Foros de daboweb
SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc => Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware => Mensaje iniciado por: jose24_v en 16 de Febrero de 2008, 11:34:08 pm
-
hola amigos
ak les adujnto mi log ke genero mi autoruns,para ver ke elementos desactivos de mi windows xp
desde ya les agradesco la atencion prestada
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ avast! avast! service GUI component (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashdisp.exe
+ CorelDRAW Graphics Suite 11b Registration (Not verified) Corel Corporation c:\archivos de programa\corel\corel graphics 12\languages\es\programs\registration.exe
+ VC6Player Virtual CD - Player (Not verified) H+H Software GmbH c:\archivos de programa\hhvcdv6sys\vc6play.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
C:\Documents and Settings\sava\Menú Inicio\Programas\Inicio
+ Webshots.lnk Webshots Desktop Tray Application (Not verified) The Webshots Corporation c:\archivos de programa\webshots\webshotstray.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
+ 0 File not found: About:Home
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ avast avast! Shell Extension (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashshell.dll
+ SolidConverterPDF ExploreExt (Not verified) VoyagerSoft, LLC c:\archivos de programa\soliddocuments\solidconverterpdf\scpdf\exploreextpdf.dll
+ WinRAR c:\archivos de programa\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\archivos de programa\winzip\wzshlstb.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
+ avast avast! Shell Extension (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashshell.dll
+ FCDExt Class Virtual CD - Shell Extension (Not verified) H+H Software GmbH c:\windows\system32\vc6extse.dll
+ SolidConverterPDF ExploreExt (Not verified) VoyagerSoft, LLC c:\archivos de programa\soliddocuments\solidconverterpdf\scpdf\exploreextpdf.dll
+ WinRAR c:\archivos de programa\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\archivos de programa\winzip\wzshlstb.dll
HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
+ WinRAR c:\archivos de programa\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\archivos de programa\winzip\wzshlstb.dll
HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Carpetas Web c:\archivos de programa\archivos comunes\microsoft shared\web folders\msonsext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ avast avast! Shell Extension (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashshell.dll
+ Contact View Phone Browser Contact View (Not verified) Nokia c:\archivos de programa\nokia\nokia pc suite 6\contactview.dll
+ Extensión de paneo de pantalla del Panel de control File not found: deskpan.dll
+ Message View Phone Browser Message View (Not verified) Nokia c:\archivos de programa\nokia\nokia pc suite 6\messageview.dll
+ Microsoft Office Binder Unbind Separador de documentos del Cuaderno de Microsoft Office (Not verified) Microsoft Corporation c:\archivos de programa\microsoft office\office\3082\unbind.dll
+ Microsoft Outlook Custom Icon Handler Microsoft Outlook Shell Hook for Start/Find (Not verified) Microsoft Corporation c:\archivos de programa\microsoft office\office\olkfstub.dll
+ Nokia Phone Browser Phone Browser (Not verified) Nokia c:\archivos de programa\nokia\nokia pc suite 6\phonebrowser.dll
+ SnagIt SnagIt Add-in for Internet Explorer (Not verified) TechSmith Corporation c:\archivos de programa\techsmith\snagit 6\snagitieaddin.dll
+ SolidConverter extension ExploreExt (Not verified) VoyagerSoft, LLC c:\archivos de programa\soliddocuments\solidconverterpdf\scpdf\exploreextpdf.dll
+ WinRAR shell extension c:\archivos de programa\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\archivos de programa\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\archivos de programa\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\archivos de programa\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\archivos de programa\winzip\wzshlstb.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ AcroIEHlprObj Class AcroIEHelper Module (Verified) Adobe Systems, Incorporated c:\archivos de programa\adobe\acrobat 5.0\reader\activex\acroiehelper.ocx
+ HelperObject Class SnagIt Browser Helper Object for Internet Explorer (Not verified) TechSmith Corporation c:\archivos de programa\techsmith\snagit 6\snagitbho.dll
+ PCTools Site Guard Site Guard (Verified) PC Tools c:\archivos de programa\spyware doctor\tools\iesdsg.dll
