Inicio > Foros
- Foros
- Software
- Seguridad, Antivirus y Malware
- Ayuda con HijackThis
Resultados 1 al 4 de 4
Tema: Ayuda con HijackThis
-
11/06/2007, 19:43josram77
- Fecha de ingreso
- 11 jun, 07
- Mensajes
- 2
Ayuda con HijackThis
Tengo una serie de problemas con mi maquina, al principio me empezo a utilizar una gran parte de la memoria en procesos que buscando en internet logre quitarselos.
Pero ahora presiento que estoy lleno de virus... :cry: .
Pudiera alguien ayudarme con el siguiente HijackThis??
Gracias de antemano.
Logfile of HijackThis v1.99.1
Scan saved at 12:27:12 PM, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ASNA\ADB Engine 5.0\adbntsvc.exe
C:\Program Files\CVSNT\cvsservice.exe
C:\Program Files\IBM\SQLLIB\BIN\db2licd.exe
C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ipmon.exe
C:\WINDOWS\ServicePackFiles\services.exe
C:\WINDOWS\system32\ipmon.exe
C:\WINDOWS\ServicePackFiles\free.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Sw\Utilerias\Antivirus\Malware\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.mx/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://srnorto:81/anmexintranet
F3 - REG:win.ini: run=C:\WINDOWS\ServicePackFiles\services.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: bho3 Class - {58FB2CBB-C874-45FC-A1C9-B62CC9E3BED9} - C:\WINDOWS\ServicePackFiles\61116584.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [xem] C:\WINDOWS\ServicePackFiles\services.exe
O4 - HKLM\..\Run: [lanmanwrk.exe] C:\WINDOWS\System32\lanmanwrk.exe
O4 - HKCU\..\Run: [xem] C:\WINDOWS\ServicePackFiles\services.exe
O4 - Global Startup: 20-20 Shortcut Bar.lnk = C:\2020V61\Mswin\60\SCBar.Exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {044123B5-35DF-4C4E-BAED-26B8ED964342} (HLiveRobotWeb Control) - https://update3.globalhauri.com/Custom/ ... botWeb.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://www2.asna.com/ftp/webinstall/iftwclix.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/res ... nPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5928203046
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.66.155.171.31.downloads.estara ... 0OneCC.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9347184897
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://201.139.8.21/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/a ... _en_dl.cab
O16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} (VacPro.int_ver22b) - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.fotobenavides.com/XUpload/XUpload.ocx
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dnanmex2.aniconet.com
O17 - HKLM\Software\..\Telephony: DomainName = dnanmex2.aniconet.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dnanmex2.aniconet.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\iepgxpg.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acceler8DB Server - ASNA Inc. - C:\Program Files\ASNA\ADB Engine 5.0\adbntsvc.exe
O23 - Service: Crystal Query Server - Unknown owner - C:\Program Files\Seagate Software\Query Server\querysrv.exe" -service (file missing)
O23 - Service: CVSNT Locking Service 2.5.03.2260 (cvslock) - Unknown owner - C:\Program Files\CVSNT\cvslock.exe (file missing)
O23 - Service: CVSNT Dispatch service 2.5.03.2260 (cvsnt) - March Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe
O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: DB2 - DB2-0 (DB2-0) - International Business Machines Corporation - C:\PROGRA~1\IBM\SQLLIB\bin\db2syscs.exe
O23 - Service: DB2DAS - DB2DAS00 (DB2DAS00) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\\bin\db2dasrrm.exe
O23 - Service: DB2 Governor (DB2GOVERNOR) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2govds.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
O23 - Service: DB2 License Server (DB2LICD) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2licd.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
O23 - Service: DB2 Remote Command Server (DB2REMOTECMD) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2rcmd.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ViRobot for WinNT(tm) Folder Protect (HFACSVC) - Unknown owner - C:\Program Files\Hauri\ViRobot Desktop 5.0\AccessControl\HFACSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SiteClient Service for VMS (SiteClientService) - Unknown owner - C:\SiteClient\clisvc.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Apache Tomcat (Tomcat6) - Unknown owner - C:\Program Files\Apache\Tomcat 6.0\bin\tomcat6.exe" //RS//Tomcat6 (file missing)
O23 - Service: Hauri Firewall (vrfwsvc) - Unknown owner - C:\Program Files\Hauri\ViRobot Desktop 5.0\PCFirewall\vrfwsvc.exe (file missing)
O23 - Service: ViRobot Desktop Monitoring (vrmonsvc) - Unknown owner - C:\Program Files\Hauri\Common\Base\vrmonsvc.exe (file missing)
-
11/06/2007, 21:19AngelCaidox
- Fecha de ingreso
- 30 dic, 04
- Ubicación
- Llodio(Alava)
- Mensajes
- 6,499
Ni tanto que estas infectado jeje
Sigue los puntos que te comento sin saltarte uno y poco a poco intentare que me entiendas para poder hacerlo bien.
Tienes que activar ver archivos ocultos:
mi pc -- herramientas -- opciones de carpeta -- ver -- mostrar todos los archivos ocultos
Ahora tienes que eliminar los puntos de restauración para evitar que windows vuelva a estados anteriores, cuando hayas solucionado el problema vuelve a activarlo.
Para ello:
BotÓn derecho en mi pc -- propiedades -- restaurar sistema -- desactivar restaurar sistema.
