 |
| |||||||
| Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis. |
 |
| | Herramientas |
 | 
06/08/08, 14:49:54
|  |
| |||
| launch internet explorer se reinicia 1. Mi pórtatil es un Dell Inspiron 1501 con Win Vista Home Basic, he realizado las siguientes acciones: a. He reiniciado el equipo a prueba de errores b. He acualizado el McAfee y he escaneado el sistema. c. He buscado el scaneo on line a través de la Dell Sin obtener resultados, por favor orientenme sobre lo que tngo que hacer  Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:27:30 p.m., on 06/08/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\sttray.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Common Files\AOL\1192497849\ee\aolsoftware.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Windows Live\Protección infantil\fssui.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\taskeng.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Windows\system32\Macromed\Download\Download.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Protección infantil\fssbho.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvce1.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID% O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1192497849\ee\AOLSoftware.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Protección infantil\fssui.exe" -autorun O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MMAgent] C:\Program Files\Mobile Master\MMAgent.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\carolina\AppData\Local\Temp\~DFBF7A.tmp C:\Users\carolina\AppData\Local\Temp\~DFBF70.tmp C:\Users\carolina\AppData\Local\Temp\~DFB333.tmp C:\Users\carolina\AppData\Local\Temp\~DFB315.tmp C:\Users\carolina\AppData\Local\Temp\~DFA694.tmp C:\Users\carolina\AppData\Local\Temp\~DFA685.tmp C:\Users\carolina\AppData\Local\Temp\~DF8B3D.tmp C:\Users\carolina\AppData\Local\Temp\~DF8680.tmp C:\Users\carolina\AppData\Local\Temp\~DF8287.tmp C:\Users\carolina\AppData\Local\Temp\~DF8277.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EF5.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EE6.tmp C:\Users\carolina\AppData\Local\Temp\~DF4327.tmp C:\Users\carolina\AppData\Local\Temp\~DF334.tmp C:\Users\carolina\AppData\Local\Temp\~DF1D73.tmp C:\Users\carolina\AppData\Local\Temp\~DF17C5.tmp C:\Users\carolina\AppData\Local\Temp\Low\HSPERF~1. SH! (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\carolina\AppData\Local\Temp\~DFBF7A.tmp C:\Users\carolina\AppData\Local\Temp\~DFBF70.tmp C:\Users\carolina\AppData\Local\Temp\~DFB333.tmp C:\Users\carolina\AppData\Local\Temp\~DFB315.tmp C:\Users\carolina\AppData\Local\Temp\~DFA694.tmp C:\Users\carolina\AppData\Local\Temp\~DFA685.tmp C:\Users\carolina\AppData\Local\Temp\~DF8B3D.tmp C:\Users\carolina\AppData\Local\Temp\~DF8680.tmp C:\Users\carolina\AppData\Local\Temp\~DF8287.tmp C:\Users\carolina\AppData\Local\Temp\~DF8277.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EF5.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EE6.tmp C:\Users\carolina\AppData\Local\Temp\~DF4327.tmp C:\Users\carolina\AppData\Local\Temp\~DF334.tmp C:\Users\carolina\AppData\Local\Temp\~DF1D73.tmp C:\Users\carolina\AppData\Local\Temp\~DF17C5.tmp C:\Users\carolina\AppData\Local\Temp\Low\HSPERF~1. SH! (User 'Default user') O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Yahoo! Servicios - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvce1.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CAB O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-374059b3fe636a17.spaces.live.com/PhotoUpload/VistaMsnPUpldes-xl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D53E4843-B98B-4694-A2C2-C18013676703}: NameServer = 192.168.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14316 bytes      |
|
06/08/08, 21:07:42
| |
| ||||
| Re: launch internet explorer se reinicia Hola sandovalrjj, te doy la bienvenida al Foro de InfoSpyware. ForoSpyware lo mantenemos voluntarios que tenemos nuestros trabajos y obligaciones fuera, por lo que no estamos 24/7, a lo que te pedimos paciencia en el análisis y respuesta de tu caso. Si 48hrs después de dejarnos el reporte de DSS no recibes una respuesta me puedes enviar un mp de recordatorio.
