No se actualiza Windows Update y Log HijackThis no se Borra

Bienvenido: ( Identificarse | Registrarse )

Foros de Trucos Windows

Indice Foros Descargas eLinks Analisis Procesos Buscar Nuevos Ayuda

√ Foros de Windows y Seguridad Informática > Seguridad > Seguridad informática > Logs HijackThis

Closed Topic

Start new topic

Start Poll

Outline · [ Estándar ] · Lineal+

No se actualiza Windows Update y Log HijackThis no se Borra, O17 - HKLM\System\CCS\Services\Tcpip\..\

Suscribirse | Enviar por correo | Imprimir

Lolitachichirrao	Aug 28 2008, 04:18 PM Publicado: #1
Newbie Grupo: Members Mensajes: 19 Registrado: 10-May 08 Miembro nº: 230.939	Hola de nuevo, por motivos ajenos a mi voluntad no he podido estar pendiente de arreglar el ordenador, pero he seguido vuestros pasos, y no hay manera el windows no se actualiza, hice lo que ponia el último mensaje del siguiente hilo: aqui esta la dirección: http://www.trucoswindows.net/foro/topico-103824-st-15.html He bajado :WinSock XP Fix 1.2 Lanza el hijack : Scan y Fix a estas: O17 - HKLM\System\CCS\Services\Tcpip\..\{E11ECA01-2268-4B57-A01E-33A0D2F88483}: NameServer = 85.255.113.92 85.255.112.13 Reinicia Si tienes problemas con tu conección a internet luego de esto ejecuta el WinSock XP Fix 1.2 Pon un nuevo log del hijack El caso es como se puede ver en el Logs de Hijack no lo elimina: O17 - HKLM\System\CCS\Services\Tcpip\..\{E11ECA01-2268-4B57-A01E-33A0D2F88483}: NameServer = 85.255.113.92 85.255.112.13 Se podría eliminar manualmente pregunto: O17 - HKLM\System\CCS\Services\Tcpip\..\{E11ECA01-2268-4B57-A01E-33A0D2F88483}: NameServer = 85.255.113.92 85.255.112.13 Aqui está el logs de hijachThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:16:13, on 28/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\ARCHIV~1\Iomega\System32\AppServices.exe C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe C:\Archivos de programa\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\svchost.exe C:\Archivos de programa\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Archivos de programa\Java\jre1.6.0_05\bin\jusched.exe C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe C:\Archivos de programa\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Archivos de programa\HP\QuickPlay\QPService.exe C:\Archivos de programa\HPQ\Quick Launch Buttons\EabServr.exe C:\Archivos de programa\QuickTime\qttask.exe C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe C:\WINDOWS\system32\rundll32.exe C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\Archivos de programa\Iomega\Iomega Automatic Backup\ibackup.exe C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe C:\Archivos de programa\Microsoft Money\System\reminder.exe C:\Archivos de programa\Telefonica\Kit ADSL USB\dslmon.exe C:\Archivos de programa\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe C:\ARCHIV~1\HPQ\SHARED\HPQTOA~1.EXE C:\Archivos de programa\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Archivos de programa\HP\Digital Imaging\bin\hpqimzone.exe C:\Archivos de programa\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe C:\Archivos de programa\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE C:\Archivos de programa\Java\jre1.6.0_05\bin\jucheck.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Archivos de programa\Archivos comunes\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Barra de Herramientas MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\MSN Toolbar\01.01.2607.0\es\msntb.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Archivos de programa\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [QPService] "C:\Archivos de programa\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [eabconfg.cpl] C:\Archivos de programa\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Archivos de programa\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Archivos de programa\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Archivos de programa\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Reminder] C:\Archivos de programa\Microsoft Money\System\reminder.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Consola KIT ADSL.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Inicio rápido de HP Photosmart Premier.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1209858578703 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase9563.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209644649218 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E11ECA01-2268-4B57-A01E-33A0D2F88483}: NameServer = 85.255.113.92 85.255.112.13 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Archivos de programa\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\ARCHIV~1\Iomega\System32\AppServices.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\ARCHIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Archivos de programa\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 12855 bytes Gracias por todo

lobezzno	Aug 28 2008, 04:31 PM Publicado: #2
Ayudar para aprender, esa es la clave del éxito. Grupo: Expertos HijackThis Mensajes: 2.538 Registrado: 30-August 06 Desde: (España) Miembro nº: 179.327	Bájate esta herramienta (No la ejecutes aún) http://cexx.org/LSPFix.exe Se lanza y cliquea solo en Finish (nada más ) Desconéctate físicamente de internet y abre hijackthis dándole Fix Checked a esta entrada: en modo seguro. O17 - HKLM\System\CCS\Services\Tcpip\..\{E11ECA01-2268-4B57-A01E-33A0D2F88483}: NameServer = 85.255.113.92 85.255.112.13 Luego conecta de nuevo internet y ejecuta la herramienta que te mando bajar. Nos pones un nuevo log de hijackthis y nos dices si sigues con problemas. Saludos. Mensaje modificado por yosoydoug el Aug 28 2008, 04:34 PM

Lolitachichirrao	Aug 28 2008, 05:01 PM Publicado: #3
Newbie Grupo: Members Mensajes: 19 Registrado: 10-May 08 Miembro nº: 230.939	La entrada: O17 - HKLM\System\CCS\Services\Tcpip\..\{E11ECA01-2268-4B57-A01E-33A0D2F88483}: NameServer = 85.255.113.92 85.255.112.13 Sólo sale cuando estoy conectada a internet, no he podido eliminarla porque no sale, en modo seguro, y cuando lo hago y estoy conectada y lo elimino al reiniciar el ordenador ahí está otra vez como se aprecia en el logs de HijaThis y por otro lado el programa que me he descargado tampoco encuentra ningún error: logs de HijaThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:00:41, on 28/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Archivos de programa\Java\jre1.6.0_05\bin\jusched.exe C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe C:\Archivos de programa\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Archivos de programa\HP\QuickPlay\QPService.exe C:\Archivos de programa\HPQ\Quick Launch Buttons\EabServr.exe C:\Archivos de programa\QuickTime\qttask.exe C:\Archivos de programa\Iomega\Iomega Automatic Backup\ibackup.exe C:\WINDOWS\system32\rundll32.exe C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\spoolsv.exe C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe C:\Archivos de programa\Microsoft Money\System\reminder.exe C:\Archivos de programa\Telefonica\Kit ADSL USB\dslmon.exe C:\Archivos de programa\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe C:\ARCHIV~1\Iomega\System32\AppServices.exe C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe C:\Archivos de programa\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Archivos de programa\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Archivos de programa\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Archivos de programa\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\svchost.exe C:\Archivos de programa\Hewlett-Packard\Shared\hpqwmiex.exe C:\Archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe C:\ARCHIV~1\HPQ\SHARED\HPQTOA~1.EXE C:\Archivos de programa\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe C:\Archivos de programa\Java\jre1.6.0_05\bin\jucheck.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Archivos de programa\Archivos comunes\Symantec Shared\coShared\Browser\1.5\NppBho.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Barra de Herramientas MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\MSN Toolbar\01.01.2607.0\es\msntb.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Archivos de programa\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [QPService] "C:\Archivos de programa\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [eabconfg.cpl] C:\Archivos de programa\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Archivos de programa\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Archivos de programa\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Archivos de programa\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Reminder] C:\Archivos de programa\Microsoft Money\System\reminder.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Consola KIT ADSL.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Inicio rápido de HP Photosmart Premier.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1209858578703 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase9563.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209644649218 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E11ECA01-2268-4B57-A01E-33A0D2F88483}: NameServer = 85.255.113.92 85.255.112.13 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: COM Host (comHost) - Unknown owner - C:\Archivos de programa\Archivos comunes\Symantec Shared\VAScanner\comHost.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Archivos de programa\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\ARCHIV~1\Iomega\System32\AppServices.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\ARCHIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Archivos de programa\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing) -- End of file - 12883 bytes

lobezzno	Aug 28 2008, 05:11 PM Publicado: #4
Ayudar para aprender, esa es la clave del éxito. Grupo: Expertos HijackThis Mensajes: 2.538 Registrado: 30-August 06 Desde: (España) Miembro nº: 179.327	baja este programa: http://www.greatis.com/unhackme.zip Ejecuta unhackme Acá tienes una guía del programa: http://unhackme.uptodown.com/screen/ Después ejecuta el WinsockFix que bajaste de las instrucciones de Caito y lo ejecutas. Pon el reporte del Unhackme y un nuevo log de hijackthis. Saludos y comenta si sigues con problemas.

