Foros de daboweb
SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc => Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware => Mensaje iniciado por: Sandino9 en 22 de Mayo de 2009, 04:47:39 pm
-
Hola a todos,
Ya me estoy empezando a desesperar. Hace unos dias vi que incluso sin tener ninguna actividad en internet abierta (paginas, p2p, juegos, ni nada) vi que la luz de actividad wifi de mi router estaba parpadeando continuamente. Tengo dos ordenadores, uno xp que esta ya para tirarlo de lo viejo y lento que es, con avast, pero lo utilizan mis padres para poca cosa; otro vista con avg bastante bueno y sin problemas de ningun tipo. El xp esta conectado al router por cable y el vista esta conectado mediante conexion wifi. La red esta bastante protegida (creo yo, vamos), con contraseña buena para entrar al router, WEP, y filtros MAC.
Cuando desconecto la conexion del vista al adaptador suele pararse la actividad wifi del router. He averiguado mas o menos la función del comando netstat y, por intuicion, lo que veo alli cuando hay mucha actividad no mia en el router no parece nada bueno, con cosas de tipo "mta2:smtp" o algo por el estilo, estableciendo conexiones.
Pensé que igual es actividad basica del router, pero he incluso recibido una carta del Centro Nemesys de Telefónica diciendo que puede ser que mi ordenador esté enviando SPAM. Prefiero solucionarlo con vuestra ayuda que con la de una multinacional como Telefónica.
Qué me aconsejáis?
Gracias por la atención,
- Sandino9
-
Hola, bienvenido
1.-Pega aquí la salida del comando
NETSTAT -AN
2.-Saca un log del HijackThis (clic aquí) (http://www.daboweb.com/foros/index.php/topic,13633.0.html)...
-
Aqui esta el netstat -an:
TCP 192.168.1.3:63891 64.18.4.10:25 TIME_WAIT
TCP 192.168.1.3:63892 202.99.33.36:25 TIME_WAIT
TCP 192.168.1.3:63893 218.216.120.168:25 TIME_WAIT
TCP 192.168.1.3:63894 12.154.55.40:25 ESTABLISHED
TCP 192.168.1.3:63895 58.246.136.41:25 TIME_WAIT
TCP 192.168.1.3:63896 208.65.144.13:25 TIME_WAIT
TCP 192.168.1.3:63897 205.161.14.52:25 TIME_WAIT
TCP 192.168.1.3:63898 203.209.228.230:25 TIME_WAIT
TCP 192.168.1.3:63899 72.14.164.85:25 TIME_WAIT
TCP 192.168.1.3:63900 64.18.5.10:25 TIME_WAIT
TCP 192.168.1.3:63901 61.135.132.110:25 TIME_WAIT
TCP 192.168.1.3:63902 77.75.72.42:25 TIME_WAIT
TCP 192.168.1.3:63903 202.248.238.10:25 TIME_WAIT
TCP 192.168.1.3:63904 205.234.150.178:25 TIME_WAIT
TCP 192.168.1.3:63905 217.22.226.193:25 TIME_WAIT
TCP 192.168.1.3:63906 62.249.212.196:25 TIME_WAIT
TCP 192.168.1.3:63907 116.228.52.134:25 TIME_WAIT
TCP 192.168.1.3:63908 68.167.25.99:25 TIME_WAIT
TCP 192.168.1.3:63909 66.234.224.28:25 TIME_WAIT
TCP 192.168.1.3:63910 208.89.132.28:25 TIME_WAIT
TCP 192.168.1.3:63911 194.134.42.41:25 TIME_WAIT
TCP 192.168.1.3:63912 219.239.98.77:25 TIME_WAIT
TCP 192.168.1.3:63913 202.248.175.6:25 TIME_WAIT
TCP 192.168.1.3:63914 38.113.244.146:25 ESTABLISHED
TCP 192.168.1.3:63915 193.252.22.142:25 TIME_WAIT
TCP 192.168.1.3:63916 200.255.9.10:25 TIME_WAIT
TCP 192.168.1.3:63917 211.43.212.206:25 TIME_WAIT
TCP 192.168.1.3:63918 63.217.87.11:25 TIME_WAIT
TCP 192.168.1.3:63919 195.154.194.122:25 TIME_WAIT
TCP 192.168.1.3:63922 193.164.131.35:25 TIME_WAIT
TCP 192.168.1.3:63925 207.115.64.104:25 TIME_WAIT
TCP 192.168.1.3:63926 208.65.144.13:25 TIME_WAIT
TCP 192.168.1.3:63927 213.186.33.29:25 ESTABLISHED
TCP 192.168.1.3:63932 213.36.80.90:25 TIME_WAIT
TCP 192.168.1.3:63933 200.87.100.30:25 TIME_WAIT
TCP 192.168.1.3:63938 208.65.144.13:25 TIME_WAIT
TCP 192.168.1.3:63939 70.151.177.34:25 TIME_WAIT
TCP 192.168.1.3:63940 200.34.175.4:25 TIME_WAIT
TCP 192.168.1.3:63941 220.232.130.170:25 TIME_WAIT
TCP 192.168.1.3:63942 165.139.70.1:25 TIME_WAIT
TCP 192.168.1.3:63943 201.238.246.125:25 TIME_WAIT
TCP 192.168.1.3:63944 202.148.1.15:25 TIME_WAIT
TCP 192.168.1.3:63945 192.146.1.50:25 TIME_WAIT
TCP 192.168.1.3:63946 200.57.64.98:25 ESTABLISHED
TCP 192.168.1.3:63947 147.32.127.218:25 TIME_WAIT
TCP 192.168.1.3:63950 200.142.58.27:25 TIME_WAIT
TCP 192.168.1.3:63952 213.186.33.73:25 ESTABLISHED
TCP 192.168.1.3:63954 208.240.15.24:25 TIME_WAIT
TCP 192.168.1.3:63955 210.142.243.98:25 TIME_WAIT
TCP 192.168.1.3:63956 209.85.219.38:25 TIME_WAIT
TCP 192.168.1.3:63957 195.98.230.101:25 TIME_WAIT
TCP 192.168.1.3:63958 216.82.118.94:25 TIME_WAIT
TCP 192.168.1.3:63959 130.218.102.215:25 TIME_WAIT
TCP 192.168.1.3:63960 74.43.119.9:25 TIME_WAIT
TCP 192.168.1.3:63961 66.175.131.131:25 TIME_WAIT
TCP 192.168.1.3:63963 193.230.192.1:25 TIME_WAIT
TCP 192.168.1.3:63964 208.104.244.55:25 TIME_WAIT
TCP 192.168.1.3:63966 81.31.160.34:25 TIME_WAIT
TCP 192.168.1.3:63967 192.146.1.52:25 TIME_WAIT
TCP 192.168.1.3:63968 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:63969 72.14.164.85:25 TIME_WAIT
TCP 192.168.1.3:63970 64.18.7.10:25 TIME_WAIT
TCP 192.168.1.3:63971 207.97.249.207:25 TIME_WAIT
TCP 192.168.1.3:63972 151.1.196.76:25 TIME_WAIT
TCP 192.168.1.3:63974 70.159.40.50:25 TIME_WAIT
TCP 192.168.1.3:63975 193.252.22.142:25 TIME_WAIT
TCP 192.168.1.3:63976 192.146.1.51:25 TIME_WAIT
TCP 192.168.1.3:63977 67.112.74.101:25 ESTABLISHED
TCP 192.168.1.3:63978 69.129.39.234:25 TIME_WAIT
TCP 192.168.1.3:63979 209.85.219.1:25 TIME_WAIT
TCP 192.168.1.3:63980 137.53.6.170:25 TIME_WAIT
TCP 192.168.1.3:63981 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:63982 82.85.25.135:25 TIME_WAIT
TCP 192.168.1.3:63983 66.117.202.205:25 TIME_WAIT
TCP 192.168.1.3:63984 65.193.218.2:25 FIN_WAIT_2
TCP 192.168.1.3:63985 64.18.5.10:25 TIME_WAIT
TCP 192.168.1.3:63987 206.213.176.68:25 TIME_WAIT
TCP 192.168.1.3:63988 213.176.128.18:25 TIME_WAIT
TCP 192.168.1.3:63989 72.32.252.23:25 TIME_WAIT
TCP 192.168.1.3:63990 194.60.217.72:25 TIME_WAIT
TCP 192.168.1.3:63991 206.47.106.136:25 TIME_WAIT
TCP 192.168.1.3:63992 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:63993 64.179.37.210:25 TIME_WAIT
TCP 192.168.1.3:63994 84.96.69.150:25 TIME_WAIT
TCP 192.168.1.3:63995 202.90.141.3:25 TIME_WAIT
TCP 192.168.1.3:63996 66.170.45.71:25 TIME_WAIT
TCP 192.168.1.3:63997 94.190.189.1:25 TIME_WAIT
TCP 192.168.1.3:63998 167.206.51.75:25 TIME_WAIT
TCP 192.168.1.3:64001 69.15.160.61:25 TIME_WAIT
TCP 192.168.1.3:64002 210.134.58.73:25 TIME_WAIT
TCP 192.168.1.3:64003 209.250.64.25:25 TIME_WAIT
TCP 192.168.1.3:64004 85.10.193.17:25 TIME_WAIT
TCP 192.168.1.3:64005 209.85.107.138:25 TIME_WAIT
TCP 192.168.1.3:64007 66.119.15.4:25 TIME_WAIT
TCP 192.168.1.3:64008 217.22.232.6:25 TIME_WAIT
TCP 192.168.1.3:64009 202.108.252.141:25 TIME_WAIT
TCP 192.168.1.3:64010 218.40.30.114:25 TIME_WAIT
TCP 192.168.1.3:64012 199.6.139.15:25 TIME_WAIT
TCP 192.168.1.3:64013 202.238.53.197:25 TIME_WAIT
TCP 192.168.1.3:64014 207.36.201.109:25 TIME_WAIT
TCP 192.168.1.3:64015 208.65.144.12:25 TIME_WAIT
TCP 192.168.1.3:64016 212.23.3.232:25 TIME_WAIT
TCP 192.168.1.3:64017 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:64018 64.18.5.10:25 TIME_WAIT
TCP 192.168.1.3:64019 200.144.6.202:25 TIME_WAIT
TCP 192.168.1.3:64020 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:64021 80.208.145.5:25 TIME_WAIT
TCP 192.168.1.3:64022 165.138.78.150:25 TIME_WAIT
TCP 192.168.1.3:64023 212.241.210.94:25 TIME_WAIT
TCP 192.168.1.3:64024 62.42.230.187:25 TIME_WAIT
TCP 192.168.1.3:64025 208.65.145.2:25 TIME_WAIT
TCP 192.168.1.3:64026 210.193.194.3:25 TIME_WAIT
TCP 192.168.1.3:64027 200.254.131.245:25 TIME_WAIT
TCP 192.168.1.3:64028 174.133.249.194:25 TIME_WAIT
TCP 192.168.1.3:64029 201.25.31.24:25 TIME_WAIT
TCP 192.168.1.3:64030 85.91.64.104:25 TIME_WAIT
TCP 192.168.1.3:64031 213.158.196.196:25 TIME_WAIT
TCP 192.168.1.3:64032 17.148.20.65:25 ESTABLISHED
TCP 192.168.1.3:64033 74.52.162.178:25 TIME_WAIT
TCP 192.168.1.3:64034 200.40.30.218:25 TIME_WAIT
TCP 192.168.1.3:64035 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:64038 200.234.200.27:25 TIME_WAIT
TCP 192.168.1.3:64039 76.12.113.49:25 TIME_WAIT
TCP 192.168.1.3:64040 198.178.147.2:25 TIME_WAIT
TCP 192.168.1.3:64041 217.116.0.152:25 TIME_WAIT
TCP 192.168.1.3:64042 193.188.140.28:25 TIME_WAIT
TCP 192.168.1.3:64043 64.18.6.14:25 TIME_WAIT
TCP 192.168.1.3:64044 209.136.48.174:25 TIME_WAIT
TCP 192.168.1.3:64046 211.43.197.93:25 TIME_WAIT
TCP 192.168.1.3:64048 82.197.64.152:25 TIME_WAIT
TCP 192.168.1.3:64049 77.238.177.142:25 TIME_WAIT
