SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
SMTP y actividad continua
Mr_X:
Baja el ComboFix, reinicia en Modo seguro, dale clic con el botón derecho y selecciona 'Ejecutar como Administrador'... Deja que termine y pega aquí el contenido del archivo C:\Combofix.txt
Sandino9:
Aqui lo tienes compañero:
--- Citar ---ComboFix 09-05-22.05 - Aleksander 23/05/2009 8:40.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.34.3082.18.3070.2594 [GMT 2:00]
Running from: c:\program files\Combofix\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Internet Security Pro *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: AVG Anti-Virus *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Trend Micro Internet Security Pro *enabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\ALEKSA~1\AppData\Roaming\drivers\downld
c:\windows\system32\drivers\npf.sys
c:\windows\system32\nsprs.dll
c:\windows\system32\serauth1.dll
c:\windows\system32\serauth2.dll
c:\windows\system32\ssprs.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2009-04-23 to 2009-05-23 )))))))))))))))))))))))))))))))
.
2009-05-23 06:45 . 2009-05-23 06:47 -------- d-----w c:\users\Aleksander\AppData\Local\temp
2009-05-23 06:45 . 2009-05-23 06:47 -------- d-----w c:\users\ALEKSA~1\AppData\Local\temp
2009-05-23 06:26 . 2009-05-23 06:26 -------- d-----w c:\program files\Combofix
2009-05-22 19:00 . 2009-05-22 19:08 -------- d-----w c:\program files\Autoruns
2009-05-22 14:29 . 2009-05-22 14:29 -------- d-----w c:\program files\TcpView
2009-05-21 20:13 . 2009-05-21 23:58 -------- d-----w c:\users\Aleksander\YOUTUBE SKANDINABO
2009-05-06 20:15 . 2009-05-06 20:19 -------- d-----w c:\program files\SWF to Video Std
2009-05-05 22:06 . 2009-05-05 22:53 -------- d-----w c:\program files\Total Video Converter
2009-05-04 19:37 . 2009-05-04 19:37 -------- d-----w c:\users\Aleksander\AppData\Roaming\Eltima Software
2009-05-04 19:37 . 2009-05-04 19:37 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\Eltima Software
2009-05-04 17:32 . 2009-05-04 17:34 -------- d-----w c:\users\Aleksander\AppData\Roaming\Any Video Converter
2009-05-04 17:32 . 2009-05-04 17:34 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\Any Video Converter
2009-05-04 16:14 . 2009-05-04 16:14 -------- d-----w C:\Temp
2009-05-04 15:55 . 2009-05-04 15:56 -------- d-----w c:\windows\system32\Adobe
2009-05-04 11:17 . 2009-05-04 11:17 -------- d-----w c:\users\Aleksander\AppData\Roaming\Moyea
2009-05-04 11:17 . 2009-05-04 11:17 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\Moyea
2009-05-04 09:20 . 2009-05-04 09:20 -------- d-----w C:\DVDVideoSoft
2009-05-03 22:35 . 2009-05-03 22:35 -------- d-----w c:\users\Aleksander\AppData\Roaming\vlc
2009-05-03 22:35 . 2009-05-03 22:35 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\vlc
2009-05-01 21:47 . 2009-05-08 18:11 98304 ----a-w c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEClient.dll
2009-05-01 21:47 . 2009-03-28 17:52 94208 ----a-w c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEServer.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-23 06:48 . 2009-04-09 11:51 -------- d-----w c:\program files\Steam gaming
2009-05-23 06:41 . 2008-12-09 17:09 -------- d-----w c:\users\Aleksander\AppData\Roaming\drivers
2009-05-23 06:41 . 2008-12-09 17:09 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\drivers
2009-05-23 06:33 . 2007-07-04 01:59 663382 ----a-w c:\windows\system32\perfh00A.dat
2009-05-23 06:33 . 2007-07-04 01:59 127968 ----a-w c:\windows\system32\perfc00A.dat
2009-05-22 15:33 . 2008-08-05 09:25 -------- d-----w c:\users\Aleksander\AppData\Roaming\StarOffice8
2009-05-22 15:33 . 2008-08-05 09:25 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\StarOffice8
2009-05-22 14:26 . 2009-01-06 21:49 -------- d-----w c:\progra~2\Avg8
2009-05-21 21:53 . 2008-12-12 22:46 -------- d-----w c:\users\Aleksander\AppData\Roaming\dvdcss
2009-05-21 21:53 . 2008-12-12 22:46 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\dvdcss
2009-05-21 18:35 . 2008-07-21 18:26 -------- d-----w c:\program files\ImTOO MPEG Encoder
2009-05-21 07:10 . 2009-04-09 11:51 -------- d-----w c:\program files\Common Files\Steam
2009-05-13 10:33 . 2008-08-03 20:16 -------- d-----w c:\progra~2\NVIDIA
2009-05-13 10:24 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-06 07:43 . 2008-08-03 18:16 69928 ----a-w c:\users\Aleksander\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-06 07:43 . 2008-08-03 18:16 69928 ----a-w c:\users\ALEKSA~1\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-03 11:19 . 2008-08-22 10:11 -------- d-----w c:\program files\Soldat
2009-04-27 07:55 . 2009-01-06 22:01 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-04-27 07:55 . 2009-01-06 22:01 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-04-27 07:55 . 2009-01-06 22:01 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-04-27 07:55 . 2009-01-07 08:33 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-04-27 07:55 . 2009-01-06 22:01 12552 ----a-w c:\windows\system32\drivers\avgrkx86.sys
2009-04-20 12:20 . 2009-04-20 12:20 -------- d-----w c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-20 12:20 . 2008-08-07 09:48 -------- d-----w c:\program files\iTunes