Lolitachichirrao	Sep 4 2008, 05:44 PM Publicado: #5
Newbie Grupo: Members Mensajes: 19 Registrado: 10-May 08 Miembro nº: 230.939	Hola de Nuevo no entiendo como funciona el programa, no sé si lo he hecho bien, he buscado instrucciones en español del programa y no las encuentro, También he ejecutado el WinsockxpFix Cuando le doy a delete no se borra nada este es el Log de UnhackMe SpyHolesList Version:2.1 04/09/2008 18:23:27 WinDir=C:\WINDOWS Startup=C:\Documents and Settings\M ª Eugenia\Menú Inicio\Programas\Inicio\ Common Startup=C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\ Microsoft Windows XP Service Pack 2 (5.1.2600) Internet Explorer 7.0.5730.11 [Internet Explorer] [Default Home Page] :HKLM Default_Page_URL=http://go.microsoft.com/fwlink/?LinkId=69157 [Current Home Page] :HKCU Start Page=http://es.msn.com/ [Current Home Page] :HKCU HOMEOldSP="" [Search URL Template] :HKLM 1=www.%s.com [Search URL Template] :HKLM 2=www.%s.org [Search URL Template] :HKLM 3=www.%s.net [Search URL Template] :HKLM 4=www.%s.edu [All Users Search] :HKLM Default_Search_URL=http://go.microsoft.com/fwlink/?LinkId=54896 [All Users Search] :HKLM Search Page=http://go.microsoft.com/fwlink/?LinkId=54896 [Current Users Search] :HKCU Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch [Current Users Search] :HKCU Search Bar="" [IE Local Blank Page] :HKCU Local Page=C:\WINDOWS\system32\blank.htm [IE Local Blank Page] :HKLM Local Page=%SystemRoot%\system32\blank.htm [Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Browser Helper Objects] {1E8A6170-7264-4D0F-BEAE-D42A53123C75}=C:\Archivos de programa\Archivos comunes\Symantec Shared\coShared\Browser\1.5\NppBho.dll [Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll [Browser Helper Objects] {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Browser Helper Objects] {AA58ED58-01DD-4d91-8333-CF10577473F7}=C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Browser Helper Objects] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Archivos de programa\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Auto Search URL] :HKCU provider="" [Auto Search URL] :HKCU "Default Value"=http://home.microsoft.com/access/autosearch.asp?p=%s [Search Assistant] :HKCU SearchAssistant="" [Search Assistant] :HKLM SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [Search Assistant] :HKCU CustomizeSearch="" [Search Assistant] :HKLM CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm [CustomizeSearch] :HKLM CustomizeSearch="" [URLSearchHook] :HKCU {EF99BD32-C1FB-11D2-892F-0090271D4F88}="" [URLSearchHook] :HKCU {CFBFAE00-17A6-11D0-99CB-00C04FD64497}=C:\WINDOWS\system32\ieframe.dll [Default Prefix] :HKLM "Default Value"=http:// [URL Default Prefixes] :HKLM ftp=ftp:// [URL Default Prefixes] :HKLM gopher=gopher:// [URL Default Prefixes] :HKLM home=http:// [URL Default Prefixes] :HKLM mosaic=http:// [URL Default Prefixes] :HKLM www=http:// [Safe Sites] :HKLM ie.search.msn.com=http://ie.search.msn.com/* [AboutURLs] :HKLM NavigationFailure=res://ieframe.dll/navcancl.htm [AboutURLs] :HKLM DesktopItemNavigationFailure=res://ieframe.dll/navcancl.htm [AboutURLs] :HKLM NavigationCanceled=res://ieframe.dll/navcancl.htm [AboutURLs] :HKLM OfflineInformation=res://ieframe.dll/offcancl.htm [AboutURLs] :HKLM Home=270 [AboutURLs] :HKLM blank=res://mshtml.dll/blank.htm [AboutURLs] :HKLM PostNotCached=res://ieframe.dll/repost.htm [AboutURLs] :HKLM NoAdd-ons=res://ieframe.dll/noaddon.htm [AboutURLs] :HKLM NoAdd-onsInfo=res://ieframe.dll/noaddoninfo.htm [AboutURLs] :HKLM SecurityRisk=res://ieframe.dll/securityatrisk.htm [AboutURLs] :HKLM Tabs=res://ieframe.dll/tabswelcome.htm [User Style Sheet] :HKCU User Stylesheet="" [User Style Sheet] :HKUS User Stylesheet="" [User Style Sheet] :HKCU Use My Stylesheet=0 [User Style Sheet] :HKUS Use My Stylesheet=0 [Execute unsigned ActiveX in My Computer Zone] :HKCU 1201=1 [Execute unsigned ActiveX in My Computer Zone] :HKLM 1201=0 [Execute unsigned ActiveX in Local Intranet Zone] :HKCU 1201=3 [Execute unsigned ActiveX in Local Intranet Zone] :HKLM 1201=0 [Execute unsigned ActiveX in Internet Zone] :HKCU 1201=3 [Execute unsigned ActiveX in Internet Zone] :HKLM 1201=0 [Links Toolbar] :HKCU LinksFolderName=Vínculos [Toolbars] :HKLM {2318C2B1-4965-11d4-9B18-009027A5CD4F} [Toolbars] :HKLM {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Archivos de programa\MSN Toolbar\01.01.2607.0\es\msntb.dll [Explorer Bars] :HKLM {4D5C8C25-D075-11d0-B416-00C04FB90376}=%SystemRoot%\system32\shdocvw.dll [IE Extensions - All Users] :HKLM {08B0E5C0-4FCB-11CF-AAA5-00401C608501}=%SystemRoot%\system32\shdocvw.dll [IE Extensions - All Users] :HKLM {e2e2dd38-d088-4134-82b7-f2ba38496583}=%windir%\Network Diagnostic\xpnetdiag.exe [IE Extensions - All Users] :HKLM {FB5F1910-F110-11d2-BB9E-00C04F795683}=C:\Archivos de programa\Messenger\msmsgs.exe [Proxy] :HKCU ProxyServer="" [Proxy] :HKCU ProxyEnable=0 [Network Settings] [Hosts File Path] :HKLM DataBasePath=%SystemRoot%\System32\drivers\etc [Hosts File Contents] :HKLM 127.0.0.1 localhost [Domain Name] :HKLM Domain="" [WinSock2 Components] :HKLM mswsock.dll=%SystemRoot%\System32\mswsock.dll [WinSock2 Components] :HKLM winrnr.dll=%SystemRoot%\System32\winrnr.dll [WinSock2 Components] :HKLM nwprovau.dll=%SystemRoot%\System32\nwprovau.dll [WinSock2 Components] :HKLM rsvpsp.dll=%SystemRoot%\system32\rsvpsp.dll [Software Components] [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\as2stubie.dll=C:\WINDOWS\Downloaded Program Files\as2stubie.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\clearadjust.dll=C:\WINDOWS\Downloaded Program Files\clearadjust.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\ewidoOnlineScan.dll=C:\WINDOWS\Downloaded Program Files\ewidoOnlineScan.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll=C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\InstallerControl.dll=C:\WINDOWS\Downloaded Program Files\InstallerControl.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\libcomm.dll=C:\WINDOWS\Downloaded Program Files\libcomm.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\LSSupCtl.dll=C:\WINDOWS\Downloaded Program Files\LSSupCtl.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll=C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\msgrchkr.dll=C:\WINDOWS\Downloaded Program Files\msgrchkr.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll=C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\PURen-us.dll=C:\WINDOWS\Downloaded Program Files\PURen-us.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\rufsi.dll=C:\WINDOWS\Downloaded Program Files\rufsi.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\SymAData.dll=C:\WINDOWS\Downloaded Program Files\SymAData.