TCP 192.168.1.3:64050 194.116.198.82:25 TIME_WAIT
TCP 192.168.1.3:64051 201.55.62.23:25 TIME_WAIT
TCP 192.168.1.3:64052 217.12.11.64:25 TIME_WAIT
TCP 192.168.1.3:64053 81.228.11.160:25 TIME_WAIT
TCP 192.168.1.3:64055 89.104.224.248:25 TIME_WAIT
TCP 192.168.1.3:64056 193.252.22.142:25 TIME_WAIT
TCP 192.168.1.3:64057 193.251.214.113:25 TIME_WAIT
TCP 192.168.1.3:64058 80.74.159.61:25 TIME_WAIT
TCP 192.168.1.3:64059 195.92.225.82:25 TIME_WAIT
TCP 192.168.1.3:64060 62.214.56.104:25 TIME_WAIT
TCP 192.168.1.3:64061 212.77.101.4:25 TIME_WAIT
TCP 192.168.1.3:64062 194.134.0.168:25 TIME_WAIT
TCP 192.168.1.3:64066 212.227.39.2:25 TIME_WAIT
TCP 192.168.1.3:64067 195.2.179.92:25 TIME_WAIT
TCP 192.168.1.3:64068 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:64069 63.247.141.195:25 TIME_WAIT
TCP 192.168.1.3:64071 212.184.29.218:25 TIME_WAIT
TCP 192.168.1.3:64072 87.96.215.30:25 TIME_WAIT
TCP 192.168.1.3:64073 213.75.3.134:25 TIME_WAIT
TCP 192.168.1.3:64074 85.13.158.6:25 TIME_WAIT
TCP 192.168.1.3:64076 65.183.99.150:25 TIME_WAIT
TCP 192.168.1.3:64078 203.209.228.230:25 TIME_WAIT
TCP 192.168.1.3:64080 65.241.34.170:25 TIME_WAIT
TCP 192.168.1.3:64082 211.127.147.158:25 TIME_WAIT
TCP 192.168.1.3:64083 67.15.241.3:25 TIME_WAIT
TCP 192.168.1.3:64084 157.205.238.165:25 TIME_WAIT
TCP 192.168.1.3:64085 64.18.7.10:25 TIME_WAIT
TCP 192.168.1.3:64086 71.16.194.151:25 TIME_WAIT
TCP 192.168.1.3:64087 134.67.221.150:25 TIME_WAIT
TCP 192.168.1.3:64088 155.198.5.152:25 TIME_WAIT
TCP 192.168.1.3:64089 204.85.2.230:25 TIME_WAIT
TCP 192.168.1.3:64090 208.65.144.13:25 TIME_WAIT
TCP 192.168.1.3:64091 216.54.9.5:25 TIME_WAIT
TCP 192.168.1.3:64092 208.65.145.3:25 TIME_WAIT
TCP 192.168.1.3:64093 207.138.84.241:25 TIME_WAIT
TCP 192.168.1.3:64095 129.237.24.90:25 TIME_WAIT
TCP 192.168.1.3:64097 209.198.112.38:25 TIME_WAIT
TCP 192.168.1.3:64098 69.20.116.20:25 TIME_WAIT
TCP 192.168.1.3:64099 129.237.24.89:25 TIME_WAIT
TCP 192.168.1.3:64100 200.169.216.50:25 TIME_WAIT
TCP 192.168.1.3:64101 129.237.24.88:25 TIME_WAIT
TCP 192.168.1.3:64102 72.242.11.155:25 TIME_WAIT
TCP 192.168.1.3:64103 209.85.219.38:25 TIME_WAIT
TCP 192.168.1.3:64104 129.237.24.87:25 TIME_WAIT
TCP 192.168.1.3:64105 81.23.87.86:25 TIME_WAIT
TCP 192.168.1.3:64106 85.214.51.113:25 TIME_WAIT
TCP 192.168.1.3:64107 91.118.7.244:25 TIME_WAIT
TCP 192.168.1.3:64108 207.218.248.67:25 TIME_WAIT
TCP 192.168.1.3:64109 208.65.144.12:25 TIME_WAIT
TCP 192.168.1.3:64110 209.162.223.64:25 TIME_WAIT
TCP 192.168.1.3:64112 69.15.66.18:25 TIME_WAIT
TCP 192.168.1.3:64113 64.12.138.57:25 TIME_WAIT
TCP 192.168.1.3:64116 209.162.223.65:25 TIME_WAIT
TCP 192.168.1.3:64118 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:64120 64.18.6.14:25 TIME_WAIT
TCP 192.168.1.3:64121 193.252.22.142:25 TIME_WAIT
TCP 192.168.1.3:64122 192.115.106.58:25 TIME_WAIT
TCP 192.168.1.3:64123 202.155.73.136:25 ESTABLISHED
TCP 192.168.1.3:64124 4.22.69.18:25 TIME_WAIT
TCP 192.168.1.3:64129 198.206.246.198:25 TIME_WAIT
TCP 192.168.1.3:64130 204.244.36.216:25 TIME_WAIT
TCP 192.168.1.3:64131 192.231.124.150:25 TIME_WAIT
TCP 192.168.1.3:64132 198.206.246.35:25 TIME_WAIT
TCP 192.168.1.3:64133 204.244.36.216:25 TIME_WAIT
TCP 192.168.1.3:64134 75.146.8.65:25 TIME_WAIT
TCP 192.168.1.3:64135 198.206.246.155:25 TIME_WAIT
TCP 192.168.1.3:64136 202.248.238.10:25 TIME_WAIT
TCP 192.168.1.3:64137 66.114.252.224:25 TIME_WAIT
TCP 192.168.1.3:64138 200.245.2.132:25 TIME_WAIT
TCP 192.168.1.3:64139 216.185.225.133:25 TIME_WAIT
TCP 192.168.1.3:64141 198.206.246.199:25 TIME_WAIT
TCP 192.168.1.3:64142 216.182.241.12:25 TIME_WAIT
TCP 192.168.1.3:64145 203.209.228.230:25 TIME_WAIT
TCP 192.168.1.3:64148 62.159.141.156:25 TIME_WAIT
TCP 192.168.1.3:64149 210.69.181.251:25 TIME_WAIT
TCP 192.168.1.3:64150 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:64151 158.132.19.197:25 TIME_WAIT
TCP 192.168.1.3:64152 173.9.235.73:25 CLOSING
TCP 192.168.1.3:64155 204.244.36.216:25 TIME_WAIT
TCP 192.168.1.3:64156 209.85.219.38:25 TIME_WAIT
TCP 192.168.1.3:64157 12.198.150.140:25 TIME_WAIT
TCP 192.168.1.3:64158 138.100.200.12:25 TIME_WAIT
TCP 192.168.1.3:64159 80.12.242.9:25 TIME_WAIT
TCP 192.168.1.3:64160 200.198.220.101:25 TIME_WAIT
TCP 192.168.1.3:64161 202.238.83.14:25 TIME_WAIT
TCP 192.168.1.3:64162 194.213.200.21:25 TIME_WAIT
TCP 192.168.1.3:64164 67.90.198.228:25 TIME_WAIT
TCP 192.168.1.3:64165 209.198.112.38:25 TIME_WAIT
TCP 192.168.1.3:64167 67.155.196.232:25 TIME_WAIT
TCP 192.168.1.3:64169 193.140.192.48:25 TIME_WAIT
TCP 192.168.1.3:64170 67.90.198.231:25 TIME_WAIT
TCP 192.168.1.3:64171 206.165.245.160:25 TIME_WAIT
TCP 192.168.1.3:64172 204.244.250.228:25 TIME_WAIT
TCP 192.168.1.3:64173 91.121.63.87:25 TIME_WAIT
TCP 192.168.1.3:64174 128.210.175.96:25 TIME_WAIT
TCP 192.168.1.3:64176 203.226.255.61:25 CLOSING
TCP 192.168.1.3:64177 209.52.149.136:25 TIME_WAIT
TCP 192.168.1.3:64178 212.58.3.40:25 ESTABLISHED
TCP 192.168.1.3:64179 209.85.219.33:25 TIME_WAIT
TCP 192.168.1.3:64180 67.192.185.254:25 TIME_WAIT
TCP 192.168.1.3:64181 203.183.218.10:25 TIME_WAIT
TCP 192.168.1.3:64182 209.85.219.38:25 CLOSING
TCP 192.168.1.3:64184 204.244.36.216:25 TIME_WAIT
TCP 192.168.1.3:64187 204.14.0.6:25 TIME_WAIT
TCP 192.168.1.3:64188 65.15.75.219:25 TIME_WAIT
TCP 192.168.1.3:64189 173.24.105.197:25 ESTABLISHED
TCP 192.168.1.3:64190 193.234.194.142:25 ESTABLISHED
TCP 192.168.1.3:64191 59.151.4.5:25 ESTABLISHED
TCP 192.168.1.3:64192 209.85.219.33:25 ESTABLISHED
TCP 192.168.1.3:64193 192.115.97.253:25 ESTABLISHED
TCP 192.168.1.3:64194 209.181.247.105:25 ESTABLISHED
TCP 192.168.1.3:64195 209.170.189.24:25 TIME_WAIT
TCP 192.168.1.3:64197 208.65.145.12:25 FIN_WAIT_1
TCP 192.168.1.3:64198 216.198.218.133:25 ESTABLISHED
TCP 192.168.1.3:64199 128.121.4.6:25 TIME_WAIT
TCP 192.168.1.3:64200 207.126.147.10:25 TIME_WAIT
TCP 192.168.1.3:64201 209.85.219.33:25 ESTABLISHED
TCP 192.168.1.3:64202 32.97.182.146:25 ESTABLISHED
TCP 192.168.1.3:64203 200.58.160.27:25 ESTABLISHED
TCP 192.168.1.3:64204 64.18.6.14:25 ESTABLISHED
TCP 192.168.1.3:64205 207.217.125.16:25 ESTABLISHED
TCP 192.168.1.3:64206 32.97.110.150:25 SYN_SENT
TCP 192.168.1.3:64207 171.16.251.85:25 ESTABLISHED
TCP 192.168.1.3:64208 195.6.160.162:25 SYN_SENT
TCP [::]:135 [::]:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
TCP [::]:49152 [::]:0 LISTENING
TCP [::]:49153 [::]:0 LISTENING
TCP [::]:49154 [::]:0 LISTENING
TCP [::]:49155 [::]:0 LISTENING
TCP [::]:49156 [::]:0 LISTENING
TCP [::]:49157 [::]:0 LISTENING
UDP 0.0.0.0:123 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:49152 *:*
UDP 0.0.0.0:53950 *:*
UDP 0.0.0.0:55929 *:*
UDP 0.0.0.0:62307 *:*
UDP 0.0.0.0:63609 *:*
UDP 0.0.0.0:64670 *:*
UDP 0.0.0.0:64978 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:53447 *:*
UDP 127.0.0.1:54443 *:*
UDP 127.0.0.1:56415 *:*
UDP 127.0.0.1:61320 *:*
UDP 192.168.1.3:137 *:*
UDP 192.168.1.3:138 *:*
UDP 192.168.1.3:1900 *:*
UDP 192.168.1.3:5353 *:*
UDP 192.168.1.3:54442 *:*
UDP [::]:123 *:*
UDP [::]:500 *:*
UDP [::]:5355 *:*
UDP [::]:49153 *:*
UDP [::1]:1900 *:*
UDP [::1]:54440 *:*
UDP [fe80::100:7f:fffe%11]:1900 *:*
UDP [fe80::100:7f:fffe%11]:54441 *:*
UDP [fe80::38a3:a9f:2d55:5605%9]:1900 *:*
UDP [fe80::38a3:a9f:2d55:5605%9]:54439 *:*
UDP [fe80::6502:f05c:6417:9184%10]:1900 *:*
UDP [fe80::6502:f05c:6417:9184%10]:54438 *:*
UDP [fe80::ada7:27e6:ce6c:ff16%13]:1900 *:*
UDP [fe80::ada7:27e6:ce6c:ff16%13]:54437 *:*
Y ac ontinuacion el hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:43, on 22/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\CloneCD\CloneCDTray.exe
C:\Program Files\FarStone VirtualDrive\vdtask.exe
C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Loquendo\HalReader.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rebelion.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://support.thetechguys.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] "C:\Windows\RaidTool\xInsIDE.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Windows\RtHDVCpl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] "C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Skytel] "C:\Windows\Skytel.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam gaming\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Ultra Hal Text-to-Speech Reader Startup.lnk = ?