2009-04-20 12:20 . 2009-04-20 12:20 -------- d-----w c:\program files\iPod
2009-04-20 12:20 . 2008-08-07 09:49 -------- d-----w c:\program files\Common Files\Apple
2009-04-20 12:19 . 2008-08-05 08:50 -------- d-----w c:\program files\QuickTime
2009-04-16 10:42 . 2009-04-16 10:42 25280 ----a-w c:\windows\system32\drivers\hamachi.sys
2009-04-09 14:43 . 2009-04-09 14:42 -------- d-----w c:\program files\Rockstar Games
2009-04-09 14:43 . 2007-06-29 23:12 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-09 14:03 . 2009-04-09 14:03 -------- d-----w c:\program files\Microsoft Games for Windows - LIVE
2009-03-26 13:23 . 2009-03-26 13:23 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-26 13:23 . 2009-03-26 13:23 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-03-25 08:43 . 2008-08-05 09:20 -------- d-----w c:\program files\Java
2009-03-24 11:02 . 2009-03-14 10:45 -------- d-----w c:\program files\MP3 Splitter and Joiner
2009-03-19 14:32 . 2009-04-20 12:20 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-17 03:38 . 2009-04-16 09:53 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 09:53 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-14 16:59 . 2008-08-22 12:18 102400 ----a-w c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEClient_x86.dll
2009-03-09 04:19 . 2008-12-10 10:16 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 11:34 . 2009-05-06 22:25 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-06 22:25 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-06 22:25 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-06 22:25 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-06 22:25 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-06 22:25 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-06 22:25 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-06 22:25 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-06 22:25 103936 ----a-w c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-05-06 22:25 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-05-06 22:25 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-05-06 22:25 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-05-06 22:25 66560 ----a-w c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-05-06 22:25 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-05-06 22:25 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-05-06 22:25 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-05-06 22:25 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-05-06 22:25 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-03 04:46 . 2009-04-16 09:54 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-16 09:54 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-16 09:54 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-16 09:54 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-16 09:54 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-16 09:54 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-16 09:54 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 04:37 . 2009-04-16 09:54 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 03:04 . 2009-04-16 09:54 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-16 09:54 17408 ----a-w c:\windows\system32\iashost.exe
2009-01-20 09:21 . 2009-01-20 09:19 24 --sh--w c:\windows\S949CB655.tmp
2008-12-09 22:38 . 2008-12-09 21:41 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2008-12-09 22:38 . 2008-12-09 21:41 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
2007-03-07 12:54 . 2007-03-07 12:54 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam gaming\Steam.exe" [2009-05-19 1217784]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"RtHDVCpl"="c:\windows\RtHDVCpl.exe" [2007-05-10 4468736]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"BtTray"="c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe" [2008-08-04 226816]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"Skytel"="c:\windows\Skytel.exe" [2007-05-07 1826816]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-04-27 1947928]
"CloneCDTray"="c:\program files\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"VirtualDrive"="c:\program files\FarStone VirtualDrive\VDTask.exe" [2007-07-17 159744]
"RAMDrive"="c:\program files\FarStone VirtualDrive\VHD\RDTask.exe" [2007-03-02 135168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Ultra Hal Text-to-Speech Reader Startup.lnk - c:\windows\Installer\{96EF451E-A402-44D8-BAEE-D70D558A4122}\New_Shortcut_S1449_0EB7CDB78E0C4A918D2CA535D5B8160C.exe [2009-1-1 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8FD50CAA-DA6E-49DE-97DB-EEE58F080F9D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DA2647C2-60AE-4718-83D6-9DE9166F24B2}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4B977D33-56D3-43F6-9600-1F7B2D0D6FCF}"= UDP:c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe:BlueSoleilCS
"{5DE11D09-E27B-4B50-8F50-9E6FEE1A4793}"= TCP:c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe:BlueSoleilCS