Ahora dale a "fixed cheked" a las siguientes entradas del hijackthis:
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://srnorto:81/anmexintranet
F3 - REG:win.ini: run=C:\WINDOWS\ServicePackFiles\services.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: bho3 Class - {58FB2CBB-C874-45FC-A1C9-B62CC9E3BED9} - C:\WINDOWS\ServicePackFiles\61116584.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [xem] C:\WINDOWS\ServicePackFiles\services.exe
O4 - HKLM\..\Run: [lanmanwrk.exe] C:\WINDOWS\System32\lanmanwrk.exe
O4 - HKCU\..\Run: [xem] C:\WINDOWS\ServicePackFiles\services.exe
O4 - Global Startup: 20-20 Shortcut Bar.lnk = C:\2020V61\Mswin\60\SCBar.Exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {044123B5-35DF-4C4E-BAED-26B8ED964342} (HLiveRobotWeb Control) - https://update3.globalhauri.com/Custom/ ... botWeb.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.66.155.171.31.downloads.estara ... 0OneCC.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/a ... _en_dl.cab
O16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} (VacPro.int_ver22b) - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.fotobenavides.com/XUpload/XUpload.ocx
017 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dnanmex2.aniconet.com
O17 - HKLM\Software\..\Telephony: DomainName = dnanmex2.aniconet.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dnanmex2.aniconet.com
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
Luego reinicia el equipo en modo a prueba de fallos y busca y borra los siguientes ficheros:
Azul --> Carpetas a borrar con todo su contenido
Rojo --> Ficheros a borrar
C:\WINDOWS\system32\ipmon.exe
C:\WINDOWS\ServicePackFiles\free.exe
C:\WINDOWS\ServicePackFiles\services.exe
C:\WINDOWS\ServicePackFiles\61116584.dll
C:\WINDOWS\System32\lanmanwrk.exe
C:\WINDOWS\system32\rpcc.dll
Una vez borrados estos ficheros reinicia en modo normal y pasa estos dos programas:
Disk Cleaner
RegSeeker <-- MANUAL
Cuando hayas pasado los dos programas, con el internet explorer pasale este antivirus online y me pegas el reporte que te genere el programa, junto a un nuevo log del hijackthis.
http://www.kaspersky.com/kos/spanish/kavwebscan.html
un saludo y suerte
-
14/06/2007, 15:28josram77
- Fecha de ingreso
- 11 jun, 07
- Mensajes
- 2
Esto es el resultado...
Logfile of HijackThis v1.99.1
Scan saved at 8:38:16 AM, on 06/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ASNA\ADB Engine 5.0\adbntsvc.exe
C:\Program Files\CVSNT\cvsservice.exe
C:\Program Files\IBM\SQLLIB\BIN\db2licd.exe
C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Sw\Utilerias\Antivirus\Malware\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.mx/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {044123B5-35DF-4C4E-BAED-26B8ED964342} (HLiveRobotWeb Control) - https://update3.globalhauri.com/Custom/ ... botWeb.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish/ka ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://www2.asna.com/ftp/webinstall/iftwclix.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/res ... nPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5928203046
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.66.155.171.31.downloads.estara ... 0OneCC.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9347184897
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://201.139.8.21/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dnanmex2.aniconet.com
O17 - HKLM\Software\..\Telephony: DomainName = dnanmex2.aniconet.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dnanmex2.aniconet.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\iepgxpg.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acceler8DB Server - ASNA Inc. - C:\Program Files\ASNA\ADB Engine 5.0\adbntsvc.exe
O23 - Service: Crystal Query Server - Unknown owner - C:\Program Files\Seagate Software\Query Server\querysrv.exe" -service (file missing)
O23 - Service: CVSNT Locking Service 2.5.03.2260 (cvslock) - Unknown owner - (no file)
O23 - Service: CVSNT Dispatch service 2.5.03.2260 (cvsnt) - March Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe
O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: DB2 - DB2-0 (DB2-0) - International Business Machines Corporation - C:\PROGRA~1\IBM\SQLLIB\bin\db2syscs.exe
O23 - Service: DB2DAS - DB2DAS00 (DB2DAS00) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\\bin\db2dasrrm.exe
O23 - Service: DB2 Governor (DB2GOVERNOR) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2govds.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
O23 - Service: DB2 License Server (DB2LICD) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2licd.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
O23 - Service: DB2 Remote Command Server (DB2REMOTECMD) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2rcmd.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Apache Tomcat (Tomcat6) - Unknown owner - C:\Program Files\Apache\Tomcat 6.0\bin\tomcat6.exe" //RS//Tomcat6 (file missing)
O23 - Service: Hauri Firewall (vrfwsvc) - Unknown owner - (no file)
O23 - Service: ViRobot Desktop Monitoring (vrmonsvc) - Unknown owner - (no file)
-
14/06/2007, 15:46AngelCaidox
- Fecha de ingreso
- 30 dic, 04
- Ubicación
- Llodio(Alava)
- Mensajes
- 6,499
que has notado? dime tu sensasión.
Te faltan cosas por eliminar, borra estas dos entradas:
O16 - DPF: {044123B5-35DF-4C4E-BAED-26B8ED964342} (HLiveRobotWeb Control) - https://update3.globalhauri.com/Custom/ ... botWeb.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.66.155.171.31.downloads.estara ... 0OneCC.cab
Conoces esta configuracion de dns´s? o proxys nose que leches serán..
dnanmex2.aniconet.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dnanmex2.aniconet.com
O17 - HKLM\Software\..\Telephony: DomainName = dnanmex2.aniconet.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dnanmex2.aniconet.com
Powered by vBulletin® Version 4.2.5
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved.
Traducción por vBulletin Castellano Copyright © 2025.
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved.
Traducción por vBulletin Castellano Copyright © 2025.
AutoLinker v1.3 by Poker Forum