O8 - Extra context menu item: Enviar por Bluetooth - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Enviar por Mensaje (&M)... - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B46632A7-6B24-4682-AB3B-FA60FC5BE0F7}: NameServer = 80.58.0.33,80.58.32.97
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TMBMServer - Trend Micro Inc. - (no file)
O23 - Service: TmPfw - Trend Micro Inc. - (no file)
O23 - Service: tmproxy - Trend Micro Inc. - (no file)
--
End of file - 9134 bytes
-
Pues sí, estás enviando correo al por mayor...
Reinicia en Modo seguro, saca otra vez un log del HijackThis y uno del Autoruns (clic aquí) (http://www.daboweb.com/foros/index.php/topic,25707.0.html)...
-
HiJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:42, on 22/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rebelion.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] "C:\Windows\RaidTool\xInsIDE.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Windows\RtHDVCpl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] "C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Skytel] "C:\Windows\Skytel.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam gaming\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Ultra Hal Text-to-Speech Reader Startup.lnk = ?
O8 - Extra context menu item: Enviar por Bluetooth - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Enviar por Mensaje (&M)... - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B46632A7-6B24-4682-AB3B-FA60FC5BE0F7}: NameServer = 80.58.0.33,80.58.32.97
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TMBMServer - Trend Micro Inc. - (no file)
O23 - Service: TmPfw - Trend Micro Inc. - (no file)
O23 - Service: tmproxy - Trend Micro Inc. - (no file)
--
End of file - 8211 bytes
Autoruns:
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ Adobe Reader Speed Launcher Adobe Acrobat SpeedLauncher (Verified) Adobe Systems, Incorporated c:\program files\adobe\reader 9.0\reader\reader_sl.exe
+ AppleSyncNotifier AppleSyncNotifier (Verified) Apple Inc. c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe
+ AVG8_TRAY AVG Tray Monitor (Verified) AVG Technologies c:\program files\avg\avg8\avgtray.exe
+ BtTray BlueSoleil Bttray c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bttray.exe
+ CanonSolutionMenu CNSLMAIN (Verified) Canon Inc. c:\program files\canon\solutionmenu\cnslmain.exe
+ CloneCDTray CloneCD Tray (Not verified) SlySoft, Inc. c:\program files\clonecd\clonecdtray.exe
+ iTunesHelper iTunesHelper Module (Verified) Apple Inc. c:\program files\itunes\ituneshelper.exe
+ JMB36X IDE Setup c:\windows\raidtool\xinside.exe
+ OpwareSE4 OCR Aware (Verified) Nuance Communications, Inc. c:\program files\scansoft\omnipagese4\opwarese4.exe
+ QuickTime Task QuickTime Task (Not verified) Apple Inc. c:\program files\quicktime\qttask.exe
+ RAMDrive RDTask Microsoft ??????? (Not verified) FarStone Technology, Inc. c:\program files\farstone virtualdrive\vhd\rdtask.exe
+ SSBkgdUpdate SSBkgdUpdate (Verified) Nuance Communications, Inc. c:\program files\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe
+ SunJavaUpdateSched Java(TM) Platform SE binary (Verified) Sun Microsystems, Inc. c:\program files\java\jre6\bin\jusched.exe
+ VirtualDrive VirtualDrive VDTask (Not verified) FarStone Technology Inc. c:\program files\farstone virtualdrive\vdtask.exe
+ WrtMon.exe NsWrtMon Microsoft Base Class Application c:\windows\system32\spool\drivers\w32x86\3\wrtmon.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
+ Ultra Hal Text-to-Speech Reader Startup.lnk InstallShield (Not verified) InstallShield Software Corp. c:\windows\installer\{96ef451e-a402-44d8-baee-d70d558a4122}\new_shortcut_s1449_0eb7cdb78e0c4a918d2ca535d5b8160c.exe
C:\Users\Aleksander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ Steam Steam (Verified) Valve c:\program files\steam gaming\steam.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
+ linkscanner Safe Search pluggable protocol (Verified) AVG Technologies c:\program files\avg\avg8\avgpp.dll
+ skype4com Skype for COM API (Verified) Skype Technologies SA c:\windows\system32\skype4com.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ MakeFile_VDGD Class VDShell Module (Not verified) FarStone Technology Inc. c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\Shellex\DragDropHandlers
HKLM\Software\Classes\Directory\Shellex\DragDropHandlers
HKCU\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKCU\Software\Classes\Directory\Shellex\CopyHookHandlers
HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers
+ IVTCopyMonitor BluetoothManager Module c:\windows\system32\bsshell.dll
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
+ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell Extension PDF Shell Extension (Verified) Adobe Systems, Incorporated c:\program files\common files\adobe\acrobat\activex\pdfshell.dll
HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ FolderShell_VDGD Class VDShell Module (Not verified) FarStone Technology Inc. c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ iTunes iTunes Mini Player DLL (Verified) Apple Inc. c:\program files\itunes\itunesminiplayer.dll
+ OpenOffice.org Column Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Infotip Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Property Sheet Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Thumbnail Viewer (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ Skladnik rozszerzenia powloki CorelDRAW Shell Extension DLL (Not verified) Corel Corporation c:\program files\corel\corel graphics 11\draw\cdrviewer\crlshell110.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ Adobe PDF Link Helper Adobe PDF Helper for Internet Explorer (Verified) Adobe Systems, Incorporated c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
+ AVG Safe Search Safe Search for Internet Explorer (Verified) AVG Technologies c:\program files\avg\avg8\avgssie.dll
+ AVGTOOLBAR AVG Security Toolbar (Verified) AVG Technologies c:\program files\avg\avg8\avgtoolbar.dll
+ Java(tm) Plug-In 2 SSV Helper Java(TM) Platform SE binary (Not verified) Sun Microsystems, Inc. c:\program files\java\jre6\bin\jp2ssv.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ aawservice Ad-Aware service File not found: C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
+ Apple Mobile Device Proporciona la interfaz a los dispositivos móviles de Apple. (Verified) Apple Inc. c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
+ avg8emc AVG E-Mail Scanner (Verified) AVG Technologies c:\program files\avg\avg8\avgemc.exe
+ avg8wd AVG Watchdog Service (Verified) AVG Technologies c:\program files\avg\avg8\avgwdsvc.exe
+ BlueSoleilCS Manages bluetooth hardware and provides bluetooth functions. c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bluesoleilcs.exe
+ Bonjour Service Bonjour permite que aplicaciones como iTunes y Safari anuncien y descubran servicios en la red local. Si tiene Bonjour en ejecución, le permitirá conectarse con dispositivos hardware como el Apple TV y con servicios de software, como archivos compartidos de iTunes y AirTunes. Si desactiva Bonjour, los servicios de red que dependan de él explícitamente no se podrán iniciar. (Verified) Apple Inc. c:\program files\bonjour\mdnsresponder.exe
+ BsHelpCS BsHelpCS Module c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bshelpcs.exe
+ BsMobileCS BsMobileCS Module c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bsmobilecs.exe
+ fsusd32 File System Camera Devices DLL (Not verified) Microsoft Corporation c:\windows\system32\fsusd32.dll
+ getPlus(R) Helper getPlus(R) Helper (Verified) Adobe Systems Incorporated c:\program files\nos\bin\getplus_helpersvc.exe
+ IDriverT Provides support for the Running Object Table for InstallShield Drivers (Not verified) Macrovision Corporation c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe
+ iPod Service Servicios de administración del hardware del iPod (Verified) Apple Inc. c:\program files\ipod\bin\ipodservice.exe
+ Steam Client Service Steam Client Service monitors and updates Steam content (Verified) Valve c:\program files\common files\steam\steamservice.exe
HKLM\System\CurrentControlSet\Services
+ AvgLdx86 AVG AVI Loader Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgldx86.sys
+ AvgMfx86 AVG Resident Shield Minifilter Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgmfx86.sys
+ AvgRkx86 AVG Anti-Rootkit Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgrkx86.sys
+ AvgTdiX AVG Network connection watcher (Verified) AVG Technologies c:\windows\system32\drivers\avgtdix.sys
+ ElbyCDFL ElbyCDIO Filter Driver (Not verified) SlySoft, Inc. c:\windows\system32\drivers\elbycdfl.sys
+ ElbyCDIO ElbyCD Windows NT/2000/XP I/O driver (Not verified) Elaborate Bytes AG c:\windows\system32\drivers\elbycdio.sys
+ fcdabus FarStone Bus Enumerator (Verified) Farstone Technology Inc c:\windows\system32\drivers\fcdabus.sys
+ fsRamDsk (Verified) Farstone Technology Inc c:\windows\system32\drivers\fsramdsk.sys
+ FVXSCSI FarStone SCSI Miniport (Verified) Farstone Technology Inc c:\windows\system32\drivers\fvxscsi.sys
+ hamachi Hamachi Virtual Network Interface Driver (Verified) LogMeIn, Inc. c:\windows\system32\drivers\hamachi.sys
+ NPF npf (Not verified) CACE Technologies c:\windows\system32\drivers\npf.sys
+ sptd c:\windows\system32\drivers\sptd.sys
+ tmactmon TrendMicro Activity Monitor Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmactmon.sys
+ tmcomm TrendMicro Common Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmcomm.sys
+ tmevtmgr TrendMicro Event Management Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmevtmgr.sys
+ tmpreflt Trend Filter Driver (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmpreflt.sys
+ tmxpflt Trend Functionality Driver (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmxpflt.sys
+ vsapint Trend Virus ScanEngine (Verified) Trend Micro, Inc. c:\windows\system32\drivers\vsapint.sys
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
+ msacm.ac3acm AC-3 ACM Codec (Not verified) fccHandler c:\windows\system32\ac3acm.acm
+ msacm.ac3filter c:\windows\system32\ac3filter.acm
+ msacm.clmp3enc CLMP3Enc (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\clmp3enc.acm
+ msacm.divxa32 DivX WMA Audi (Not verified) Kristal Studi c:\windows\system32\divxa32.acm
+ msacm.l3fhg MPEG Audio Layer-3 Codec for MSACM (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS c:\windows\system32\mp3fhg.acm
+ msacm.lameacm Lame MP3 codec engine (Not verified) http://www.mp3dev.org/ c:\windows\system32\lameacm.acm
+ msacm.msaudio1 Windows Media Audio (Not verified) Microsoft Corporation c:\windows\system32\msaud32.acm
+ msacm.sl_anet Audio codec for MS ACM (Not verified) Sipro Lab Telecom Inc. c:\windows\system32\sl_anet.acm
+ msacm.vorbis Ogg Vorbis CODEC for MSACM (Not verified) HMS http://hp.vector.co.jp/authors/VA012897/ c:\windows\system32\vorbis.acm
+ VIDC.DIVX DivX (Not verified) DivX, Inc. c:\windows\system32\divx.dll
+ VIDC.FFDS DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ VIDC.HFYU Huffyuv lossless video codec (Not verified) Disappearing Inc. c:\windows\system32\huffyuv.dll
+ vidc.i263 Intel I.263 Video Driver 2.55.012 (Not verified) Intel Corporation c:\windows\system32\i263_32.drv
+ VIDC.VP60 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP61 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP62 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP70 VP70 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp7vfw.dll
+ VIDC.X264 c:\windows\system32\x264vfw.dll
+ VIDC.XVID c:\windows\system32\xvidvfw.dll
+ VIDC.YV12 Helix YV12 YUV Codec (Not verified) www.helixcommunity.org c:\windows\system32\yv12vfw.dll
HKLM\Software\Classes\Filter
+ LAME MPEG Layer III Audio Encoder c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
+ 3ivx Audio Decoder 3ivx D4 4.5 DirectShow Audio Decoder (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsaudiodecoder.ax
+ 3ivx D4 Audio Encoder 3ivx D4 4.5 DirectShow Audio Encoder (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsaudioencoder.ax
+ 3ivx Media Splitter 3ivx D4 4.5 DirectShow Media Splitter (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsmediasplitter.ax
+ aac_parser Direct show parser filter for ADTS c:\program files\codecpack de elisoft\aac\aac_parser.ax
+ AC3File c:\program files\k-lite codec pack\filters\ac3file.ax
+ AC3Filter ac3filter c:\program files\total video converter\ac3filter.cpl
+ Avi Source Avi Splitter (Not verified) Gabest c:\windows\system32\avisplitter.ax
+ Avi Splitter Avi Splitter (Not verified) Gabest c:\windows\system32\avisplitter.ax
+ AVI2AC3 c:\program files\codecpack de elisoft\dts\avi2ac3dts.ax