"TCP Query User{D661DF78-3AF7-4D1D-9346-0FF43F5D2EAD}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{0E208C1E-81D5-4382-AECD-B1931378C22C}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{937F1135-9268-4E91-8BC1-F1C6AFFAA15D}c:\\program files\\soldat\\soldat.exe"= UDP:c:\program files\soldat\soldat.exe:Soldat
"UDP Query User{C5DB6CC0-F154-4A90-B5E9-1F0B0AC84EB0}c:\\program files\\soldat\\soldat.exe"= TCP:c:\program files\soldat\soldat.exe:Soldat
"{52C771B5-7B2C-4DD4-850E-0ED60C559364}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{9D35DB67-712A-40B0-B55B-C865A3C2603E}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{242D541C-563D-4371-8C50-98B4099C90F9}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{83ABE41D-9FF5-4E41-8A1F-D8D879524A97}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{0112677F-A917-4758-BC8B-E5FD430EC25D}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{50D4E9D6-D2B0-4181-9943-90B363B0C2EE}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{DDFC5427-6738-4FEE-B38D-3CDDE5CF33B6}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{02EBF8EA-BF2D-45B1-9E58-A03429AFA56F}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{98A5B811-E4BA-4FFB-A41C-BFC7864408DC}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{6DC40EC3-A3ED-4B2F-97FA-7ACA8B6A39D7}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{0C7256F5-E62F-4180-BC64-A0CCD889E503}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{55BB86E4-E19F-46B5-87F4-580F65C52DC7}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{7E45E62C-1E55-4AAD-8DE2-E20DC3582730}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{99239411-A47A-4B23-BA79-B94BE7D4311E}"= UDP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"{7F68DB5D-AF10-4A8D-93CE-89E025546BC1}"= TCP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"{0A78D595-DEC9-4DEA-95C4-5961CD7D0E55}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{F27E25CC-B93E-4E75-8590-8F58666207D1}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [07/01/2009 0:01 12552]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\drivers\BtHidBus.sys [31/07/2008 20:45 20616]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [07/01/2009 0:01 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [07/01/2009 10:33 108552]
R1 tmlwf;tmlwf;c:\windows\System32\drivers\tmlwf.sys [27/10/2007 2:53 141840]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [07/01/2009 22:05 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [07/01/2009 22:05 298776]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe [01/08/2008 15:55 143467]
R2 fsusd32;File System Camera Devices DLL;c:\windows\system32\rundll32.exe fsusd32.dll,yhyn --> c:\windows\system32\rundll32.exe fsusd32.dll,yhyn [?]
R2 tmevtmgr;tmevtmgr;c:\windows\System32\drivers\tmevtmgr.sys [17/09/2008 9:07 52240]
R2 tmpreflt;tmpreflt;c:\windows\System32\drivers\tmpreflt.sys [27/10/2007 2:53 36368]
R2 tmwfp;tmwfp;c:\windows\System32\drivers\tmwfp.sys [27/10/2007 2:53 228368]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\System32\drivers\IvtBtBus.sys [02/07/2008 14:58 26248]
R3 WL328F;WL382F Wireless LAN 11Mbps Adapter Service;c:\windows\System32\drivers\Atl2kR.sys [03/08/2008 20:42 93056]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [23/11/2008 16:47 33752]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\System32\drivers\LV532AV.SYS [31/01/2005 10:13 163328]
S3 TmPfw;TmPfw; [x]
S3 tmproxy;tmproxy; [x]
--- Other Services/Drivers In Memory ---
*Deregistered* - sptd
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.rebelion.org/
uInternet Settings,ProxyOverride = *.local
IE: Enviar por Bluetooth - c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
IE: Enviar por Mensaje (&M)... - c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
TCP: {B46632A7-6B24-4682-AB3B-FA60FC5BE0F7} = 80.58.0.33,80.58.32.97
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-23 08:48
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2806005705-1933095540-4221855803-1000\Software\SecuROM\License information*]
"datasecu"=hex:d2,b3,5f,de,f9,a4,03,a0,0b,dc,9e,06,1b,83,a9,dd,37,c6,49,91,ac,
61,43,83,51,58,26,44,b3,25,99,4b,7a,fd,fc,e3,1d,c9,42,3f,dd,44,58,ce,f8,9f,\
"rkeysecu"=hex:39,76,80,50,86,a4,f8,26,8b,3f,69,4e,e3,08,e0,b0
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(4088)
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\AVG\AVG8\avgam.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgemc.exe
c:\windows\System32\WUDFHost.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
c:\windows\System32\conime.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Loquendo\HalReader.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\spool\drivers\w32x86\3\WrtProc.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Steam\SteamService.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Completion time: 2009-05-23 8:52 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-23 06:52
Pre-Run: El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
Post-Run: 127.650.349.056 bytes libres
282 --- E O F --- 2009-05-19 07:54
--- Fin de la cita ---
Sandino9:
Bueno, yo no tengo ni idea de las cosas que pone alli. Tengo el adaptador wifi del ordenador vista apagado para que no esté mandando cosas, que aver si telefónica me cierra la linea :S
¿Qué más puedo hacer?