Cita:
Salu2 Hablándole al mundo en "Twitter"" Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
07/08/08, 14:44:53
| |
| |||
 Re: launch internet explorer se reinicia Esto es lo arojado por el programa, porfa, estaré pendiente a cualquier solución o para saber el paso a seguir.. muchas gracias Deckard's System Scanner v20071014.68 Run by carolina on 2008-08-07 12:06:29 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 7: 2008-08-07 03:32:53 UTC - RP136 - Scheduled Checkpoint 6: 2008-08-03 05:57:30 UTC - RP135 - Windows Update 5: 2008-08-03 02:34:03 UTC - RP134 - Windows Update 4: 2008-08-01 00:44:11 UTC - RP133 - Scheduled Checkpoint 3: 2008-07-30 17:51:00 UTC - RP132 - Scheduled Checkpoint -- First Restore Point -- 1: 2008-07-29 22:12:17 UTC - RP129 - Scheduled Checkpoint Backed up registry hives. Performed disk cleanup. Total Physical Memory: 894 MiB (1024 MiB recommended). -- HijackThis (run as carolina.exe) -------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:21:51 p.m., on 07/08/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\sttray.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Common Files\AOL\1192497849\ee\aolsoftware.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Windows Live\Protección infantil\fssui.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Users\carolina\Desktop\Sandoval\MATERIAL SENA\MANTENIMIENTO DE COMPUTADORES\dss.exe C:\Windows\system32\conime.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\carolina.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://latam.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://latam.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Protección infantil\fssbho.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvce1.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID% O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1192497849\ee\AOLSoftware.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Protección infantil\fssui.exe" -autorun O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MMAgent] C:\Program Files\Mobile Master\MMAgent.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\carolina\AppData\Local\Temp\~DFBF7A.tmp C:\Users\carolina\AppData\Local\Temp\~DFBF70.tmp C:\Users\carolina\AppData\Local\Temp\~DFB333.tmp C:\Users\carolina\AppData\Local\Temp\~DFB315.tmp C:\Users\carolina\AppData\Local\Temp\~DFA694.tmp C:\Users\carolina\AppData\Local\Temp\~DFA685.tmp C:\Users\carolina\AppData\Local\Temp\~DF8B3D.tmp C:\Users\carolina\AppData\Local\Temp\~DF8680.tmp C:\Users\carolina\AppData\Local\Temp\~DF8287.tmp C:\Users\carolina\AppData\Local\Temp\~DF8277.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EF5.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EE6.tmp C:\Users\carolina\AppData\Local\Temp\~DF4327.tmp C:\Users\carolina\AppData\Local\Temp\~DF334.tmp C:\Users\carolina\AppData\Local\Temp\~DF1D73.tmp C:\Users\carolina\AppData\Local\Temp\~DF17C5.tmp C:\Users\carolina\AppData\Local\Temp\Low\HSPERF~1. SH! (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\carolina\AppData\Local\Temp\~DFBF7A.tmp C:\Users\carolina\AppData\Local\Temp\~DFBF70.tmp C:\Users\carolina\AppData\Local\Temp\~DFB333.tmp C:\Users\carolina\AppData\Local\Temp\~DFB315.tmp C:\Users\carolina\AppData\Local\Temp\~DFA694.tmp C:\Users\carolina\AppData\Local\Temp\~DFA685.tmp C:\Users\carolina\AppData\Local\Temp\~DF8B3D.tmp C:\Users\carolina\AppData\Local\Temp\~DF8680.tmp C:\Users\carolina\AppData\Local\Temp\~DF8287.tmp C:\Users\carolina\AppData\Local\Temp\~DF8277.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EF5.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EE6.tmp C:\Users\carolina\AppData\Local\Temp\~DF4327.tmp C:\Users\carolina\AppData\Local\Temp\~DF334.tmp C:\Users\carolina\AppData\Local\Temp\~DF1D73.tmp C:\Users\carolina\AppData\Local\Temp\~DF17C5.tmp C:\Users\carolina\AppData\Local\Temp\Low\HSPERF~1. SH! (User 'Default user') O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Yahoo! Servicios - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvce1.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CAB O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-374059b3fe636a17.spaces.live.com/PhotoUpload/VistaMsnPUpldes-xl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D53E4843-B98B-4694-A2C2-C18013676703}: NameServer = 192.168.