Foro de Spyware - Ver Mensaje Individual - Se me apaga el ordenador y no arranca windows

Tema: Se me apaga el ordenador y no arranca windows

Ver Mensaje Individual

post #7 (permalink)

05/06/05, 17:30:20

banbi99

Usuario

Registrado: abr 2005

Ubicación: España

Mensajes: 8

Re: Se me apaga el ordenador y no arranca windows

Hola, Jereque:

Aquí van el log del Hijack y el del CWShreder.

Muchas gracias.
Banbi99

Logfile of HijackThis v1.99.1
Scan saved at 21:28:19, on 04/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\ARCHIV~1\CA\ETRUST~1\ETRUST~1\VetMsg.exe
C:\WINDOWS\System32\ZoneLabs\vsmon.exe
C:\Archivos de programa\WinPoET Broadband Connection\WrOS.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
C:\ARCHIV~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Archivos de programa\Winamp\winampa.exe
C:\Archivos de programa\Creative\Shared Files\CAMTRAY.EXE
C:\Archivos de programa\Zone Labs\ZoneAlarm\zlclient.exe
C:\Archivos de programa\Trust\3011A WIRELESS OPTICAL
DESKSET\Keyboard\kbdap32a.EXE
C:\Archivos de programa\Trust\3011A WIRELESS OPTICAL
DESKSET\Mouse\mouse32a.exe
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\Archivos de programa\Microsoft Office\Office\Osa.exe
C:\Archivos de programa\Webshots\WebshotsTray.exe
C:\Archivos de programa\Terra\Kit Terra ADSL\DSLMON.EXE
C:\Archivos de programa\Google\Google Desktop
Search\GoogleDesktopIndex.exe
C:\Archivos de programa\Google\Google Desktop
Search\GoogleDesktopCrawl.exe
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Documents and Settings\barra\Configuración local\Archivos temporales
de Internet\Content.IE5\80AB3MW6\CWShredder[1].exe
C:\Documents and
Settings\barra\Escritorio\Descargas\HijackThis\Hij ackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.el-mundo.es/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Vínculos
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-
7695ECA05670} - C:\Archivos de programa\Yahoo!
\Companion\Installs\cpn\ycomp5_3_18_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-
1c2956615786} - C:\Archivos de programa\Google\Google Desktop
Search\GoogleDesktopIE.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - C:\Archivos de programa\Yahoo!
\Companion\Installs\cpn\ycomp5_3_18_0.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy
LS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32
\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [VetTray] C:\ARCHIV~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Archivos de
programa\Winamp\winampa.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Archivos de
programa\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32
\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Zone Labs Client] C:\Archivos de programa\Zone
Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Archivos de programa\Trust\3011A
WIRELESS OPTICAL DESKSET\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Archivos de
programa\Trust\3011A WIRELESS OPTICAL DESKSET\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Archivos de programa\Enigma Software
Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Archivos de
programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Global Startup: Inicio de Office.lnk = C:\Archivos de
programa\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Webshots.lnk = C:\Archivos de
programa\Webshots\WebshotsTray.exe
O4 - Global Startup: Búsqueda rápida de Microsoft.lnk = C:\Archivos de
programa\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Archivos de programa\Zone
Labs\ZoneAlarm\zonealarm.exe
O4 - Global Startup: Consola KIT Terra ADSL.lnk = C:\Archivos de
programa\Terra\Kit Terra ADSL\DSLMON.EXE
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de
programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-
C7D56CB83487} - C:\Archivos de programa\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-
C7D56CB83487} - C:\Archivos de programa\Hello\PicasaCapture.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-
0050045C3C96} - C:\ARCHIV~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-
B5C9-0050045C3C96} - C:\ARCHIV~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O12 - Plugin for .UVR: C:\Archivos de programa\Internet
Explorer\Plugins\NPUPano.dll
O16 - DPF: JT's Blocks -
http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Pool 2 -
http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/h
ousecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-
Spyware Scanner) -
http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C1E5986-B531-4D1A-99A4-
21FB0B1A8D00}: NameServer = 195.235.113.3,195.235.96.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{A946A5BA-71E1-4487-B781-
1B9D7CB5A0C9}: NameServer = 195.235.113.3 195.235.96.90
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32
\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service
(default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog
Devices\SoundMAX\SMAgent.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates
International, Inc. - C:\ARCHIV~1\CA\ETRUST~1\ETRUST~1\VetMsg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\System32\ZoneLabs\vsmon.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company -
C:\Archivos de programa\WinPoET Broadband Connection\WrOS.EXE