Mr_X:
¿Notaste cambios? Saca nuevos logs del HijackThis y Autoruns...
Sandino9:
No, ningún cambio; la sigue mandando cosas masivamente.
De todas formas, aqui estan los logs:
HiJack:
--- Citar ---Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:02, on 23/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rebelion.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [JMB36X IDE Setup] "C:\Windows\RaidTool\xInsIDE.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Windows\RtHDVCpl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] "C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Skytel] "C:\Windows\Skytel.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam gaming\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Ultra Hal Text-to-Speech Reader Startup.lnk = ?
O8 - Extra context menu item: Enviar por Bluetooth - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Enviar por Mensaje (&M)... - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B46632A7-6B24-4682-AB3B-FA60FC5BE0F7}: NameServer = 80.58.0.33,80.58.32.97
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TMBMServer - Trend Micro Inc. - (no file)
O23 - Service: TmPfw - Trend Micro Inc. - (no file)
O23 - Service: tmproxy - Trend Micro Inc. - (no file)
--
End of file - 7832 bytes
--- Fin de la cita ---
Autoruns:
--- Citar ---HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ Adobe Reader Speed Launcher Adobe Acrobat SpeedLauncher (Verified) Adobe Systems, Incorporated c:\program files\adobe\reader 9.0\reader\reader_sl.exe
+ AppleSyncNotifier AppleSyncNotifier (Verified) Apple Inc. c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe
+ AVG8_TRAY AVG Tray Monitor (Verified) AVG Technologies c:\program files\avg\avg8\avgtray.exe
+ BtTray BlueSoleil Bttray c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bttray.exe
+ CanonSolutionMenu CNSLMAIN (Verified) Canon Inc. c:\program files\canon\solutionmenu\cnslmain.exe
+ CloneCDTray CloneCD Tray (Not verified) SlySoft, Inc. c:\program files\clonecd\clonecdtray.exe
+ iTunesHelper iTunesHelper Module (Verified) Apple Inc. c:\program files\itunes\ituneshelper.exe
+ JMB36X IDE Setup c:\windows\raidtool\xinside.exe
+ OpwareSE4 OCR Aware (Verified) Nuance Communications, Inc. c:\program files\scansoft\omnipagese4\opwarese4.exe
+ QuickTime Task QuickTime Task (Not verified) Apple Inc. c:\program files\quicktime\qttask.exe
+ RAMDrive RDTask Microsoft ??????? (Not verified) FarStone Technology, Inc. c:\program files\farstone virtualdrive\vhd\rdtask.exe
+ SSBkgdUpdate SSBkgdUpdate (Verified) Nuance Communications, Inc. c:\program files\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe
+ SunJavaUpdateSched Java(TM) Platform SE binary (Verified) Sun Microsystems, Inc. c:\program files\java\jre6\bin\jusched.exe
+ VirtualDrive VirtualDrive VDTask (Not verified) FarStone Technology Inc. c:\program files\farstone virtualdrive\vdtask.exe
+ WrtMon.exe NsWrtMon Microsoft Base Class Application c:\windows\system32\spool\drivers\w32x86\3\wrtmon.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
+ Ultra Hal Text-to-Speech Reader Startup.lnk InstallShield (Not verified) InstallShield Software Corp. c:\windows\installer\{96ef451e-a402-44d8-baee-d70d558a4122}\new_shortcut_s1449_0eb7cdb78e0c4a918d2ca535d5b8160c.exe
C:\Users\Aleksander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ Steam Steam (Verified) Valve c:\program files\steam gaming\steam.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
+ linkscanner Safe Search pluggable protocol (Verified) AVG Technologies c:\program files\avg\avg8\avgpp.dll
+ skype4com Skype for COM API (Verified) Skype Technologies SA c:\windows\system32\skype4com.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ MakeFile_VDGD Class VDShell Module (Not verified) FarStone Technology Inc. c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\Shellex\DragDropHandlers
HKLM\Software\Classes\Directory\Shellex\DragDropHandlers
HKCU\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKCU\Software\Classes\Directory\Shellex\CopyHookHandlers
HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers
+ IVTCopyMonitor BluetoothManager Module c:\windows\system32\bsshell.dll
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
+ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell Extension PDF Shell Extension (Verified) Adobe Systems, Incorporated c:\program files\common files\adobe\acrobat\activex\pdfshell.dll
HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ FolderShell_VDGD Class VDShell Module (Not verified) FarStone Technology Inc. c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ iTunes iTunes Mini Player DLL (Verified) Apple Inc. c:\program files\itunes\itunesminiplayer.dll