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: McAfee Application Installer Cleanup (0127831218115092) (0127831218115092mcinstcleanup) - Unknown owner - C:\Windows\TEMP\012783~1.EXE (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14385 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys S3 AteksoftAudio (WebCamera Plus Audio) - c:\windows\system32\drivers\ateksoftaudio.sys <Not Verified; Ateksoft; WebCamera Plus Audio> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 sprtsvc_dellsupportcenter (SupportSoft Sprocket Service (dellsupportcenter)) - c:\program files\dell support center\bin\sprtsvc.exe /service /p dellsupportcenter R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio> S2 0127831218115092mcinstcleanup (McAfee Application Installer Cleanup (0127831218115092)) - c:\windows\temp\012783~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing) S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application> S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler> S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" <Not Verified; Microsoft Corporation; Windows Live installer> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-03-26 15:17:05 260 --a------ C:\Windows\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job 2007-07-06 19:30:16 368 --a------ C:\Windows\Tasks\McQcTask.job 2007-07-06 19:30:16 366 --a------ C:\Windows\Tasks\McDefragTask.job -- Files created between 2008-07-07 and 2008-08-07 ----------------------------- 2008-08-06 21:19:04 0 d--h----- C:\Windows\msdownld.tmp 2008-08-06 12:24:09 0 d-------- C:\Program Files\Trend Micro 2008-08-06 11:55:23 0 d-------- C:\Windows\BDOSCAN8 2008-08-04 23:04:20 0 d-------- C:\Windows\system32\Dell 2008-08-04 18:42:20 0 d-------- C:\perflogs 2008-07-29 23:14:56 0 d-------- C:\Windows\mic1602 2008-07-29 23:14:54 0 d-------- C:\Windows\LHSP 2008-07-29 23:14:54 0 d-------- C:\Windows\asr3232 2008-07-29 23:14:54 81920 --a------ C:\Windows\asr3232.dll 2008-07-29 23:14:49 167936 -----n--- C:\Windows\system32\MTWTools.dll <Not Verified; ; MTWTools Module> 2008-07-13 00:42:19 0 d-a------ C:\Users\All Users\TEMP 2008-07-12 23:26:59 0 d-------- C:\Program Files\bfgclient 2008-07-12 23:23:58 0 d-------- C:\BigFishGamesCache -- Find3M Report --------------------------------------------------------------- 2008-08-04 23:04:20 0 d-------- C:\Program Files\Dell 2008-08-04 21:29:38 0 d-------- C:\Program Files\Google 2008-07-29 23:14:49 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-07-14 22:03:45 0 d-------- C:\Program Files\AOL Install 2008-07-14 18:02:55 0 d-------- C:\Program Files\Common Files\AOL 2008-07-10 23:49:49 0 d-------- C:\Program Files\Windows Mail 2008-07-10 13:03:13 174 --ahs---- C:\Program Files\desktop.ini 2008-06-27 22:49:25 0 d-------- C:\Program Files\Common Files\McAfee 2008-06-20 20:51:28 0 d-------- C:\Program Files\Sun 2008-06-20 20:50:47 0 d-------- C:\Program Files\Java 2008-06-20 20:40:32 0 d-------- C:\Program Files\Microsoft Works 2008-06-20 20:40:14 0 d-------- C:\Program Files\MSBuild 2008-06-20 20:38:54 0 d-------- C:\Program Files\Common Files 2008-06-20 20:36:46 0 d-------- C:\Program Files\Microsoft.NET 2008-06-20 20:32:31 0 d-------- C:\Program Files\Microsoft Visual Studio 8 -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}] 26/11/2007 10:46 a.m. 324936 --a------ c:\PROGRA~1\mcafee\msk\mcapbho.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] C:\Program Files\Windows Live\Protección infantil\fssbho.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "@"="" [] "%PROVIDERID%"="bin\sprtcmd.exe" [] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [07/07/2007 02:41 a.m.] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [20/11/2006 12:51 p.m.] "SigmatelSysTrayApp"="sttray.exe" [08/02/2007 12:11 a.m. C:\Windows\sttray.exe] "PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [20/10/2006 05:23 p.m.] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [03/10/2006 11:37 a.m.] "HostManager"="C:\Program Files\Common Files\AOL\1192497849\ee\AOLSoftware.exe" [25/09/2006 07:52 p.m.] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [06/07/2007 07:21 p.m.] "fssui"="C:\Program Files\Windows Live\Protección infantil\fssui.exe" [] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [16/03/2007 05:20 a.m.] "Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [21/11/2006 07:52 p.m.] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [11/07/2006 05:12 p.m.] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 10:16 p.m.] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [22/03/2007 03:09 p.m.] "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [01/11/2007 07:12 p.m.] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [24/08/2007 07:00 a.m.] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25/03/2008 04:28 a.m.] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34 a.m.] "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [30/08/2007 05:43 p.m.] "MMAgent"="C:\Program Files\Mobile Master\MMAgent.exe" [] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 07:34 a.m.] "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [15/03/2007 12:09 p.m.] [HKEY_USERS\.default\software\microsoft\windows\cur rentversion\runonce] "DelayShred"="c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\carolina\AppData\Local\Temp\~DFBF7A.tmp C:\Users\carolina\AppData\Local\Temp\~DFBF70.tmp C:\Users\carolina\AppData\Local\Temp\~DFB333.tmp C:\Users\carolina\AppData\Local\Temp\~DFB315.tmp C:\Users\carolina\AppData\Local\Temp\~DFA694.tmp C:\Users\carolina\AppData\Local\Temp\~DFA685.tmp C:\Users\carolina\AppData\Local\Temp\~DF8B3D.tmp C:\Users\carolina\AppData\Local\Temp\~DF8680.tmp C:\Users\carolina\AppData\Local\Temp\~DF8287.tmp C:\Users\carolina\AppData\Local\Temp\~DF8277.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EF5.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EE6.tmp C:\Users\carolina\AppData\Local\Temp\~DF4327.tmp C:\Users\carolina\AppData\Local\Temp\~DF334.tmp C:\Users\carolina\AppData\Local\Temp\~DF1D73.tmp C:\Users\carolina\AppData\Local\Temp\~DF17C5.tmp C:\Users\carolina\AppData\Local\Temp\Low\HSPERF~1. SH! C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [06/07/2007 07:09:46 p.m.] QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D 39BF83DC4.exe [06/07/2007 07:04:35 p.m.] [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~ 1.DLL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum LocalServiceNoNetwork PLA DPS BFE mpssvc [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{862e9072-faf1-11dc-aa82-00038a000015}] AutoRun\command- wscript.exe .\.vbs open\command- wscript.exe .\.vbs [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-08-07 12:24:58 ------------ extra,txt - Notepad Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Home Basic (build 6000) Architecture: X86; Language: English CPU 0: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53 Percentage of Memory in Use: 71% Physical Memory (total/avail): 893.44 MiB / 255.22 MiB Pagefile Memory (total/avail): 2042.75 MiB / 900.85 MiB Virtual Memory (total/avail): 2047.88 MiB / 1928.02 MiB C: is Fixed (NTFS) - 64.45 GiB total, 39 GiB free. D: is Fixed (NTFS) - 10 GiB total, 6.68 GiB free. E: is CDROM (No Media) \\.\PHYSICALDRIVE0 - ST980811AS ATA Device - 74.53 GiB - 3 partitions \PARTITION0 - Unknown - 78.41 MiB \PARTITION1 - Installable File System - 10 GiB - D: \PARTITION2 (bootable) - Installable File System - 64.45 GiB - C: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FW: McAfee Personal Firewall v (McAfee) AV: McAfee VirusScan v (McAfee) AS: McAfee VirusScan v (McAfee) AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled [HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\carolina\AppData\Roaming CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=CAROLINA-PC ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\carolina LOCALAPPDATA=C:\Users\carolina\AppData\Local LOGONSERVER=\\CAROLINA-PC NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\Sys tem32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 104 Stepping 1, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=6801 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\ SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\carolina\AppData\Local\Temp TMP=C:\Users\carolina\AppData\Local\Temp USERDOMAIN=carolina-PC USERNAME=carolina USERPROFILE=C:\Users\carolina windir=C:\Windows -- User Profiles --------------------------------------------------------------- carolina -- Add/Remove Programs --------------------------------------------------------- --> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0403-0000-0000000FF1CE} /uninstall {A5B6B786-2D6F-4B75-940F-42B32D01D146} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {669EB263-0AFE-4FCB-A068-DB082CA6273C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0C0A-0000-0000000FF1CE} /uninstall {35B14BD6-6042-4A55-B326-58309DC8C72A} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0C0A-0000-0000000FF1CE} /uninstall {2CC8520D-6A74-4CCA-9539-8E774E2B50D1} Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Reader 8.1.2 - Español --> MsiExec.exe /I{AC76BA86-7AD7-1034-7B44-A81200000003} Adobe Reader 8.1.2 Security Update 1 (KB403742) --> Adobe Shockwave Player 11 --> C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61} AOL Install --> MsiExec.exe /I{2357B8BC-88C9-4A72-818C-050CC4EB0778} AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe ATI Catalyst Control Center Ex --> MsiExec.exe /I{EAB9C426-6626-7B76-64F3-569FDCA9852D} ATI PCI Express (3GIO) Filter Driver --> C:\Program Files\InstallShield Installation Information\{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}\setup.exe -runfromtemp -l0x0009 -removeonly Big Fish Games Client --> C:\Program Files\bfgclient\Uninstall.exe Bluesoleil2.6.0.9 Release 070606 --> MsiExec.exe /X{846AC73B-9394-48B9-B941-8F7F472F0047} Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BF A&SUBSYS_14F100C3\HXFSETUP.EXE -U -IDellHDAz.inf Dell DataSafe Online --> MsiExec.exe /I{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB} Dell Support Center --> MsiExec.exe /I{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A} Dell System Customization Wizard --> MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5} Dell Wireless WLAN Card --> "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card" DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly E+ConAsr --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E28BF9E0-551D-11D5-8AE1-00A0C9A0EBA0}\Setup.exe" -l0x9 UNINSTALL EarthLink Setup Files --> MsiExec.exe /X{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2} Extensión de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{01802DCC-4DE0-440B-A63B-FCB0C521DBC3} Free 3GP Video Converter version 3.1 --> "C:\Program Files\DVDVideoSoft\Free 3GP Video Converter\unins000.exe" Galería fotográfica de Windows Live --> MsiExec.exe /X{937DC62D-E794-431B-84E5-ADC2D23B12ED} Games, Music, & Photos Launcher --> MsiExec.exe /I{3E25E350-949F-4DB7-8288-2A60E018B4C1} Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth --> MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Internet Service Offers Launcher --> MsiExec.exe /I{CCFF1E13-77A2-4032-8B12-7566982A27DF} Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000} McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe Menús inteligentes (Windows Live Toolbar) --> MsiExec.exe /X{1479D5E1-7F8D-49CB-AD0A-6DD8ED37662E} Microsoft Office Access MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-0015-0C0A-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-0016-0C0A-0000-0000000FF1CE} Microsoft Office Groove MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-00BA-0C0A-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-0044-0C0A-0000-0000000FF1CE} Microsoft Office OneNote MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-00A1-0C0A-0000-0000000FF1CE} Microsoft Office Outlook MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-001A-0C0A-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-0018-0C0A-0000-0000000FF1CE} Microsoft Office Proof (Basque) 2007 --> MsiExec.exe /X{90120000-001F-042D-0000-0000000FF1CE} Microsoft Office Proof (Catalan) 2007 --> MsiExec.exe /X{90120000-001F-0403-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Galician) 2007 --> MsiExec.exe /X{90120000-001F-0456-0000-0000000FF1CE} Microsoft Office Proof (Portuguese (Brazil)) 2007 --> MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (Spanish) 2007 --> MsiExec.exe /X{90120000-002C-0C0A-0000-0000000FF1CE} Microsoft Office Publisher MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-0019-0C0A-0000-0000000FF1CE} Microsoft Office Shared MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-006E-0C0A-0000-0000000FF1CE} Microsoft Office Word MUI (Spanish) 2007 --> MsiExec.exe /X{90120000-001B-0C0A-0000-0000000FF1CE} Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1} Modem Diagnostic Tool --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B} MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly NetZeroInstallers --> MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9} OpenOffice.org Installer 1.0 --> MsiExec.exe /X{CE38B24E-4146-4DAC-AD4E-4EC8BF24C261} PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{281ECE39-F043-492B-8337-F2E546B5604A}\Setup.exe" -l0x9 -cluninstall Product Documentation Launcher --> MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24} QuickSet --> MsiExec.exe /I{7F0C4457-8E64-491B-8D7B-991504365D1E} Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82} Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC} Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87} Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF} Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB} Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} RTC Client API v1.2 --> MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A} Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E} Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00} Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9} Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E} SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUnin stall Uninstall 1.0.0.0 --> "C:\Program Files\Common Files\DVDVideoSoft\unins000.exe" Update for Microsoft Office Outlook 2007 (KB952142) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb953463) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1B78D541-9FF1-4330-ADD8-CED14F0C1E8E} URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll" User's Guides --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe" Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Visor de resaltado (Windows Live Toolbar) --> MsiExec.exe /X{E8B5B4D8-C7EA-4A81-B1DD-A7F4B779B324} Windows Live Asistente para el inicio de sesión --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Windows Live Favorites para Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66} Windows Live installer --> MsiExec.exe /X{9E1DDBE7-BF44-4AC8-87CA-3D25FC63C6E1} Windows Live Mail --> MsiExec.exe /I{27186902-32C5-4649-8952-8B9A7765ABAD} Windows Live Messenger --> MsiExec.exe /X{FC411B47-30BF-428C-9C1E-F6C54A94EA7E} Windows Live OneCare Protección infantil --> MsiExec.exe /X{E128BF1D-90AB-4694-BF18-B40C61FC2C27} Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {6998733B-9A6B-4DDE-954A-06992583AB12} Windows Live Toolbar --> MsiExec.exe /X{6998733B-9A6B-4DDE-954A-06992583AB12} Windows Live Writer --> MsiExec.exe /X{8D90A775-1E32-48E5-BE1D-4F2EF5B30575} WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe Yahoo! Extras --> C:\PROGRA~1\Yahoo!\Common\unyext.exe Yahoo! Install Manager --> C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Internet Mail --> C:\Windows\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Music Jukebox --> MsiExec.exe /X{7C49EA42-5647-4051-84C2-E6404F25A931} Yahoo! ¤u¨ã¦C --> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -- Application Event Log ------------------------------------------------------- Event Record #/Type12579 / Success Event Submitted/Written: 08/07/2008 08:17:10 AM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type12577 / Error Event Submitted/Written: 08/07/2008 08:11:57 AM Event ID/Source: 5007 / WerSvc Event Description: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9. Event Record #/Type12570 / Success Event Submitted/Written: 08/07/2008 08:11:23 AM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type12569 / Success Event Submitted/Written: 08/07/2008 08:11:22 AM Event ID/Source: 5615 / WinMgmt Event Description: Event Record #/Type12564 / Success Event Submitted/Written: 08/07/2008 08:11:14 AM Event ID/Source: 902 / Software Licensing Service Event Description: The Software Licensing service has started. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type51349 / Error Event Submitted/Written: 08/07/2008 08:17:08 AM Event ID/Source: 7022 / Service Control Manager Event Description: Windows Update Event Record #/Type51347 / Warning Event Submitted/Written: 08/07/2008 08:16:10 AM Event ID/Source: 4 / Client Side Rendering Spooler Event Description: The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable. Event Record #/Type51346 / Warning Event Submitted/Written: 08/07/2008 08:16:10 AM Event ID/Source: 4 / Client Side Rendering Spooler Event Description: The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable. Event Record #/Type51341 / Warning Event Submitted/Written: 08/07/2008 08:13:42 AM Event ID/Source: 4 / Client Side Rendering Spooler Event Description: The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable. Event Record #/Type51340 / Warning Event Submitted/Written: 08/07/2008 08:13:42 AM Event ID/Source: 4 / Client Side Rendering Spooler Event Description: The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable. -- End of Deckard's System Scanner: finished at 2008-08-07 12:24:58 ------------  |
