:25 TIME_WAIT
TCP 192.168.1.3:64029 201.25.31.24:25 TIME_WAIT
TCP 192.168.1.3:64030 85.91.64.104:25 TIME_WAIT
TCP 192.168.1.3:64031 213.158.196.196:25 TIME_WAIT
TCP 192.168.1.3:64032 17.148.20.65:25 ESTABLISHED
TCP 192.168.1.3:64033 74.52.162.178:25 TIME_WAIT
TCP 192.168.1.3:64034 200.40.30.218:25 TIME_WAIT
TCP 192.168.1.3:64035 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:64038 200.234.200.27:25 TIME_WAIT
TCP 192.168.1.3:64039 76.12.113.49:25 TIME_WAIT
TCP 192.168.1.3:64040 198.178.147.2:25 TIME_WAIT
TCP 192.168.1.3:64041 217.116.0.152:25 TIME_WAIT
TCP 192.168.1.3:64042 193.188.140.28:25 TIME_WAIT
TCP 192.168.1.3:64043 64.18.6.14:25 TIME_WAIT
TCP 192.168.1.3:64044 209.136.48.174:25 TIME_WAIT
TCP 192.168.1.3:64046 211.43.197.93:25 TIME_WAIT
TCP 192.168.1.3:64048 82.197.64.152:25 TIME_WAIT
TCP 192.168.1.3:64049 77.238.177.142:25 TIME_WAIT
TCP 192.168.1.3:64050 194.116.198.82:25 TIME_WAIT
TCP 192.168.1.3:64051 201.55.62.23:25 TIME_WAIT
TCP 192.168.1.3:64052 217.12.11.64:25 TIME_WAIT
TCP 192.168.1.3:64053 81.228.11.160:25 TIME_WAIT
TCP 192.168.1.3:64055 89.104.224.248:25 TIME_WAIT
TCP 192.168.1.3:64056 193.252.22.142:25 TIME_WAIT
TCP 192.168.1.3:64057 193.251.214.113:25 TIME_WAIT
TCP 192.168.1.3:64058 80.74.159.61:25 TIME_WAIT
TCP 192.168.1.3:64059 195.92.225.82:25 TIME_WAIT
TCP 192.168.1.3:64060 62.214.56.104:25 TIME_WAIT
TCP 192.168.1.3:64061 212.77.101.4:25 TIME_WAIT
TCP 192.168.1.3:64062 194.134.0.168:25 TIME_WAIT
TCP 192.168.1.3:64066 212.227.39.2:25 TIME_WAIT
TCP 192.168.1.3:64067 195.2.179.92:25 TIME_WAIT
TCP 192.168.1.3:64068 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:64069 63.247.141.195:25 TIME_WAIT
TCP 192.168.1.3:64071 212.184.29.218:25 TIME_WAIT
TCP 192.168.1.3:64072 87.96.215.30:25 TIME_WAIT
TCP 192.168.1.3:64073 213.75.3.134:25 TIME_WAIT
TCP 192.168.1.3:64074 85.13.158.6:25 TIME_WAIT
TCP 192.168.1.3:64076 65.183.99.150:25 TIME_WAIT
TCP 192.168.1.3:64078 203.209.228.230:25 TIME_WAIT
TCP 192.168.1.3:64080 65.241.34.170:25 TIME_WAIT
TCP 192.168.1.3:64082 211.127.147.158:25 TIME_WAIT
TCP 192.168.1.3:64083 67.15.241.3:25 TIME_WAIT
TCP 192.168.1.3:64084 157.205.238.165:25 TIME_WAIT
TCP 192.168.1.3:64085 64.18.7.10:25 TIME_WAIT
TCP 192.168.1.3:64086 71.16.194.151:25 TIME_WAIT
TCP 192.168.1.3:64087 134.67.221.150:25 TIME_WAIT
TCP 192.168.1.3:64088 155.198.5.152:25 TIME_WAIT
TCP 192.168.1.3:64089 204.85.2.230:25 TIME_WAIT
TCP 192.168.1.3:64090 208.65.144.13:25 TIME_WAIT
TCP 192.168.1.3:64091 216.54.9.5:25 TIME_WAIT
TCP 192.168.1.3:64092 208.65.145.3:25 TIME_WAIT
TCP 192.168.1.3:64093 207.138.84.241:25 TIME_WAIT
TCP 192.168.1.3:64095 129.237.24.90:25 TIME_WAIT
TCP 192.168.1.3:64097 209.198.112.38:25 TIME_WAIT
TCP 192.168.1.3:64098 69.20.116.20:25 TIME_WAIT
TCP 192.168.1.3:64099 129.237.24.89:25 TIME_WAIT
TCP 192.168.1.3:64100 200.169.216.50:25 TIME_WAIT
TCP 192.168.1.3:64101 129.237.24.88:25 TIME_WAIT
TCP 192.168.1.3:64102 72.242.11.155:25 TIME_WAIT
TCP 192.168.1.3:64103 209.85.219.38:25 TIME_WAIT
TCP 192.168.1.3:64104 129.237.24.87:25 TIME_WAIT
TCP 192.168.1.3:64105 81.23.87.86:25 TIME_WAIT
TCP 192.168.1.3:64106 85.214.51.113:25 TIME_WAIT
TCP 192.168.1.3:64107 91.118.7.244:25 TIME_WAIT
TCP 192.168.1.3:64108 207.218.248.67:25 TIME_WAIT
TCP 192.168.1.3:64109 208.65.144.12:25 TIME_WAIT
TCP 192.168.1.3:64110 209.162.223.64:25 TIME_WAIT
TCP 192.168.1.3:64112 69.15.66.18:25 TIME_WAIT
TCP 192.168.1.3:64113 64.12.138.57:25 TIME_WAIT
TCP 192.168.1.3:64116 209.162.223.65:25 TIME_WAIT
TCP 192.168.1.3:64118 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:64120 64.18.6.14:25 TIME_WAIT
TCP 192.168.1.3:64121 193.252.22.142:25 TIME_WAIT
TCP 192.168.1.3:64122 192.115.106.58:25 TIME_WAIT
TCP 192.168.1.3:64123 202.155.73.136:25 ESTABLISHED
TCP 192.168.1.3:64124 4.22.69.18:25 TIME_WAIT
TCP 192.168.1.3:64129 198.206.246.198:25 TIME_WAIT
TCP 192.168.1.3:64130 204.244.36.216:25 TIME_WAIT
TCP 192.168.1.3:64131 192.231.124.150:25 TIME_WAIT
TCP 192.168.1.3:64132 198.206.246.35:25 TIME_WAIT
TCP 192.168.1.3:64133 204.244.36.216:25 TIME_WAIT
TCP 192.168.1.3:64134 75.146.8.65:25 TIME_WAIT
TCP 192.168.1.3:64135 198.206.246.155:25 TIME_WAIT
TCP 192.168.1.3:64136 202.248.238.10:25 TIME_WAIT
TCP 192.168.1.3:64137 66.114.252.224:25 TIME_WAIT
TCP 192.168.1.3:64138 200.245.2.132:25 TIME_WAIT
TCP 192.168.1.3:64139 216.185.225.133:25 TIME_WAIT
TCP 192.168.1.3:64141 198.206.246.199:25 TIME_WAIT
TCP 192.168.1.3:64142 216.182.241.12:25 TIME_WAIT
TCP 192.168.1.3:64145 203.209.228.230:25 TIME_WAIT
TCP 192.168.1.3:64148 62.159.141.156:25 TIME_WAIT
TCP 192.168.1.3:64149 210.69.181.251:25 TIME_WAIT
TCP 192.168.1.3:64150 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:64151 158.132.19.197:25 TIME_WAIT
TCP 192.168.1.3:64152 173.9.235.73:25 CLOSING
TCP 192.168.1.3:64155 204.244.36.216:25 TIME_WAIT
TCP 192.168.1.3:64156 209.85.219.38:25 TIME_WAIT
TCP 192.168.1.3:64157 12.198.150.140:25 TIME_WAIT
TCP 192.168.1.3:64158 138.100.200.12:25 TIME_WAIT
TCP 192.168.1.3:64159 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:64160 200.198.220.101:25 TIME_WAIT
TCP 192.168.1.3:64161 202.238.83.14:25 TIME_WAIT
TCP 192.168.1.3:64162 194.213.200.21:25 TIME_WAIT
TCP 192.168.1.3:64164 67.90.198.228:25 TIME_WAIT
TCP 192.168.1.3:64165 209.198.112.38:25 TIME_WAIT
TCP 192.168.1.3:64167 67.155.196.232:25 TIME_WAIT
TCP 192.168.1.3:64169 193.140.192.48:25 TIME_WAIT
TCP 192.168.1.3:64170 67.90.198.231:25 TIME_WAIT
TCP 192.168.1.3:64171 206.165.245.160:25 TIME_WAIT
TCP 192.168.1.3:64172 204.244.250.228:25 TIME_WAIT
TCP 192.168.1.3:64173 91.121.63.87:25 TIME_WAIT
TCP 192.168.1.3:64174 128.210.175.96:25 TIME_WAIT
TCP 192.168.1.3:64176 203.226.255.61:25 CLOSING
TCP 192.168.1.3:64177 209.52.149.136:25 TIME_WAIT
TCP 192.168.1.3:64178 212.58.3.40:25 ESTABLISHED
TCP 192.168.1.3:64179 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:64180 67.192.185.254:25 TIME_WAIT
TCP 192.168.1.3:64181 203.183.218.10:25 TIME_WAIT
TCP 192.168.1.3:64182 209.85.219.38:25 CLOSING
TCP 192.168.1.3:64184 204.244.36.216:25 TIME_WAIT
TCP 192.168.1.3:64187 204.14.0.6:25 TIME_WAIT
TCP 192.168.1.3:64188 65.15.75.219:25 TIME_WAIT
TCP 192.168.1.3:64189 173.24.105.197:25 ESTABLISHED
TCP 192.168.1.3:64190 193.234.194.142:25 ESTABLISHED
TCP 192.168.1.3:64191 59.151.4.5:25 ESTABLISHED
TCP 192.168.1.3:64192 209.85.219.33:25 ESTABLISHED
TCP 192.168.1.3:64193 192.115.97.253:25 ESTABLISHED
TCP 192.168.1.3:64194 209.181.247.105:25 ESTABLISHED
TCP 192.168.1.3:64195 209.170.189.24:25 TIME_WAIT
TCP 192.168.1.3:64197 208.65.145.12:25 FIN_WAIT_1
TCP 192.168.1.3:64198 216.198.218.133:25 ESTABLISHED
TCP 192.168.1.3:64199 128.121.4.6:25 TIME_WAIT
TCP 192.168.1.3:64200 207.126.147.10:25 TIME_WAIT
TCP 192.168.1.3:64201 209.85.219.33:25 ESTABLISHED
TCP 192.168.1.3:64202 32.97.182.146:25 ESTABLISHED
TCP 192.168.1.3:64203 200.58.160.27:25 ESTABLISHED
TCP 192.168.1.3:64204 64.18.6.14:25 ESTABLISHED
TCP 192.168.1.3:64205 207.217.125.16:25 ESTABLISHED
TCP 192.168.1.3:64206 32.97.110.150:25 SYN_SENT
TCP 192.168.1.3:64207 171.16.251.85:25 ESTABLISHED
TCP 192.168.1.3:64208 195.6.160.162:25 SYN_SENT
TCP [::]:135 [::]:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
TCP [::]:49152 [::]:0 LISTENING
TCP [::]:49153 [::]:0 LISTENING
TCP [::]:49154 [::]:0 LISTENING
TCP [::]:49155 [::]:0 LISTENING
TCP [::]:49156 [::]:0 LISTENING
TCP [::]:49157 [::]:0 LISTENING
UDP 0.0.0.0:123 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:49152 *:*
UDP 0.0.0.0:53950 *:*
UDP 0.0.0.0:55929 *:*
UDP 0.0.0.0:62307 *:*
UDP 0.0.0.0:63609 *:*
UDP 0.0.0.0:64670 *:*
UDP 0.0.0.0:64978 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:53447 *:*
UDP 127.0.0.1:54443 *:*
UDP 127.0.0.1:56415 *:*
UDP 127.0.0.1:61320 *:*
UDP 192.168.1.3:137 *:*
UDP 192.168.1.3:138 *:*
UDP 192.168.1.3:1900 *:*
UDP 192.168.1.3:5353 *:*
UDP 192.168.1.3:54442 *:*
UDP [::]:123 *:*
UDP [::]:500 *:*
UDP [::]:5355 *:*
UDP [::]:49153 *:*
UDP [::1]:1900 *:*
UDP [::1]:54440 *:*
UDP [fe80::100:7f:fffe%11]:1900 *:*
UDP [fe80::100:7f:fffe%11]:54441 *:*
UDP [fe80::38a3:a9f:2d55:5605%9]:1900 *:*
UDP [fe80::38a3:a9f:2d55:5605%9]:54439 *:*
UDP [fe80::6502:f05c:6417:9184%10]:1900 *:*
UDP [fe80::6502:f05c:6417:9184%10]:54438 *:*
UDP [fe80::ada7:27e6:ce6c:ff16%13]:1900 *:*
UDP [fe80::ada7:27e6:ce6c:ff16%13]:54437 *:*