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\symdlmgr.dll=C:\WINDOWS\Downloaded Program Files\symdlmgr.dll [Internet Components] :HKLM C:\WINDOWS\Downloaded Program Files\wlscBase.dll=C:\WINDOWS\Downloaded Program Files\wlscBase.dll [Internet Components] :HKLM C:\WINDOWS\system32\lnod32apiA.dll=C:\WINDOWS\system32\lnod32apiA.dll [Internet Components] :HKLM C:\WINDOWS\system32\lnod32apiW.dll=C:\WINDOWS\system32\lnod32apiW.dll [Internet Components] :HKLM C:\WINDOWS\system32\lnod32umc.dll=C:\WINDOWS\system32\lnod32umc.dll [Internet Components] :HKLM C:\WINDOWS\system32\lnod32upd.dll=C:\WINDOWS\system32\lnod32upd.dll [Internet Components] :HKLM C:\WINDOWS\system32\mfc42.dll=C:\WINDOWS\system32\mfc42.dll [Internet Components] :HKLM C:\WINDOWS\system32\MicrosoftUpdateCatalogWebControl.dll=C:\WINDOWS\system32\MicrosoftUpdateCatalogWebControl.dll [Internet Components] :HKLM C:\WINDOWS\system32\msvcp60.dll=C:\WINDOWS\system32\msvcp60.dll [Internet Components] :HKLM C:\WINDOWS\system32\MSVCR71.DLL=C:\WINDOWS\system32\MSVCR71.DLL [Internet Components] :HKLM C:\WINDOWS\system32\msvcrt.dll=C:\WINDOWS\system32\msvcrt.dll [Internet Components] :HKLM C:\WINDOWS\system32\muweb.dll=C:\WINDOWS\system32\muweb.dll [Internet Components] :HKLM C:\WINDOWS\system32\olepro32.dll=C:\WINDOWS\system32\olepro32.dll [Internet Components] :HKLM C:\WINDOWS\system32\OnlineScanner.ocx=C:\WINDOWS\system32\OnlineScanner.ocx [Internet Components] :HKLM C:\WINDOWS\system32\OnlineScannerDLLA.dll=C:\WINDOWS\system32\OnlineScannerDLLA.dll [Internet Components] :HKLM C:\WINDOWS\system32\OnlineScannerDLLW.dll=C:\WINDOWS\system32\OnlineScannerDLLW.dll [Internet Components] :HKLM C:\WINDOWS\system32\OnlineScannerLang.dll=C:\WINDOWS\system32\OnlineScannerLang.dll [Internet Components] :HKLM C:\WINDOWS\system32\OnlineScannerUninstaller.exe=C:\WINDOWS\system32\OnlineScannerUninstaller.exe [Internet Components] :HKLM C:\WINDOWS\system32\unicows.dll=C:\WINDOWS\system32\unicows.dll [Windows Shell] [Display Scrap's Extensions] :HKLM NeverShowExt="" [ScreenSaver] :HKCU SCRNSAVE.EXE="" [System.ini] shell=Explorer.exe [Main File Extensions] :HKLM .exe="%1" %* [Main File Extensions] :HKLM .com="%1" %* [Main File Extensions] :HKLM .pif="%1" %* [Main File Extensions] :HKLM .cmd="%1" %* [Main File Extensions] :HKLM .scr="%1" /S [Main File Extensions] :HKLM .jpg=rundll32.exe C:\WINDOWS\system32\shimgvw.dll,ImageView_Fullscreen %1 [Main File Extensions] :HKLM .jpeg=rundll32.exe C:\WINDOWS\system32\shimgvw.dll,ImageView_Fullscreen %1 [Shell Execute Hooks] :HKLM {AEB6717E-7E19-11d0-97EE-00C04FD91972}=shell32.dll [UserInit Value] :HKLM UserInit=C:\WINDOWS\system32\userinit.exe, [Winlogon Notification] :HKLM crypt32chain=crypt32.dll [Winlogon Notification] :HKLM cryptnet=cryptnet.dll [Winlogon Notification] :HKLM cscdll=cscdll.dll [Winlogon Notification] :HKLM igfxcui=igfxdev.dll [Winlogon Notification] :HKLM ScCertProp=wlnotify.dll [Winlogon Notification] :HKLM Schedule=wlnotify.dll [Winlogon Notification] :HKLM sclgntfy=sclgntfy.dll [Winlogon Notification] :HKLM SensLogn=WlNotify.dll [Winlogon Notification] :HKLM termsrv=wlnotify.dll [Winlogon Notification] :HKLM WgaLogon=WgaLogon.dll [Winlogon Notification] :HKLM wlballoon=wlnotify.dll [Shell Services DelayLoad] :HKLM PostBootReminder=%SystemRoot%\system32\SHELL32.dll [Shell Services DelayLoad] :HKLM CDBurn=%SystemRoot%\system32\SHELL32.dll [Shell Services DelayLoad] :HKLM WebCheck=C:\WINDOWS\system32\webcheck.dll [Shell Services DelayLoad] :HKLM SysTray=%systemroot%\system32\stobject.dll [Prevents Display in Control Panel from running.] :HKCU NoDispCpl=0 [Disable Registry Tools] :HKCU DisableRegistryTools =0 [SharedTaskScheduler] :HKLM {438755C2-A8BA-11D1-B96B-00A0C90312E1}=%SystemRoot%\system32\browseui.dll [SharedTaskScheduler] :HKLM {8C7461EF-2B13-11d2-BE35-3078302C2030}=%SystemRoot%\system32\browseui.dll [Kernel Auto Boot] [ActiveSetup] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95}=C:\WINDOWS\inf\unregmp2.exe /ShowWMP [Bootexecute] :HKLM BootExecute=autocheck autochk * lsdelete Partizan [KnownDLLs] :HKLM advapi32=advapi32.dll [KnownDLLs] :HKLM comdlg32=comdlg32.dll [KnownDLLs] :HKLM DllDirectory=%SystemRoot%\system32 [KnownDLLs] :HKLM gdi32=gdi32.dll [KnownDLLs] :HKLM imagehlp=imagehlp.dll [KnownDLLs] :HKLM kernel32=kernel32.dll [KnownDLLs] :HKLM lz32=lz32.dll [KnownDLLs] :HKLM ole32=ole32.dll [KnownDLLs] :HKLM oleaut32=oleaut32.dll [KnownDLLs] :HKLM olecli32=olecli32.dll [KnownDLLs] :HKLM olecnv32=olecnv32.dll [KnownDLLs] :HKLM olesvr32=olesvr32.dll [KnownDLLs] :HKLM olethk32=olethk32.dll [KnownDLLs] :HKLM rpcrt4=rpcrt4.dll [KnownDLLs] :HKLM shell32=shell32.dll [KnownDLLs] :HKLM url=url.dll [KnownDLLs] :HKLM urlmon=urlmon.dll [KnownDLLs] :HKLM user32=user32.dll [KnownDLLs] :HKLM version=version.dll [KnownDLLs] :HKLM wininet=wininet.dll [KnownDLLs] :HKLM wldap32=wldap32.dll [Environment - Path] :HKLM Path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem [List of Injected DLLs] :HKLM AppInit_DLLs="" [Auto Services] aawservice [Auto Services] AudioSrv [Auto Services] Browser [Auto Services] BthServ [Auto Services] ccSetMgr [Auto Services] CLTNetCnService [Auto Services] CryptSvc [Auto Services] DcomLaunch [Auto Services] Dhcp [Auto Services] Dnscache [Auto Services] ERSvc [Auto Services] Eventlog [Auto Services] helpsvc [Auto Services] hpqwmiex [Auto Services] Iomega App Services [Auto Services] lanmanserver [Auto Services] lanmanworkstation [Auto Services] LightScribeService [Auto Services] LiveUpdate Notice Ex [Auto Services] LiveUpdate Notice Service [Auto Services] LmHosts [Auto Services] PlugPlay [Auto Services] Pml Driver HPZ12 [Auto Services] PolicyAgent [Auto Services] Programador de LiveUpdate automático [Auto Services] ProtectedStorage [Auto Services] RpcSs [Auto Services] SamSs [Auto Services] Schedule [Auto Services] seclogon [Auto Services] SENS [Auto Services] SharedAccess [Auto Services] ShellHWDetection [Auto Services] Spooler [Auto Services] srservice [Auto Services] stisvc [Auto Services] Themes [Auto Services] TrkWks [Auto Services] UMWdf [Auto Services] W32Time [Auto Services] WebClient [Auto Services] winmgmt [Auto Services] wscsvc [Auto Services] wuauserv [Auto Services] WZCSVC [Drivers] ntkrnlpa.exe=C:\WINDOWS\SYSTEM32\NTKRNLPA.EXE [Drivers] hal.dll=C:\WINDOWS\SYSTEM32\HAL.DLL [Drivers] KDCOM.DLL=C:\WINDOWS\SYSTEM32\KDCOM.DLL [Drivers] BOOTVID.dll=C:\WINDOWS\SYSTEM32\BOOTVID.DLL [Drivers] ACPI.sys=C:\WINDOWS\system32\DRIVERS\ACPI.sys [Drivers] WMILIB.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS [Drivers] pci.sys=C:\WINDOWS\system32\DRIVERS\pci.sys [Drivers] isapnp.sys=C:\WINDOWS\system32\DRIVERS\isapnp.sys [Drivers] ohci1394.sys=C:\WINDOWS\system32\DRIVERS\ohci1394.sys [Drivers] 1394BUS.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\1394BUS.SYS [Drivers] compbatt.sys=C:\WINDOWS\system32\DRIVERS\compbatt.sys [Drivers] BATTC.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\BATTC.SYS [Drivers] pciide.sys=C:\WINDOWS\system32\DRIVERS\pciide.sys [Drivers] PCIIDEX.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDEX.SYS [Drivers] intelide.sys=C:\WINDOWS\system32\DRIVERS\intelide.sys [Drivers] viaide.sys=C:\WINDOWS\system32\DRIVERS\viaide.sys [Drivers] aliide.sys=C:\WINDOWS\system32\DRIVERS\aliide.sys [Drivers] pcmcia.sys=C:\WINDOWS\system32\DRIVERS\pcmcia.sys [Drivers] MountMgr.sys=C:\WINDOWS\system32\DRIVERS\MountMgr.sys [Drivers] ftdisk.sys=C:\WINDOWS\system32\DRIVERS\ftdisk.sys [Drivers] ACPIEC.sys=C:\WINDOWS\system32\DRIVERS\ACPIEC.sys [Drivers] OPRGHDLR.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\OPRGHDLR.SYS [Drivers] PartMgr.sys=C:\WINDOWS\system32\DRIVERS\PartMgr.sys [Drivers] VolSnap.sys=C:\WINDOWS\system32\DRIVERS\VolSnap.sys [Drivers] atapi.sys=C:\WINDOWS\system32\DRIVERS\atapi.sys [Drivers] iaStor.sys=C:\WINDOWS\system32\DRIVERS\iaStor.sys [Drivers] disk.sys=C:\WINDOWS\system32\DRIVERS\disk.sys [Drivers] CLASSPNP.