+ CDXA Reader CDXA Reader Filter (Not verified) Gabest c:\windows\system32\cdxareader.ax
+ CoreAAC Audio Decoder CoreAAC c:\windows\system32\coreaac.ax
+ CoreFLAC Audio Decoder CoreFLAC Audio Decoder & Source DirectShow Filter (Not verified) - c:\windows\system32\coreflacdecoder.ax
+ CoreFLAC Audio Source CoreFLAC Audio Decoder & Source DirectShow Filter (Not verified) - c:\windows\system32\coreflacdecoder.ax
+ CoreVorbis Audio Decoder CoreVorbis (Not verified) - c:\windows\system32\corevorbis.ax
+ CyberLink Audio Noise Reduction CLAuNR (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaunrwrapper.ax
+ CyberLink Audio Resampler CLAuRsmpl.ax (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaursmpl.ax
+ CyberLink Audio VolumeBooster CyberLink Audio Volume Booster Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvb.ax
+ CyberLink AudioCD Filter CyberLink AudioCD Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaudiocd.ax
+ Cyberlink Dump Dispatch Filter Cyberlink File Dump Dispatch Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gdumpdispatch.ax
+ Cyberlink Dump Filter Cyberlink File Dump Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gdump.ax
+ CyberLink Editing Service 3.0 (Source) CES Kernel (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gedtkrn.dll
+ Cyberlink File Reader (Async.) Cyberlink MPEG File Reader (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2greader.ax
+ CyberLink Load Image Filter CLImage (Not verified) CyberLink c:\program files\cyberlink\shared files\climage.ax
+ CyberLink LPCM Converter LPCM Converter Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2glpcmcvrt.ax
+ CyberLink M2V Writer CLM2VWriter (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gm2vwriter.ax
+ CyberLink MP3/WAV Wrapper CyberLink MP3 Wrapper (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gmp3wrap.ax
+ CyberLink MPEG Decoder CyberLink Video/SP Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gmvd.ax
+ CyberLink MPEG Muxer MpgMux (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gmpgmux.ax
+ CyberLink MPEG Video Encoder CyberLink MPEG Video Encoder (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvidenc.ax
+ CyberLink MPEG-1 Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gm1spliter.ax
+ CyberLink MPEG-2 Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gm2spliter.ax
+ CyberLink PCM Wrapper CyberLink PCM Wrapper (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gpcmenc.ax
+ CyberLink TimeStretch Filter (CES) CLAuTS.ax (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gauts.ax
+ CyberLink TL MPEG Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gtlmsplter.ax
+ CyberLink Video Effect CLVidFx (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gvidfx.ax
+ CyberLink Video Regulator CLRGL (Not verified) Cyberlink c:\program files\cyberlink\power2go\p2grgl.ax
+ CyberLink Video Stabilizer CLVideoDeShaking (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gvideostabilizer.ax
+ CyberLink Video/SP Decoder CyberLink Video/SP Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvsd.ax
+ DC-Bass Source DirectShow™ Audio Decoder (Not verified) http://www.dsp-worx.de c:\program files\k-lite codec pack\filters\dcbasssource.ax
+ DirectVobSub VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth (Not verified) Gabest c:\windows\system32\vsfilter.dll
+ DirectVobSub (auto-loading version) VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth (Not verified) Gabest c:\windows\system32\vsfilter.dll
+ DivX Decoder Filter DivX® Decoder Filter (Not verified) DivXNetworks, Inc. c:\program files\codecpack de elisoft\divx511\divxdec.ax
+ DTS/AC3/DD+ Source DTS/AC3 Sorce Filter (Not verified) Gabest c:\program files\xp codec pack\filters\dtsac3source.ax
+ ffdshow Audio Decoder DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow Audio Processor DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow raw video filter DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow subtitles filter DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow Video Decoder DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ File Source (MO3/XM/IT) c:\program files\codecpack de elisoft\modtrack\modsource.ax
+ File Source (Monkey Audio) c:\program files\k-lite codec pack\filters\monkeysource.ax
+ FLV Source FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV Source Filter FLV Source Filter (Not verified) SWiSHzone.com Pty Ltd c:\program files\total video converter\flv.ax
+ FLV Splitter FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV4 Video Decoder FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ GPL MPEG-1/2 Decoder GPL MPEG-1/2 Decoder Filter for DirectShow (Not verified) Peter Wimmer, Gabest c:\windows\system32\gplmpgdec.ax
+ Haali Matroska Muxer Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter (AR) Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Simple Media Splitter Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Video Renderer c:\program files\k-lite codec pack\filters\haali\dxr.dll
+ Haali Video Sink Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ LAME MPEG Layer III Audio Encoder c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
+ madFlac Decoder DirectShow FLAC Decoder (Not verified) www.madshi.net c:\program files\k-lite codec pack\filters\madflac.ax
+ madFlac Source DirectShow FLAC Decoder (Not verified) www.madshi.net c:\program files\k-lite codec pack\filters\madflac.ax
+ MainConcept DV Video Decoder DirectShow DV Video Encoder and Decoder (Not verified) MainConcept c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ MainConcept DV Video Encoder DirectShow DV Video Encoder and Decoder (Not verified) MainConcept c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ Matroska Source Matroska Splitter (Not verified) Gabest c:\windows\system32\matroskasplitter.ax
+ Matroska Splitter Matroska Splitter (Not verified) Gabest c:\windows\system32\matroskasplitter.ax
+ Microcrap MPEG-4 Video Decompressor Microcrap MPEG-4 Video Decompressor (Not verified) Microcrap Corporation c:\program files\codecpack de elisoft\mpeg4\mpg4ds32.ax
+ MONOGRAM AMR Decoder AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Encoder AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Mux AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Splitter AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM Musepack Decoder mmmpcdec c:\program files\k-lite codec pack\filters\mmmpcdec.ax
+ MONOGRAM Musepack Splitter mmmpcdmx c:\program files\k-lite codec pack\filters\mmmpcdmx.ax
+ Morgan MJPEG Compressor Morgan MJPEG Compressor (Not verified) Morgan Multimedia c:\program files\codecpack de elisoft\m3jpegv3\m3jpegenc.ax
+ Morgan MJPEG Decompressor Morgan MJPEG Decompressor (Not verified) Morgan Multimedia c:\program files\codecpack de elisoft\m3jpegv3\m3jpegdec.ax
+ MotionWavelets Decompression Filter MotionWavelets Video Codec (Not verified) Aware Inc. c:\program files\codecpack de elisoft\aware\icmw_32.dll
+ MP4 Source MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MP4 Splitter MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG Layer-3 Decoder MPEG Layer-3 Audio Decoder (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS c:\windows\system32\l3codecx.ax
+ MPEG4 Video Source MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG4 Video Splitter MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPV Decoder Filter MPEG-1/2 Decoder Filter for DirectShow (Not verified) Gabest c:\program files\total video converter\mpeg2decfilter.ax
+ NewSoft Audio Encoder Filter Auido Encoder Filter (Not verified) NewSoft c:\program files\common files\newsoft\nsm2aenc.ax
+ NewSoft DeInterlace (Not verified) Newsoft c:\program files\common files\newsoft\nsdeinterlace.ax
+ NewSoft MPEG Video Decoder Filter NewSoft MPEG Video Decoder Filter (Not verified) NewSoft Corporation c:\program files\common files\newsoft\nsm2vdec.ax
+ NewSoft MPEG Video Encoder Filter MPEG Video Encoder Filter (Not verified) NewSoft c:\program files\common files\newsoft\nsm2venc.ax
+ Ogg Source Ogg Splitter (Not verified) Gabest c:\windows\system32\oggsplitter.ax
+ Ogg Splitter Ogg Splitter (Not verified) Gabest c:\windows\system32\oggsplitter.ax
+ P2G Audio Decoder CyberLink Audio Decoder Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaud.ax
+ P2G Audio Encoder CyberLink Audio Encoder Filter (Not verified) Cyberlink Corp. c:\program files\cyberlink\power2go\p2gaudenc.ax
+ P2G Video Regulator CyberLink Video Regulator (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gresample.ax
+ PICVideo Lossless JPEG Compressor PICVideo Lossless JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo Lossless JPEG Decompressor PICVideo Lossless JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo MJPEG Compressor PICVideo Motion JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo MJPEG Decompressor PICVideo Motion JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo Wavelet 2000 Compressor PICVideo Wavelet Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ PICVideo Wavelet 2000 Decompressor PICVideo Wavelet Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ QTSrc CLQTSrc (Not verified) Cyberlink c:\program files\total video converter\quicktime.ax
+ RadLight APE DirectShow Filter RLAPEDec (Not verified) RadLight c:\windows\system32\rlapedec.ax
+ RadLight MPC DirectShow Filter RLMPCDec (Not verified) RadLight c:\windows\system32\rlmpcdec.ax
+ RadLight OptimFROG DirectShow Filter RLOFRDec (Not verified) RadLight c:\windows\system32\rlofrdec.ax
+ RadLight TTA DirectShow Filter RadLight TTA DirectShow Filter (Not verified) RadLight c:\windows\system32\rlttadec.ax
+ RealAudio Decoder RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Source RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Splitter RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealVideo Decoder RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ Sample Grabber Filter Grabber Filter (Sample) (Not verified) Microsoft Corporation c:\windows\system32\samplegrabber.ax
+ T VP6 Decompression Filter (Not verified) On2.com Inc. c:\program files\total video converter\vp6dec.ax
+ T VP7 Decompression Filter (Not verified) On2.com Inc. c:\program files\k-lite codec pack\filters\vp7dec.ax
+ WavPack Audio Decoder WavPack Audio DirectShow Decoder (Not verified) - c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax
+ WavPack Audio Splitter WavPack Audio DirectShow Splitter (Not verified) - c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax
+ Windows Media Audio Decoder Windows Media Audio Decoder (Not verified) Microsoft Corporation c:\windows\system32\msadds32.ax
+ Xvid MPEG-4 Video Decoder xvid (Not verified) http://www.xvid.org c:\windows\system32\xvid.ax
HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance
HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance
HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\System\CurrentControlSet\Control\Session Manager\S0InitialCommand
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKCU\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
+ avgrsstx.dll AVG Resident Shield Starter (Verified) AVG Technologies c:\windows\system32\avgrsstx.dll
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SaveDumpStart
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
+ mdnsNSP Bonjour Namespace Provider (Not verified) Apple Inc. c:\program files\bonjour\mdnsnsp.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ BlueSoleil Print Port BsMonSvr (Not verified) IVT Corporation. c:\windows\system32\bsmonsvr.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
-
Baja el ComboFix (http://www.bleepingcomputer.com/combofix/sp/como-utilizar-combofix), reinicia en Modo seguro, dale clic con el botón derecho y selecciona 'Ejecutar como Administrador'... Deja que termine y pega aquí el contenido del archivo C:\Combofix.txt
-
Aqui lo tienes compañero:
ComboFix 09-05-22.05 - Aleksander 23/05/2009 8:40.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.34.3082.18.3070.2594 [GMT 2:00]
Running from: c:\program files\Combofix\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Internet Security Pro *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: AVG Anti-Virus *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Trend Micro Internet Security Pro *enabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\ALEKSA~1\AppData\Roaming\drivers\downld
c:\windows\system32\drivers\npf.sys
c:\windows\system32\nsprs.dll
c:\windows\system32\serauth1.dll
c:\windows\system32\serauth2.dll
c:\windows\system32\ssprs.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2009-04-23 to 2009-05-23 )))))))))))))))))))))))))))))))
.