Y ac ontinuacion el hijack:

Citar

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:43, on 22/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\CloneCD\CloneCDTray.exe
C:\Program Files\FarStone VirtualDrive\vdtask.exe
C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Loquendo\HalReader.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rebelion.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://support.thetechguys.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] "C:\Windows\RaidTool\xInsIDE.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Windows\RtHDVCpl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] "C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Skytel] "C:\Windows\Skytel.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam gaming\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Ultra Hal Text-to-Speech Reader Startup.lnk = ?
O8 - Extra context menu item: Enviar por Bluetooth - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Enviar por Mensaje (&M)... - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B46632A7-6B24-4682-AB3B-FA60FC5BE0F7}: NameServer = 80.58.0.33,80.58.32.97
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TMBMServer - Trend Micro Inc. - (no file)
O23 - Service: TmPfw - Trend Micro Inc. - (no file)
O23 - Service: tmproxy - Trend Micro Inc. - (no file)

--
End of file - 9134 bytes

Mr_X · « **Respuesta #3 en:** 22 de Mayo de 2009, 08:07:42 pm »

Pues sí, estás enviando correo al por mayor...

Reinicia en Modo seguro, saca otra vez un log del HijackThis y uno del Autoruns (clic aquí)...

Sandino9 · « **Respuesta #4 en:** 22 de Mayo de 2009, 09:11:45 pm »

HiJackThis:

Citar

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:42, on 22/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rebelion.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] "C:\Windows\RaidTool\xInsIDE.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Windows\RtHDVCpl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] "C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Skytel] "C:\Windows\Skytel.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam gaming\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Ultra Hal Text-to-Speech Reader Startup.lnk = ?
O8 - Extra context menu item: Enviar por Bluetooth - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Enviar por Mensaje (&M)... - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B46632A7-6B24-4682-AB3B-FA60FC5BE0F7}: NameServer = 80.58.0.33,80.58.32.97
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TMBMServer - Trend Micro Inc. - (no file)
O23 - Service: TmPfw - Trend Micro Inc. - (no file)
O23 - Service: tmproxy - Trend Micro Inc. - (no file)

--
End of file - 8211 bytes

Autoruns:

Citar

HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ Adobe Reader Speed Launcher   Adobe Acrobat SpeedLauncher   (Verified) Adobe Systems, Incorporated   c:\program files\adobe\reader 9.0\reader\reader_sl.exe
+ AppleSyncNotifier   AppleSyncNotifier   (Verified) Apple Inc.   c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe
+ AVG8_TRAY   AVG Tray Monitor   (Verified) AVG Technologies   c:\program files\avg\avg8\avgtray.exe
+ BtTray   BlueSoleil Bttray      c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bttray.exe
+ CanonSolutionMenu   CNSLMAIN   (Verified) Canon Inc.   c:\program files\canon\solutionmenu\cnslmain.exe
+ CloneCDTray   CloneCD Tray   (Not verified) SlySoft, Inc.   c:\program files\clonecd\clonecdtray.exe
+ iTunesHelper   iTunesHelper Module   (Verified) Apple Inc.   c:\program files\itunes\ituneshelper.exe
+ JMB36X IDE Setup         c:\windows\raidtool\xinside.exe
+ OpwareSE4   OCR Aware   (Verified) Nuance Communications, Inc.   c:\program files\scansoft\omnipagese4\opwarese4.exe
+ QuickTime Task   QuickTime Task   (Not verified) Apple Inc.   c:\program files\quicktime\qttask.exe
+ RAMDrive   RDTask Microsoft ???????   (Not verified) FarStone Technology, Inc.   c:\program files\farstone virtualdrive\vhd\rdtask.exe
+ SSBkgdUpdate   SSBkgdUpdate   (Verified) Nuance Communications, Inc.   c:\program files\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe
+ SunJavaUpdateSched   Java(TM) Platform SE binary   (Verified) Sun Microsystems, Inc.   c:\program files\java\jre6\bin\jusched.exe
+ VirtualDrive   VirtualDrive VDTask   (Not verified) FarStone Technology Inc.   c:\program files\farstone virtualdrive\vdtask.exe
+ WrtMon.exe   NsWrtMon Microsoft Base Class Application      c:\windows\system32\spool\drivers\w32x86\3\wrtmon.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
+ Ultra Hal Text-to-Speech Reader Startup.lnk   InstallShield   (Not verified) InstallShield Software Corp.   c:\windows\installer\{96ef451e-a402-44d8-baee-d70d558a4122}\new_shortcut_s1449_0eb7cdb78e0c4a918d2ca535d5b8160c.exe
C:\Users\Aleksander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ Steam   Steam   (Verified) Valve   c:\program files\steam gaming\steam.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
+ linkscanner   Safe Search pluggable protocol   (Verified) AVG Technologies   c:\program files\avg\avg8\avgpp.dll
+ skype4com   Skype for COM API   (Verified) Skype Technologies SA   c:\windows\system32\skype4com.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension   AVG Shell Extension   (Verified) AVG Technologies   c:\program files\avg\avg8\avgse.dll
+ MakeFile_VDGD Class   VDShell Module   (Not verified) FarStone Technology Inc.   c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\Shellex\DragDropHandlers
HKLM\Software\Classes\Directory\Shellex\DragDropHandlers
HKCU\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKCU\Software\Classes\Directory\Shellex\CopyHookHandlers
HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers
+ IVTCopyMonitor   BluetoothManager Module      c:\windows\system32\bsshell.dll
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
+ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell Extension   PDF Shell Extension   (Verified) Adobe Systems, Incorporated   c:\program files\common files\adobe\acrobat\activex\pdfshell.dll
HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension   AVG Shell Extension   (Verified) AVG Technologies   c:\program files\avg\avg8\avgse.dll
+ FolderShell_VDGD Class   VDShell Module   (Not verified) FarStone Technology Inc.   c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ AVG8 Shell Extension   AVG Shell Extension   (Verified) AVG Technologies   c:\program files\avg\avg8\avgse.dll
+ iTunes   iTunes Mini Player DLL   (Verified) Apple Inc.   c:\program files\itunes\itunesminiplayer.dll
+ OpenOffice.org Column Handler      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Infotip Handler      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Property Sheet Handler      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Thumbnail Viewer      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
+ Skladnik rozszerzenia powloki CorelDRAW   Shell Extension DLL   (Not verified) Corel Corporation   c:\program files\corel\corel graphics 11\draw\cdrviewer\crlshell110.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ Adobe PDF Link Helper   Adobe PDF Helper for Internet Explorer   (Verified) Adobe Systems, Incorporated   c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
+ AVG Safe Search   Safe Search for Internet Explorer   (Verified) AVG Technologies   c:\program files\avg\avg8\avgssie.dll
+ AVGTOOLBAR   AVG Security Toolbar   (Verified) AVG Technologies   c:\program files\avg\avg8\avgtoolbar.dll
+ Java(tm) Plug-In 2 SSV Helper   Java(TM) Platform SE binary   (Not verified) Sun Microsystems, Inc.   c:\program files\java\jre6\bin\jp2ssv.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ aawservice   Ad-Aware service      File not found: C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
+ Apple Mobile Device   Proporciona la interfaz a los dispositivos móviles de Apple.   (Verified) Apple Inc.   c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
+ avg8emc   AVG E-Mail Scanner   (Verified) AVG Technologies   c:\program files\avg\avg8\avgemc.exe
+ avg8wd   AVG Watchdog Service   (Verified) AVG Technologies   c:\program files\avg\avg8\avgwdsvc.exe
+ BlueSoleilCS   Manages bluetooth hardware and provides bluetooth functions.      c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bluesoleilcs.exe
+ Bonjour Service   Bonjour permite que aplicaciones como iTunes y Safari anuncien y descubran servicios en la red local. Si tiene Bonjour en ejecución, le permitirá conectarse con dispositivos hardware como el Apple TV y con servicios de software, como archivos compartidos de iTunes y AirTunes. Si desactiva Bonjour, los servicios de red que dependan de él explícitamente no se podrán iniciar.   (Verified) Apple Inc.   c:\program files\bonjour\mdnsresponder.exe
+ BsHelpCS   BsHelpCS Module      c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bshelpcs.exe
+ BsMobileCS   BsMobileCS Module      c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bsmobilecs.exe
+ fsusd32   File System Camera Devices DLL   (Not verified) Microsoft Corporation   c:\windows\system32\fsusd32.dll
+ getPlus(R) Helper   getPlus(R) Helper   (Verified) Adobe Systems Incorporated   c:\program files\nos\bin\getplus_helpersvc.exe
+ IDriverT   Provides support for the Running Object Table for InstallShield Drivers   (Not verified) Macrovision Corporation   c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe
+ iPod Service   Servicios de administración del hardware del iPod   (Verified) Apple Inc.   c:\program files\ipod\bin\ipodservice.exe
+ Steam Client Service   Steam Client Service monitors and updates Steam content   (Verified) Valve   c:\program files\common files\steam\steamservice.exe
HKLM\System\CurrentControlSet\Services
+ AvgLdx86   AVG AVI Loader Driver   (Verified) AVG Technologies   c:\windows\system32\drivers\avgldx86.sys
+ AvgMfx86   AVG Resident Shield Minifilter Driver   (Verified) AVG Technologies   c:\windows\system32\drivers\avgmfx86.sys
+ AvgRkx86   AVG Anti-Rootkit Driver   (Verified) AVG Technologies   c:\windows\system32\drivers\avgrkx86.sys
+ AvgTdiX   AVG Network connection watcher   (Verified) AVG Technologies   c:\windows\system32\drivers\avgtdix.sys
+ ElbyCDFL   ElbyCDIO Filter Driver   (Not verified) SlySoft, Inc.   c:\windows\system32\drivers\elbycdfl.sys
+ ElbyCDIO   ElbyCD Windows NT/2000/XP I/O driver   (Not verified) Elaborate Bytes AG   c:\windows\system32\drivers\elbycdio.sys
+ fcdabus   FarStone Bus Enumerator   (Verified) Farstone Technology Inc   c:\windows\system32\drivers\fcdabus.sys
+ fsRamDsk      (Verified) Farstone Technology Inc   c:\windows\system32\drivers\fsramdsk.sys
+ FVXSCSI   FarStone SCSI Miniport    (Verified) Farstone Technology Inc   c:\windows\system32\drivers\fvxscsi.sys
+ hamachi   Hamachi Virtual Network Interface Driver   (Verified) LogMeIn, Inc.   c:\windows\system32\drivers\hamachi.sys
+ NPF   npf   (Not verified) CACE Technologies   c:\windows\system32\drivers\npf.sys
+ sptd         c:\windows\system32\drivers\sptd.sys
+ tmactmon   TrendMicro Activity Monitor Module   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmactmon.sys
+ tmcomm   TrendMicro Common Module   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmcomm.sys
+ tmevtmgr   TrendMicro Event Management Module   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmevtmgr.sys
+ tmpreflt   Trend Filter Driver   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmpreflt.sys
+ tmxpflt   Trend Functionality Driver   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmxpflt.sys
+ vsapint   Trend Virus ScanEngine   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\vsapint.sys
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
+ msacm.ac3acm   AC-3 ACM Codec   (Not verified) fccHandler   c:\windows\system32\ac3acm.acm
+ msacm.ac3filter         c:\windows\system32\ac3filter.acm
+ msacm.clmp3enc   CLMP3Enc   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\clmp3enc.acm
+ msacm.divxa32   DivX WMA Audi   (Not verified) Kristal Studi   c:\windows\system32\divxa32.acm
+ msacm.l3fhg   MPEG Audio Layer-3 Codec for MSACM   (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS   c:\windows\system32\mp3fhg.acm
+ msacm.lameacm   Lame MP3 codec engine   (Not verified) http://www.mp3dev.org/   c:\windows\system32\lameacm.acm
+ msacm.msaudio1   Windows Media Audio   (Not verified) Microsoft Corporation   c:\windows\system32\msaud32.acm
+ msacm.sl_anet   Audio codec for MS ACM   (Not verified) Sipro Lab Telecom Inc.   c:\windows\system32\sl_anet.acm
+ msacm.vorbis   Ogg Vorbis CODEC for MSACM   (Not verified) HMS http://hp.vector.co.jp/authors/VA012897/   c:\windows\system32\vorbis.acm
+ VIDC.DIVX   DivX   (Not verified) DivX, Inc.   c:\windows\system32\divx.dll
+ VIDC.FFDS   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ VIDC.HFYU   Huffyuv lossless video codec   (Not verified) Disappearing Inc.   c:\windows\system32\huffyuv.dll
+ vidc.i263   Intel I.263 Video Driver 2.55.012   (Not verified) Intel Corporation   c:\windows\system32\i263_32.drv
+ VIDC.VP60   VP6 VIDEO FOR WINDOWS CODEC    (Not verified) On2.com   c:\windows\system32\vp6vfw.dll
+ VIDC.VP61   VP6 VIDEO FOR WINDOWS CODEC    (Not verified) On2.com   c:\windows\system32\vp6vfw.dll
+ VIDC.VP62   VP6 VIDEO FOR WINDOWS CODEC    (Not verified) On2.com   c:\windows\system32\vp6vfw.dll
+ VIDC.VP70   VP70 VIDEO FOR WINDOWS CODEC    (Not verified) On2.com   c:\windows\system32\vp7vfw.dll
+ VIDC.X264         c:\windows\system32\x264vfw.dll
+ VIDC.XVID         c:\windows\system32\xvidvfw.dll
+ VIDC.YV12   Helix YV12 YUV Codec   (Not verified) www.helixcommunity.org   c:\windows\system32\yv12vfw.dll
HKLM\Software\Classes\Filter
+ LAME MPEG Layer III Audio Encoder         c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
+ 3ivx Audio Decoder   3ivx D4 4.5 DirectShow Audio Decoder   (Not verified) 3ivx.com   c:\program files\codecpack de elisoft\3ivx\3ivxdsaudiodecoder.ax
+ 3ivx D4 Audio Encoder   3ivx D4 4.5 DirectShow Audio Encoder   (Not verified) 3ivx.com   c:\program files\codecpack de elisoft\3ivx\3ivxdsaudioencoder.ax
+ 3ivx Media Splitter   3ivx D4 4.5 DirectShow Media Splitter   (Not verified) 3ivx.com   c:\program files\codecpack de elisoft\3ivx\3ivxdsmediasplitter.ax
+ aac_parser   Direct show parser filter for ADTS      c:\program files\codecpack de elisoft\aac\aac_parser.ax
+ AC3File         c:\program files\k-lite codec pack\filters\ac3file.ax
+ AC3Filter   ac3filter      c:\program files\total video converter\ac3filter.cpl
+ Avi Source   Avi Splitter   (Not verified) Gabest   c:\windows\system32\avisplitter.ax
+ Avi Splitter   Avi Splitter   (Not verified) Gabest   c:\windows\system32\avisplitter.ax
+ AVI2AC3         c:\program files\codecpack de elisoft\dts\avi2ac3dts.ax
+ CDXA Reader   CDXA Reader Filter   (Not verified) Gabest   c:\windows\system32\cdxareader.ax
+ CoreAAC Audio Decoder   CoreAAC      c:\windows\system32\coreaac.ax
+ CoreFLAC Audio Decoder   CoreFLAC Audio Decoder & Source DirectShow Filter   (Not verified) -   c:\windows\system32\coreflacdecoder.ax
