| |||||||
| Temas Solucionados Casos de HijackThis y Malwares resueltos. (Solo lectura) |
 |
| | Enviar a: | Herramientas |
 | 
13/01/06, 23:21:59
|  |
| ||||
| Re: Se me abren ventanas de internet Bueno, pasemos a la accion  , probemos esto- Descarga la herramienta L2mfix - Guarda el archivo en el escritorio y dale doble click en l2mfix.exe. - Dale click en el botón Install para extraer los archivos y sigue las indicaciones. - A continuación abre la carpeta l2mfix que acaba de crearse en tu escritorio. Dale doble click en l2mfix.bat y elige la opción número 1 para ejecutar "Run Find Log" (Crear informe de búsqueda) pulsando 1 y Enter. A continuación se realizará un análisis de tu sistema aunque puede parecer que no está sucediendo nada. - Transcurridos unos minutos se abrirá el bloc de notas con un informe. Copia el contenido de ese informe y pégalo aca. ¡IMPORTANTE!: NO ejecutes la opción número 2 o ningún otro archivo de la carpeta l2mfix hasta que te lo indique! Nos cuentas  Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.  |
| InfoSpyware | ||
| |
|
14/01/06, 11:07:55
| |
| |||
 Re: Se me abren ventanas de internet LISTO..TODO REALIZADO AL PIE DE LA LETRA.. L2MFIX find log 010406 These are the registry keys present ************************************************** ******************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] "Asynchronous"=dword:00000000 "DllName"="" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33, 00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e, 00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\msctl32.dll] "DllName"="msctl32.dll" "Startup"="Startup" "Asynchronous"=dword:00000001 "Impersonate"=dword:00000000 "ExtParam"=hex:69,f6,13,94,cb,d0,d3,f0,e2,33,be,96 ,05,e5,69,fc [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Run] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\l6j8lg1u16.d ll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69, 00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74, 00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69, 00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEven t" "Logoff"="UnregisterTicketExpiredNotificationEvent " "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier] "Asynchronous"=dword:00000000 "DllName"="WRLogonNTF.dll" "Impersonate"=dword:00000001 "Lock"="WRLock" "StartScreenSaver"="WRStartScreenSaver" "StartShell"="WRStartShell" "Startup"="WRStartup" "StopScreenSaver"="WRStopScreenSaver" "Unlock"="WRUnlock" "Shutdown"="WRShutdown" "Logoff"="WRLogoff" "Logon"="WRLogon" ************************************************** ******************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform] "{C6A4284A-9667-009A-FBA1-1FD14B95D7A7}"="" ************************************************** ******************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Hoja de propiedades de archivos multimedia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Administraci¢n de esc*ner ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="P*gina de seguridad NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="P*gina de propiedades del archivo de documentos OLE" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensiones de interfaz para uso compartido" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extensi¢n CPL del adaptador de pantalla" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extensi¢n CPL del monitor de pantalla" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extensi¢n de paneo de pantalla del Panel