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS [Drivers] fltMgr.sys=C:\WINDOWS\system32\DRIVERS\fltMgr.sys [Drivers] sr.sys=C:\WINDOWS\system32\DRIVERS\sr.sys [Drivers] PxHelp20.sys=C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [Drivers] KSecDD.sys=C:\WINDOWS\system32\DRIVERS\KSecDD.sys [Drivers] Ntfs.sys=C:\WINDOWS\system32\DRIVERS\Ntfs.sys [Drivers] NDIS.sys=C:\WINDOWS\system32\DRIVERS\NDIS.sys [Drivers] serial.sys=C:\WINDOWS\system32\DRIVERS\serial.sys [Drivers] Mup.sys=C:\WINDOWS\system32\DRIVERS\Mup.sys [Drivers] iomdisk.sys=C:\WINDOWS\system32\DRIVERS\iomdisk.sys [Drivers] nic1394.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NIC1394.SYS [Drivers] intelppm.sys=C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS [Drivers] wmiacpi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\WMIACPI.SYS [Drivers] ialmnt5.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IALMNT5.SYS [Drivers] VIDEOPRT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS [Drivers] HDAudBus.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS [Drivers] w39n51.sys=C:\WINDOWS\SYSTEM32\DRIVERS\W39N51.SYS [Drivers] usbuhci.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS [Drivers] USBPORT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS [Drivers] usbehci.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS [Drivers] tifm21.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TIFM21.SYS [Drivers] sdbus.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SDBUS.SYS [Drivers] e100b325.sys=C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS [Drivers] CmBatt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS [Drivers] i8042prt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS [Drivers] kbdclass.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS [Drivers] SynTP.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS [Drivers] USBD.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS [Drivers] mouclass.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS [Drivers] imapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS [Drivers] cdrom.sys=C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS [Drivers] redbook.sys=C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS [Drivers] ks.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KS.SYS [Drivers] GEARAspiWDM.sys=C:\WINDOWS\SYSTEM32\DRIVERS\GEARASPIWDM.SYS [Drivers] tosrfcom.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TOSRFCOM.SYS [Drivers] avgfwdx.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AVGFWDX.SYS [Drivers] audstub.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS [Drivers] rasl2tp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS [Drivers] ndistapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS [Drivers] ndiswan.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS [Drivers] raspppoe.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS [Drivers] raspptp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS [Drivers] TDI.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS [Drivers] psched.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS [Drivers] msgpc.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS [Drivers] ptilink.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS [Drivers] raspti.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS [Drivers] termdd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS [Drivers] swenum.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS [Drivers] update.sys=C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS [Drivers] mssmbios.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS [Drivers] tosporte.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TOSPORTE.SYS [Drivers] NDProxy.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS [Drivers] CHDAud.sys=C:\WINDOWS\SYSTEM32\DRIVERS\CHDAUD.SYS [Drivers] portcls.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PORTCLS.SYS [Drivers] drmk.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DRMK.SYS [Drivers] HSFHWAZL.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWAZL.SYS [Drivers] HSF_DPV.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DPV.SYS [Drivers] HSF_CNXT.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.SYS [Drivers] Modem.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MODEM.SYS [Drivers] usbhub.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS [Drivers] Fs_Rec.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS [Drivers] Null.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS [Drivers] Beep.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS [Drivers] vga.sys=C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS [Drivers] mnmdd.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS [Drivers] RDPCDD.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS [Drivers] Msfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS [Drivers] Npfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS [Drivers] rasacd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS [Drivers] ipsec.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS [Drivers] tcpip.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS [Drivers] ipnat.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS [Drivers] SYMTDI.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\SYMTDI.SYS [Drivers] wanarp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS [Drivers] SYMEVENT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS [Drivers] arp1394.sys=C:\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS [Drivers] netbt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS [Drivers] afd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS [Drivers] netbios.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS [Drivers] SRTSPX.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\SRTSPX.SYS [Drivers] rdbss.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS [Drivers] mrxsmb.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS [Drivers] Fips.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS [Drivers] EABFiltr.sys=C:\WINDOWS\SYSTEM32\DRIVERS\EABFILTR.SYS [Drivers] adiusbaw.sys=C:\WINDOWS\SYSTEM32\DRIVERS\ADIUSBAW.SYS [Drivers] Fastfat.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FASTFAT.SYS [Drivers] iaStor.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DUMP_IASTOR.SYS [Drivers] win32k.sys=C:\WINDOWS\SYSTEM32\WIN32K.SYS [Drivers] Dxapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS [Drivers] watchdog.sys=C:\WINDOWS\SYSTEM32\WATCHDOG.SYS [Drivers] dxg.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXG.SYS [Drivers] dxgthk.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS [Drivers] ialmdnt5.dll=C:\WINDOWS\SYSTEM32\IALMDNT5.DLL [Drivers] ialmrnt5.dll=C:\WINDOWS\SYSTEM32\IALMRNT5.DLL [Drivers] ialmdev5.DLL=C:\WINDOWS\SYSTEM32\IALMDEV5.DLL [Drivers] ialmdd5.DLL=C:\WINDOWS\SYSTEM32\IALMDD5.DLL [Drivers] ndisuio.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS [Drivers] mrxdav.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS [Drivers] srv.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS [Drivers] mdmxsdk.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MDMXSDK.SYS [Drivers] wdmaud.sys=C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS [Drivers] sysaudio.