+ OpenOffice.org Column Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Infotip Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Property Sheet Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Thumbnail Viewer (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ Skladnik rozszerzenia powloki CorelDRAW Shell Extension DLL (Not verified) Corel Corporation c:\program files\corel\corel graphics 11\draw\cdrviewer\crlshell110.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ Adobe PDF Link Helper Adobe PDF Helper for Internet Explorer (Verified) Adobe Systems, Incorporated c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
+ AVG Safe Search Safe Search for Internet Explorer (Verified) AVG Technologies c:\program files\avg\avg8\avgssie.dll
+ AVGTOOLBAR AVG Security Toolbar (Verified) AVG Technologies c:\program files\avg\avg8\avgtoolbar.dll
+ Java(tm) Plug-In 2 SSV Helper Java(TM) Platform SE binary (Not verified) Sun Microsystems, Inc. c:\program files\java\jre6\bin\jp2ssv.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ aawservice Ad-Aware service File not found: C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
+ Apple Mobile Device Proporciona la interfaz a los dispositivos móviles de Apple. (Verified) Apple Inc. c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
+ avg8emc AVG E-Mail Scanner (Verified) AVG Technologies c:\program files\avg\avg8\avgemc.exe
+ avg8wd AVG Watchdog Service (Verified) AVG Technologies c:\program files\avg\avg8\avgwdsvc.exe
+ BlueSoleilCS Manages bluetooth hardware and provides bluetooth functions. c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bluesoleilcs.exe
+ Bonjour Service Bonjour permite que aplicaciones como iTunes y Safari anuncien y descubran servicios en la red local. Si tiene Bonjour en ejecución, le permitirá conectarse con dispositivos hardware como el Apple TV y con servicios de software, como archivos compartidos de iTunes y AirTunes. Si desactiva Bonjour, los servicios de red que dependan de él explícitamente no se podrán iniciar. (Verified) Apple Inc. c:\program files\bonjour\mdnsresponder.exe
+ BsHelpCS BsHelpCS Module c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bshelpcs.exe
+ BsMobileCS BsMobileCS Module c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bsmobilecs.exe
+ fsusd32 File System Camera Devices DLL (Not verified) Microsoft Corporation c:\windows\system32\fsusd32.dll
+ getPlus(R) Helper getPlus(R) Helper (Verified) Adobe Systems Incorporated c:\program files\nos\bin\getplus_helpersvc.exe
+ IDriverT Provides support for the Running Object Table for InstallShield Drivers (Not verified) Macrovision Corporation c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe
+ iPod Service Servicios de administración del hardware del iPod (Verified) Apple Inc. c:\program files\ipod\bin\ipodservice.exe
+ Steam Client Service Steam Client Service monitors and updates Steam content (Verified) Valve c:\program files\common files\steam\steamservice.exe
HKLM\System\CurrentControlSet\Services
+ AvgLdx86 AVG AVI Loader Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgldx86.sys
+ AvgMfx86 AVG Resident Shield Minifilter Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgmfx86.sys
+ AvgRkx86 AVG Anti-Rootkit Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgrkx86.sys
+ AvgTdiX AVG Network connection watcher (Verified) AVG Technologies c:\windows\system32\drivers\avgtdix.sys
+ ElbyCDFL ElbyCDIO Filter Driver (Not verified) SlySoft, Inc. c:\windows\system32\drivers\elbycdfl.sys
+ ElbyCDIO ElbyCD Windows NT/2000/XP I/O driver (Not verified) Elaborate Bytes AG c:\windows\system32\drivers\elbycdio.sys
+ fcdabus FarStone Bus Enumerator (Verified) Farstone Technology Inc c:\windows\system32\drivers\fcdabus.sys
+ fsRamDsk (Verified) Farstone Technology Inc c:\windows\system32\drivers\fsramdsk.sys
+ FVXSCSI FarStone SCSI Miniport (Verified) Farstone Technology Inc c:\windows\system32\drivers\fvxscsi.sys
+ hamachi Hamachi Virtual Network Interface Driver (Verified) LogMeIn, Inc. c:\windows\system32\drivers\hamachi.sys
+ sptd c:\windows\system32\drivers\sptd.sys
+ tmactmon TrendMicro Activity Monitor Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmactmon.sys
+ tmcomm TrendMicro Common Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmcomm.sys
+ tmevtmgr TrendMicro Event Management Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmevtmgr.sys
+ tmpreflt Trend Filter Driver (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmpreflt.sys
+ tmxpflt Trend Functionality Driver (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmxpflt.sys
+ vsapint Trend Virus ScanEngine (Verified) Trend Micro, Inc. c:\windows\system32\drivers\vsapint.sys
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
+ msacm.ac3acm AC-3 ACM Codec (Not verified) fccHandler c:\windows\system32\ac3acm.acm