de control" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="P*gina de seguridad DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="P*gina de compatibilidad" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell Scrap DataHandler" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extensi¢n de copia de discos" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensiones del shell para objetos de la red de Microsoft Windows" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Administraci¢n de monitor ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Administraci¢n de impresora ICM" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extensi¢n del shell de impresora en Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Malet¡n" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extensi¢n de icono de HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fuentes" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Perfil de ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="P*gina de seguridad de impresoras" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensiones de interfaz para uso compartido" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extensi¢n PKO cifrada" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extensi¢n de firma cifrada" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Conexiones de red" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Conexiones de red" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&C*maras y esc*neres" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&C*maras y esc*neres" "{905667aa-acd6-11d2-8080-00805f6596d2}"="&C*maras y esc*neres" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&C*maras y esc*neres" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&C*maras y esc*neres" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell extensions for Windows Script Host" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="V¡nculos a datos de Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tareas programadas" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barra de tareas y men£ Inicio" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Buscar" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Ayuda y soporte t‚cnico" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Ayuda y soporte t‚cnico" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ejecutar..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Correo electr¢nico" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fuentes" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Herramientas administrativas" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barra de herramientas de Microsoft Internet" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Estado de la descarga" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Carpeta Shell aumentada" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Carpeta 2 Shell aumentada" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Banda del explorador de Microsoft" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Banda de b£squeda" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="B£squeda en panel" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="B£squeda Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilidad de opciones del *rbol de Registro" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Direcci¢n" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="Cuadro de la direcci¢n" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Autocompletar de Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Lista autocompleta MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Lista autocompleta MRU personalizada" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barra de progreso emergente" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analizador de Barra de direcciones" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Lista autocompleta de la historia de Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Lista autocompleta de la carpeta Shell de Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Contenedor de la Lista m£ltiple de Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Men£ de sitio de bandas Shell" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barra de escritorio Shell" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Asistencia al usuario" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Configuraci¢n de carpeta global" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Servicio de Historial de las direcciones URL de Microsoft" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historial" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Archivos temporales de Internet" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Archivos temporales de Internet" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Hook de b£squeda de direcciones URL de Microsoft" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Pantalla de bienvenida de IE4 Suite" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Banda de Explorador" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Carpeta del cach‚ de ActiveX" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Carpeta de suscripciones" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Administrador de aplicaciones de Shell" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="Enumerador de aplicaciones instaladas" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extractor de vistas en miniatura de archivos GDI+" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Controlador de la informaci¢n de resumen para vistas en miniatura (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extractor de vistas en miniatura HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Asistente para la publicaci¢n en Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Pedido de impresiones v¡a web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objeto de Asistente de publicaci¢n de shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Asistente para obtener pasaporte" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Cuentas de usuario" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Archivo de canal" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Acceso directo al canal" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Objeto de control de canal" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Carpeta de archivos sin conexi¢n" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Personas..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{E0D79304-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79305-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79306-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79307-84BE-11CE-9641-444553540000}"="WinZip" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Carpetas