2009-05-23 06:45 . 2009-05-23 06:47 -------- d-----w c:\users\Aleksander\AppData\Local\temp
2009-05-23 06:45 . 2009-05-23 06:47 -------- d-----w c:\users\ALEKSA~1\AppData\Local\temp
2009-05-23 06:26 . 2009-05-23 06:26 -------- d-----w c:\program files\Combofix
2009-05-22 19:00 . 2009-05-22 19:08 -------- d-----w c:\program files\Autoruns
2009-05-22 14:29 . 2009-05-22 14:29 -------- d-----w c:\program files\TcpView
2009-05-21 20:13 . 2009-05-21 23:58 -------- d-----w c:\users\Aleksander\YOUTUBE SKANDINABO
2009-05-06 20:15 . 2009-05-06 20:19 -------- d-----w c:\program files\SWF to Video Std
2009-05-05 22:06 . 2009-05-05 22:53 -------- d-----w c:\program files\Total Video Converter
2009-05-04 19:37 . 2009-05-04 19:37 -------- d-----w c:\users\Aleksander\AppData\Roaming\Eltima Software
2009-05-04 19:37 . 2009-05-04 19:37 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\Eltima Software
2009-05-04 17:32 . 2009-05-04 17:34 -------- d-----w c:\users\Aleksander\AppData\Roaming\Any Video Converter
2009-05-04 17:32 . 2009-05-04 17:34 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\Any Video Converter
2009-05-04 16:14 . 2009-05-04 16:14 -------- d-----w C:\Temp
2009-05-04 15:55 . 2009-05-04 15:56 -------- d-----w c:\windows\system32\Adobe
2009-05-04 11:17 . 2009-05-04 11:17 -------- d-----w c:\users\Aleksander\AppData\Roaming\Moyea
2009-05-04 11:17 . 2009-05-04 11:17 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\Moyea
2009-05-04 09:20 . 2009-05-04 09:20 -------- d-----w C:\DVDVideoSoft
2009-05-03 22:35 . 2009-05-03 22:35 -------- d-----w c:\users\Aleksander\AppData\Roaming\vlc
2009-05-03 22:35 . 2009-05-03 22:35 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\vlc
2009-05-01 21:47 . 2009-05-08 18:11 98304 ----a-w c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEClient.dll
2009-05-01 21:47 . 2009-03-28 17:52 94208 ----a-w c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEServer.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-23 06:48 . 2009-04-09 11:51 -------- d-----w c:\program files\Steam gaming
2009-05-23 06:41 . 2008-12-09 17:09 -------- d-----w c:\users\Aleksander\AppData\Roaming\drivers
2009-05-23 06:41 . 2008-12-09 17:09 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\drivers
2009-05-23 06:33 . 2007-07-04 01:59 663382 ----a-w c:\windows\system32\perfh00A.dat
2009-05-23 06:33 . 2007-07-04 01:59 127968 ----a-w c:\windows\system32\perfc00A.dat
2009-05-22 15:33 . 2008-08-05 09:25 -------- d-----w c:\users\Aleksander\AppData\Roaming\StarOffice8
2009-05-22 15:33 . 2008-08-05 09:25 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\StarOffice8
2009-05-22 14:26 . 2009-01-06 21:49 -------- d-----w c:\progra~2\Avg8
2009-05-21 21:53 . 2008-12-12 22:46 -------- d-----w c:\users\Aleksander\AppData\Roaming\dvdcss
2009-05-21 21:53 . 2008-12-12 22:46 -------- d-----w c:\users\ALEKSA~1\AppData\Roaming\dvdcss
2009-05-21 18:35 . 2008-07-21 18:26 -------- d-----w c:\program files\ImTOO MPEG Encoder
2009-05-21 07:10 . 2009-04-09 11:51 -------- d-----w c:\program files\Common Files\Steam
2009-05-13 10:33 . 2008-08-03 20:16 -------- d-----w c:\progra~2\NVIDIA
2009-05-13 10:24 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-06 07:43 . 2008-08-03 18:16 69928 ----a-w c:\users\Aleksander\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-06 07:43 . 2008-08-03 18:16 69928 ----a-w c:\users\ALEKSA~1\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-03 11:19 . 2008-08-22 10:11 -------- d-----w c:\program files\Soldat
2009-04-27 07:55 . 2009-01-06 22:01 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-04-27 07:55 . 2009-01-06 22:01 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-04-27 07:55 . 2009-01-06 22:01 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-04-27 07:55 . 2009-01-07 08:33 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-04-27 07:55 . 2009-01-06 22:01 12552 ----a-w c:\windows\system32\drivers\avgrkx86.sys
2009-04-20 12:20 . 2009-04-20 12:20 -------- d-----w c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-20 12:20 . 2008-08-07 09:48 -------- d-----w c:\program files\iTunes
2009-04-20 12:20 . 2009-04-20 12:20 -------- d-----w c:\program files\iPod
2009-04-20 12:20 . 2008-08-07 09:49 -------- d-----w c:\program files\Common Files\Apple
2009-04-20 12:19 . 2008-08-05 08:50 -------- d-----w c:\program files\QuickTime
2009-04-16 10:42 . 2009-04-16 10:42 25280 ----a-w c:\windows\system32\drivers\hamachi.sys
2009-04-09 14:43 . 2009-04-09 14:42 -------- d-----w c:\program files\Rockstar Games
2009-04-09 14:43 . 2007-06-29 23:12 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-09 14:03 . 2009-04-09 14:03 -------- d-----w c:\program files\Microsoft Games for Windows - LIVE
2009-03-26 13:23 . 2009-03-26 13:23 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-26 13:23 . 2009-03-26 13:23 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-03-25 08:43 . 2008-08-05 09:20 -------- d-----w c:\program files\Java
2009-03-24 11:02 . 2009-03-14 10:45 -------- d-----w c:\program files\MP3 Splitter and Joiner
2009-03-19 14:32 . 2009-04-20 12:20 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-17 03:38 . 2009-04-16 09:53 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 09:53 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-14 16:59 . 2008-08-22 12:18 102400 ----a-w c:\users\Aleksander\AppData\Roaming\Soldat\Battleye\BEClient_x86.dll
2009-03-09 04:19 . 2008-12-10 10:16 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 11:34 . 2009-05-06 22:25 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-06 22:25 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-06 22:25 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-06 22:25 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-06 22:25 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-06 22:25 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-06 22:25 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-06 22:25 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-06 22:25 103936 ----a-w c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-05-06 22:25 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-05-06 22:25 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-05-06 22:25 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-05-06 22:25 66560 ----a-w c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-05-06 22:25 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-05-06 22:25 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-05-06 22:25 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-05-06 22:25 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-05-06 22:25 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-03 04:46 . 2009-04-16 09:54 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-16 09:54 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-16 09:54 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-16 09:54 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-16 09:54 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-16 09:54 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-16 09:54 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 04:37 . 2009-04-16 09:54 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 03:04 . 2009-04-16 09:54 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-16 09:54 17408 ----a-w c:\windows\system32\iashost.exe
2009-01-20 09:21 . 2009-01-20 09:19 24 --sh--w c:\windows\S949CB655.tmp
2008-12-09 22:38 . 2008-12-09 21:41 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2008-12-09 22:38 . 2008-12-09 21:41 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
2007-03-07 12:54 . 2007-03-07 12:54 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam gaming\Steam.exe" [2009-05-19 1217784]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"RtHDVCpl"="c:\windows\RtHDVCpl.exe" [2007-05-10 4468736]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"BtTray"="c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe" [2008-08-04 226816]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"Skytel"="c:\windows\Skytel.exe" [2007-05-07 1826816]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-04-27 1947928]
"CloneCDTray"="c:\program files\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"VirtualDrive"="c:\program files\FarStone VirtualDrive\VDTask.exe" [2007-07-17 159744]
"RAMDrive"="c:\program files\FarStone VirtualDrive\VHD\RDTask.exe" [2007-03-02 135168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Ultra Hal Text-to-Speech Reader Startup.lnk - c:\windows\Installer\{96EF451E-A402-44D8-BAEE-D70D558A4122}\New_Shortcut_S1449_0EB7CDB78E0C4A918D2CA535D5B8160C.exe [2009-1-1 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8FD50CAA-DA6E-49DE-97DB-EEE58F080F9D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DA2647C2-60AE-4718-83D6-9DE9166F24B2}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4B977D33-56D3-43F6-9600-1F7B2D0D6FCF}"= UDP:c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe:BlueSoleilCS
"{5DE11D09-E27B-4B50-8F50-9E6FEE1A4793}"= TCP:c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe:BlueSoleilCS
"TCP Query User{D661DF78-3AF7-4D1D-9346-0FF43F5D2EAD}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{0E208C1E-81D5-4382-AECD-B1931378C22C}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{937F1135-9268-4E91-8BC1-F1C6AFFAA15D}c:\\program files\\soldat\\soldat.exe"= UDP:c:\program files\soldat\soldat.exe:Soldat
"UDP Query User{C5DB6CC0-F154-4A90-B5E9-1F0B0AC84EB0}c:\\program files\\soldat\\soldat.exe"= TCP:c:\program files\soldat\soldat.exe:Soldat
"{52C771B5-7B2C-4DD4-850E-0ED60C559364}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{9D35DB67-712A-40B0-B55B-C865A3C2603E}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{242D541C-563D-4371-8C50-98B4099C90F9}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{83ABE41D-9FF5-4E41-8A1F-D8D879524A97}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{0112677F-A917-4758-BC8B-E5FD430EC25D}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{50D4E9D6-D2B0-4181-9943-90B363B0C2EE}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{DDFC5427-6738-4FEE-B38D-3CDDE5CF33B6}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{02EBF8EA-BF2D-45B1-9E58-A03429AFA56F}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{98A5B811-E4BA-4FFB-A41C-BFC7864408DC}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{6DC40EC3-A3ED-4B2F-97FA-7ACA8B6A39D7}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{0C7256F5-E62F-4180-BC64-A0CCD889E503}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{55BB86E4-E19F-46B5-87F4-580F65C52DC7}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{7E45E62C-1E55-4AAD-8DE2-E20DC3582730}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{99239411-A47A-4B23-BA79-B94BE7D4311E}"= UDP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"{7F68DB5D-AF10-4A8D-93CE-89E025546BC1}"= TCP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV
"{0A78D595-DEC9-4DEA-95C4-5961CD7D0E55}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{F27E25CC-B93E-4E75-8590-8F58666207D1}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [07/01/2009 0:01 12552]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\drivers\BtHidBus.sys [31/07/2008 20:45 20616]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [07/01/2009 0:01 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [07/01/2009 10:33 108552]
R1 tmlwf;tmlwf;c:\windows\System32\drivers\tmlwf.sys [27/10/2007 2:53 141840]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [07/01/2009 22:05 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [07/01/2009 22:05 298776]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe [01/08/2008 15:55 143467]
R2 fsusd32;File System Camera Devices DLL;c:\windows\system32\rundll32.exe fsusd32.dll,yhyn --> c:\windows\system32\rundll32.exe fsusd32.dll,yhyn [?]
R2 tmevtmgr;tmevtmgr;c:\windows\System32\drivers\tmevtmgr.sys [17/09/2008 9:07 52240]
R2 tmpreflt;tmpreflt;c:\windows\System32\drivers\tmpreflt.sys [27/10/2007 2:53 36368]
R2 tmwfp;tmwfp;c:\windows\System32\drivers\tmwfp.sys [27/10/2007 2:53 228368]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\System32\drivers\IvtBtBus.sys [02/07/2008 14:58 26248]
R3 WL328F;WL382F Wireless LAN 11Mbps Adapter Service;c:\windows\System32\drivers\Atl2kR.sys [03/08/2008 20:42 93056]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [23/11/2008 16:47 33752]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\System32\drivers\LV532AV.SYS [31/01/2005 10:13 163328]
S3 TmPfw;TmPfw;
S3 tmproxy;tmproxy;
--- Other Services/Drivers In Memory ---
*Deregistered* - sptd
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.rebelion.org/
uInternet Settings,ProxyOverride = *.local
IE: Enviar por Bluetooth - c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
IE: Enviar por Mensaje (&M)... - c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
TCP: {B46632A7-6B24-4682-AB3B-FA60FC5BE0F7} = 80.58.0.33,80.58.32.97
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-23 08:48
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2806005705-1933095540-4221855803-1000\Software\SecuROM\License information*]
"datasecu"=hex:d2,b3,5f,de,f9,a4,03,a0,0b,dc,9e,06,1b,83,a9,dd,37,c6,49,91,ac,
61,43,83,51,58,26,44,b3,25,99,4b,7a,fd,fc,e3,1d,c9,42,3f,dd,44,58,ce,f8,9f,\
"rkeysecu"=hex:39,76,80,50,86,a4,f8,26,8b,3f,69,4e,e3,08,e0,b0
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(4088)
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\AVG\AVG8\avgam.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgemc.exe
c:\windows\System32\WUDFHost.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
c:\windows\System32\conime.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Loquendo\HalReader.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\spool\drivers\w32x86\3\WrtProc.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Steam\SteamService.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Completion time: 2009-05-23 8:52 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-23 06:52
Pre-Run: El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
Post-Run: 127.650.349.056 bytes libres
282 --- E O F --- 2009-05-19 07:54
-
Bueno, yo no tengo ni idea de las cosas que pone alli. Tengo el adaptador wifi del ordenador vista apagado para que no esté mandando cosas, que aver si telefónica me cierra la linea :S
¿Qué más puedo hacer?
-
¿Notaste cambios? Saca nuevos logs del HijackThis y Autoruns...