|
07/08/08, 20:22:55
| |
| ||||
| Re: launch internet explorer se reinicia Hola sandovalrjj. Paso 1- Descarga, Instala y/o actualiza estas herramientas: (pero no los ejecutes aun) Paso 2- Con todos los programas cerrados, ejecuta HijackThis y dale  a las siguientes entradas:O4 - HKLM\..\Run: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID% O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\carolina\AppData\Local\Temp\~DFBF7A.tmp C:\Users\carolina\AppData\Local\Temp\~DFBF70.tmp C:\Users\carolina\AppData\Local\Temp\~DFB333.tmp C:\Users\carolina\AppData\Local\Temp\~DFB315.tmp C:\Users\carolina\AppData\Local\Temp\~DFA694.tmp C:\Users\carolina\AppData\Local\Temp\~DFA685.tmp C:\Users\carolina\AppData\Local\Temp\~DF8B3D.tmp C:\Users\carolina\AppData\Local\Temp\~DF8680.tmp C:\Users\carolina\AppData\Local\Temp\~DF8287.tmp C:\Users\carolina\AppData\Local\Temp\~DF8277.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EF5.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EE6.tmp C:\Users\carolina\AppData\Local\Temp\~DF4327.tmp C:\Users\carolina\AppData\Local\Temp\~DF334.tmp C:\Users\carolina\AppData\Local\Temp\~DF1D73.tmp C:\Users\carolina\AppData\Local\Temp\~DF17C5.tmp C:\Users\carolina\AppData\Local\Temp\Low\HSPERF~1. SH! (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\carolina\AppData\Local\Temp\~DFBF7A.tmp C:\Users\carolina\AppData\Local\Temp\~DFBF70.tmp C:\Users\carolina\AppData\Local\Temp\~DFB333.tmp C:\Users\carolina\AppData\Local\Temp\~DFB315.tmp C:\Users\carolina\AppData\Local\Temp\~DFA694.tmp C:\Users\carolina\AppData\Local\Temp\~DFA685.tmp C:\Users\carolina\AppData\Local\Temp\~DF8B3D.tmp C:\Users\carolina\AppData\Local\Temp\~DF8680.tmp C:\Users\carolina\AppData\Local\Temp\~DF8287.tmp C:\Users\carolina\AppData\Local\Temp\~DF8277.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EF5.tmp C:\Users\carolina\AppData\Local\Temp\~DF7EE6.tmp C:\Users\carolina\AppData\Local\Temp\~DF4327.tmp C:\Users\carolina\AppData\Local\Temp\~DF334.tmp C:\Users\carolina\AppData\Local\Temp\~DF1D73.tmp C:\Users\carolina\AppData\Local\Temp\~DF17C5.tmp C:\Users\carolina\AppData\Local\Temp\Low\HSPERF~1. SH! (User 'Default user') O23 - Service: McAfee Application Installer Cleanup (0127831218115092) (0127831218115092mcinstcleanup) - Unknown owner - C:\Windows\TEMP\012783~1.EXE (file missing) Paso 3- Ejecuta estas herramientas, de a una:
Cita:
Paso 4- Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad). Reinicia y nos contas los resultados. junto con el reporte de Paso 5- Reinicia en modo normal y nos dejas los reportes de:
**Nota** - Para mayor comodidad imprime los pasos. - Recuerda regresar y contarnos los resultados. Salu2 Hablándole al mundo en "Twitter"" Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
Malwarebytes' Anti-Malware
Antes de usar ComboFix.... |
08/08/08, 20:24:17
| |
| |||
| Re: launch internet explorer se reinicia  Hola, que pena viejito te cuento que me quedo grande realizar, esta operación, 1. inicie con el Hijackthis con las opciones que me ordenaste y luego le di fix, entonces, la pantalla se coloco en blanco, no se si cometi algún error, luego opere el anti-Spyware, la cuál saco unos archivos, en los cuales automáticamente, los coloco en cuarentena y luego utilice el ultimo programa combofix y me causo un bloqueo del chiras, y me desconfiguro el internet, no podía ingresar, me toco llamar al administrador de red para volverlo a configurar desde allá y hasta ahora......hermanito disculpeme la ignorancia y por favor le pido me vuelva a instruir  |
|
11/08/08, 17:06:21
| |
| ||||
| Re: launch internet explorer se reinicia Hola, la internet solo tenes que reiniciar o ponerle en reparar red y es suficiente, para que te podamos ayudar tendrías que dejarnos los reportes solicitados. Salu2 Hablándole al mundo en "Twitter"" Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
« Tema Anterior
|
Próximo Tema »
| Herramientas | |
|
|
| 
Temas Similares | |
| Tema | Autor | Foro | Respuestas | Último mensaje |
| Flec006 | nicojose | Foro de Virus y Spywares | 4 | 24/07/08 22:09:43 |
| Virus en la pagina de inicio | Mavel | Foro de Virus y Spywares | 50 | 04/06/08 21:19:57 |
| Muchos virus y pocas soluciones | trasher | Foro de Virus y Spywares | 11 | 14/04/08 00:14:21 |