Web" "{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler" "{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{C4213067-97B3-4929-9B98-B5600FBBBA13}"="TouchED" "{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices" "{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu" "{4C048309-45FB-4AAF-86F0-557E8B3A35E3}"="" "{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}"="" "{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}"="" "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults" "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page" "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions" "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder" "{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band" ************************************************** ******************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}] @="" [HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}\InprocServer32] @="C:\\WINDOWS\\system32\\myports.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}] @="" [HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}\InprocServer32] @="C:\\WINDOWS\\system32\\mxswch.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}] @="" [HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}\InprocServer32] @="C:\\WINDOWS\\system32\\kidkyr.dll" "ThreadingModel"="Apartment" ************************************************** ******************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ az1209~1.dll Fri 13 Jan 2006 12:47:58 ..S.R 235.133 229,62 K aza0la~1.dll Fri 13 Jan 2006 23:58:32 ..S.R 236.002 230,47 K aza209~1.dll Fri 13 Jan 2006 12:08:28 ..S.R 235.133 229,62 K birdihuy.dll Thu 3 Nov 2005 15:34:08 A.... 60 0,06 K browseui.dll Wed 23 Nov 2005 21:01:52 A.... 1.022.464 998,50 K cdfview.dll Fri 21 Oct 2005 0:41:04 A.... 151.552 148,00 K danim.dll Sat 5 Nov 2005 0:17:26 A.... 1.056.256 1,00 M dxtrans.dll Fri 21 Oct 2005 0:41:04 A.... 205.312 200,50 K eeent97.dll Fri 13 Jan 2006 20:57:40 ..S.R 234.646 229,14 K en0ul1~1.dll Fri 13 Jan 2006 13:11:24 ..S.R 237.170 231,61 K en2ol1~1.dll Wed 11 Jan 2006 14:09:12 ..S.R 236.662 231,11 K en2ul1~1.dll Thu 12 Jan 2006 22:27:24 ..S.R 235.929 230,40 K enj6l1~1.dll Fri 13 Jan 2006 12:43:42 ..S.R 235.133 229,62 K enjsl1~1.dll Fri 13 Jan 2006 12:11:08 ..S.R 235.133 229,62 K ennql1~1.dll Sat 14 Jan 2006 11:51:14 ..S.R 234.646 229,14 K enpol1~1.dll Fri 13 Jan 2006 13:44:12 ..S.R 235.132 229,62 K enpsl1~1.dll Wed 11 Jan 2006 14  14 ..S.R 237.112 231,55 Kesent.dll Thu 20 Oct 2005 19:26:00 A.... 1.095.168 1,04 M extmgr.dll Fri 21 Oct 2005 0:41:04 ..... 55.808 54,50 K eysadu.dll Fri 13 Jan 2006 12:07:28 ..S.R 235.133 229,62 K f6l02g~1.dll Sat 14 Jan 2006 11:57:30 ..S.R 236.462 230,92 K fm20(2).dll Thu 12 Jan 2006 23:57:14 A.... 0 0,00 K fontsub.dll Mon 17 Oct 2005 18:21:06 A.... 80.896 79,00 K fpr603~1.dll Thu 12 Jan 2006 20:33:18 ..S.R 235.900 230,37 K g040la~1.dll Thu 12 Jan 2006 11:52:12 ..S.R 235.341 229,82 K gdi32.dll Wed 28 Dec 2005 23:56:04 A.... 280.064 273,50 K h0n0la~1.dll Tue 10 Jan 2006 15:08:10 ..S.R 234.967 229,46 K hr4u05~1.dll Fri 13 Jan 2006 13:32:40 ..S.R 234.706 229,20 K hrnu05~1.dll Fri 13 Jan 2006 12:17:08 ..S.R 236.088 230,55 K i0nmla~1.dll Fri 13 Jan 2006 11:47:46 ..S.R 237.134 231,57 K i4060e~1.dll Fri 13 Jan 2006 23:51:24 ..S.R 235.250 229,73 K i624lg~1.dll Fri 13 Jan 2006 13:07:50 ..S.R 233.961 228,48 K iepeers.dll Fri 21 Oct 2005 0:41:04 A.... 251.392 245,50 K inseng.dll Fri 21 Oct 2005 0:41:06 A.... 96.768 94,50 K ir40l5~1.dll Fri 13 Jan 2006 23:17:32 ..S.R 234.646 229,14 K ir6ml5~1.dll Fri 13 Jan 2006 22:29:56 ..S.R 234.646 229,14 K irl2l5~1.dll Thu 12 Jan 2006 23:18:56 ..S.R 235.403 229,88 K irnml5~1.dll Fri 13 Jan 2006 