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS [Drivers] splitter.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS [Drivers] aec.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS [Drivers] swmidi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS [Drivers] DMusic.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS [Drivers] kmixer.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS [Drivers] drmkaud.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS [Drivers] ntdll.dll=C:\WINDOWS\SYSTEM32\NTDLL.DLL [Services detected by Partizan] :HKLM .NET CLR Data [Services detected by Partizan] :HKLM .NET CLR Networking [Services detected by Partizan] :HKLM .NETFramework [Services detected by Partizan] :HKLM aawservice="C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe" [Services detected by Partizan] :HKLM Abiosdsk [Services detected by Partizan] :HKLM abp480n5 [Services detected by Partizan] :HKLM ACPI=system32\DRIVERS\ACPI.sys [Services detected by Partizan] :HKLM ACPIEC=system32\DRIVERS\ACPIEC.sys [Services detected by Partizan] :HKLM ADILOADER=System32\Drivers\adildr.sys [Services detected by Partizan] :HKLM adiusbaw=system32\DRIVERS\adiusbaw.sys [Services detected by Partizan] :HKLM adpu160m [Services detected by Partizan] :HKLM aec=system32\drivers\aec.sys [Services detected by Partizan] :HKLM AFD=\SystemRoot\System32\drivers\afd.sys [Services detected by Partizan] :HKLM Aha154x [Services detected by Partizan] :HKLM aic78u2 [Services detected by Partizan] :HKLM aic78xx [Services detected by Partizan] :HKLM Alerter=%SystemRoot%\system32\svchost.exe -k LocalService [Services detected by Partizan] :HKLM ALG=%SystemRoot%\System32\alg.exe [Services detected by Partizan] :HKLM AliIde=system32\DRIVERS\aliide.sys [Services detected by Partizan] :HKLM amsint [Services detected by Partizan] :HKLM AppMgmt=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Arp1394=system32\DRIVERS\arp1394.sys [Services detected by Partizan] :HKLM asc [Services detected by Partizan] :HKLM asc3350p [Services detected by Partizan] :HKLM asc3550 [Services detected by Partizan] :HKLM ASP.NET [Services detected by Partizan] :HKLM ASP.NET_1.1.4322 [Services detected by Partizan] :HKLM aspnet_state=%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [Services detected by Partizan] :HKLM AsyncMac=system32\DRIVERS\asyncmac.sys [Services detected by Partizan] :HKLM atapi=system32\DRIVERS\atapi.sys [Services detected by Partizan] :HKLM Atdisk [Services detected by Partizan] :HKLM Atmarpc=system32\DRIVERS\atmarpc.sys [Services detected by Partizan] :HKLM AudioSrv=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM audstub=system32\DRIVERS\audstub.sys [Services detected by Partizan] :HKLM avg8emc [Services detected by Partizan] :HKLM avg8wd [Services detected by Partizan] :HKLM Avgfwdx=system32\DRIVERS\avgfwdx.sys [Services detected by Partizan] :HKLM Avgfwfd=system32\DRIVERS\avgfwdx.sys [Services detected by Partizan] :HKLM avgfws8 [Services detected by Partizan] :HKLM AvgLdx86 [Services detected by Partizan] :HKLM AvgMfx86 [Services detected by Partizan] :HKLM AvgRkx86 [Services detected by Partizan] :HKLM AvgTdiX [Services detected by Partizan] :HKLM BattC [Services detected by Partizan] :HKLM Beep [Services detected by Partizan] :HKLM BITS=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Browser=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM BthEnum=system32\DRIVERS\BthEnum.sys [Services detected by Partizan] :HKLM BthPan=system32\DRIVERS\bthpan.sys [Services detected by Partizan] :HKLM BTHPORT=System32\Drivers\BTHport.sys [Services detected by Partizan] :HKLM BthServ=%SystemRoot%\system32\svchost.exe -k bthsvcs [Services detected by Partizan] :HKLM BTHUSB=System32\Drivers\BTHUSB.sys [Services detected by Partizan] :HKLM BTWUSB=System32\Drivers\btwusb.sys [Services detected by Partizan] :HKLM cbidf2k [Services detected by Partizan] :HKLM ccSetMgr="C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe" /h ccCommon [Services detected by Partizan] :HKLM cd20xrnt [Services detected by Partizan] :HKLM Cdaudio [Services detected by Partizan] :HKLM Cdfs [Services detected by Partizan] :HKLM Cdrom=system32\DRIVERS\cdrom.sys [Services detected by Partizan] :HKLM Changer [Services detected by Partizan] :HKLM CiSvc=%SystemRoot%\system32\cisvc.exe [Services detected by Partizan] :HKLM ClipSrv=%SystemRoot%\system32\clipsrv.exe [Services detected by Partizan] :HKLM CLTNetCnService="C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe" /h ccCommon [Services detected by Partizan] :HKLM CmBatt=system32\DRIVERS\CmBatt.sys [Services detected by Partizan] :HKLM CmdIde [Services detected by Partizan] :HKLM comHost="C:\Archivos de programa\Archivos comunes\Symantec Shared\VAScanner\comHost.exe" [Services detected by Partizan] :HKLM Compbatt=system32\DRIVERS\compbatt.sys [Services detected by Partizan] :HKLM COMSysApp=C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [Services detected by Partizan] :HKLM ContentFilter [Services detected by Partizan] :HKLM ContentIndex [Services detected by Partizan] :HKLM Cpqarray [Services detected by Partizan] :HKLM CryptSvc=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM dac2w2k [Services detected by Partizan] :HKLM dac960nt [Services detected by Partizan] :HKLM DcomLaunch=%SystemRoot%\system32\svchost -k DcomLaunch [Services detected by Partizan] :HKLM Dhcp=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Disk=system32\DRIVERS\disk.sys [Services detected by Partizan] :HKLM dmadmin=%SystemRoot%\System32\dmadmin.exe /com [Services detected by Partizan] :HKLM dmboot=System32\drivers\dmboot.sys [Services detected by Partizan] :HKLM dmio=System32\drivers\dmio.sys [Services detected by Partizan] :HKLM dmload=System32\drivers\dmload.sys [Services detected by Partizan] :HKLM dmserver=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM DMusic=system32\drivers\DMusic.sys [Services detected by Partizan] :HKLM Dnscache=%SystemRoot%\system32\svchost.exe -k NetworkService [Services detected by Partizan] :HKLM dpti2o [Services detected by Partizan] :HKLM drmkaud=system32\drivers\drmkaud.sys [Services detected by Partizan] :HKLM E100B=system32\DRIVERS\e100b325.sys [Services detected by Partizan] :HKLM eabfiltr=\??\C:\WINDOWS\system32\drivers\EABFiltr.sys [Services detected by Partizan] :HKLM eabusb=\??\C:\WINDOWS\system32\drivers\eabusb.sys [Services detected by Partizan] :HKLM eeCtrl=\??\C:\Archivos de programa\Archivos comunes\Symantec Shared\EENGINE\eeCtrl.sys [Services detected by Partizan] :HKLM EraserUtilRebootDrv=\??