+ CoreFLAC Audio Source   CoreFLAC Audio Decoder & Source DirectShow Filter   (Not verified) -   c:\windows\system32\coreflacdecoder.ax
+ CoreVorbis Audio Decoder   CoreVorbis   (Not verified) -   c:\windows\system32\corevorbis.ax
+ CyberLink Audio Noise Reduction   CLAuNR   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gaunrwrapper.ax
+ CyberLink Audio Resampler   CLAuRsmpl.ax   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gaursmpl.ax
+ CyberLink Audio VolumeBooster   CyberLink Audio Volume Booster Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gvb.ax
+ CyberLink AudioCD Filter   CyberLink AudioCD Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gaudiocd.ax
+ Cyberlink Dump Dispatch Filter   Cyberlink File Dump Dispatch Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gdumpdispatch.ax
+ Cyberlink Dump Filter   Cyberlink File Dump Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gdump.ax
+ CyberLink Editing Service 3.0 (Source)   CES Kernel   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gedtkrn.dll
+ Cyberlink File Reader (Async.)   Cyberlink MPEG File Reader   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2greader.ax
+ CyberLink Load Image Filter   CLImage   (Not verified) CyberLink   c:\program files\cyberlink\shared files\climage.ax
+ CyberLink LPCM Converter   LPCM Converter Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2glpcmcvrt.ax
+ CyberLink M2V Writer   CLM2VWriter   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gm2vwriter.ax
+ CyberLink MP3/WAV Wrapper   CyberLink MP3 Wrapper   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gmp3wrap.ax
+ CyberLink MPEG Decoder   CyberLink Video/SP Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gmvd.ax
+ CyberLink MPEG Muxer   MpgMux   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gmpgmux.ax
+ CyberLink MPEG Video Encoder   CyberLink MPEG Video Encoder     (Not verified) CyberLink Corp.    c:\program files\cyberlink\power2go\p2gvidenc.ax
+ CyberLink MPEG-1 Splitter   CyberLink MPEG Splitter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gm1spliter.ax
+ CyberLink MPEG-2 Splitter   CyberLink MPEG Splitter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gm2spliter.ax
+ CyberLink PCM Wrapper   CyberLink PCM Wrapper   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gpcmenc.ax
+ CyberLink TimeStretch Filter (CES)   CLAuTS.ax   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gauts.ax
+ CyberLink TL MPEG Splitter   CyberLink MPEG Splitter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gtlmsplter.ax
+ CyberLink Video Effect   CLVidFx   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gvidfx.ax
+ CyberLink Video Regulator   CLRGL   (Not verified) Cyberlink   c:\program files\cyberlink\power2go\p2grgl.ax
+ CyberLink Video Stabilizer   CLVideoDeShaking   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gvideostabilizer.ax
+ CyberLink Video/SP Decoder   CyberLink Video/SP Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gvsd.ax
+ DC-Bass Source   DirectShow™ Audio Decoder   (Not verified) http://www.dsp-worx.de   c:\program files\k-lite codec pack\filters\dcbasssource.ax
+ DirectVobSub   VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth   (Not verified) Gabest   c:\windows\system32\vsfilter.dll
+ DirectVobSub (auto-loading version)   VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth   (Not verified) Gabest   c:\windows\system32\vsfilter.dll
+ DivX Decoder Filter   DivX® Decoder Filter   (Not verified) DivXNetworks, Inc.   c:\program files\codecpack de elisoft\divx511\divxdec.ax
+ DTS/AC3/DD+ Source   DTS/AC3 Sorce Filter   (Not verified) Gabest   c:\program files\xp codec pack\filters\dtsac3source.ax
+ ffdshow Audio Decoder   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ ffdshow Audio Processor   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ ffdshow raw video filter   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ ffdshow subtitles filter   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ ffdshow Video Decoder   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ File Source (MO3/XM/IT)         c:\program files\codecpack de elisoft\modtrack\modsource.ax
+ File Source (Monkey Audio)         c:\program files\k-lite codec pack\filters\monkeysource.ax
+ FLV Source   FLV Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV Source Filter   FLV Source Filter   (Not verified) SWiSHzone.com Pty Ltd   c:\program files\total video converter\flv.ax
+ FLV Splitter   FLV Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV4 Video Decoder   FLV Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ GPL MPEG-1/2 Decoder   GPL MPEG-1/2 Decoder Filter for DirectShow   (Not verified) Peter Wimmer, Gabest   c:\windows\system32\gplmpgdec.ax
+ Haali Matroska Muxer   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter (AR)   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Simple Media Splitter   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Video Renderer         c:\program files\k-lite codec pack\filters\haali\dxr.dll
+ Haali Video Sink   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ LAME MPEG Layer III Audio Encoder         c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
+ madFlac Decoder   DirectShow FLAC Decoder   (Not verified) www.madshi.net   c:\program files\k-lite codec pack\filters\madflac.ax
+ madFlac Source   DirectShow FLAC Decoder   (Not verified) www.madshi.net   c:\program files\k-lite codec pack\filters\madflac.ax
+ MainConcept DV Video Decoder   DirectShow DV Video Encoder and Decoder   (Not verified) MainConcept   c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ MainConcept DV Video Encoder   DirectShow DV Video Encoder and Decoder   (Not verified) MainConcept   c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ Matroska Source   Matroska Splitter   (Not verified) Gabest   c:\windows\system32\matroskasplitter.ax
+ Matroska Splitter   Matroska Splitter   (Not verified) Gabest   c:\windows\system32\matroskasplitter.ax
+ Microcrap MPEG-4 Video Decompressor   Microcrap MPEG-4 Video Decompressor   (Not verified) Microcrap Corporation   c:\program files\codecpack de elisoft\mpeg4\mpg4ds32.ax
+ MONOGRAM AMR Decoder   AMR Filter Pack   (Not verified) MONOGRAM Multimedia, s.r.o.   c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Encoder   AMR Filter Pack   (Not verified) MONOGRAM Multimedia, s.r.o.   c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Mux   AMR Filter Pack   (Not verified) MONOGRAM Multimedia, s.r.o.   c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Splitter   AMR Filter Pack   (Not verified) MONOGRAM Multimedia, s.r.o.   c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM Musepack Decoder   mmmpcdec      c:\program files\k-lite codec pack\filters\mmmpcdec.ax
+ MONOGRAM Musepack Splitter   mmmpcdmx      c:\program files\k-lite codec pack\filters\mmmpcdmx.ax
+ Morgan MJPEG Compressor   Morgan MJPEG Compressor   (Not verified) Morgan Multimedia   c:\program files\codecpack de elisoft\m3jpegv3\m3jpegenc.ax
+ Morgan MJPEG Decompressor   Morgan MJPEG Decompressor   (Not verified) Morgan Multimedia   c:\program files\codecpack de elisoft\m3jpegv3\m3jpegdec.ax
+ MotionWavelets Decompression Filter   MotionWavelets Video Codec   (Not verified) Aware Inc.   c:\program files\codecpack de elisoft\aware\icmw_32.dll
+ MP4 Source   MP4 Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MP4 Splitter   MP4 Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG Layer-3 Decoder   MPEG Layer-3 Audio Decoder   (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS   c:\windows\system32\l3codecx.ax
+ MPEG4 Video Source   MP4 Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG4 Video Splitter   MP4 Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPV Decoder Filter   MPEG-1/2 Decoder Filter for DirectShow   (Not verified) Gabest   c:\program files\total video converter\mpeg2decfilter.ax
+ NewSoft Audio Encoder Filter   Auido Encoder Filter   (Not verified) NewSoft    c:\program files\common files\newsoft\nsm2aenc.ax
+ NewSoft DeInterlace      (Not verified) Newsoft   c:\program files\common files\newsoft\nsdeinterlace.ax
+ NewSoft MPEG Video Decoder Filter   NewSoft MPEG Video Decoder Filter   (Not verified) NewSoft Corporation   c:\program files\common files\newsoft\nsm2vdec.ax
+ NewSoft MPEG Video Encoder Filter   MPEG Video Encoder Filter   (Not verified) NewSoft    c:\program files\common files\newsoft\nsm2venc.ax
+ Ogg Source   Ogg Splitter   (Not verified) Gabest   c:\windows\system32\oggsplitter.ax
+ Ogg Splitter   Ogg Splitter   (Not verified) Gabest   c:\windows\system32\oggsplitter.ax
+ P2G Audio Decoder   CyberLink Audio Decoder Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gaud.ax
+ P2G Audio Encoder   CyberLink Audio Encoder Filter   (Not verified) Cyberlink Corp.   c:\program files\cyberlink\power2go\p2gaudenc.ax
+ P2G Video Regulator   CyberLink Video Regulator   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gresample.ax
+ PICVideo Lossless JPEG Compressor   PICVideo Lossless JPEG Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo Lossless JPEG Decompressor   PICVideo Lossless JPEG Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo MJPEG Compressor   PICVideo Motion JPEG Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo MJPEG Decompressor   PICVideo Motion JPEG Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo Wavelet 2000 Compressor   PICVideo Wavelet Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ PICVideo Wavelet 2000 Decompressor   PICVideo Wavelet Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ QTSrc   CLQTSrc   (Not verified) Cyberlink   c:\program files\total video converter\quicktime.ax
+ RadLight APE DirectShow Filter   RLAPEDec   (Not verified) RadLight   c:\windows\system32\rlapedec.ax
+ RadLight MPC DirectShow Filter   RLMPCDec   (Not verified) RadLight   c:\windows\system32\rlmpcdec.ax
+ RadLight OptimFROG DirectShow Filter   RLOFRDec   (Not verified) RadLight   c:\windows\system32\rlofrdec.ax
+ RadLight TTA DirectShow Filter   RadLight TTA DirectShow Filter   (Not verified) RadLight   c:\windows\system32\rlttadec.ax
+ RealAudio Decoder   RealMedia Splitter   (Not verified) Gabest   c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Source   RealMedia Splitter   (Not verified) Gabest   c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Splitter   RealMedia Splitter   (Not verified) Gabest   c:\program files\total video converter\realmediasplitter.ax
+ RealVideo Decoder   RealMedia Splitter   (Not verified) Gabest   c:\program files\total video converter\realmediasplitter.ax
+ Sample Grabber Filter   Grabber Filter (Sample)   (Not verified) Microsoft Corporation   c:\windows\system32\samplegrabber.ax
+ T   VP6 Decompression Filter   (Not verified) On2.com Inc.   c:\program files\total video converter\vp6dec.ax
+ T   VP7 Decompression Filter   (Not verified) On2.com Inc.   c:\program files\k-lite codec pack\filters\vp7dec.ax
+ WavPack Audio Decoder   WavPack Audio DirectShow Decoder   (Not verified) -   c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax
+ WavPack Audio Splitter   WavPack Audio DirectShow Splitter   (Not verified) -   c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax
+ Windows Media Audio Decoder   Windows Media Audio Decoder   (Not verified) Microsoft Corporation   c:\windows\system32\msadds32.ax
+ Xvid MPEG-4 Video Decoder   xvid   (Not verified) http://www.xvid.org   c:\windows\system32\xvid.ax
HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance
HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance
HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\System\CurrentControlSet\Control\Session Manager\S0InitialCommand
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKCU\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
+ avgrsstx.dll   AVG Resident Shield Starter   (Verified) AVG Technologies   c:\windows\system32\avgrsstx.dll
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SaveDumpStart
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
+ mdnsNSP   Bonjour Namespace Provider   (Not verified) Apple Inc.   c:\program files\bonjour\mdnsnsp.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ BlueSoleil Print Port   BsMonSvr   (Not verified) IVT Corporation.   c:\windows\system32\bsmonsvr.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order