13:39:54 ..S.R 234.916 229,41 K iwrtrmgr.dll Thu 12 Jan 2006 9:57:32 ..S.R 235.341 229,82 K j0l4la~1.dll Fri 13 Jan 2006 22:11:02 ..S.R 234.646 229,14 K j40s0e~1.dll Thu 12 Jan 2006 21:50:56 ..S.R 234.008 228,52 K khdir.dll Fri 13 Jan 2006 12:21:38 ..S.R 235.133 229,62 K kidkyr.dll Thu 12 Jan 2006 21:14:04 ..S.R 234.008 228,52 K l0j80a~1.dll Tue 10 Jan 2006 13:47:18 ..S.R 235.082 229,57 K l6j8lg~1.dll Sat 14 Jan 2006 10:51:14 ..S.R 236.462 230,92 K ldkrn13n.dll Thu 12 Jan 2006 17:29:12 ..S.R 235.900 230,37 K ltl027~1.dll Fri 13 Jan 2006 12:58:20 ..S.R 237.170 231,61 K lv0o09~1.dll Fri 13 Jan 2006 13:19:36 ..S.R 233.701 228,22 K lv6m09~1.dll Fri 13 Jan 2006 21:04:00 ..S.R 234.646 229,14 K lvj209~1.dll Fri 13 Jan 2006 12:59:20 ..S.R 235.133 229,62 K lvj409~1.dll Fri 13 Jan 2006 23:54:20 ..S.R 235.065 229,55 K lvjo09~1.dll Fri 13 Jan 2006 11:45:50 ..S.R 235.133 229,62 K lvl209~1.dll Fri 13 Jan 2006 12:40:38 ..S.R 235.133 229,62 K lvn609~1.dll Thu 12 Jan 2006 17:49:28 ..S.R 236.559 231,01 K lvr209~1.dll Thu 12 Jan 2006 23:44:32 ..S.R 235.432 229,91 K lzx2kusb.dll Thu 12 Jan 2006 11:54:32 ..S.R 235.341 229,82 K m0ju0a~1.dll Thu 12 Jan 2006 23:16:58 ..S.R 235.078 229,57 K m0rmla~1.dll Wed 11 Jan 2006 18:26:16 ..S.R 236.531 230,98 K m4640e~1.dll Fri 13 Jan 2006 11:03:34 ..S.R 234.085 228,60 K m664lg~1.dll Fri 13 Jan 2006 12:21:38 ..S.R 236.599 231,05 K m6lslg~1.dll Fri 13 Jan 2006 22:08:20 ..S.R 234.646 229,14 K mqcshext.dll Fri 13 Jan 2006 13:22:06 ..S.R 233.392 227,92 K msctl32.dll Tue 10 Jan 2006 12:47:44 A.... 67.584 66,00 K mshtml.dll Wed 23 Nov 2005 21:01:54 A.... 3.013.632 2,87 M mshtmled.dll Fri 21 Oct 2005 0:41:06 A.... 448.512 438,00 K msrating.dll Fri 21 Oct 2005 0:41:08 A.... 146.432 143,00 K mstime.dll Fri 21 Oct 2005 0:41:08 A.... 530.944 518,50 K mxswch.dll Thu 12 Jan 2006 20:24:16 ..S.R 235.900 230,37 K myports.dll Sat 14 Jan 2006 11:59:26 ..S.R 236.462 230,92 K myr2cenu.dll Wed 11 Jan 2006 14:09:12 ..S.R 235.341 229,82 K n46q0e~1.dll Fri 13 Jan 2006 13:34:22 ..S.R 234.325 228,83 K n64slg~1.dll Thu 12 Jan 2006 21:43:54 ..S.R 235.754 230,23 K owbccr32.dll Fri 13 Jan 2006 11:13:50 ..S.R 235.133 229,62 K p6p60g~1.dll Fri 13 Jan 2006 20:53:44 ..S.R 233.761 228,28 K pngfilt.dll Fri 21 Oct 2005 0:41:08 A.... 39.424 38,50 K pprfts.dll Wed 11 Jan 2006 14 14 ..S.R 235.341 229,82 Kqeery.dll Wed 11 Jan 2006 13:31:46 ..S.R 235.341 229,82 K rkbdyctl.dll Thu 12 Jan 2006 22:27:24 ..S.R 234.008 228,52 K rzsmontr.dll Thu 12 Jan 2006 11:50:12 ..S.R 235.341 229,82 K shdocnva.dll Thu 3 Nov 2005 15:34:02 ..SHR 12.288 12,00 K shdocvw.dll Thu 1 Dec 2005 1:01:16 A.... 1.492.992 1,42 M shlwapi.dll Fri 21 Oct 2005 0:41:08 A.... 474.112 463,00 K shlwoa.dll Fri 13 Jan 2006 21:01:58 ..S.R 234.646 229,14 K sji_ci.dll Wed 11 Jan 2006 14:11:12 ..S.R 235.341 229,82 K sndmixex.dll Tue 10 Jan 2006 12:47:54 A.... 57.344 56,00 K syrenacm.dll Fri 13 Jan 2006 11:08:06 ..S.R 235.133 229,62 K t2embed.dll Mon 17 Oct 2005 18:21:06 A.... 118.272 115,50 K u6rulg~1.dll Fri 13 Jan 2006 23:40:44 ..S.R 234.646 229,14 K urlmon.dll Sat 5 Nov 2005 0:17:30 A.... 605.184 591,00 K wdhext.dll Fri 13 Jan 2006 12:52:08 ..S.R 235.133 229,62 K wininet.dll Fri 21 Oct 2005 0:41:08 A.... 660.992 645,50 K winmgm~1.dll Fri 13 Jan 2006 11:09:00 A.... 6.144 6,00 K xp102341.dll Tue 10 Jan 2006 12:47:58 A.... 23.552 23,00 K xp139821.dll Fri 13 Jan 2006 11:08:58 A.... 24.576 24,00 K 94 items found: 94 files (67 H/S), 0 directories. Total of file sizes: 27.545.938 bytes 26,27 M Locate .tmp files: No matches