+ msacm.ac3filter c:\windows\system32\ac3filter.acm
+ msacm.clmp3enc CLMP3Enc (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\clmp3enc.acm
+ msacm.divxa32 DivX WMA Audi (Not verified) Kristal Studi c:\windows\system32\divxa32.acm
+ msacm.l3fhg MPEG Audio Layer-3 Codec for MSACM (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS c:\windows\system32\mp3fhg.acm
+ msacm.lameacm Lame MP3 codec engine (Not verified) http://www.mp3dev.org/ c:\windows\system32\lameacm.acm
+ msacm.msaudio1 Windows Media Audio (Not verified) Microsoft Corporation c:\windows\system32\msaud32.acm
+ msacm.sl_anet Audio codec for MS ACM (Not verified) Sipro Lab Telecom Inc. c:\windows\system32\sl_anet.acm
+ msacm.vorbis Ogg Vorbis CODEC for MSACM (Not verified) HMS http://hp.vector.co.jp/authors/VA012897/ c:\windows\system32\vorbis.acm
+ VIDC.DIVX DivX (Not verified) DivX, Inc. c:\windows\system32\divx.dll
+ VIDC.FFDS DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ VIDC.HFYU Huffyuv lossless video codec (Not verified) Disappearing Inc. c:\windows\system32\huffyuv.dll
+ vidc.i263 Intel I.263 Video Driver 2.55.012 (Not verified) Intel Corporation c:\windows\system32\i263_32.drv
+ VIDC.VP60 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP61 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP62 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP70 VP70 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp7vfw.dll
+ VIDC.X264 c:\windows\system32\x264vfw.dll
+ VIDC.XVID c:\windows\system32\xvidvfw.dll
+ VIDC.YV12 Helix YV12 YUV Codec (Not verified) www.helixcommunity.org c:\windows\system32\yv12vfw.dll
HKLM\Software\Classes\Filter
+ LAME MPEG Layer III Audio Encoder c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
+ 3ivx Audio Decoder 3ivx D4 4.5 DirectShow Audio Decoder (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsaudiodecoder.ax
+ 3ivx D4 Audio Encoder 3ivx D4 4.5 DirectShow Audio Encoder (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsaudioencoder.ax
+ 3ivx Media Splitter 3ivx D4 4.5 DirectShow Media Splitter (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsmediasplitter.ax
+ aac_parser Direct show parser filter for ADTS c:\program files\codecpack de elisoft\aac\aac_parser.ax
+ AC3File c:\program files\k-lite codec pack\filters\ac3file.ax
+ AC3Filter ac3filter c:\program files\total video converter\ac3filter.cpl
+ Avi Source Avi Splitter (Not verified) Gabest c:\windows\system32\avisplitter.ax
+ Avi Splitter Avi Splitter (Not verified) Gabest c:\windows\system32\avisplitter.ax
+ AVI2AC3 c:\program files\codecpack de elisoft\dts\avi2ac3dts.ax
+ CDXA Reader CDXA Reader Filter (Not verified) Gabest c:\windows\system32\cdxareader.ax
+ CoreAAC Audio Decoder CoreAAC c:\windows\system32\coreaac.ax
+ CoreFLAC Audio Decoder CoreFLAC Audio Decoder & Source DirectShow Filter (Not verified) - c:\windows\system32\coreflacdecoder.ax
+ CoreFLAC Audio Source CoreFLAC Audio Decoder & Source DirectShow Filter (Not verified) - c:\windows\system32\coreflacdecoder.ax
+ CoreVorbis Audio Decoder CoreVorbis (Not verified) - c:\windows\system32\corevorbis.ax
+ CyberLink Audio Noise Reduction CLAuNR (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaunrwrapper.ax
+ CyberLink Audio Resampler CLAuRsmpl.ax (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaursmpl.ax
+ CyberLink Audio VolumeBooster CyberLink Audio Volume Booster Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvb.ax
+ CyberLink AudioCD Filter CyberLink AudioCD Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaudiocd.ax
+ Cyberlink Dump Dispatch Filter Cyberlink File Dump Dispatch Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gdumpdispatch.ax
+ Cyberlink Dump Filter Cyberlink File Dump Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gdump.ax
+ CyberLink Editing Service 3.0 (Source) CES Kernel (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gedtkrn.dll
+ Cyberlink File Reader (Async.) Cyberlink MPEG File Reader (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2greader.ax
+ CyberLink Load Image Filter CLImage (Not verified) CyberLink c:\program files\cyberlink\shared files\climage.ax
+ CyberLink LPCM Converter LPCM Converter Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2glpcmcvrt.ax
+ CyberLink M2V Writer CLM2VWriter (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gm2vwriter.ax
+ CyberLink MP3/WAV Wrapper CyberLink MP3 Wrapper (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gmp3wrap.ax
+ CyberLink MPEG Decoder CyberLink Video/SP Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gmvd.ax
+ CyberLink MPEG Muxer MpgMux (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gmpgmux.ax
+ CyberLink MPEG Video Encoder CyberLink MPEG Video Encoder (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvidenc.ax