Mr_X · « **Respuesta #5 en:** 23 de Mayo de 2009, 07:43:27 am »

Baja el ComboFix, reinicia en Modo seguro, dale clic con el botón derecho y selecciona 'Ejecutar como Administrador'... Deja que termine y pega aquí el contenido del archivo C:\Combofix.txt

Sandino9 · « **Respuesta #6 en:** 23 de Mayo de 2009, 08:53:56 am »

Aqui lo tienes compañero:

Citar

ComboFix 09-05-22.05 - Aleksander 23/05/2009 8:40.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.34.3082.18.3070.2594 [GMT 2:00]
Running from: c:\program files\Combofix\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Internet Security Pro *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: AVG Anti-Virus *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Trend Micro Internet Security Pro *enabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\ALEKSA~1\AppData\Roaming\drivers\downld
c:\windows\system32\drivers\npf.sys
c:\windows\system32\nsprs.dll
c:\windows\system32\serauth1.dll
c:\windows\system32\serauth2.dll
c:\windows\system32\ssprs.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF

((((((((((((((((((((((((( Files Created from 2009-04-23 to 2009-05-23 )))))))))))))))))))))))))))))))
.

2009-05-23 06:45 . 2009-05-23 06:47   --------   d-----w   c:\users\Aleksander\AppData\Local\temp
2009-05-23 06:45 . 2009-05-23 06:47   --------   d-----w   c:\users\ALEKSA~1\AppData\Local\temp
2009-05-23 06:26 . 2009-05-23 06:26   --------   d-----w   c:\program files\Combofix
2009-05-22 19:00 . 2009-05-22 19:08   --------   d-----w   c:\program files\Autoruns
2009-05-22 14:29 . 2009-05-22 14:29   --------   d-----w   c:\program files\TcpView
2009-05-21 20:13 . 2009-05-21 23:58   --------   d-----w   c:\users\Aleksander\YOUTUBE SKANDINABO
2009-05-06 20:15 . 2009-05-06 20:19   --------   d-----w   c:\program files\SWF to Video Std
2009-05-05 22:06 . 2009-05-05 22:53   --------   d-----w   c:\program files\Total Video Converter
2009-05-04 19:37 . 2009-05-04 19:37   --------   d-----w   c:\users\Aleksander\AppData\Roaming\Eltima Software
2009-05-04 19:37 . 2009-05-04 19:37   --------   d-----w   c:\users\ALEKSA~1\AppData\Roaming\Eltima Software
2009-05-04 17:32 . 2009-05-04 17:34   --------   d-----w   c:\users\Aleksander\AppData\Roaming\Any Video Converter
2009-05-04 17:32 . 2009-05-04 17:34   --------   d-----w   c:\users\ALEKSA~1\AppData\Roaming\Any Video Converter
2009-05-04 16:14 . 2009-05-04 16:14   --------   d-----w   C:\Temp
2009-05-04 15:55 . 2009-05-04 15:56   --------   d-----w   c:\windows\system32\Adobe
2009-05-04 11:17 . 2009-05-04 11:17   --------   d-----w   c:\users\Aleksander\AppData\Roaming\Moyea
2009-05-04 11:17 . 2009-05-04 11:17   --------   d-----w   c:\users\ALEKSA~1\AppData\Roaming\Moyea
2009-05-04 09:20 . 2009-05-04 09:20   --------   d-----w   C:\DVDVideoSoft
2009-05-03 22:35 . 2009-05-03 22:35   --------   d-----w   c:\users\Aleksander\AppData\Roaming\vlc
2009-05-03 22:35 . 2009-05-03 22:35   --------   d-----w   c:\users\ALEKSA~1\AppData\Roaming\vlc
2009-05-01 21:47 . 2009-05-08 18:11   98304   ----a-w   c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEClient.dll
2009-05-01 21:47 . 2009-03-28 17:52   94208   ----a-w   c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEServer.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-23 06:48 . 2009-04-09 11:51   --------   d-----w   c:\program files\Steam gaming
2009-05-23 06:41 . 2008-12-09 17:09   --------   d-----w   c:\users\Aleksander\AppData\Roaming\drivers
2009-05-23 06:41 . 2008-12-09 17:09   --------   d-----w   c:\users\ALEKSA~1\AppData\Roaming\drivers
2009-05-23 06:33 . 2007-07-04 01:59   663382   ----a-w   c:\windows\system32\perfh00A.dat
2009-05-23 06:33 . 2007-07-04 01:59   127968   ----a-w   c:\windows\system32\perfc00A.dat
2009-05-22 15:33 . 2008-08-05 09:25   --------   d-----w   c:\users\Aleksander\AppData\Roaming\StarOffice8
2009-05-22 15:33 . 2008-08-05 09:25   --------   d-----w   c:\users\ALEKSA~1\AppData\Roaming\StarOffice8
2009-05-22 14:26 . 2009-01-06 21:49   --------   d-----w   c:\progra~2\Avg8
2009-05-21 21:53 . 2008-12-12 22:46   --------   d-----w   c:\users\Aleksander\AppData\Roaming\dvdcss
2009-05-21 21:53 . 2008-12-12 22:46   --------   d-----w   c:\users\ALEKSA~1\AppData\Roaming\dvdcss
2009-05-21 18:35 . 2008-07-21 18:26   --------   d-----w   c:\program files\ImTOO MPEG Encoder
2009-05-21 07:10 . 2009-04-09 11:51   --------   d-----w   c:\program files\Common Files\Steam
2009-05-13 10:33 . 2008-08-03 20:16   --------   d-----w   c:\progra~2\NVIDIA
2009-05-13 10:24 . 2006-11-02 11:18   --------   d-----w   c:\program files\Windows Mail
2009-05-06 07:43 . 2008-08-03 18:16   69928   ----a-w   c:\users\Aleksander\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-06 07:43 . 2008-08-03 18:16   69928   ----a-w   c:\users\ALEKSA~1\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-03 11:19 . 2008-08-22 10:11   --------   d-----w   c:\program files\Soldat
2009-04-27 07:55 . 2009-01-06 22:01   11952   ----a-w   c:\windows\system32\avgrsstx.dll
2009-04-27 07:55 . 2009-01-06 22:01   325896   ----a-w   c:\windows\system32\drivers\avgldx86.sys
2009-04-27 07:55 . 2009-01-06 22:01   27784   ----a-w   c:\windows\system32\drivers\avgmfx86.sys
2009-04-27 07:55 . 2009-01-07 08:33   108552   ----a-w   c:\windows\system32\drivers\avgtdix.sys
2009-04-27 07:55 . 2009-01-06 22:01   12552   ----a-w   c:\windows\system32\drivers\avgrkx86.sys
2009-04-20 12:20 . 2009-04-20 12:20   --------   d-----w   c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-20 12:20 . 2008-08-07 09:48   --------   d-----w   c:\program files\iTunes
2009-04-20 12:20 . 2009-04-20 12:20   --------   d-----w   c:\program files\iPod
2009-04-20 12:20 . 2008-08-07 09:49   --------   d-----w   c:\program files\Common Files\Apple
2009-04-20 12:19 . 2008-08-05 08:50   --------   d-----w   c:\program files\QuickTime
2009-04-16 10:42 . 2009-04-16 10:42   25280   ----a-w   c:\windows\system32\drivers\hamachi.sys
2009-04-09 14:43 . 2009-04-09 14:42   --------   d-----w   c:\program files\Rockstar Games
2009-04-09 14:43 . 2007-06-29 23:12   --------   d--h--w   c:\program files\InstallShield Installation Information
2009-04-09 14:03 . 2009-04-09 14:03   --------   d-----w   c:\program files\Microsoft Games for Windows - LIVE
2009-03-26 13:23 . 2009-03-26 13:23   36864   ----a-w   c:\windows\system32\drivers\usbaapl.sys
2009-03-26 13:23 . 2009-03-26 13:23   1900544   ----a-w   c:\windows\system32\usbaaplrc.dll
2009-03-25 08:43 . 2008-08-05 09:20   --------   d-----w   c:\program files\Java
2009-03-24 11:02 . 2009-03-14 10:45   --------   d-----w   c:\program files\MP3 Splitter and Joiner
2009-03-19 14:32 . 2009-04-20 12:20   23400   ----a-w   c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-17 03:38 . 2009-04-16 09:53   13824   ----a-w   c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 09:53   24064   ----a-w   c:\windows\system32\amxread.dll
2009-03-14 16:59 . 2008-08-22 12:18   102400   ----a-w   c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEClient_x86.dll
2009-03-09 04:19 . 2008-12-10 10:16   410984   ----a-w   c:\windows\system32\deploytk.dll
2009-03-08 11:34 . 2009-05-06 22:25   914944   ----a-w   c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-06 22:25   43008   ----a-w   c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-06 22:25   18944   ----a-w   c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-06 22:25   109056   ----a-w   c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-06 22:25   109568   ----a-w   c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-06 22:25   132608   ----a-w   c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-06 22:25   107520   ----a-w   c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-06 22:25   107008   ----a-w   c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-06 22:25   103936   ----a-w   c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-05-06 22:25   420352   ----a-w   c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-05-06 22:25   72704   ----a-w   c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-05-06 22:25   71680   ----a-w   c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-05-06 22:25   66560   ----a-w   c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-05-06 22:25   169472   ----a-w   c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-05-06 22:25   34816   ----a-w   c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-05-06 22:25   48128   ----a-w   c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-05-06 22:25   45568   ----a-w   c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-05-06 22:25   156160   ----a-w   c:\windows\system32\msls31.dll
2009-03-03 04:46 . 2009-04-16 09:54   3599328   ----a-w   c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-16 09:54   3547632   ----a-w   c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-16 09:54   183296   ----a-w   c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-16 09:54   551424   ----a-w   c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-16 09:54   26112   ----a-w   c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-16 09:54   98304   ----a-w   c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-16 09:54   44032   ----a-w   c:\windows\system32\iasdatastore.dll
2009-03-03 04:37 . 2009-04-16 09:54   54784   ----a-w   c:\windows\system32\iasads.dll
2009-03-03 03:04 . 2009-04-16 09:54   666624   ----a-w   c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-16 09:54   17408   ----a-w   c:\windows\system32\iashost.exe
2009-01-20 09:21 . 2009-01-20 09:19   24   --sh--w   c:\windows\S949CB655.tmp
2008-12-09 22:38 . 2008-12-09 21:41   2048   --sha-w   c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2008-12-09 22:38 . 2008-12-09 21:41   2048   --sha-w   c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
2007-03-07 12:54 . 2007-03-07 12:54   8192   --sha-w   c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam gaming\Steam.exe" [2009-05-19 1217784]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"RtHDVCpl"="c:\windows\RtHDVCpl.exe" [2007-05-10 4468736]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"BtTray"="c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe" [2008-08-04 226816]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"Skytel"="c:\windows\Skytel.exe" [2007-05-07 1826816]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-04-27 1947928]
"CloneCDTray"="c:\program files\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"VirtualDrive"="c:\program files\FarStone VirtualDrive\VDTask.exe" [2007-07-17 159744]
"RAMDrive"="c:\program files\FarStone VirtualDrive\VHD\RDTask.exe" [2007-03-02 135168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Ultra Hal Text-to-Speech Reader Startup.lnk - c:\windows\Installer\{96EF451E-A402-44D8-BAEE-D70D558A4122}\New_Shortcut_S1449_0EB7CDB78E0C4A918D2CA535D5B8160C.exe [2009-1-1 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8FD50CAA-DA6E-49DE-97DB-EEE58F080F9D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DA2647C2-60AE-4718-83D6-9DE9166F24B2}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4B977D33-56D3-43F6-9600-1F7B2D0D6FCF}"= UDP:c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe:BlueSoleilCS
"{5DE11D09-E27B-4B50-8F50-9E6FEE1A4793}"= TCP:c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe:BlueSoleilCS
"TCP Query User{D661DF78-3AF7-4D1D-9346-0FF43F5D2EAD}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{0E208C1E-81D5-4382-AECD-B1931378C22C}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{937F1135-9268-4E91-8BC1-F1C6AFFAA15D}c:\\program files\\soldat\\soldat.exe"= UDP:c:\program files\soldat\soldat.exe:Soldat
"UDP Query User{C5DB6CC0-F154-4A90-B5E9-1F0B0AC84EB0}c:\\program files\\soldat\\soldat.exe"= TCP:c:\program files\soldat\soldat.exe:Soldat
"{52C771B5-7B2C-4DD4-850E-0ED60C559364}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{9D35DB67-712A-40B0-B55B-C865A3C2603E}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{242D541C-563D-4371-8C50-98B4099C90F9}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{83ABE41D-9FF5-4E41-8A1F-D8D879524A97}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{0112677F-A917-4758-BC8B-E5FD430EC25D}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{50D4E9D6-D2B0-4181-9943-90B363B0C2EE}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{DDFC5427-6738-4FEE-B38D-3CDDE5CF33B6}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{02EBF8EA-BF2D-45B1-9E58-A03429AFA56F}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{98A5B811-E4BA-4FFB-A41C-BFC7864408DC}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{6DC40EC3-A3ED-4B2F-97FA-7ACA8B6A39D7}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{0C7256F5-E62F-4180-BC64-A0CCD889E503}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{55BB86E4-E19F-46B5-87F4-580F65C52DC7}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{7E45E62C-1E55-4AAD-8DE2-E20DC3582730}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{99239411-A47A-4B23-BA79-B94BE7D4311E}"= UDP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"{7F68DB5D-AF10-4A8D-93CE-89E025546BC1}"= TCP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"{0A78D595-DEC9-4DEA-95C4-5961CD7D0E55}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{F27E25CC-B93E-4E75-8590-8F58666207D1}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [07/01/2009 0:01 12552]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\drivers\BtHidBus.sys [31/07/2008 20:45 20616]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [07/01/2009 0:01 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [07/01/2009 10:33 108552]
R1 tmlwf;tmlwf;c:\windows\System32\drivers\tmlwf.sys [27/10/2007 2:53 141840]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [07/01/2009 22:05 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [07/01/2009 22:05 298776]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe [01/08/2008 15:55 143467]
R2 fsusd32;File System Camera Devices DLL;c:\windows\system32\rundll32.exe fsusd32.dll,yhyn --> c:\windows\system32\rundll32.exe fsusd32.dll,yhyn [?]
R2 tmevtmgr;tmevtmgr;c:\windows\System32\drivers\tmevtmgr.sys [17/09/2008 9:07 52240]
R2 tmpreflt;tmpreflt;c:\windows\System32\drivers\tmpreflt.sys [27/10/2007 2:53 36368]
R2 tmwfp;tmwfp;c:\windows\System32\drivers\tmwfp.sys [27/10/2007 2:53 228368]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\System32\drivers\IvtBtBus.sys [02/07/2008 14:58 26248]
R3 WL328F;WL382F Wireless LAN 11Mbps Adapter Service;c:\windows\System32\drivers\Atl2kR.sys [03/08/2008 20:42 93056]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [23/11/2008 16:47 33752]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\System32\drivers\LV532AV.SYS [31/01/2005 10:13 163328]
S3 TmPfw;TmPfw;