found. ************************************************** ******************************** Directory Listing of system files: El volumen de la unidad C es NOTEBOOK El n£mero de serie del volumen es: 787A-BE2F Directorio de C:\WINDOWS\System32 14-01-2006 11:59 236.462 myports.dll 14-01-2006 11:57 236.462 f6l02g3mg6.dll 14-01-2006 11:51 234.646 ennql1551.dll 14-01-2006 11:02 <DIR> dllcache 14-01-2006 10:51 236.462 l6j8lg1u16.dll 13-01-2006 23:58 236.002 aza0lahm1d4a.dll 13-01-2006 23:54 235.065 lvj4091qe.dll 13-01-2006 23:51 235.250 i4060edseh060.dll 13-01-2006 23:40 234.646 u6rulg9916.dll 13-01-2006 23:17 234.646 ir40l5hm1.dll 13-01-2006 22:29 234.646 ir6ml5j11.dll 13-01-2006 22:11 234.646 j0l4la3q1d.dll 13-01-2006 22:08 234.646 m6lslg3716.dll 13-01-2006 21:03 234.646 lv6m09j1e.dll 13-01-2006 21:01 234.646 shlwoa.dll 13-01-2006 20:57 234.646 eeent97.dll 13-01-2006 20:53 233.761 p6p60g7se6.dll 13-01-2006 13:44 235.132 enpol1731.dll 13-01-2006 13:39 234.916 irnml5511.dll 13-01-2006 13:34 234.325 n46q0ej5eho.dll 13-01-2006 13:32 234.706 hr4u05h9e.dll 13-01-2006 13:22 233.392 mqcshext.dll 13-01-2006 13:19 233.701 lv0o09d3e.dll 13-01-2006 13:11 237.170 en0ul1d91.dll 13-01-2006 13:07 233.961 i624lgfq162e.dll 13-01-2006 12:59 235.133 lvj2091oe.dll 13-01-2006 12:58 237.170 ltl0273mg.dll 13-01-2006 12:52 235.133 wdhext.dll 13-01-2006 12:47 235.133 az12099oe.dll 13-01-2006 12:43 235.133 enj6l11s1.dll 13-01-2006 12:40 235.133 lvl2093oe.dll 13-01-2006 12:21 235.133 khdir.dll 13-01-2006 12:21 236.599 m664lgjq16oe.dll 13-01-2006 12:17 236.088 hrnu0559e.dll 13-01-2006 12:11 235.133 enjsl1171.dll 13-01-2006 12:08 235.133 aza2099oe.dll 13-01-2006 12:07 235.133 eysadu.dll 13-01-2006 11:47 237.134 i0nmla511d.dll 13-01-2006 11:45 235.133 lvjo0913e.dll 13-01-2006 11:13 235.133 owbccr32.dll 13-01-2006 11:08 235.133 syrenacm.dll 13-01-2006 11:03 234.085 m4640ejqehoe0.dll 12-01-2006 23:44 235.432 lvr2099oe.dll 12-01-2006 23:18 235.403 irl2l53o1.dll 12-01-2006 23:16 235.078 m0ju0a19ed.dll 12-01-2006 22:27 234.008 rkbdyctl.dll 12-01-2006 22:27 235.929 en2ul1f91.dll 12-01-2006 21:50 234.008 j40s0ed7eh0.dll 12-01-2006 21:43 235.754 n64slgh7164.dll 12-01-2006 21:14 234.008 kidkyr.dll 12-01-2006 20:33 235.900 fpr6039se.dll 12-01-2006 20:24 235.900 mxswch.dll 12-01-2006 17:49 236.559 lvn6095se.dll 12-01-2006 17:29 235.900 ldkrn13n.dll 12-01-2006 11:54 235.341 LZX2KUSB.DLL 12-01-2006 11:52 235.341 g040lahm1d4a.dll 12-01-2006 11:50 235.341 rZsmontr.dll 12-01-2006 09:57 235.341 iwrtrmgr.dll 11-01-2006 18:26 236.531 m0rmla911d.dll 11-01-2006 14:11 235.341 sji_ci.dll 11-01-2006 14:10 235.341 pprfts.dll 11-01-2006 14:10 237.112 enpsl1771.dll 11-01-2006 14:09 235.341 myr2cenu.dll 11-01-2006 14:09 236.662 en2ol1f31.dll 11-01-2006 13:31 235.341 qeery.dll 10-01-2006 15:08 234.967 h0n0la5m1d.dll 10-01-2006 13:47 235.082 l0j80a1ued.dll 03-11-2005 15:34 12.288 shdocnva.dll 21-09-2005 15:24 <DIR> Microsoft 67 archivos 15.540.502 bytes 2 dirs 19.773.149.184 bytes libres |
|
14/01/06, 11:19:02
| |
| ||||
| Re: Se me abren ventanas de internet Buenassss Bien antes de seguir este paso, te recomiendo hacer una copia de seguridad de tu sistema por si hay algún inconveniente. Después cerrar cualquier programa que tengas abierto ya que después de realizar estos pasos se va a reiniciar el sistema. En la carpeta de l2mfix de tu escritorio dale doble click en l2mfix.bat y selecciona la opción numero 2 (Run Fix) y dale Enter y luego cualquier tecla para que se reinicie el sistema. Después que reinicie el Pc puede que los iconos y parte del escritorio no se vean (esto es normal). L2mfix continuará explorando el sistema y cuando termine se abre nuevamente el Notepad con un nuevo registro el cual tienes que pegarlo en este mensaje a ver como quedo la cosa junto con un nuevo log de HijackThis. ¡IMPORTANTE NO ejecutes ninguna otra opción u otro archivo de la carpeta l2mfix hasta que te lo indique! Reinicia un par de veces y nos cuentas como esta trabajando el sistema. Saludos Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