\C:\Archivos de programa\Archivos comunes\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [Services detected by Partizan] :HKLM ERSvc=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Eventlog=%SystemRoot%\system32\services.exe [Services detected by Partizan] :HKLM EventSystem=C:\WINDOWS\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Fastfat [Services detected by Partizan] :HKLM FastUserSwitchingCompatibility=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Fdc=system32\DRIVERS\fdc.sys [Services detected by Partizan] :HKLM Fips [Services detected by Partizan] :HKLM Flpydisk=system32\DRIVERS\flpydisk.sys [Services detected by Partizan] :HKLM FltMgr=system32\DRIVERS\fltMgr.sys [Services detected by Partizan] :HKLM Fs_Rec [Services detected by Partizan] :HKLM Ftdisk=system32\DRIVERS\ftdisk.sys [Services detected by Partizan] :HKLM GEARAspiWDM=System32\Drivers\GEARAspiWDM.sys [Services detected by Partizan] :HKLM Gpc=system32\DRIVERS\msgpc.sys [Services detected by Partizan] :HKLM gusvc="C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe" [Services detected by Partizan] :HKLM HdAudAddService=system32\drivers\CHDAud.sys [Services detected by Partizan] :HKLM HDAudBus=system32\DRIVERS\HDAudBus.sys [Services detected by Partizan] :HKLM helpsvc=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM HidServ=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM hpn [Services detected by Partizan] :HKLM hpqwmiex=C:\Archivos de programa\Hewlett-Packard\Shared\hpqwmiex.exe [Services detected by Partizan] :HKLM HPZid412=system32\DRIVERS\HPZid412.sys [Services detected by Partizan] :HKLM HPZipr12=system32\DRIVERS\HPZipr12.sys [Services detected by Partizan] :HKLM HPZius12=system32\DRIVERS\HPZius12.sys [Services detected by Partizan] :HKLM HSFHWAZL=system32\DRIVERS\HSFHWAZL.sys [Services detected by Partizan] :HKLM HSF_DPV=system32\DRIVERS\HSF_DPV.sys [Services detected by Partizan] :HKLM HTTP=System32\Drivers\HTTP.sys [Services detected by Partizan] :HKLM HTTPFilter=%SystemRoot%\System32\svchost.exe -k HTTPFilter [Services detected by Partizan] :HKLM i2omgmt [Services detected by Partizan] :HKLM i2omp [Services detected by Partizan] :HKLM i8042prt=system32\DRIVERS\i8042prt.sys [Services detected by Partizan] :HKLM ialm=system32\DRIVERS\ialmnt5.sys [Services detected by Partizan] :HKLM iaStor=System32\DRIVERS\iaStor.sys [Services detected by Partizan] :HKLM IDriverT="C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe" [Services detected by Partizan] :HKLM Imapi=system32\DRIVERS\imapi.sys [Services detected by Partizan] :HKLM ImapiService=%systemroot%\system32\imapi.exe [Services detected by Partizan] :HKLM inetaccs [Services detected by Partizan] :HKLM ini910u [Services detected by Partizan] :HKLM Inport [Services detected by Partizan] :HKLM IntelIde=system32\DRIVERS\intelide.sys [Services detected by Partizan] :HKLM intelppm=system32\DRIVERS\intelppm.sys [Services detected by Partizan] :HKLM iomdisk=System32\DRIVERS\iomdisk.sys [Services detected by Partizan] :HKLM Iomega Activity Disk2="" [Services detected by Partizan] :HKLM Iomega App Services="C:\ARCHIV~1\Iomega\System32\AppServices.exe" [Services detected by Partizan] :HKLM Ip6Fw=system32\DRIVERS\Ip6Fw.sys [Services detected by Partizan] :HKLM IpFilterDriver=system32\DRIVERS\ipfltdrv.sys [Services detected by Partizan] :HKLM IpInIp=system32\DRIVERS\ipinip.sys [Services detected by Partizan] :HKLM IpNat=system32\DRIVERS\ipnat.sys [Services detected by Partizan] :HKLM IPSec=system32\DRIVERS\ipsec.sys [Services detected by Partizan] :HKLM IRENUM=system32\DRIVERS\irenum.sys [Services detected by Partizan] :HKLM ISAPISearch [Services detected by Partizan] :HKLM isapnp=system32\DRIVERS\isapnp.sys [Services detected by Partizan] :HKLM Kbdclass=system32\DRIVERS\kbdclass.sys [Services detected by Partizan] :HKLM kmixer=system32\drivers\kmixer.sys [Services detected by Partizan] :HKLM KSecDD [Services detected by Partizan] :HKLM lanmanserver=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM lanmanworkstation=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM lbrtfdc [Services detected by Partizan] :HKLM ldap [Services detected by Partizan] :HKLM LicenseService [Services detected by Partizan] :HKLM LightScribeService="C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe" [Services detected by Partizan] :HKLM LiveUpdate="C:\ARCHIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" [Services detected by Partizan] :HKLM LiveUpdate Notice Ex="C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSvcHst.exe" /h ccCommon [Services detected by Partizan] :HKLM LiveUpdate Notice Service="C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll" [Services detected by Partizan] :HKLM LmHosts=%SystemRoot%\system32\svchost.exe -k LocalService [Services detected by Partizan] :HKLM mdmxsdk=system32\DRIVERS\mdmxsdk.sys [Services detected by Partizan] :HKLM Messenger=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM mnmdd [Services detected by Partizan] :HKLM mnmsrvc=C:\WINDOWS\system32\mnmsrvc.exe [Services detected by Partizan] :HKLM Modem [Services detected by Partizan] :HKLM Mouclass=system32\DRIVERS\mouclass.sys [Services detected by Partizan] :HKLM mouhid=system32\DRIVERS\mouhid.sys [Services detected by Partizan] :HKLM MountMgr [Services detected by Partizan] :HKLM mraid35x [Services detected by Partizan] :HKLM MRxDAV=system32\DRIVERS\mrxdav.sys [Services detected by Partizan] :HKLM MRxSmb=system32\DRIVERS\mrxsmb.sys [Services detected by Partizan] :HKLM Msfs [Services detected by Partizan] :HKLM MSIServer=%systemroot%\system32\msiexec.exe /V [Services detected by Partizan] :HKLM MSKSSRV=system32\drivers\MSKSSRV.sys [Services detected by Partizan] :HKLM MSPCLOCK=system32\drivers\MSPCLOCK.sys [Services detected by Partizan] :HKLM MSPQM=system32\drivers\MSPQM.sys [Services detected by Partizan] :HKLM mssmbios=system32\DRIVERS\mssmbios.sys [Services detected by Partizan] :HKLM Mup [Services detected by Partizan] :HKLM NAVENG=\??\C:\ARCHIV~1\ARCHIV~1\SYMANT~1\VIRUSD~1\20080827.038\NAVENG.SYS [Services detected by Partizan] :HKLM NAVEX15=\??\C:\ARCHIV~1\ARCHIV~1\SYMANT~1\VIRUSD~1\20080827.038\NAVEX15.SYS [Services detected by Partizan] :HKLM NDIS [Services detected by Partizan] :HKLM NdisTapi=system32\DRIVERS\ndistapi.sys [Services detected by Partizan] :HKLM Ndisuio=system32\DRIVERS\ndisuio.sys [Services detected by Partizan] :HKLM NdisWan=system32\DRIVERS\ndiswan.sys [Services detected by Partizan] :HKLM NDProxy [Services detected by Partizan] :HKLM NetBIOS=system32\DRIVERS\netbios.sys [Services detected by Partizan] :HKLM NetBT=system32\DRIVERS\netbt.sys [Services detected by Partizan] :HKLM NetDDE=%SystemRoot%\system32\netdde.exe [Services detected by Partizan] :HKLM NetDDEdsdm=%SystemRoot%\system32\netdde.exe [Services detected by Partizan] :HKLM Netlogon=%SystemRoot%\system32\lsass.exe [Services detected by Partizan] :HKLM Netman=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM NIC1394=system32\DRIVERS\nic1394.sys [Services detected by Partizan] :HKLM Nla=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Npfs [Services detected by Partizan] :HKLM Ntfs [Services detected by Partizan] :HKLM NtLmSsp=%SystemRoot%\system32\lsass.exe [Services detected by Partizan] :HKLM NtmsSvc=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Null [Services detected by Partizan] :HKLM NwlnkFlt=system32\DRIVERS\nwlnkflt.sys [Services detected by Partizan] :HKLM NwlnkFwd=system32\DRIVERS\nwlnkfwd.sys [Services detected by Partizan] :HKLM ohci1394=system32\DRIVERS\ohci1394.sys [Services detected by Partizan] :HKLM Parallel [Services detected by Partizan] :HKLM Parport=system32\DRIVERS\parport.sys [Services detected by Partizan] :HKLM Partizan=system32\drivers\Partizan.sys [Services detected by Partizan] :HKLM PartMgr [Services detected by Partizan] :HKLM ParVdm [Services detected by Partizan] :HKLM PCI=system32\DRIVERS\pci.sys [Services detected by Partizan] :HKLM PCIDump [Services detected by Partizan] :HKLM