+ CyberLink MPEG-1 Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gm1spliter.ax
+ CyberLink MPEG-2 Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gm2spliter.ax
+ CyberLink PCM Wrapper CyberLink PCM Wrapper (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gpcmenc.ax
+ CyberLink TimeStretch Filter (CES) CLAuTS.ax (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gauts.ax
+ CyberLink TL MPEG Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gtlmsplter.ax
+ CyberLink Video Effect CLVidFx (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gvidfx.ax
+ CyberLink Video Regulator CLRGL (Not verified) Cyberlink c:\program files\cyberlink\power2go\p2grgl.ax
+ CyberLink Video Stabilizer CLVideoDeShaking (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gvideostabilizer.ax
+ CyberLink Video/SP Decoder CyberLink Video/SP Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvsd.ax
+ DC-Bass Source DirectShow™ Audio Decoder (Not verified) http://www.dsp-worx.de c:\program files\k-lite codec pack\filters\dcbasssource.ax
+ DirectVobSub VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth (Not verified) Gabest c:\windows\system32\vsfilter.dll
+ DirectVobSub (auto-loading version) VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth (Not verified) Gabest c:\windows\system32\vsfilter.dll
+ DivX Decoder Filter DivX® Decoder Filter (Not verified) DivXNetworks, Inc. c:\program files\codecpack de elisoft\divx511\divxdec.ax
+ DTS/AC3/DD+ Source DTS/AC3 Sorce Filter (Not verified) Gabest c:\program files\xp codec pack\filters\dtsac3source.ax
+ ffdshow Audio Decoder DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow Audio Processor DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow raw video filter DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow subtitles filter DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow Video Decoder DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ File Source (MO3/XM/IT) c:\program files\codecpack de elisoft\modtrack\modsource.ax
+ File Source (Monkey Audio) c:\program files\k-lite codec pack\filters\monkeysource.ax
+ FLV Source FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV Source Filter FLV Source Filter (Not verified) SWiSHzone.com Pty Ltd c:\program files\total video converter\flv.ax
+ FLV Splitter FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV4 Video Decoder FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ GPL MPEG-1/2 Decoder GPL MPEG-1/2 Decoder Filter for DirectShow (Not verified) Peter Wimmer, Gabest c:\windows\system32\gplmpgdec.ax
+ Haali Matroska Muxer Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter (AR) Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Simple Media Splitter Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Video Renderer c:\program files\k-lite codec pack\filters\haali\dxr.dll
+ Haali Video Sink Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ LAME MPEG Layer III Audio Encoder c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
+ madFlac Decoder DirectShow FLAC Decoder (Not verified) www.madshi.net c:\program files\k-lite codec pack\filters\madflac.ax
+ madFlac Source DirectShow FLAC Decoder (Not verified) www.madshi.net c:\program files\k-lite codec pack\filters\madflac.ax
+ MainConcept DV Video Decoder DirectShow DV Video Encoder and Decoder (Not verified) MainConcept c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ MainConcept DV Video Encoder DirectShow DV Video Encoder and Decoder (Not verified) MainConcept c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ Matroska Source Matroska Splitter (Not verified) Gabest c:\windows\system32\matroskasplitter.ax
+ Matroska Splitter Matroska Splitter (Not verified) Gabest c:\windows\system32\matroskasplitter.ax
+ Microcrap MPEG-4 Video Decompressor Microcrap MPEG-4 Video Decompressor (Not verified) Microcrap Corporation c:\program files\codecpack de elisoft\mpeg4\mpg4ds32.ax
+ MONOGRAM AMR Decoder AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Encoder AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Mux AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Splitter AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM Musepack Decoder mmmpcdec c:\program files\k-lite codec pack\filters\mmmpcdec.ax
+ MONOGRAM Musepack Splitter mmmpcdmx c:\program files\k-lite codec pack\filters\mmmpcdmx.ax
+ Morgan MJPEG Compressor Morgan MJPEG Compressor (Not verified) Morgan Multimedia c:\program files\codecpack de elisoft\m3jpegv3\m3jpegenc.ax
+ Morgan MJPEG Decompressor Morgan MJPEG Decompressor (Not verified) Morgan Multimedia c:\program files\codecpack de elisoft\m3jpegv3\m3jpegdec.ax
+ MotionWavelets Decompression Filter MotionWavelets Video Codec (Not verified) Aware Inc. c:\program files\codecpack de elisoft\aware\icmw_32.dll