14/01/06, 12:04:31
| |
| |||
 Re: Se me abren ventanas de internet LISTO! HE HECHO TODO.. L2mfix 010406 Creating Account. Se ha completado el comando correctamente. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 576 'smss.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 664 'winlogon.exe' Killing PID 664 'winlogon.exe' Killing PID 664 'winlogon.exe' Killing PID 664 'winlogon.exe' Killing PID 664 'winlogon.exe' Killing PID 664 'winlogon.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Killing PID 2036 'explorer.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1744 'rundll32.exe' Restoring Sedebugprivilege: Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. 1 archivos copiados. Deleting: C:\WINDOWS\system32\az12099oe.dll Successfully Deleted: C:\WINDOWS\system32\az12099oe.dll Deleting: C:\WINDOWS\system32\aza0lahm1d4a.dll Successfully Deleted: C:\WINDOWS\system32\aza0lahm1d4a.dll Deleting: C:\WINDOWS\system32\aza2099oe.dll Successfully Deleted: C:\WINDOWS\system32\aza2099oe.dll Deleting: C:\WINDOWS\system32\dynput8.dll Successfully Deleted: C:\WINDOWS\system32\dynput8.dll Deleting: C:\WINDOWS\system32\eeent97.dll Successfully Deleted: C:\WINDOWS\system32\eeent97.dll Deleting: C:\WINDOWS\system32\en0ul1d91.dll Successfully Deleted: C:\WINDOWS\system32\en0ul1d91.dll Deleting: C:\WINDOWS\system32\en2ol1f31.dll Successfully Deleted: C:\WINDOWS\system32\en2ol1f31.dll Deleting: C:\WINDOWS\system32\en2ul1f91.dll Successfully Deleted: C:\WINDOWS\system32\en2ul1f91.dll Deleting: C:\WINDOWS\system32\enj6l11s1.dll Successfully Deleted: C:\WINDOWS\system32\enj6l11s1.dll Deleting: C:\WINDOWS\system32\enjsl1171.dll Successfully Deleted: C:\WINDOWS\system32\enjsl1171.dll Deleting: C:\WINDOWS\system32\ennql1551.dll Successfully Deleted: C:\WINDOWS\system32\ennql1551.dll Deleting: C:\WINDOWS\system32\enpol1731.dll Successfully Deleted: C:\WINDOWS\system32\enpol1731.dll Deleting: C:\WINDOWS\system32\enpsl1771.dll Successfully Deleted: C:\WINDOWS\system32\enpsl1771.dll Deleting: C:\WINDOWS\system32\eysadu.dll Successfully Deleted: C:\WINDOWS\system32\eysadu.dll Deleting: C:\WINDOWS\system32\f6l02g3mg6.dll Successfully Deleted: C:\WINDOWS\system32\f6l02g3mg6.dll Deleting: C:\WINDOWS\system32\fpr6039se.dll Successfully Deleted: C:\WINDOWS\system32\fpr6039se.dll Deleting: C:\WINDOWS\system32\g040lahm1d4a.dll Successfully Deleted: C:\WINDOWS\system32\g040lahm1d4a.dll Deleting: C:\WINDOWS\system32\h0n0la5m1d.dll Successfully Deleted: C:\WINDOWS\system32\h0n0la5m1d.dll Deleting: C:\WINDOWS\system32\hr4u05h9e.dll Successfully Deleted: C:\WINDOWS\system32\hr4u05h9e.dll Deleting: C:\WINDOWS\system32\hrnu0559e.dll Successfully Deleted: C:\WINDOWS\system32\hrnu0559e.dll Deleting: C:\WINDOWS\system32\i0nmla511d.dll Successfully Deleted: C:\WINDOWS\system32\i0nmla511d.dll Deleting: C:\WINDOWS\system32\i4060edseh060.dll Successfully Deleted: C:\WINDOWS\system32\i4060edseh060.dll Deleting: C:\WINDOWS\system32\i624lgfq162e.dll Successfully Deleted: C:\WINDOWS\system32\i624lgfq162e.dll