-
No, ningún cambio; la sigue mandando cosas masivamente.
De todas formas, aqui estan los logs:
HiJack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:02, on 23/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rebelion.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [JMB36X IDE Setup] "C:\Windows\RaidTool\xInsIDE.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Windows\RtHDVCpl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] "C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BtTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Skytel] "C:\Windows\Skytel.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam gaming\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Ultra Hal Text-to-Speech Reader Startup.lnk = ?
O8 - Extra context menu item: Enviar por Bluetooth - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Enviar por Mensaje (&M)... - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\TransSend\IE\tssms.htm
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B46632A7-6B24-4682-AB3B-FA60FC5BE0F7}: NameServer = 80.58.0.33,80.58.32.97
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BlueSoleilCS.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT_BlueSoleil_6.2.227.11_for_32bit_OS\BsMobileCS.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TMBMServer - Trend Micro Inc. - (no file)
O23 - Service: TmPfw - Trend Micro Inc. - (no file)
O23 - Service: tmproxy - Trend Micro Inc. - (no file)
--
End of file - 7832 bytes
Autoruns:
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ Adobe Reader Speed Launcher Adobe Acrobat SpeedLauncher (Verified) Adobe Systems, Incorporated c:\program files\adobe\reader 9.0\reader\reader_sl.exe
+ AppleSyncNotifier AppleSyncNotifier (Verified) Apple Inc. c:\program files\common files\apple\mobile device support\bin\applesyncnotifier.exe
+ AVG8_TRAY AVG Tray Monitor (Verified) AVG Technologies c:\program files\avg\avg8\avgtray.exe
+ BtTray BlueSoleil Bttray c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bttray.exe
+ CanonSolutionMenu CNSLMAIN (Verified) Canon Inc. c:\program files\canon\solutionmenu\cnslmain.exe
+ CloneCDTray CloneCD Tray (Not verified) SlySoft, Inc. c:\program files\clonecd\clonecdtray.exe
+ iTunesHelper iTunesHelper Module (Verified) Apple Inc. c:\program files\itunes\ituneshelper.exe
+ JMB36X IDE Setup c:\windows\raidtool\xinside.exe
+ OpwareSE4 OCR Aware (Verified) Nuance Communications, Inc. c:\program files\scansoft\omnipagese4\opwarese4.exe
+ QuickTime Task QuickTime Task (Not verified) Apple Inc. c:\program files\quicktime\qttask.exe
+ RAMDrive RDTask Microsoft ??????? (Not verified) FarStone Technology, Inc. c:\program files\farstone virtualdrive\vhd\rdtask.exe
+ SSBkgdUpdate SSBkgdUpdate (Verified) Nuance Communications, Inc. c:\program files\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe
+ SunJavaUpdateSched Java(TM) Platform SE binary (Verified) Sun Microsystems, Inc. c:\program files\java\jre6\bin\jusched.exe
+ VirtualDrive VirtualDrive VDTask (Not verified) FarStone Technology Inc. c:\program files\farstone virtualdrive\vdtask.exe
+ WrtMon.exe NsWrtMon Microsoft Base Class Application c:\windows\system32\spool\drivers\w32x86\3\wrtmon.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
+ Ultra Hal Text-to-Speech Reader Startup.lnk InstallShield (Not verified) InstallShield Software Corp. c:\windows\installer\{96ef451e-a402-44d8-baee-d70d558a4122}\new_shortcut_s1449_0eb7cdb78e0c4a918d2ca535d5b8160c.exe
C:\Users\Aleksander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ Steam Steam (Verified) Valve c:\program files\steam gaming\steam.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
+ linkscanner Safe Search pluggable protocol (Verified) AVG Technologies c:\program files\avg\avg8\avgpp.dll
+ skype4com Skype for COM API (Verified) Skype Technologies SA c:\windows\system32\skype4com.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ MakeFile_VDGD Class VDShell Module (Not verified) FarStone Technology Inc. c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
HKCU\Software\Classes\Directory\Shellex\DragDropHandlers
HKLM\Software\Classes\Directory\Shellex\DragDropHandlers
HKCU\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers
HKCU\Software\Classes\Directory\Shellex\CopyHookHandlers
HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers
+ IVTCopyMonitor BluetoothManager Module c:\windows\system32\bsshell.dll
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
+ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell Extension PDF Shell Extension (Verified) Adobe Systems, Incorporated c:\program files\common files\adobe\acrobat\activex\pdfshell.dll
HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ FolderShell_VDGD Class VDShell Module (Not verified) FarStone Technology Inc. c:\windows\system32\vgdshell.dll
HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ AVG8 Shell Extension AVG Shell Extension (Verified) AVG Technologies c:\program files\avg\avg8\avgse.dll
+ iTunes iTunes Mini Player DLL (Verified) Apple Inc. c:\program files\itunes\itunesminiplayer.dll
+ OpenOffice.org Column Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Infotip Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Property Sheet Handler (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ OpenOffice.org Thumbnail Viewer (Not verified) Sun Microsystems, Inc. c:\program files\staroffice\program\shlxthdl.dll
+ Skladnik rozszerzenia powloki CorelDRAW Shell Extension DLL (Not verified) Corel Corporation c:\program files\corel\corel graphics 11\draw\cdrviewer\crlshell110.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ Adobe PDF Link Helper Adobe PDF Helper for Internet Explorer (Verified) Adobe Systems, Incorporated c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
+ AVG Safe Search Safe Search for Internet Explorer (Verified) AVG Technologies c:\program files\avg\avg8\avgssie.dll
+ AVGTOOLBAR AVG Security Toolbar (Verified) AVG Technologies c:\program files\avg\avg8\avgtoolbar.dll
+ Java(tm) Plug-In 2 SSV Helper Java(TM) Platform SE binary (Not verified) Sun Microsystems, Inc. c:\program files\java\jre6\bin\jp2ssv.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
HKLM\System\CurrentControlSet\Services
+ aawservice Ad-Aware service File not found: C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
+ Apple Mobile Device Proporciona la interfaz a los dispositivos móviles de Apple. (Verified) Apple Inc. c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
+ avg8emc AVG E-Mail Scanner (Verified) AVG Technologies c:\program files\avg\avg8\avgemc.exe
+ avg8wd AVG Watchdog Service (Verified) AVG Technologies c:\program files\avg\avg8\avgwdsvc.exe
+ BlueSoleilCS Manages bluetooth hardware and provides bluetooth functions. c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bluesoleilcs.exe
+ Bonjour Service Bonjour permite que aplicaciones como iTunes y Safari anuncien y descubran servicios en la red local. Si tiene Bonjour en ejecución, le permitirá conectarse con dispositivos hardware como el Apple TV y con servicios de software, como archivos compartidos de iTunes y AirTunes. Si desactiva Bonjour, los servicios de red que dependan de él explícitamente no se podrán iniciar. (Verified) Apple Inc. c:\program files\bonjour\mdnsresponder.exe
+ BsHelpCS BsHelpCS Module c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bshelpcs.exe
+ BsMobileCS BsMobileCS Module c:\program files\ivt_bluesoleil_6.2.227.11_for_32bit_os\bsmobilecs.exe
+ fsusd32 File System Camera Devices DLL (Not verified) Microsoft Corporation c:\windows\system32\fsusd32.dll
+ getPlus(R) Helper getPlus(R) Helper (Verified) Adobe Systems Incorporated c:\program files\nos\bin\getplus_helpersvc.exe
+ IDriverT Provides support for the Running Object Table for InstallShield Drivers (Not verified) Macrovision Corporation c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe
+ iPod Service Servicios de administración del hardware del iPod (Verified) Apple Inc. c:\program files\ipod\bin\ipodservice.exe
+ Steam Client Service Steam Client Service monitors and updates Steam content (Verified) Valve c:\program files\common files\steam\steamservice.exe
HKLM\System\CurrentControlSet\Services
+ AvgLdx86 AVG AVI Loader Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgldx86.sys
+ AvgMfx86 AVG Resident Shield Minifilter Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgmfx86.sys
+ AvgRkx86 AVG Anti-Rootkit Driver (Verified) AVG Technologies c:\windows\system32\drivers\avgrkx86.sys
+ AvgTdiX AVG Network connection watcher (Verified) AVG Technologies c:\windows\system32\drivers\avgtdix.sys
+ ElbyCDFL ElbyCDIO Filter Driver (Not verified) SlySoft, Inc. c:\windows\system32\drivers\elbycdfl.sys
+ ElbyCDIO ElbyCD Windows NT/2000/XP I/O driver (Not verified) Elaborate Bytes AG c:\windows\system32\drivers\elbycdio.sys
+ fcdabus FarStone Bus Enumerator (Verified) Farstone Technology Inc c:\windows\system32\drivers\fcdabus.sys
+ fsRamDsk (Verified) Farstone Technology Inc c:\windows\system32\drivers\fsramdsk.sys
+ FVXSCSI FarStone SCSI Miniport (Verified) Farstone Technology Inc c:\windows\system32\drivers\fvxscsi.sys
+ hamachi Hamachi Virtual Network Interface Driver (Verified) LogMeIn, Inc. c:\windows\system32\drivers\hamachi.sys
+ sptd c:\windows\system32\drivers\sptd.sys
+ tmactmon TrendMicro Activity Monitor Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmactmon.sys
+ tmcomm TrendMicro Common Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmcomm.sys
+ tmevtmgr TrendMicro Event Management Module (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmevtmgr.sys
+ tmpreflt Trend Filter Driver (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmpreflt.sys
+ tmxpflt Trend Functionality Driver (Verified) Trend Micro, Inc. c:\windows\system32\drivers\tmxpflt.sys
+ vsapint Trend Virus ScanEngine (Verified) Trend Micro, Inc. c:\windows\system32\drivers\vsapint.sys
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
+ msacm.ac3acm AC-3 ACM Codec (Not verified) fccHandler c:\windows\system32\ac3acm.acm
+ msacm.ac3filter c:\windows\system32\ac3filter.acm
+ msacm.clmp3enc CLMP3Enc (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\clmp3enc.acm
+ msacm.divxa32 DivX WMA Audi (Not verified) Kristal Studi c:\windows\system32\divxa32.acm
+ msacm.l3fhg MPEG Audio Layer-3 Codec for MSACM (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS c:\windows\system32\mp3fhg.acm
+ msacm.lameacm Lame MP3 codec engine (Not verified) http://www.mp3dev.org/ c:\windows\system32\lameacm.acm
+ msacm.msaudio1 Windows Media Audio (Not verified) Microsoft Corporation c:\windows\system32\msaud32.acm
+ msacm.sl_anet Audio codec for MS ACM (Not verified) Sipro Lab Telecom Inc. c:\windows\system32\sl_anet.acm
+ msacm.vorbis Ogg Vorbis CODEC for MSACM (Not verified) HMS http://hp.vector.co.jp/authors/VA012897/ c:\windows\system32\vorbis.acm
+ VIDC.DIVX DivX (Not verified) DivX, Inc. c:\windows\system32\divx.dll
+ VIDC.FFDS DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ VIDC.HFYU Huffyuv lossless video codec (Not verified) Disappearing Inc. c:\windows\system32\huffyuv.dll
+ vidc.i263 Intel I.263 Video Driver 2.55.012 (Not verified) Intel Corporation c:\windows\system32\i263_32.drv
+ VIDC.VP60 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP61 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP62 VP6 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp6vfw.dll
+ VIDC.VP70 VP70 VIDEO FOR WINDOWS CODEC (Not verified) On2.com c:\windows\system32\vp7vfw.dll
+ VIDC.X264 c:\windows\system32\x264vfw.dll
+ VIDC.XVID c:\windows\system32\xvidvfw.dll
+ VIDC.YV12 Helix YV12 YUV Codec (Not verified) www.helixcommunity.org c:\windows\system32\yv12vfw.dll
HKLM\Software\Classes\Filter
+ LAME MPEG Layer III Audio Encoder c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
+ 3ivx Audio Decoder 3ivx D4 4.5 DirectShow Audio Decoder (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsaudiodecoder.ax
+ 3ivx D4 Audio Encoder 3ivx D4 4.5 DirectShow Audio Encoder (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsaudioencoder.ax
+ 3ivx Media Splitter 3ivx D4 4.5 DirectShow Media Splitter (Not verified) 3ivx.com c:\program files\codecpack de elisoft\3ivx\3ivxdsmediasplitter.ax
+ aac_parser Direct show parser filter for ADTS c:\program files\codecpack de elisoft\aac\aac_parser.ax
+ AC3File c:\program files\k-lite codec pack\filters\ac3file.ax
+ AC3Filter ac3filter c:\program files\total video converter\ac3filter.cpl