S3 tmproxy;tmproxy;

--- Other Services/Drivers In Memory ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.rebelion.org/
uInternet Settings,ProxyOverride = *.local
IE: Enviar por Bluetooth - c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
IE: Enviar por Mensaje (&M)... - c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
TCP: {B46632A7-6B24-4682-AB3B-FA60FC5BE0F7} = 80.58.0.33,80.58.32.97
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-23 08:48
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2806005705-1933095540-4221855803-1000\Software\SecuROM\License information*]
"datasecu"=hex:d2,b3,5f,de,f9,a4,03,a0,0b,dc,9e,06,1b,83,a9,dd,37,c6,49,91,ac,
61,43,83,51,58,26,44,b3,25,99,4b,7a,fd,fc,e3,1d,c9,42,3f,dd,44,58,ce,f8,9f,\
"rkeysecu"=hex:39,76,80,50,86,a4,f8,26,8b,3f,69,4e,e3,08,e0,b0
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(4088)
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\AVG\AVG8\avgam.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgemc.exe
c:\windows\System32\WUDFHost.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
c:\windows\System32\conime.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Loquendo\HalReader.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\spool\drivers\w32x86\3\WrtProc.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Steam\SteamService.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Completion time: 2009-05-23 8:52 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-23 06:52

Pre-Run: El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
Post-Run: 127.650.349.056 bytes libres

282   --- E O F ---   2009-05-19 07:54

Sandino9 · « **Respuesta #7 en:** 23 de Mayo de 2009, 07:33:48 pm »

Bueno, yo no tengo ni idea de las cosas que pone alli. Tengo el adaptador wifi del ordenador vista apagado para que no esté mandando cosas, que aver si telefónica me cierra la linea :S

¿Qué más puedo hacer?

Mr_X · « **Respuesta #8 en:** 23 de Mayo de 2009, 07:37:55 pm »

¿Notaste cambios? Saca nuevos logs del HijackThis y Autoruns...

Sandino9 · « **Respuesta #9 en:** 23 de Mayo de 2009, 08:05:02 pm »

No, ningún cambio; la sigue mandando cosas masivamente.

De todas formas, aqui estan los logs:

HiJack:

Citar

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:02, on 23/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rebelion.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [JMB36X IDE Setup] "C:\Windows\RaidTool\xInsIDE.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Windows\RtHDVCpl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] "C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Skytel] "C:\Windows\Skytel.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam gaming\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Ultra Hal Text-to-Speech Reader Startup.lnk = ?
O8 - Extra context menu item: Enviar por Bluetooth - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Enviar por Mensaje (&M)... - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B46632A7-6B24-4682-AB3B-FA60FC5BE0F7}: NameServer = 80.58.0.33,80.58.32.97
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TMBMServer - Trend Micro Inc. - (no file)
O23 - Service: TmPfw - Trend Micro Inc. - (no file)
O23 - Service: tmproxy - Trend Micro Inc. - (no file)

--
End of file - 7832 bytes

Autoruns:

Citar

HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ Adobe Reader Speed Launcher   Adobe Acrobat SpeedLauncher   (Verified) Adobe Systems, Incorporated   c:\program files\adobe\reader 9.0\reader\reader_sl.exe
+ AppleSyncNotifier   AppleSyncNotifier   (Verified) Apple Inc.   c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe
+ AVG8_TRAY   AVG Tray Monitor   (Verified) AVG Technologies   c:\program files\avg\avg8\avgtray.exe
+ BtTray   BlueSoleil Bttray      c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bttray.exe
+ CanonSolutionMenu   CNSLMAIN   (Verified) Canon Inc.   c:\program files\canon\solutionmenu\cnslmain.exe
+ CloneCDTray   CloneCD Tray   (Not verified) SlySoft, Inc.   c:\program files\clonecd\clonecdtray.exe
+ iTunesHelper   iTunesHelper Module   (Verified) Apple Inc.   c:\program files\itunes\ituneshelper.exe
+ JMB36X IDE Setup         c:\windows\raidtool\xinside.exe
+ OpwareSE4   OCR Aware   (Verified) Nuance Communications, Inc.   c:\program files\scansoft\omnipagese4\opwarese4.exe
+ QuickTime Task   QuickTime Task   (Not verified) Apple Inc.   c:\program files\quicktime\qttask.exe
+ RAMDrive   RDTask Microsoft ???????   (Not verified) FarStone Technology, Inc.   c:\program files\farstone virtualdrive\vhd\rdtask.exe
+ SSBkgdUpdate   SSBkgdUpdate   (Verified) Nuance Communications, Inc.   c:\program files\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe
+ SunJavaUpdateSched   Java(TM) Platform SE binary   (Verified) Sun Microsystems, Inc.   c:\program files\java\jre6\bin\jusched.exe
+ VirtualDrive   VirtualDrive VDTask   (Not verified) FarStone Technology Inc.   c:\program files\farstone virtualdrive\vdtask.exe
+ WrtMon.exe   NsWrtMon Microsoft Base Class Application      c:\windows\system32\spool\drivers\w32x86\3\wrtmon.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
+ Ultra Hal Text-to-Speech Reader Startup.lnk   InstallShield   (Not verified) InstallShield Software Corp.   c:\windows\installer\{96ef451e-a402-44d8-baee-d70d558a4122}\new_shortcut_s1449_0eb7cdb78e0c4a918d2ca535d5b8160c.exe
C:\Users\Aleksander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ Steam   Steam   (Verified) Valve   c:\program files\steam gaming\steam.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
+ linkscanner   Safe Search pluggable protocol   (Verified) AVG Technologies   c:\program files\avg\avg8\avgpp.dll
+ skype4com   Skype for COM API   (Verified) Skype Technologies SA   c:\windows\system32\skype4com.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension   AVG Shell Extension   (Verified) AVG Technologies   c:\program files\avg\avg8\avgse.dll
+ MakeFile_VDGD Class   VDShell Module   (Not verified) FarStone Technology Inc.   c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\Shellex\DragDropHandlers
HKLM\Software\Classes\Directory\Shellex\DragDropHandlers
HKCU\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKCU\Software\Classes\Directory\Shellex\CopyHookHandlers
HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers
+ IVTCopyMonitor   BluetoothManager Module      c:\windows\system32\bsshell.dll
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
+ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell Extension   PDF Shell Extension   (Verified) Adobe Systems, Incorporated   c:\program files\common files\adobe\acrobat\activex\pdfshell.dll
HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension   AVG Shell Extension   (Verified) AVG Technologies   c:\program files\avg\avg8\avgse.dll
+ FolderShell_VDGD Class   VDShell Module   (Not verified) FarStone Technology Inc.   c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ AVG8 Shell Extension   AVG Shell Extension   (Verified) AVG Technologies   c:\program files\avg\avg8\avgse.dll
+ iTunes   iTunes Mini Player DLL   (Verified) Apple Inc.   c:\program files\itunes\itunesminiplayer.dll
+ OpenOffice.org Column Handler      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Infotip Handler      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Property Sheet Handler      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Thumbnail Viewer      (Not verified) Sun Microsystems, Inc.   c:\program files\staroffice\program\shlxthdl.dll
+ Skladnik rozszerzenia powloki CorelDRAW   Shell Extension DLL   (Not verified) Corel Corporation   c:\program files\corel\corel graphics 11\draw\cdrviewer\crlshell110.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ Adobe PDF Link Helper   Adobe PDF Helper for Internet Explorer   (Verified) Adobe Systems, Incorporated   c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
+ AVG Safe Search   Safe Search for Internet Explorer   (Verified) AVG Technologies   c:\program files\avg\avg8\avgssie.dll
+ AVGTOOLBAR   AVG Security Toolbar   (Verified) AVG Technologies   c:\program files\avg\avg8\avgtoolbar.dll
+ Java(tm) Plug-In 2 SSV Helper   Java(TM) Platform SE binary   (Not verified) Sun Microsystems, Inc.   c:\program files\java\jre6\bin\jp2ssv.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ aawservice   Ad-Aware service      File not found: C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
+ Apple Mobile Device   Proporciona la interfaz a los dispositivos móviles de Apple.   (Verified) Apple Inc.   c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
+ avg8emc   AVG E-Mail Scanner   (Verified) AVG Technologies   c:\program files\avg\avg8\avgemc.exe
+ avg8wd   AVG Watchdog Service   (Verified) AVG Technologies   c:\program files\avg\avg8\avgwdsvc.exe
+ BlueSoleilCS   Manages bluetooth hardware and provides bluetooth functions.      c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bluesoleilcs.exe
+ Bonjour Service   Bonjour permite que aplicaciones como iTunes y Safari anuncien y descubran servicios en la red local. Si tiene Bonjour en ejecución, le permitirá conectarse con dispositivos hardware como el Apple TV y con servicios de software, como archivos compartidos de iTunes y AirTunes. Si desactiva Bonjour, los servicios de red que dependan de él explícitamente no se podrán iniciar.   (Verified) Apple Inc.   c:\program files\bonjour\mdnsresponder.exe
+ BsHelpCS   BsHelpCS Module      c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bshelpcs.exe
+ BsMobileCS   BsMobileCS Module      c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bsmobilecs.exe
+ fsusd32   File System Camera Devices DLL   (Not verified) Microsoft Corporation   c:\windows\system32\fsusd32.dll
+ getPlus(R) Helper   getPlus(R) Helper   (Verified) Adobe Systems Incorporated   c:\program files\nos\bin\getplus_helpersvc.exe
+ IDriverT   Provides support for the Running Object Table for InstallShield Drivers   (Not verified) Macrovision Corporation   c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe
+ iPod Service   Servicios de administración del hardware del iPod   (Verified) Apple Inc.   c:\program files\ipod\bin\ipodservice.exe
+ Steam Client Service   Steam Client Service monitors and updates Steam content   (Verified) Valve   c:\program files\common files\steam\steamservice.exe
HKLM\System\CurrentControlSet\Services
+ AvgLdx86   AVG AVI Loader Driver   (Verified) AVG Technologies   c:\windows\system32\drivers\avgldx86.sys
+ AvgMfx86   AVG Resident Shield Minifilter Driver   (Verified) AVG Technologies   c:\windows\system32\drivers\avgmfx86.sys
+ AvgRkx86   AVG Anti-Rootkit Driver   (Verified) AVG Technologies   c:\windows\system32\drivers\avgrkx86.sys
+ AvgTdiX   AVG Network connection watcher   (Verified) AVG Technologies   c:\windows\system32\drivers\avgtdix.sys
+ ElbyCDFL   ElbyCDIO Filter Driver   (Not verified) SlySoft, Inc.   c:\windows\system32\drivers\elbycdfl.sys
+ ElbyCDIO   ElbyCD Windows NT/2000/XP I/O driver   (Not verified) Elaborate Bytes AG   c:\windows\system32\drivers\elbycdio.sys
+ fcdabus   FarStone Bus Enumerator   (Verified) Farstone Technology Inc   c:\windows\system32\drivers\fcdabus.sys
+ fsRamDsk      (Verified) Farstone Technology Inc   c:\windows\system32\drivers\fsramdsk.sys
+ FVXSCSI   FarStone SCSI Miniport    (Verified) Farstone Technology Inc   c:\windows\system32\drivers\fvxscsi.sys
+ hamachi   Hamachi Virtual Network Interface Driver   (Verified) LogMeIn, Inc.   c:\windows\system32\drivers\hamachi.sys
+ sptd         c:\windows\system32\drivers\sptd.sys
+ tmactmon   TrendMicro Activity Monitor Module   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmactmon.sys
+ tmcomm   TrendMicro Common Module   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmcomm.sys
+ tmevtmgr   TrendMicro Event Management Module   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmevtmgr.sys
+ tmpreflt   Trend Filter Driver   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmpreflt.sys
+ tmxpflt   Trend Functionality Driver   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\tmxpflt.sys
+ vsapint   Trend Virus ScanEngine   (Verified) Trend Micro, Inc.   c:\windows\system32\drivers\vsapint.sys
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
+ msacm.ac3acm   AC-3 ACM Codec   (Not verified) fccHandler   c:\windows\system32\ac3acm.acm
+ msacm.ac3filter         c:\windows\system32\ac3filter.acm
+ msacm.clmp3enc   CLMP3Enc   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\clmp3enc.acm
+ msacm.divxa32   DivX WMA Audi   (Not verified) Kristal Studi   c:\windows\system32\divxa32.acm
+ msacm.l3fhg   MPEG Audio Layer-3 Codec for MSACM   (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS   c:\windows\system32\mp3fhg.acm
+ msacm.lameacm   Lame MP3 codec engine   (Not verified) http://www.mp3dev.org/   c:\windows\system32\lameacm.acm
+ msacm.msaudio1   Windows Media Audio   (Not verified) Microsoft Corporation   c:\windows\system32\msaud32.acm
+ msacm.sl_anet   Audio codec for MS ACM   (Not verified) Sipro Lab Telecom Inc.   c:\windows\system32\sl_anet.acm
+ msacm.vorbis   Ogg Vorbis CODEC for MSACM   (Not verified) HMS http://hp.vector.co.jp/authors/VA012897/   c:\windows\system32\vorbis.acm
+ VIDC.DIVX   DivX   (Not verified) DivX, Inc.   c:\windows\system32\divx.dll
+ VIDC.FFDS   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ VIDC.HFYU   Huffyuv lossless video codec   (Not verified) Disappearing Inc.   c:\windows\system32\huffyuv.dll
+ vidc.i263   Intel I.263 Video Driver 2.55.012   (Not verified) Intel Corporation   c:\windows\system32\i263_32.drv
+ VIDC.VP60   VP6 VIDEO FOR WINDOWS CODEC    (Not verified) On2.com   c:\windows\system32\vp6vfw.dll
+ VIDC.VP61   VP6 VIDEO FOR WINDOWS CODEC    (Not verified) On2.com   c:\windows\system32\vp6vfw.dll
+ VIDC.VP62   VP6 VIDEO FOR WINDOWS CODEC    (Not verified) On2.com   c:\windows\system32\vp6vfw.dll
+ VIDC.VP70   VP70 VIDEO FOR WINDOWS CODEC    (Not verified) On2.com   c:\windows\system32\vp7vfw.dll
+ VIDC.X264         c:\windows\system32\x264vfw.dll
+ VIDC.XVID         c:\windows\system32\xvidvfw.dll
+ VIDC.YV12   Helix YV12 YUV Codec   (Not verified) www.helixcommunity.org   c:\windows\system32\yv12vfw.dll
HKLM\Software\Classes\Filter
+ LAME MPEG Layer III Audio Encoder         c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
+ 3ivx Audio Decoder   3ivx D4 4.5 DirectShow Audio Decoder   (Not verified) 3ivx.com   c:\program files\codecpack de elisoft\3ivx\3ivxdsaudiodecoder.ax
+ 3ivx D4 Audio Encoder   3ivx D4 4.5 DirectShow Audio Encoder   (Not verified) 3ivx.com   c:\program files\codecpack de elisoft\3ivx\3ivxdsaudioencoder.ax
+ 3ivx Media Splitter   3ivx D4 4.5 DirectShow Media Splitter   (Not verified) 3ivx.com   c:\program files\codecpack de elisoft\3ivx\3ivxdsmediasplitter.ax
+ aac_parser   Direct show parser filter for ADTS      c:\program files\codecpack de elisoft\aac\aac_parser.ax
+ AC3File         c:\program files\k-lite codec pack\filters\ac3file.ax
+ AC3Filter   ac3filter      c:\program files\total video converter\ac3filter.cpl
+ Avi Source   Avi Splitter   (Not verified) Gabest   c:\windows\system32\avisplitter.ax
+ Avi Splitter   Avi Splitter   (Not verified) Gabest   c:\windows\system32\avisplitter.ax
+ AVI2AC3         c:\program files\codecpack de elisoft\dts\avi2ac3dts.ax
+ CDXA Reader   CDXA Reader Filter   (Not verified) Gabest   c:\windows\system32\cdxareader.ax
+ CoreAAC Audio Decoder   CoreAAC      c:\windows\system32\coreaac.ax
+ CoreFLAC Audio Decoder   CoreFLAC Audio Decoder & Source DirectShow Filter   (Not verified) -   c:\windows\system32\coreflacdecoder.ax
+ CoreFLAC Audio Source   CoreFLAC Audio Decoder & Source DirectShow Filter   (Not verified) -   c:\windows\system32\coreflacdecoder.ax
+ CoreVorbis Audio Decoder   CoreVorbis   (Not verified) -   c:\windows\system32\corevorbis.ax
+ CyberLink Audio Noise Reduction   CLAuNR   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gaunrwrapper.ax