PCIIde=system32\DRIVERS\pciide.sys [Services detected by Partizan] :HKLM Pcmcia=system32\DRIVERS\pcmcia.sys [Services detected by Partizan] :HKLM PDCOMP [Services detected by Partizan] :HKLM PDFRAME [Services detected by Partizan] :HKLM PDRELI [Services detected by Partizan] :HKLM PDRFRAME [Services detected by Partizan] :HKLM perc2 [Services detected by Partizan] :HKLM perc2hib [Services detected by Partizan] :HKLM PerfDisk [Services detected by Partizan] :HKLM PerfNet [Services detected by Partizan] :HKLM PerfOS [Services detected by Partizan] :HKLM PerfProc [Services detected by Partizan] :HKLM PlugPlay=%SystemRoot%\system32\services.exe [Services detected by Partizan] :HKLM Pml Driver HPZ12=C:\WINDOWS\system32\HPZipm12.exe [Services detected by Partizan] :HKLM PolicyAgent=%SystemRoot%\system32\lsass.exe [Services detected by Partizan] :HKLM PptpMiniport=system32\DRIVERS\raspptp.sys [Services detected by Partizan] :HKLM Programador de LiveUpdate autom tico="C:\Archivos de programa\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [Services detected by Partizan] :HKLM ProtectedStorage=%SystemRoot%\system32\lsass.exe [Services detected by Partizan] :HKLM PSched=system32\DRIVERS\psched.sys [Services detected by Partizan] :HKLM Ptilink=system32\DRIVERS\ptilink.sys [Services detected by Partizan] :HKLM PxHelp20=System32\Drivers\PxHelp20.sys [Services detected by Partizan] :HKLM ql1080 [Services detected by Partizan] :HKLM Ql10wnt [Services detected by Partizan] :HKLM ql12160 [Services detected by Partizan] :HKLM ql1240 [Services detected by Partizan] :HKLM ql1280 [Services detected by Partizan] :HKLM RasAcd=system32\DRIVERS\rasacd.sys [Services detected by Partizan] :HKLM RasAuto=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Rasirda=system32\DRIVERS\rasirda.sys [Services detected by Partizan] :HKLM Rasl2tp=system32\DRIVERS\rasl2tp.sys [Services detected by Partizan] :HKLM RasMan=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM RasPppoe=system32\DRIVERS\raspppoe.sys [Services detected by Partizan] :HKLM Raspti=system32\DRIVERS\raspti.sys [Services detected by Partizan] :HKLM Rdbss=system32\DRIVERS\rdbss.sys [Services detected by Partizan] :HKLM RDPCDD=System32\DRIVERS\RDPCDD.sys [Services detected by Partizan] :HKLM RDPDD [Services detected by Partizan] :HKLM RDPNP [Services detected by Partizan] :HKLM RDPWD [Services detected by Partizan] :HKLM RDSessMgr=C:\WINDOWS\system32\sessmgr.exe [Services detected by Partizan] :HKLM redbook=system32\DRIVERS\redbook.sys [Services detected by Partizan] :HKLM RemoteAccess=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM RFCOMM=system32\DRIVERS\rfcomm.sys [Services detected by Partizan] :HKLM RpcLocator=%SystemRoot%\system32\locator.exe [Services detected by Partizan] :HKLM RpcSs=%SystemRoot%\system32\svchost -k rpcss [Services detected by Partizan] :HKLM RSVP=%SystemRoot%\system32\rsvp.exe [Services detected by Partizan] :HKLM SamSs=%SystemRoot%\system32\lsass.exe [Services detected by Partizan] :HKLM SCardSvr=%SystemRoot%\System32\SCardSvr.exe [Services detected by Partizan] :HKLM Schedule=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM sdbus=system32\DRIVERS\sdbus.sys [Services detected by Partizan] :HKLM Secdrv=system32\DRIVERS\secdrv.sys [Services detected by Partizan] :HKLM seclogon=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM SENS=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM serenum=system32\DRIVERS\serenum.sys [Services detected by Partizan] :HKLM Serial=system32\DRIVERS\serial.sys [Services detected by Partizan] :HKLM Sfloppy [Services detected by Partizan] :HKLM SharedAccess=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM ShellHWDetection=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Simbad [Services detected by Partizan] :HKLM SMCIRDA=system32\DRIVERS\smcirda.sys [Services detected by Partizan] :HKLM Sparrow [Services detected by Partizan] :HKLM SPBBCDrv=\??\C:\Archivos de programa\Archivos comunes\Symantec Shared\SPBBC\SPBBCDrv.sys [Services detected by Partizan] :HKLM splitter=system32\drivers\splitter.sys [Services detected by Partizan] :HKLM Spooler=%SystemRoot%\system32\spoolsv.exe [Services detected by Partizan] :HKLM sr=system32\DRIVERS\sr.sys [Services detected by Partizan] :HKLM srservice=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM SRTSP=System32\Drivers\SRTSP.SYS [Services detected by Partizan] :HKLM SRTSPL=System32\Drivers\SRTSPL.SYS [Services detected by Partizan] :HKLM SRTSPX=System32\Drivers\SRTSPX.SYS [Services detected by Partizan] :HKLM Srv=system32\DRIVERS\srv.sys [Services detected by Partizan] :HKLM SSDPSRV=%SystemRoot%\system32\svchost.exe -k LocalService [Services detected by Partizan] :HKLM stisvc=%SystemRoot%\system32\svchost.exe -k imgsvc [Services detected by Partizan] :HKLM swenum=system32\DRIVERS\swenum.sys [Services detected by Partizan] :HKLM swmidi=system32\drivers\swmidi.sys [Services detected by Partizan] :HKLM SwPrv=C:\WINDOWS\system32\dllhost.exe /Processid:{59B83B99-BFAB-4659-B776-9858D9D153C5} [Services detected by Partizan] :HKLM Symantec Core LC="C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe" [Services detected by Partizan] :HKLM symc810 [Services detected by Partizan] :HKLM symc8xx [Services detected by Partizan] :HKLM SYMDNS=\SystemRoot\System32\Drivers\SYMDNS.SYS [Services detected by Partizan] :HKLM SymEvent=\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [Services detected by Partizan] :HKLM SYMFW=\SystemRoot\System32\Drivers\SYMFW.SYS [Services detected by Partizan] :HKLM SYMIDS=\SystemRoot\System32\Drivers\SYMIDS.SYS [Services detected by Partizan] :HKLM SYMIDSCO=\??\C:\ARCHIV~1\ARCHIV~1\SYMANT~1\SymcData\idsdefs\20080825.001\SymIDSCo.sys [Services detected by Partizan] :HKLM SYMNDIS=\SystemRoot\System32\Drivers\SYMNDIS.SYS [Services detected by Partizan] :HKLM SYMREDRV=\SystemRoot\System32\Drivers\SYMREDRV.SYS [Services detected by Partizan] :HKLM SYMTDI=\SystemRoot\System32\Drivers\SYMTDI.SYS [Services detected by Partizan] :HKLM sym_hi [Services detected by Partizan] :HKLM sym_u3 [Services detected by Partizan] :HKLM SynTP=system32\DRIVERS\SynTP.sys [Services detected by Partizan] :HKLM sysaudio=system32\drivers\sysaudio.sys [Services detected by Partizan] :HKLM SysmonLog=%SystemRoot%\system32\smlogsvc.exe [Services detected by Partizan] :HKLM TapiSrv=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Tcpip=system32\DRIVERS\tcpip.sys [Services detected by Partizan] :HKLM TDPIPE [Services detected by Partizan] :HKLM TDTCP [Services detected by Partizan] :HKLM TermDD=system32\DRIVERS\termdd.sys [Services detected by Partizan] :HKLM TermService=%SystemRoot%\System32\svchost -k DComLaunch [Services detected by Partizan] :HKLM Themes=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM tifm21=system32\drivers\tifm21.sys [Services detected by Partizan] :HKLM toshidpt=system32\drivers\Toshidpt.sys [Services detected by Partizan] :HKLM TosIde [Services detected by Partizan] :HKLM tosporte=system32\DRIVERS\tosporte.sys [Services detected by Partizan] :HKLM Tosrfbd=System32\Drivers\tosrfbd.sys [Services detected by Partizan] :HKLM Tosrfbnp=System32\Drivers\tosrfbnp.sys [Services detected by Partizan] :HKLM Tosrfcom=System32\Drivers\tosrfcom.sys [Services detected by Partizan] :HKLM