************************************************** ****
Informe del CWShreder, que dice que no detecta nada:

**** Run Keys ****
RUN: [SystemTray] SysTray.Exe
RUN: [SoundMan] soundman.exe
RUN: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
RUN: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy LS\Surround
Mixer\CTSysVol.exe /r
RUN: [UpdReg] C:\WINDOWS\UpdReg.EXE
RUN: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
RUN: [nwiz] nwiz.exe /install
RUN: [VetTray] C:\ARCHIV~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
RUN: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe
RUN: [Creative WebCam Tray] C:\Archivos de programa\Creative\Shared
Files\CAMTRAY.EXE
RUN: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32
\NvMcTray.dll,NvTaskbarInit
RUN: [Zone Labs Client] C:\Archivos de programa\Zone
Labs\ZoneAlarm\zlclient.exe
RUN: [OFFICEKB] C:\Archivos de programa\Trust\3011A WIRELESS OPTICAL
DESKSET\Keyboard\kbdap32a.EXE
RUN: [FLMOFFICE4DMOUSE] C:\Archivos de programa\Trust\3011A WIRELESS
OPTICAL DESKSET\Mouse\mouse32a.exe
RUN: [SpyHunter] C:\Archivos de programa\Enigma Software
Group\SpyHunter\SpyHunter.exe
RUN: [Google Desktop Search] "C:\Archivos de programa\Google\Google
Desktop Search\GoogleDesktop.exe" /startup

**** Browser Helper Objects ****
BHO: [Yahoo! Companion BHO] C:\Archivos de programa\Yahoo!
\Companion\Installs\cpn\ycomp5_3_18_0.dll
BHO: [AcroIEHlprObj Class] C:\Archivos de programa\Adobe\Acrobat 7.0
\ActiveX\AcroIEHelper.dll
BHO: [] C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
BHO: [IeCaptureBho Object] C:\Archivos de programa\Google\Google
Desktop Search\GoogleDesktopIE.dll

**** IE Toolbars ****
TOOLBAR: [Yahoo! Companion] C:\Archivos de programa\Yahoo!
\Companion\Installs\cpn\ycomp5_3_18_0.dll

**** IE Extensions ****
IEExt: [Share in Hello]
IEExt: [Yahoo! Messenger] C:\ARCHIV~1\YAHOO!\MESSEN~1\YPAGER.EXE
IEExt: [Messenger] C:\Archivos de programa\Messenger\msmsgs.exe

**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost

**** IE Settings ****
Default Search: http://www.microsoft.com/isapi/redir.dll?
prd=ie&ar=iesearch
Search Page: http://www.microsoft.com/isapi/redir.dll?
prd=ie&ar=iesearch

**** IE Context Menu (Right click) ****

**** Layered Service Providers ****
LSP: Google Desktop over [MSAFD Tcpip [TCP/IP]]
LSP: Google Desktop over [MSAFD Tcpip [UDP/IP]]
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{02E14306-556C-4580-8DA9-
5B1E66EF9C71}] SEQPACKET 8
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{02E14306-556C-4580-8DA9-
5B1E66EF9C71}] DATAGRAM 8
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3BD7B87D-A41C-4422-A1E1-
16914BCE60F7}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3BD7B87D-A41C-4422-A1E1-
16914BCE60F7}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4A3CB417-8C8C-4690-8C23-
870CEA26FE2E}] SEQPACKET 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4A3CB417-8C8C-4690-8C23-
870CEA26FE2E}] DATAGRAM 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{76C60A43-29C9-4BD7-9E71-
D412686C19BA}] SEQPACKET 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{76C60A43-29C9-4BD7-9E71-
D412686C19BA}] DATAGRAM 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9C1E5986-B531-4D1A-99A4-
21FB0B1A8D00}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9C1E5986-B531-4D1A-99A4-
21FB0B1A8D00}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{64E10576-85D6-4FBC-8275-
A009F384E20D}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{64E10576-85D6-4FBC-8275-
A009F384E20D}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{97478B11-13E3-4169-8608-
F6B8DF47074F}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{97478B11-13E3-4169-8608-
F6B8DF47074F}] DATAGRAM 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{68DD4DD1-8E80-40FD-8E8F-
71829057D18E}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{68DD4DD1-8E80-40FD-8E8F-
71829057D18E}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A946A5BA-71E1-4487-B781-
1B9D7CB5A0C9}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A946A5BA-71E1-4487-B781-
1B9D7CB5A0C9}] DATAGRAM 5

**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
BLOCKED: [snd.cpl] no
BLOCKED: [joystick.cpl] no
BLOCKED: [midimap.drv] no

**** Downloaded Program Files ****
JT's Blocks
[http://download.games.yahoo.com/games/clients/y/blt1_x.cab]
Microsoft XML Parser for Java
[http://download.games.yahoo.com/games/clients/y/blt1_x.cab]
Yahoo! Chat
[http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab]
Yahoo! Pool 2
[http://download.games.yahoo.com/games/clients/y/pote_x.cab]
{00B71CFB-6864-4346-A978-C0A14556272C}
[http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab]
C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
{14B87622-7E19-4EA8-93B3-97215F77A6BC}
[http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.ca
b]
{166B1BCA-3F9C-11CF-8075-444553540000}
[http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab]
{2917297F-F02B-4B9D-81DF-494B6333150B}
[http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab]
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
[http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab]
{74D05D43-3236-11D4-BDCD-00C04F9A3B61}
[http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/
housecall/xscan53.cab] C:\WINDOWS\system32\mfc42.dll
C:\WINDOWS\loadhttp.dll C:\WINDOWS\aucfg.ini C:\WINDOWS\tmupdate.ini
C:\WINDOWS\runtsckl.exe C:\WINDOWS\patchw32.dll C:\WINDOWS\Downloaded
Program Files\xscan53.ocx
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
[http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}
[http://www.pandasoftware.com/activescan/as5/asinst.cab]
{9B03C5F1-F5AB-47EE-937D-A8EDA626F876}
[http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab]
{9F1C11AA-197B-4942-BA54-47A8489BB47F}
[http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?
37963.596087963]
{B8BE5E93-A60C-4D26-A2DC-220313175592}
[http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab]