+ CyberLink Audio Resampler   CLAuRsmpl.ax   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gaursmpl.ax
+ CyberLink Audio VolumeBooster   CyberLink Audio Volume Booster Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gvb.ax
+ CyberLink AudioCD Filter   CyberLink AudioCD Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gaudiocd.ax
+ Cyberlink Dump Dispatch Filter   Cyberlink File Dump Dispatch Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gdumpdispatch.ax
+ Cyberlink Dump Filter   Cyberlink File Dump Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gdump.ax
+ CyberLink Editing Service 3.0 (Source)   CES Kernel   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gedtkrn.dll
+ Cyberlink File Reader (Async.)   Cyberlink MPEG File Reader   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2greader.ax
+ CyberLink Load Image Filter   CLImage   (Not verified) CyberLink   c:\program files\cyberlink\shared files\climage.ax
+ CyberLink LPCM Converter   LPCM Converter Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2glpcmcvrt.ax
+ CyberLink M2V Writer   CLM2VWriter   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gm2vwriter.ax
+ CyberLink MP3/WAV Wrapper   CyberLink MP3 Wrapper   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gmp3wrap.ax
+ CyberLink MPEG Decoder   CyberLink Video/SP Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gmvd.ax
+ CyberLink MPEG Muxer   MpgMux   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gmpgmux.ax
+ CyberLink MPEG Video Encoder   CyberLink MPEG Video Encoder     (Not verified) CyberLink Corp.    c:\program files\cyberlink\power2go\p2gvidenc.ax
+ CyberLink MPEG-1 Splitter   CyberLink MPEG Splitter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gm1spliter.ax
+ CyberLink MPEG-2 Splitter   CyberLink MPEG Splitter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gm2spliter.ax
+ CyberLink PCM Wrapper   CyberLink PCM Wrapper   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gpcmenc.ax
+ CyberLink TimeStretch Filter (CES)   CLAuTS.ax   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gauts.ax
+ CyberLink TL MPEG Splitter   CyberLink MPEG Splitter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gtlmsplter.ax
+ CyberLink Video Effect   CLVidFx   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gvidfx.ax
+ CyberLink Video Regulator   CLRGL   (Not verified) Cyberlink   c:\program files\cyberlink\power2go\p2grgl.ax
+ CyberLink Video Stabilizer   CLVideoDeShaking   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gvideostabilizer.ax
+ CyberLink Video/SP Decoder   CyberLink Video/SP Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gvsd.ax
+ DC-Bass Source   DirectShow™ Audio Decoder   (Not verified) http://www.dsp-worx.de   c:\program files\k-lite codec pack\filters\dcbasssource.ax
+ DirectVobSub   VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth   (Not verified) Gabest   c:\windows\system32\vsfilter.dll
+ DirectVobSub (auto-loading version)   VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth   (Not verified) Gabest   c:\windows\system32\vsfilter.dll
+ DivX Decoder Filter   DivX® Decoder Filter   (Not verified) DivXNetworks, Inc.   c:\program files\codecpack de elisoft\divx511\divxdec.ax
+ DTS/AC3/DD+ Source   DTS/AC3 Sorce Filter   (Not verified) Gabest   c:\program files\xp codec pack\filters\dtsac3source.ax
+ ffdshow Audio Decoder   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ ffdshow Audio Processor   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ ffdshow raw video filter   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ ffdshow subtitles filter   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ ffdshow Video Decoder   DirectShow and VFW video and audio decoding/encoding/processing filter      c:\windows\system32\ffdshow.ax
+ File Source (MO3/XM/IT)         c:\program files\codecpack de elisoft\modtrack\modsource.ax
+ File Source (Monkey Audio)         c:\program files\k-lite codec pack\filters\monkeysource.ax
+ FLV Source   FLV Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV Source Filter   FLV Source Filter   (Not verified) SWiSHzone.com Pty Ltd   c:\program files\total video converter\flv.ax
+ FLV Splitter   FLV Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV4 Video Decoder   FLV Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ GPL MPEG-1/2 Decoder   GPL MPEG-1/2 Decoder Filter for DirectShow   (Not verified) Peter Wimmer, Gabest   c:\windows\system32\gplmpgdec.ax
+ Haali Matroska Muxer   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter (AR)   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Simple Media Splitter   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Video Renderer         c:\program files\k-lite codec pack\filters\haali\dxr.dll
+ Haali Video Sink   Haali Media Splitter      c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ LAME MPEG Layer III Audio Encoder         c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
+ madFlac Decoder   DirectShow FLAC Decoder   (Not verified) www.madshi.net   c:\program files\k-lite codec pack\filters\madflac.ax
+ madFlac Source   DirectShow FLAC Decoder   (Not verified) www.madshi.net   c:\program files\k-lite codec pack\filters\madflac.ax
+ MainConcept DV Video Decoder   DirectShow DV Video Encoder and Decoder   (Not verified) MainConcept   c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ MainConcept DV Video Encoder   DirectShow DV Video Encoder and Decoder   (Not verified) MainConcept   c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ Matroska Source   Matroska Splitter   (Not verified) Gabest   c:\windows\system32\matroskasplitter.ax
+ Matroska Splitter   Matroska Splitter   (Not verified) Gabest   c:\windows\system32\matroskasplitter.ax
+ Microcrap MPEG-4 Video Decompressor   Microcrap MPEG-4 Video Decompressor   (Not verified) Microcrap Corporation   c:\program files\codecpack de elisoft\mpeg4\mpg4ds32.ax
+ MONOGRAM AMR Decoder   AMR Filter Pack   (Not verified) MONOGRAM Multimedia, s.r.o.   c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Encoder   AMR Filter Pack   (Not verified) MONOGRAM Multimedia, s.r.o.   c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Mux   AMR Filter Pack   (Not verified) MONOGRAM Multimedia, s.r.o.   c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Splitter   AMR Filter Pack   (Not verified) MONOGRAM Multimedia, s.r.o.   c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM Musepack Decoder   mmmpcdec      c:\program files\k-lite codec pack\filters\mmmpcdec.ax
+ MONOGRAM Musepack Splitter   mmmpcdmx      c:\program files\k-lite codec pack\filters\mmmpcdmx.ax
+ Morgan MJPEG Compressor   Morgan MJPEG Compressor   (Not verified) Morgan Multimedia   c:\program files\codecpack de elisoft\m3jpegv3\m3jpegenc.ax
+ Morgan MJPEG Decompressor   Morgan MJPEG Decompressor   (Not verified) Morgan Multimedia   c:\program files\codecpack de elisoft\m3jpegv3\m3jpegdec.ax
+ MotionWavelets Decompression Filter   MotionWavelets Video Codec   (Not verified) Aware Inc.   c:\program files\codecpack de elisoft\aware\icmw_32.dll
+ MP4 Source   MP4 Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MP4 Splitter   MP4 Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG Layer-3 Decoder   MPEG Layer-3 Audio Decoder   (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS   c:\windows\system32\l3codecx.ax
+ MPEG4 Video Source   MP4 Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG4 Video Splitter   MP4 Splitter   (Not verified) Gabest   c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPV Decoder Filter   MPEG-1/2 Decoder Filter for DirectShow   (Not verified) Gabest   c:\program files\total video converter\mpeg2decfilter.ax
+ NewSoft Audio Encoder Filter   Auido Encoder Filter   (Not verified) NewSoft    c:\program files\common files\newsoft\nsm2aenc.ax
+ NewSoft DeInterlace      (Not verified) Newsoft   c:\program files\common files\newsoft\nsdeinterlace.ax
+ NewSoft MPEG Video Decoder Filter   NewSoft MPEG Video Decoder Filter   (Not verified) NewSoft Corporation   c:\program files\common files\newsoft\nsm2vdec.ax
+ NewSoft MPEG Video Encoder Filter   MPEG Video Encoder Filter   (Not verified) NewSoft    c:\program files\common files\newsoft\nsm2venc.ax
+ Ogg Source   Ogg Splitter   (Not verified) Gabest   c:\windows\system32\oggsplitter.ax
+ Ogg Splitter   Ogg Splitter   (Not verified) Gabest   c:\windows\system32\oggsplitter.ax
+ P2G Audio Decoder   CyberLink Audio Decoder Filter   (Not verified) CyberLink Corp.   c:\program files\cyberlink\power2go\p2gaud.ax
+ P2G Audio Encoder   CyberLink Audio Encoder Filter   (Not verified) Cyberlink Corp.   c:\program files\cyberlink\power2go\p2gaudenc.ax
+ P2G Video Regulator   CyberLink Video Regulator   (Not verified) CyberLink   c:\program files\cyberlink\power2go\p2gresample.ax
+ PICVideo Lossless JPEG Compressor   PICVideo Lossless JPEG Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo Lossless JPEG Decompressor   PICVideo Lossless JPEG Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo MJPEG Compressor   PICVideo Motion JPEG Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo MJPEG Decompressor   PICVideo Motion JPEG Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo Wavelet 2000 Compressor   PICVideo Wavelet Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ PICVideo Wavelet 2000 Decompressor   PICVideo Wavelet Compressor   (Not verified) Pegasus Imaging Corporation   c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ QTSrc   CLQTSrc   (Not verified) Cyberlink   c:\program files\total video converter\quicktime.ax
+ RadLight APE DirectShow Filter   RLAPEDec   (Not verified) RadLight   c:\windows\system32\rlapedec.ax
+ RadLight MPC DirectShow Filter   RLMPCDec   (Not verified) RadLight   c:\windows\system32\rlmpcdec.ax
+ RadLight OptimFROG DirectShow Filter   RLOFRDec   (Not verified) RadLight   c:\windows\system32\rlofrdec.ax
+ RadLight TTA DirectShow Filter   RadLight TTA DirectShow Filter   (Not verified) RadLight   c:\windows\system32\rlttadec.ax
+ RealAudio Decoder   RealMedia Splitter   (Not verified) Gabest   c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Source   RealMedia Splitter   (Not verified) Gabest   c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Splitter   RealMedia Splitter   (Not verified) Gabest   c:\program files\total video converter\realmediasplitter.ax
+ RealVideo Decoder   RealMedia Splitter   (Not verified) Gabest   c:\program files\total video converter\realmediasplitter.ax
+ Sample Grabber Filter   Grabber Filter (Sample)   (Not verified) Microsoft Corporation   c:\windows\system32\samplegrabber.ax
+ T   VP6 Decompression Filter   (Not verified) On2.com Inc.   c:\program files\total video converter\vp6dec.ax
+ T   VP7 Decompression Filter   (Not verified) On2.com Inc.   c:\program files\k-lite codec pack\filters\vp7dec.ax
+ WavPack Audio Decoder   WavPack Audio DirectShow Decoder   (Not verified) -   c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax
+ WavPack Audio Splitter   WavPack Audio DirectShow Splitter   (Not verified) -   c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax
+ Windows Media Audio Decoder   Windows Media Audio Decoder   (Not verified) Microsoft Corporation   c:\windows\system32\msadds32.ax
+ Xvid MPEG-4 Video Decoder   xvid   (Not verified) http://www.xvid.org   c:\windows\system32\xvid.ax
HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance
HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance
HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\System\CurrentControlSet\Control\Session Manager\S0InitialCommand
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKCU\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
+ avgrsstx.dll   AVG Resident Shield Starter   (Verified) AVG Technologies   c:\windows\system32\avgrsstx.dll
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SaveDumpStart
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
+ mdnsNSP   Bonjour Namespace Provider   (Not verified) Apple Inc.   c:\program files\bonjour\mdnsnsp.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ BlueSoleil Print Port   BsMonSvr   (Not verified) IVT Corporation.   c:\windows\system32\bsmonsvr.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order

¿Y ahora qué?

Noticias:

Autor Tema: SMTP y actividad continua (Leído 11527 veces)

Sandino9

SMTP y actividad continua

Mr_X

Re: SMTP y actividad continua

Sandino9

Re: SMTP y actividad continua

Mr_X

Re: SMTP y actividad continua

Sandino9

Re: SMTP y actividad continua

Mr_X

Re: SMTP y actividad continua

Sandino9

Re: SMTP y actividad continua

Sandino9

Re: SMTP y actividad continua

Mr_X

Re: SMTP y actividad continua

Sandino9

Re: SMTP y actividad continua