+ pdfMachine pdfMachine Toolbar for IE (Verified) Broadgun Software c:\windows\system32\bgstb.dll
+ Solid Converter PDF ExploreExt (Not verified) VoyagerSoft, LLC c:\archivos de programa\soliddocuments\solidconverterpdf\scpdf\exploreextpdf.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ pdfMachine pdfMachine Toolbar for IE (Verified) Broadgun Software c:\windows\system32\bgstb.dll
+ SnagIt SnagIt Add-in for Internet Explorer (Not verified) TechSmith Corporation c:\archivos de programa\techsmith\snagit 6\snagitieaddin.dll
+ Solid Converter PDF ExploreExt (Not verified) VoyagerSoft, LLC c:\archivos de programa\soliddocuments\solidconverterpdf\scpdf\exploreextpdf.dll
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ aswUpdSv Provides automatic updating for the avast! antivirus. (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\aswupdsv.exe
+ avast! Antivirus Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler. (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashserv.exe
HKLM\System\CurrentControlSet\Services
+ Aavmker4 avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP (Verified) ALWIL Software c:\windows\system32\drivers\aavmker4.sys
+ aswMon2 avast! File System Filter Driver for Windows XP (Verified) ALWIL Software c:\windows\system32\drivers\aswmon2.sys
+ aswRdr avast! TDI RDR Driver (Verified) ALWIL Software c:\windows\system32\drivers\aswrdr.sys
+ aswTdi avast! TDI Filter Driver (Verified) ALWIL Software c:\windows\system32\drivers\aswtdi.sys
+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys
+ ElbyCDFL ElbyCDIO Filter Driver (Not verified) SlySoft, Inc. c:\windows\system32\drivers\elbycdfl.sys
+ ElbyCDIO ElbyCD Windows NT/2000/XP I/O driver (Not verified) Elaborate Bytes AG c:\windows\system32\drivers\elbycdio.sys
+ FGUARD32 Folder Guard Device Driver (Not verified) WinAbility® Software Corporation c:\archivos de programa\folder guard pro xp\fguard32.sys
+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys
+ ikhfile File Security Kernel Anti-Spyware (Not verified) PCTools Research Pty Ltd. c:\windows\system32\drivers\ikhfile.sys
+ ikhlayer Kernel Anti-Spyware (Not verified) PCTools Research Pty Ltd. c:\windows\system32\drivers\ikhlayer.sys
+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys
+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys
+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys
+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys
+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys
+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys
+ PfModNT PCI/ISA Device Info. Service (Not verified) Creative Technology Ltd. c:\windows\system32\pfmodnt.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP (Not verified) Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
+ Tpkd InterLok system file (Not verified) PACE Anti-Piracy, Inc. c:\windows\system32\drivers\tpkd.sys
+ viaagp1 VIA NT AGP Filter (Not verified) VIA Technologies, Inc. c:\windows\system32\drivers\viaagp1.sys
+ VIAPFD VIA PFD driver (Not verified) VIA Technologies. Inc. c:\windows\system32\drivers\viapfd.sys
+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
+ advapi32 API base de Windows 32 avanzado (Not verified) Microsoft Corporation c:\windows\system32\advapi32.dll
+ comdlg32 DLL de diálogos comunes (Not verified) Microsoft Corporation c:\windows\system32\comdlg32.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
+ logonui.exe Interfaz de usuario de inicio d sesión de Windows (Not verified) Microsoft Corporation c:\windows\system32\logonui.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
+ c:\windows\webshots.scr Webshots32 (Not verified) Auralis, Inc. c:\windows\webshots.scr
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ BJ Language Monitor Monitor Langage para impresora Canon Bubble-Jet (Not verified) Microsoft Corporation c:\windows\system32\cnbjmon.dll
+ OLFax Ports Symantec Fax Starter Edition Monitor DLL (Not verified) Microsoft Corporation c:\windows\system32\olfmnt40.dll
+ PDF Port Monitor (Verified) Broadgun Software c:\windows\system32\bgspmnt.dll
+ PDF-XChange PDF-XChange Port Monitor (Not verified) Tracker Software c:\windows\system32\pxc25pm.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
+ msapsspc.dll Cliente DPA para plataformas de 32 bit (Not verified) Microsoft Corporation c:\windows\system32\msapsspc.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
-
¿Tienes algún problema con tu máquina? Si es no, déjalo como está (aunque yo quitaría el Webshots)...