+ Avi Source Avi Splitter (Not verified) Gabest c:\windows\system32\avisplitter.ax
+ Avi Splitter Avi Splitter (Not verified) Gabest c:\windows\system32\avisplitter.ax
+ AVI2AC3 c:\program files\codecpack de elisoft\dts\avi2ac3dts.ax
+ CDXA Reader CDXA Reader Filter (Not verified) Gabest c:\windows\system32\cdxareader.ax
+ CoreAAC Audio Decoder CoreAAC c:\windows\system32\coreaac.ax
+ CoreFLAC Audio Decoder CoreFLAC Audio Decoder & Source DirectShow Filter (Not verified) - c:\windows\system32\coreflacdecoder.ax
+ CoreFLAC Audio Source CoreFLAC Audio Decoder & Source DirectShow Filter (Not verified) - c:\windows\system32\coreflacdecoder.ax
+ CoreVorbis Audio Decoder CoreVorbis (Not verified) - c:\windows\system32\corevorbis.ax
+ CyberLink Audio Noise Reduction CLAuNR (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaunrwrapper.ax
+ CyberLink Audio Resampler CLAuRsmpl.ax (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaursmpl.ax
+ CyberLink Audio VolumeBooster CyberLink Audio Volume Booster Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvb.ax
+ CyberLink AudioCD Filter CyberLink AudioCD Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaudiocd.ax
+ Cyberlink Dump Dispatch Filter Cyberlink File Dump Dispatch Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gdumpdispatch.ax
+ Cyberlink Dump Filter Cyberlink File Dump Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gdump.ax
+ CyberLink Editing Service 3.0 (Source) CES Kernel (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gedtkrn.dll
+ Cyberlink File Reader (Async.) Cyberlink MPEG File Reader (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2greader.ax
+ CyberLink Load Image Filter CLImage (Not verified) CyberLink c:\program files\cyberlink\shared files\climage.ax
+ CyberLink LPCM Converter LPCM Converter Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2glpcmcvrt.ax
+ CyberLink M2V Writer CLM2VWriter (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gm2vwriter.ax
+ CyberLink MP3/WAV Wrapper CyberLink MP3 Wrapper (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gmp3wrap.ax
+ CyberLink MPEG Decoder CyberLink Video/SP Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gmvd.ax
+ CyberLink MPEG Muxer MpgMux (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gmpgmux.ax
+ CyberLink MPEG Video Encoder CyberLink MPEG Video Encoder (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvidenc.ax
+ CyberLink MPEG-1 Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gm1spliter.ax
+ CyberLink MPEG-2 Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gm2spliter.ax
+ CyberLink PCM Wrapper CyberLink PCM Wrapper (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gpcmenc.ax
+ CyberLink TimeStretch Filter (CES) CLAuTS.ax (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gauts.ax
+ CyberLink TL MPEG Splitter CyberLink MPEG Splitter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gtlmsplter.ax
+ CyberLink Video Effect CLVidFx (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gvidfx.ax
+ CyberLink Video Regulator CLRGL (Not verified) Cyberlink c:\program files\cyberlink\power2go\p2grgl.ax
+ CyberLink Video Stabilizer CLVideoDeShaking (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gvideostabilizer.ax
+ CyberLink Video/SP Decoder CyberLink Video/SP Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gvsd.ax
+ DC-Bass Source DirectShow™ Audio Decoder (Not verified) http://www.dsp-worx.de c:\program files\k-lite codec pack\filters\dcbasssource.ax
+ DirectVobSub VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth (Not verified) Gabest c:\windows\system32\vsfilter.dll
+ DirectVobSub (auto-loading version) VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth (Not verified) Gabest c:\windows\system32\vsfilter.dll
+ DivX Decoder Filter DivX® Decoder Filter (Not verified) DivXNetworks, Inc. c:\program files\codecpack de elisoft\divx511\divxdec.ax
+ DTS/AC3/DD+ Source DTS/AC3 Sorce Filter (Not verified) Gabest c:\program files\xp codec pack\filters\dtsac3source.ax
+ ffdshow Audio Decoder DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow Audio Processor DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow raw video filter DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow subtitles filter DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ ffdshow Video Decoder DirectShow and VFW video and audio decoding/encoding/processing filter c:\windows\system32\ffdshow.ax
+ File Source (MO3/XM/IT) c:\program files\codecpack de elisoft\modtrack\modsource.ax
+ File Source (Monkey Audio) c:\program files\k-lite codec pack\filters\monkeysource.ax
+ FLV Source FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV Source Filter FLV Source Filter (Not verified) SWiSHzone.com Pty Ltd c:\program files\total video converter\flv.ax
+ FLV Splitter FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ FLV4 Video Decoder FLV Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\flvsplitter.ax
+ GPL MPEG-1/2 Decoder GPL MPEG-1/2 Decoder Filter for DirectShow (Not verified) Peter Wimmer, Gabest c:\windows\system32\gplmpgdec.ax
+ Haali Matroska Muxer Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Media Splitter (AR) Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Simple Media Splitter Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ Haali Video Renderer c:\program files\k-lite codec pack\filters\haali\dxr.dll
+ Haali Video Sink Haali Media Splitter c:\program files\k-lite codec pack\filters\haali\splitter.ax
+ LAME MPEG Layer III Audio Encoder c:\program files\codecpack de elisoft\mp3lame\lame_dshow.ax
+ madFlac Decoder DirectShow FLAC Decoder (Not verified) www.madshi.net c:\program files\k-lite codec pack\filters\madflac.ax
+ madFlac Source DirectShow FLAC Decoder (Not verified) www.madshi.net c:\program files\k-lite codec pack\filters\madflac.ax
+ MainConcept DV Video Decoder DirectShow DV Video Encoder and Decoder (Not verified) MainConcept c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ MainConcept DV Video Encoder DirectShow DV Video Encoder and Decoder (Not verified) MainConcept c:\program files\codecpack de elisoft\mcdv\mcdsdv.ax
+ Matroska Source Matroska Splitter (Not verified) Gabest c:\windows\system32\matroskasplitter.ax
+ Matroska Splitter Matroska Splitter (Not verified) Gabest c:\windows\system32\matroskasplitter.ax
+ Microcrap MPEG-4 Video Decompressor Microcrap MPEG-4 Video Decompressor (Not verified) Microcrap Corporation c:\program files\codecpack de elisoft\mpeg4\mpg4ds32.ax
+ MONOGRAM AMR Decoder AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Encoder AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Mux AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM AMR Splitter AMR Filter Pack (Not verified) MONOGRAM Multimedia, s.r.o. c:\program files\k-lite codec pack\filters\mmamr.ax
+ MONOGRAM Musepack Decoder mmmpcdec c:\program files\k-lite codec pack\filters\mmmpcdec.ax
+ MONOGRAM Musepack Splitter mmmpcdmx c:\program files\k-lite codec pack\filters\mmmpcdmx.ax
+ Morgan MJPEG Compressor Morgan MJPEG Compressor (Not verified) Morgan Multimedia c:\program files\codecpack de elisoft\m3jpegv3\m3jpegenc.ax
+ Morgan MJPEG Decompressor Morgan MJPEG Decompressor (Not verified) Morgan Multimedia c:\program files\codecpack de elisoft\m3jpegv3\m3jpegdec.ax
+ MotionWavelets Decompression Filter MotionWavelets Video Codec (Not verified) Aware Inc. c:\program files\codecpack de elisoft\aware\icmw_32.dll
+ MP4 Source MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MP4 Splitter MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG Layer-3 Decoder MPEG Layer-3 Audio Decoder (Not verified) Fraunhofer Institut Integrierte Schaltungen IIS c:\windows\system32\l3codecx.ax
+ MPEG4 Video Source MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPEG4 Video Splitter MP4 Splitter (Not verified) Gabest c:\program files\k-lite codec pack\filters\mp4splitter.ax
+ MPV Decoder Filter MPEG-1/2 Decoder Filter for DirectShow (Not verified) Gabest c:\program files\total video converter\mpeg2decfilter.ax
+ NewSoft Audio Encoder Filter Auido Encoder Filter (Not verified) NewSoft c:\program files\common files\newsoft\nsm2aenc.ax
+ NewSoft DeInterlace (Not verified) Newsoft c:\program files\common files\newsoft\nsdeinterlace.ax
+ NewSoft MPEG Video Decoder Filter NewSoft MPEG Video Decoder Filter (Not verified) NewSoft Corporation c:\program files\common files\newsoft\nsm2vdec.ax
+ NewSoft MPEG Video Encoder Filter MPEG Video Encoder Filter (Not verified) NewSoft c:\program files\common files\newsoft\nsm2venc.ax
+ Ogg Source Ogg Splitter (Not verified) Gabest c:\windows\system32\oggsplitter.ax
+ Ogg Splitter Ogg Splitter (Not verified) Gabest c:\windows\system32\oggsplitter.ax
+ P2G Audio Decoder CyberLink Audio Decoder Filter (Not verified) CyberLink Corp. c:\program files\cyberlink\power2go\p2gaud.ax
+ P2G Audio Encoder CyberLink Audio Encoder Filter (Not verified) Cyberlink Corp. c:\program files\cyberlink\power2go\p2gaudenc.ax
+ P2G Video Regulator CyberLink Video Regulator (Not verified) CyberLink c:\program files\cyberlink\power2go\p2gresample.ax
+ PICVideo Lossless JPEG Compressor PICVideo Lossless JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo Lossless JPEG Decompressor PICVideo Lossless JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvljpg20.dll
+ PICVideo MJPEG Compressor PICVideo Motion JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo MJPEG Decompressor PICVideo Motion JPEG Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvmjpg21.dll
+ PICVideo Wavelet 2000 Compressor PICVideo Wavelet Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ PICVideo Wavelet 2000 Decompressor PICVideo Wavelet Compressor (Not verified) Pegasus Imaging Corporation c:\program files\codecpack de elisoft\picvideo\pvwv220.dll
+ QTSrc CLQTSrc (Not verified) Cyberlink c:\program files\total video converter\quicktime.ax
+ RadLight APE DirectShow Filter RLAPEDec (Not verified) RadLight c:\windows\system32\rlapedec.ax
+ RadLight MPC DirectShow Filter RLMPCDec (Not verified) RadLight c:\windows\system32\rlmpcdec.ax
+ RadLight OptimFROG DirectShow Filter RLOFRDec (Not verified) RadLight c:\windows\system32\rlofrdec.ax
+ RadLight TTA DirectShow Filter RadLight TTA DirectShow Filter (Not verified) RadLight c:\windows\system32\rlttadec.ax
+ RealAudio Decoder RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Source RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealMedia Splitter RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ RealVideo Decoder RealMedia Splitter (Not verified) Gabest c:\program files\total video converter\realmediasplitter.ax
+ Sample Grabber Filter Grabber Filter (Sample) (Not verified) Microsoft Corporation c:\windows\system32\samplegrabber.ax
+ T VP6 Decompression Filter (Not verified) On2.com Inc. c:\program files\total video converter\vp6dec.ax
+ T VP7 Decompression Filter (Not verified) On2.com Inc. c:\program files\k-lite codec pack\filters\vp7dec.ax
+ WavPack Audio Decoder WavPack Audio DirectShow Decoder (Not verified) - c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax
+ WavPack Audio Splitter WavPack Audio DirectShow Splitter (Not verified) - c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax
+ Windows Media Audio Decoder Windows Media Audio Decoder (Not verified) Microsoft Corporation c:\windows\system32\msadds32.ax
+ Xvid MPEG-4 Video Decoder xvid (Not verified) http://www.xvid.org c:\windows\system32\xvid.ax
HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance
HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance
HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\System\CurrentControlSet\Control\Session Manager\S0InitialCommand
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKCU\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
+ avgrsstx.dll AVG Resident Shield Starter (Verified) AVG Technologies c:\windows\system32\avgrsstx.dll
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SaveDumpStart
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
+ mdnsNSP Bonjour Namespace Provider (Not verified) Apple Inc. c:\program files\bonjour\mdnsnsp.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ BlueSoleil Print Port BsMonSvr (Not verified) IVT Corporation. c:\windows\system32\bsmonsvr.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
¿Y ahora qué?
-
Pega aquí la salida del comando
NETSTAT -BN
-
Me sale que "la operación solicitada requiere elevación"
:???:
-
Abre la 'Consola de comandos' como Administrador...