+ MP4 Source MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MP4 Splitter MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG Layer-3 Decoder MPEG Layer-3 Audio Decoder (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS c:\windows\system32\l3codecx.ax
+ MPEG4 Video Source MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG4 Video Splitter MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPV Decoder Filter MPEG-1/2 Decoder Filter for DirectShow (Not verified) Gabest c:\program files\total video converter\mpeg2decfilter.ax
+ NewSoft Audio Encoder Filter Auido Encoder Filter (Not verified) NewSoft c:\program files\common files\newsoft\nsm2aenc.ax
+ NewSoft DeInterlace (Not verified) Newsoft c:\program files\common files\newsoft\nsdeinterlace.ax
+ NewSoft MPEG Video Decoder Filter NewSoft MPEG Video Decoder Filter (Not verified) NewSoft Corporation c:\program files\common files\newsoft\nsm2vdec.ax
+ NewSoft MPEG Video Encoder Filter MPEG Video Encoder Filter (Not verified) NewSoft c:\program files\common files\newsoft\nsm2venc.ax
+ Ogg Source Ogg Splitter (Not verified) Gabest c:\windows\system32\oggsplitter.ax
+ Ogg Splitter Ogg Splitter (Not verified) Gabest c:\windows\system32\oggsplitter.ax
+ P2G Audio Decoder CyberLink Audio Decoder Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaud.ax
+ P2G Audio Encoder CyberLink Audio Encoder Filter (Not verified) Cyberlink Corp. c:\program files\cyberlink\power2go\p2gaudenc.ax
+ P2G Video Regulator CyberLink Video Regulator (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gresample.ax
+ PICVideo Lossless JPEG Compressor PICVideo Lossless JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo Lossless JPEG Decompressor PICVideo Lossless JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo MJPEG Compressor PICVideo Motion JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo MJPEG Decompressor PICVideo Motion JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo Wavelet 2000 Compressor PICVideo Wavelet Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ PICVideo Wavelet 2000 Decompressor PICVideo Wavelet Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ QTSrc CLQTSrc (Not verified) Cyberlink c:\program files\total video converter\quicktime.ax
+ RadLight APE DirectShow Filter RLAPEDec (Not verified) RadLight c:\windows\system32\rlapedec.ax
+ RadLight MPC DirectShow Filter RLMPCDec (Not verified) RadLight c:\windows\system32\rlmpcdec.ax
+ RadLight OptimFROG DirectShow Filter RLOFRDec (Not verified) RadLight c:\windows\system32\rlofrdec.ax
+ RadLight TTA DirectShow Filter RadLight TTA DirectShow Filter (Not verified) RadLight c:\windows\system32\rlttadec.ax
+ RealAudio Decoder RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Source RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Splitter RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealVideo Decoder RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ Sample Grabber Filter Grabber Filter (Sample) (Not verified) Microsoft Corporation c:\windows\system32\samplegrabber.ax
+ T VP6 Decompression Filter (Not verified) On2.com Inc. c:\program files\total video converter\vp6dec.ax
+ T VP7 Decompression Filter (Not verified) On2.com Inc. c:\program files\k-lite codec pack\filters\vp7dec.ax
+ WavPack Audio Decoder WavPack Audio DirectShow Decoder (Not verified) - c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax
+ WavPack Audio Splitter WavPack Audio DirectShow Splitter (Not verified) - c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax
+ Windows Media Audio Decoder Windows Media Audio Decoder (Not verified) Microsoft Corporation c:\windows\system32\msadds32.ax
+ Xvid MPEG-4 Video Decoder xvid (Not verified) http://www.xvid.org c:\windows\system32\xvid.ax
HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance
HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance
HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\System\CurrentControlSet\Control\Session Manager\S0InitialCommand
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKCU\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
+ avgrsstx.dll AVG Resident Shield Starter (Verified) AVG Technologies c:\windows\system32\avgrsstx.dll
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SaveDumpStart
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
+ mdnsNSP Bonjour Namespace Provider (Not verified) Apple Inc. c:\program files\bonjour\mdnsnsp.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ BlueSoleil Print Port BsMonSvr (Not verified) IVT Corporation. c:\windows\system32\bsmonsvr.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
--- Fin de la cita ---
¿Y ahora qué?
Navegación
[#] Página Siguiente
[*] Página Anterior
Ir a la versión completa