**** Windows Services ****
[Alerter] %SystemRoot%\System32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
[C-DillaCdaC11BA] C:\WINDOWS\System32\drivers\CDAC11BA.EXE
[cisvc] C:\WINDOWS\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-
11D1-960D-00805FC79235}
[Creative Service for CDROM Access] C:\WINDOWS\System32\CTsvcCDA.exe
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\System32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\System32\svchost.exe -k NetworkService
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\System32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k
netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] C:\WINDOWS\System32\imapi.exe
[lanmanserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\System32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\System32\svchost.exe -k LocalService
[Messenger] %SystemRoot%\System32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\System32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\System32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\System32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\System32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\System32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[NVSvc] %SystemRoot%\system32\nvsvc32.exe
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\System32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\svchost.exe -k LocalService
[RpcLocator] %SystemRoot%\System32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\System32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[SoundMAX Agent Service (default)] C:\Archivos de programa\Analog
Devices\SoundMAX\SMAgent.exe
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\System32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\System32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\System32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\System32\dllhost.exe /Processid:{069705AF-BC48-4348-
A916-26312AA1910C}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TlntSvr] C:\WINDOWS\System32\tlntsvr.exe
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[UMWdf] C:\WINDOWS\system32\wdfmgr.exe
[upnphost] %SystemRoot%\System32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VETMSGNT] C:\ARCHIV~1\CA\ETRUST~1\ETRUST~1\VetMsg.exe
[vsmon] C:\WINDOWS\System32\ZoneLabs\vsmon.exe -service
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\System32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WinPPPoverEthernet] C:\Archivos de programa\WinPoET Broadband
Connection\WrOS.EXE
[WMDM PMSP Service] C:\WINDOWS\System32\MsPMSPSv.exe
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[Wmi] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\System32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %SystemRoot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs

**** Custom IE Search Items ****
SEARCH: []
SEARCH: [SearchAssistant_bak] http://www.martfinder.com/
SEARCH: []

**** Complete IE Options ****
IEOPT: [ChannelsURL] http://www.iechannelguide.com/guide/es/es_es.asp
IEOPT: [ChannelsFirstURL] res://ie4tour.dll/channels.htm
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] http://www.el-mundo.es/
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Show_ChannelBand] no
IEOPT: [Window_Placement] ,
IEOPT: [ExplorerBar] "
IEOPT: [AutoSearch]
IEOPT: [LastCheckedHi] ;|Ål÷¿
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [FullScreen] no
IEOPT: [Use FormSuggest] yes
IEOPT: [FormSuggest PW Ask] no
IEOPT: [AddToFavoritesExpanded]
IEOPT: [Página de búsqueda] http://www.msn.com/access/allinone.asp
IEOPT: [Página de inicio] http://www.microsoft.com/msoffice/
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Error Dlg Details Pane Open] no
IEOPT: [Expand Alt Text] no
IEOPT: [Move System Caret] no
IEOPT: [NscSingleExpand]
IEOPT: [NoUpdateCheck]
IEOPT: [Force Offscreen Composition]
IEOPT: [NoJITSetup]
IEOPT: [NoWebJITSetup]
IEOPT: [Page_Transitions]
IEOPT: [AllowWindowReuse]
IEOPT: [ShowGoButton] yes
IEOPT: [Friendly http errors] yes
IEOPT: [SmoothScroll]
IEOPT: [Print_Background] no
IEOPT: [Play_Animations] yes
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Show image placeholders]
IEOPT: [Display Inline Videos] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?
prd=ie&ar=iesearch
IEOPT: [Disable Script Debugger] no
IEOPT: [Check_Associations] no
IEOPT: [Search Bar_bak] http://www.martfinder.com/?p=%s
IEOPT: [Search Page_bak] http://www.martfinder.com/
IEOPT: [ShowedCheckBrowser] Yes
IEOPT: [HistoryViewType]
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?
prd=ie&ar=iesearch
IEOPT: [FavIntelliMenus] no
IEOPT: [UseThemes]
IEOPT: [DisableScriptDebuggerIE] no
IEOPT: [StatusBarOther]
IEOPT: [HistoryTopNSitesView]
IEOPT: [StatusBarWeb]
IEOPT: [Use_Combobox_DlgBox_Colors_Complete] 3
IEOPT: [Use_Combobox_DlgBox_Colors_Failed] 4
IEOPT: [Use_Combobox_DlgBox_Colors_Error] 10
IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?
prd=ie&ar=iesearch
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?
prd=ie&ar=iesearch
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] about:blank
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [Check_Associations] no