-
Aqui está:
TCP 192.168.1.3:49870 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:49874 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:49876 209.139.248.70:25 TIME_WAIT
TCP 192.168.1.3:49877 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:49878 69.182.98.25:25 TIME_WAIT
TCP 192.168.1.3:49879 206.251.75.114:25 TIME_WAIT
TCP 192.168.1.3:49881 202.108.3.242:25 TIME_WAIT
TCP 192.168.1.3:49882 64.18.4.11:25 TIME_WAIT
TCP 192.168.1.3:49885 209.85.219.54:25 TIME_WAIT
TCP 192.168.1.3:49887 211.43.197.144:25 LAST_ACK
[svchost.exe]
TCP 192.168.1.3:49888 12.154.55.40:25 TIME_WAIT
TCP 192.168.1.3:49889 216.25.176.26:25 TIME_WAIT
TCP 192.168.1.3:49891 84.2.44.11:25 TIME_WAIT
TCP 192.168.1.3:49892 207.36.225.55:25 TIME_WAIT
TCP 192.168.1.3:49893 91.208.75.3:25 TIME_WAIT
TCP 192.168.1.3:49894 208.78.240.5:25 TIME_WAIT
TCP 192.168.1.3:49895 216.138.133.210:25 TIME_WAIT
TCP 192.168.1.3:49896 192.85.154.82:25 TIME_WAIT
TCP 192.168.1.3:49897 190.33.253.133:25 TIME_WAIT
TCP 192.168.1.3:49898 12.162.171.235:25 TIME_WAIT
TCP 192.168.1.3:49899 148.223.155.2:25 TIME_WAIT
TCP 192.168.1.3:49900 209.85.219.29:25 TIME_WAIT
TCP 192.168.1.3:49901 212.79.242.245:25 TIME_WAIT
TCP 192.168.1.3:49902 206.72.209.48:25 TIME_WAIT
TCP 192.168.1.3:49903 63.237.43.234:25 TIME_WAIT
TCP 192.168.1.3:49904 207.251.194.26:25 TIME_WAIT
TCP 192.168.1.3:49905 80.12.242.62:25 TIME_WAIT
TCP 192.168.1.3:49906 195.235.104.230:25 TIME_WAIT
TCP 192.168.1.3:49907 65.210.139.96:25 TIME_WAIT
TCP 192.168.1.3:49908 207.126.147.10:25 TIME_WAIT
TCP 192.168.1.3:49909 151.1.219.65:25 TIME_WAIT
TCP 192.168.1.3:49910 199.6.139.15:25 TIME_WAIT
TCP 192.168.1.3:49911 12.165.188.211:25 TIME_WAIT
TCP 192.168.1.3:49912 77.75.72.42:25 TIME_WAIT
TCP 192.168.1.3:49914 201.235.253.28:25 TIME_WAIT
TCP 192.168.1.3:49915 202.159.65.161:25 TIME_WAIT
TCP 192.168.1.3:49916 65.240.156.144:25 TIME_WAIT
TCP 192.168.1.3:49917 216.255.22.34:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:49921 85.115.52.190:25 TIME_WAIT
TCP 192.168.1.3:49922 69.0.177.236:25 TIME_WAIT
TCP 192.168.1.3:49923 61.251.176.99:25 TIME_WAIT
TCP 192.168.1.3:49924 61.222.40.190:25 TIME_WAIT
TCP 192.168.1.3:49925 199.89.0.202:25 TIME_WAIT
TCP 192.168.1.3:49926 128.120.32.9:25 TIME_WAIT
TCP 192.168.1.3:49927 65.240.156.140:25 TIME_WAIT
TCP 192.168.1.3:49928 212.227.15.186:25 TIME_WAIT
TCP 192.168.1.3:49929 64.88.166.46:25 TIME_WAIT
TCP 192.168.1.3:49930 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:49931 212.227.15.150:25 TIME_WAIT
TCP 192.168.1.3:49932 65.210.139.97:25 TIME_WAIT
TCP 192.168.1.3:49934 69.36.11.121:25 TIME_WAIT
TCP 192.168.1.3:49935 207.46.51.86:25 TIME_WAIT
TCP 192.168.1.3:49937 60.28.2.248:25 TIME_WAIT
TCP 192.168.1.3:49938 65.240.156.142:25 TIME_WAIT
TCP 192.168.1.3:49939 72.29.162.16:25 TIME_WAIT
TCP 192.168.1.3:49940 208.65.144.2:25 TIME_WAIT
TCP 192.168.1.3:49943 208.86.201.40:25 TIME_WAIT
TCP 192.168.1.3:49944 203.125.67.213:25 TIME_WAIT
TCP 192.168.1.3:49945 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:49946 208.86.201.40:25 TIME_WAIT
TCP 192.168.1.3:49947 213.205.33.249:25 TIME_WAIT
TCP 192.168.1.3:49949 207.34.126.84:25 TIME_WAIT
TCP 192.168.1.3:49951 200.252.60.27:25 TIME_WAIT
TCP 192.168.1.3:49952 213.205.33.248:25 TIME_WAIT
TCP 192.168.1.3:49954 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:49955 213.205.33.247:25 TIME_WAIT
TCP 192.168.1.3:49956 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:49957 211.43.197.87:25 TIME_WAIT
TCP 192.168.1.3:49958 123.100.1.198:25 TIME_WAIT
TCP 192.168.1.3:49959 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:49960 98.174.234.183:25 TIME_WAIT
TCP 192.168.1.3:49961 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:49962 220.152.43.120:25 TIME_WAIT
TCP 192.168.1.3:49963 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:49964 212.79.238.67:25 TIME_WAIT
TCP 192.168.1.3:49966 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:49967 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:49968 41.204.202.32:25 TIME_WAIT
TCP 192.168.1.3:49969 194.217.242.75:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:49970 74.86.7.224:25 TIME_WAIT
TCP 192.168.1.3:49971 18.7.21.145:25 TIME_WAIT
TCP 192.168.1.3:49972 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:49973 203.110.235.68:25 TIME_WAIT
TCP 192.168.1.3:49974 211.20.188.150:25 TIME_WAIT
TCP 192.168.1.3:49975 64.18.5.10:25 TIME_WAIT
TCP 192.168.1.3:49976 209.240.204.26:25 TIME_WAIT
TCP 192.168.1.3:49977 208.109.80.149:25 TIME_WAIT
TCP 192.168.1.3:49978 194.98.114.129:25 TIME_WAIT
TCP 192.168.1.3:49979 209.163.144.19:25 TIME_WAIT
TCP 192.168.1.3:49980 207.17.45.100:25 TIME_WAIT
TCP 192.168.1.3:49981 204.9.32.40:25 TIME_WAIT
TCP 192.168.1.3:49983 148.223.173.68:25 TIME_WAIT
TCP 192.168.1.3:49985 211.43.197.87:25 TIME_WAIT
TCP 192.168.1.3:49986 204.4.187.100:25 TIME_WAIT
TCP 192.168.1.3:49987 80.12.242.62:25 TIME_WAIT
TCP 192.168.1.3:49988 209.85.219.54:25 TIME_WAIT
TCP 192.168.1.3:49990 202.222.30.231:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:49991 209.85.219.54:25 TIME_WAIT
TCP 192.168.1.3:49993 12.25.117.70:25 TIME_WAIT
TCP 192.168.1.3:49994 209.85.219.54:25 TIME_WAIT
TCP 192.168.1.3:49995 64.79.170.131:25 TIME_WAIT
TCP 192.168.1.3:49996 64.122.31.86:25 TIME_WAIT
TCP 192.168.1.3:49998 72.32.252.53:25 TIME_WAIT
TCP 192.168.1.3:50000 202.179.204.119:25 TIME_WAIT
TCP 192.168.1.3:50003 164.61.212.62:25 TIME_WAIT
TCP 192.168.1.3:50004 69.20.116.75:25 TIME_WAIT
TCP 192.168.1.3:50006 204.209.205.52:25 TIME_WAIT
TCP 192.168.1.3:50007 209.85.219.54:25 TIME_WAIT
TCP 192.168.1.3:50008 207.46.51.86:25 TIME_WAIT
TCP 192.168.1.3:50009 64.18.4.10:25 TIME_WAIT
TCP 192.168.1.3:50010 66.250.40.151:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50011 204.209.205.52:25 TIME_WAIT
TCP 192.168.1.3:50012 64.1.239.98:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50013 196.3.191.121:25 TIME_WAIT
TCP 192.168.1.3:50015 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50016 66.250.40.231:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50017 212.35.116.241:25 TIME_WAIT
TCP 192.168.1.3:50018 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50020 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50022 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50023 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50024 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50025 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50026 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50027 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50029 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50030 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50032 208.89.132.202:25 TIME_WAIT
TCP 192.168.1.3:50033 208.89.132.202:25 TIME_WAIT
TCP 192.168.1.3:50034 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50035 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50036 68.1.17.3:25 TIME_WAIT
TCP 192.168.1.3:50037 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50038 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50039 209.86.93.229:25 TIME_WAIT
TCP 192.168.1.3:50040 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50041 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50042 208.89.132.202:25 TIME_WAIT
TCP 192.168.1.3:50043 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50044 68.6.19.3:25 TIME_WAIT
TCP 192.168.1.3:50045 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50046 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50047 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50048 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50049 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50050 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50052 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50053 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50054 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50056 119.110.107.142:443 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50058 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50059 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50060 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50061 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50062 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50063 64.12.137.89:25 TIME_WAIT
TCP 192.168.1.3:50064 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50065 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50066 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50067 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50068 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50069 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50070 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50071 207.69.189.40:25 TIME_WAIT
TCP 192.168.1.3:50072 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50073 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50074 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50075 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50076 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50077 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50078 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50079 206.190.53.191:25 CLOSING
[svchost.exe]
TCP 192.168.1.3:50080 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50081 119.110.107.142:443 TIME_WAIT
TCP 192.168.1.3:50082 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50083 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50084 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50085 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50086 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50087 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50088 202.67.240.41:25 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50089 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50090 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50091 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50092 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50093 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50094 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50095 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50096 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50097 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50098 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50099 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50100 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50101 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50102 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50103 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50105 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50107 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50108 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50109 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50110 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50111 66.196.82.7:25 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50112 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50113 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50114 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50115 216.39.53.2:25 TIME_WAIT
TCP 192.168.1.3:50116 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50117 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50118 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50119 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50120 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50121 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50122 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50123 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50124 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50125 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50126 206.190.53.191:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50127 64.12.222.197:25 TIME_WAIT
TCP 192.168.1.3:50128 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50129 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50130 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50131 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50132 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50133 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50134 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50136 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50137 208.195.132.25:25 TIME_WAIT
TCP 192.168.1.3:50138 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50139 64.71.41.19:25 TIME_WAIT
TCP 192.168.1.3:50140 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50141 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50142 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50143 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50144 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50145 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50146 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50147 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50148 206.190.53.191:25 TIME_WAIT
TCP 192.168.1.3:50149 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50150 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50151 209.85.219.54:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50152 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50153 200.123.152.60:25 FIN_WAIT_1
[svchost.exe]
TCP 192.168.1.3:50154 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50155 64.71.41.20:25 TIME_WAIT
TCP 192.168.1.3:50156 98.137.54.237:25 TIME_WAIT
TCP 192.168.1.3:50157 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50158 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50159 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50160 66.196.82.7:25 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50161 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50162 64.210.242.10:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50163 216.39.53.1:25 TIME_WAIT
TCP 192.168.1.3:50164 66.196.97.250:25 TIME_WAIT
TCP 192.168.1.3:50165 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50166 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50167 66.196.82.7:25 TIME_WAIT
TCP 192.168.1.3:50168 72.9.153.30:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50169 67.195.168.31:25 TIME_WAIT
TCP 192.168.1.3:50170 90.183.38.59:25 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50171 213.165.64.102:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50172 193.108.31.141:25 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50173 152.96.36.51:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50174 62.149.128.166:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50175 206.190.53.191:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50176 206.190.53.191:25 ESTABLISHED
[svchost.exe]
TCP 192.168.1.3:50177 168.95.5.33:25 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50178 98.137.54.237:25 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50179 193.254.215.245:25 SYN_SENT
[svchost.exe]
TCP 192.168.1.3:50180 86.122.188.5:25 ESTABLISHED
[svchost.exe]
C:\Windows\SYSTEM32>
¿Ha cambiado algo?
-
Actualiza el AVG (usa también el módulo de RootKit) y pásalo a toda la máquina reiniciando en Modo seguro...