Tosrfhid=system32\DRIVERS\Tosrfhid.sys [Services detected by Partizan] :HKLM tosrfnds=system32\DRIVERS\tosrfnds.sys [Services detected by Partizan] :HKLM TosRfSnd=system32\drivers\TosRfSnd.sys [Services detected by Partizan] :HKLM Tosrfusb=System32\Drivers\tosrfusb.sys [Services detected by Partizan] :HKLM TrkWks=%SystemRoot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM TSDDD [Services detected by Partizan] :HKLM Udfs [Services detected by Partizan] :HKLM ultra [Services detected by Partizan] :HKLM UMWdf=C:\WINDOWS\system32\wdfmgr.exe [Services detected by Partizan] :HKLM Update=system32\DRIVERS\update.sys [Services detected by Partizan] :HKLM upnphost=%SystemRoot%\system32\svchost.exe -k LocalService [Services detected by Partizan] :HKLM UPS=%SystemRoot%\System32\ups.exe [Services detected by Partizan] :HKLM USB [Services detected by Partizan] :HKLM usbccgp=system32\DRIVERS\usbccgp.sys [Services detected by Partizan] :HKLM usbehci=system32\DRIVERS\usbehci.sys [Services detected by Partizan] :HKLM usbhub=system32\DRIVERS\usbhub.sys [Services detected by Partizan] :HKLM usbprint=system32\DRIVERS\usbprint.sys [Services detected by Partizan] :HKLM usbscan=system32\DRIVERS\usbscan.sys [Services detected by Partizan] :HKLM USBSTOR=system32\DRIVERS\USBSTOR.SYS [Services detected by Partizan] :HKLM usbuhci=system32\DRIVERS\usbuhci.sys [Services detected by Partizan] :HKLM usnjsvc="C:\Archivos de programa\MSN Messenger\usnsvc.exe" [Services detected by Partizan] :HKLM VgaSave=\SystemRoot\System32\drivers\vga.sys [Services detected by Partizan] :HKLM ViaIde=system32\DRIVERS\viaide.sys [Services detected by Partizan] :HKLM VolSnap [Services detected by Partizan] :HKLM VSS=%SystemRoot%\System32\vssvc.exe [Services detected by Partizan] :HKLM VxD [Services detected by Partizan] :HKLM W32Time=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM w39n51=system32\DRIVERS\w39n51.sys [Services detected by Partizan] :HKLM W3SVC [Services detected by Partizan] :HKLM Wanarp=system32\DRIVERS\wanarp.sys [Services detected by Partizan] :HKLM WDICA [Services detected by Partizan] :HKLM wdmaud=system32\drivers\wdmaud.sys [Services detected by Partizan] :HKLM WebClient=%SystemRoot%\system32\svchost.exe -k LocalService [Services detected by Partizan] :HKLM winachsf=system32\DRIVERS\HSF_CNXT.sys [Services detected by Partizan] :HKLM winmgmt=%systemroot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM Winsock [Services detected by Partizan] :HKLM WinSock2 [Services detected by Partizan] :HKLM WinTrust [Services detected by Partizan] :HKLM WmdmPmSN=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM WmiAcpi=system32\DRIVERS\wmiacpi.sys [Services detected by Partizan] :HKLM WmiApRpl [Services detected by Partizan] :HKLM WmiApSrv=C:\WINDOWS\system32\wbem\wmiapsrv.exe [Services detected by Partizan] :HKLM WS2IFSL [Services detected by Partizan] :HKLM wscsvc=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM wuauserv=%systemroot%\system32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM WZCSVC=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM xmlprov=%SystemRoot%\System32\svchost.exe -k netsvcs [Services detected by Partizan] :HKLM {4D5FD48C-C669-43A4-9257-FDCF0404658B} [Services detected by Partizan] :HKLM {5403AB45-BFBE-44FA-B2B9-3FFA75B3D4E7} [Services detected by Partizan] :HKLM {749BA00A-F5B5-4E7E-A840-2ECA71DF1CBD} [Services detected by Partizan] :HKLM {75C71FF3-DE9F-48F5-8226-7D7A5D413822} [Services detected by Partizan] :HKLM {A62ECEEC-66B5-40D9-80F3-495AFD6CE4D2} [Auto Start Apps] [Registry Run] :HKCU CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe [Registry Run] :HKCU Iomega Automatic Backup=C:\Archivos de programa\Iomega\Iomega Automatic Backup\ibackup.exe [Registry Run] :HKCU swg=C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [Registry Run] :HKCU MsnMsgr="C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background [Registry Run] :HKCU Reminder=C:\Archivos de programa\Microsoft Money\System\reminder.exe [Registry Run] :HKCU UnHackMe Monitor=C:\Archivos de programa\UnHackMe\hackmon.exe [Registry Run] :HKLM igfxtray=C:\WINDOWS\system32\igfxtray.exe [Registry Run] :HKLM igfxhkcmd=C:\WINDOWS\system32\hkcmd.exe [Registry Run] :HKLM igfxpers=C:\WINDOWS\system32\igfxpers.exe [Registry Run] :HKLM High Definition Audio Property Page Shortcut=CHDAudPropShortcut.exe [Registry Run] :HKLM SunJavaUpdateSched="C:\Archivos de programa\Java\jre1.6.0_05\bin\jusched.exe" [Registry Run] :HKLM HP Software Update=C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe [Registry Run] :HKLM SynTPEnh=C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe [Registry Run] :HKLM hpWirelessAssistant=C:\Archivos de programa\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [Registry Run] :HKLM QPService="C:\Archivos de programa\HP\QuickPlay\QPService.exe" [Registry Run] :HKLM eabconfg.cpl=C:\Archivos de programa\HPQ\Quick Launch Buttons\EabServr.exe /Start [Registry Run] :HKLM Cpqset=C:\Archivos de programa\HPQ\Default Settings\cpqset.exe [Registry Run] :HKLM RecGuard=C:\Windows\SMINST\RecGuard.exe [Registry Run] :HKLM QuickTime Task="C:\Archivos de programa\QuickTime\qttask.exe" -atboottime [Registry Run] :HKLM Iomega Automatic Backup 1.0.1=C:\Archivos de programa\Iomega\Iomega Automatic Backup\ibackup.exe [Registry Run] :HKLM ccApp="C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe" [Registry Run] :HKLM BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [Registry Run] :HKLM Symantec PIF AlertEng="C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Archivos de programa\Archivos comunes\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" [Registry Run] :HKLM ISUSPM Startup=C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [Registry Run] :HKLM ISUSScheduler="C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start [Registry Run] :HKLM KernelFaultCheck=%systemroot%\system32\dumprep 0 -k [Registry RunOnceEx] :HKLM @Regrun2 [Registry RunOnceEx] :HKLM @UnHackMe=C:\ARCHIV~1\UnHackMe\UnHackMe.exe /p Partizan [Win.ini] load="" [Win.ini] run="" [Common Startup Folder] Bluetooth Manager.lnk=C:\Archivos de programa\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [Common Startup Folder] Consola KIT ADSL.lnk=C:\Archivos de programa\Telefonica\Kit ADSL USB\dslmon.exe [Common Startup Folder] HP Digital Imaging Monitor.lnk=C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe [Common Startup Folder] Inicio rápido de Adobe Reader.lnk=C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe [Common Startup Folder] Inicio rápido de HP Photosmart Premier.lnk=C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe [Common Startup Folder] Microsoft Office.lnk=C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE [Scheduled Tasks] Servicios de Internet=C:\Archivos de programa\Hewlett-Packard\SDP\HPSdpApp.exe [Scheduled Tasks] HPCeeSchedule=C:\Archivos de programa\Hewlett-Packard\SDP\Ceement\HPCEE.exe [In memory] [Running Processes] C:\WINDOWS\SYSTEM32\SMSS.EXE [Running Processes] C:\WINDOWS\SYSTEM32\WINLOGON.EXE [Running Processes] C:\WINDOWS\SYSTEM32\SERVICES.EXE [Running Processes] C:\WINDOWS\SYSTEM32\LSASS.EXE [Running Processes] C:\WINDOWS\SYSTEM32\SVCHOST.EXE [Running Processes] C:\WINDOWS\SYST

Lolitachichirrao	Sep 4 2008, 06:05 PM Publicado: #6
Newbie Grupo: Members Mensajes: 19