Deleting: C:\WINDOWS\system32\ir40l5hm1.dll Successfully Deleted: C:\WINDOWS\system32\ir40l5hm1.dll Deleting: C:\WINDOWS\system32\ir6ml5j11.dll Successfully Deleted: C:\WINDOWS\system32\ir6ml5j11.dll Deleting: C:\WINDOWS\system32\irl2l53o1.dll Successfully Deleted: C:\WINDOWS\system32\irl2l53o1.dll Deleting: C:\WINDOWS\system32\irn2l55o1.dll Successfully Deleted: C:\WINDOWS\system32\irn2l55o1.dll Deleting: C:\WINDOWS\system32\irnml5511.dll Successfully Deleted: C:\WINDOWS\system32\irnml5511.dll Deleting: C:\WINDOWS\system32\iwrtrmgr.dll Successfully Deleted: C:\WINDOWS\system32\iwrtrmgr.dll Deleting: C:\WINDOWS\system32\j0l4la3q1d.dll Successfully Deleted: C:\WINDOWS\system32\j0l4la3q1d.dll Deleting: C:\WINDOWS\system32\j40s0ed7eh0.dll Successfully Deleted: C:\WINDOWS\system32\j40s0ed7eh0.dll Deleting: C:\WINDOWS\system32\khdir.dll Successfully Deleted: C:\WINDOWS\system32\khdir.dll Deleting: C:\WINDOWS\system32\kidkyr.dll Successfully Deleted: C:\WINDOWS\system32\kidkyr.dll Deleting: C:\WINDOWS\system32\l0j80a1ued.dll Successfully Deleted: C:\WINDOWS\system32\l0j80a1ued.dll Deleting: C:\WINDOWS\system32\l6j8lg1u16.dll Successfully Deleted: C:\WINDOWS\system32\l6j8lg1u16.dll Deleting: C:\WINDOWS\system32\ldkrn13n.dll Successfully Deleted: C:\WINDOWS\system32\ldkrn13n.dll Deleting: C:\WINDOWS\system32\ltl0273mg.dll Successfully Deleted: C:\WINDOWS\system32\ltl0273mg.dll Deleting: C:\WINDOWS\system32\lv0o09d3e.dll Successfully Deleted: C:\WINDOWS\system32\lv0o09d3e.dll Deleting: C:\WINDOWS\system32\lv6m09j1e.dll Successfully Deleted: C:\WINDOWS\system32\lv6m09j1e.dll Deleting: C:\WINDOWS\system32\lvj2091oe.dll Successfully Deleted: C:\WINDOWS\system32\lvj2091oe.dll Deleting: C:\WINDOWS\system32\lvj4091qe.dll Successfully Deleted: C:\WINDOWS\system32\lvj4091qe.dll Deleting: C:\WINDOWS\system32\lvjo0913e.dll Successfully Deleted: C:\WINDOWS\system32\lvjo0913e.dll Deleting: C:\WINDOWS\system32\lvl2093oe.dll Successfully Deleted: C:\WINDOWS\system32\lvl2093oe.dll Deleting: C:\WINDOWS\system32\lvn6095se.dll Successfully Deleted: C:\WINDOWS\system32\lvn6095se.dll Deleting: C:\WINDOWS\system32\lvr2099oe.dll Successfully Deleted: C:\WINDOWS\system32\lvr2099oe.dll Deleting: C:\WINDOWS\system32\LZX2KUSB.DLL Successfully Deleted: C:\WINDOWS\system32\LZX2KUSB.DLL Deleting: C:\WINDOWS\system32\m0ju0a19ed.dll Successfully Deleted: C:\WINDOWS\system32\m0ju0a19ed.dll Deleting: C:\WINDOWS\system32\m0rmla911d.dll Successfully Deleted: C:\WINDOWS\system32\m0rmla911d.dll Deleting: C:\WINDOWS\system32\m4640ejqehoe0.dll Successfully Deleted: C:\WINDOWS\system32\m4640ejqehoe0.dll Deleting: C:\WINDOWS\system32\m664lgjq16oe.dll Successfully Deleted: C:\WINDOWS\system32\m664lgjq16oe.dll Deleting: C:\WINDOWS\system32\m6lslg3716.dll Successfully Deleted: C:\WINDOWS\system32\m6lslg3716.dll Deleting: C:\WINDOWS\system32\mqcshext.dll Successfully Deleted: C:\WINDOWS\system32\mqcshext.dll Deleting: C:\WINDOWS\system32\mxswch.dll Successfully Deleted: C:\WINDOWS\system32\mxswch.dll Deleting: C:\WINDOWS\system32\myr2cenu.dll Successfully Deleted: C:\WINDOWS\system32\myr2cenu.dll Deleting: C:\WINDOWS\system32\n46q0ej5eho.dll Successfully Deleted: C:\WINDOWS\system32\n46q0ej5eho.dll Deleting: C:\WINDOWS\system32\n64slgh7164.dll Successfully Deleted: C:\WINDOWS\system32\n64slgh7164.dll Deleting: C:\WINDOWS\system32\owbccr32.dll Successfully Deleted: C:\WINDOWS\system32\owbccr32.dll Deleting: C:\WINDOWS\system32\p6p60g7se6.dll Successfully Deleted: C:\WINDOWS\system32\p6p60g7se6.dll Deleting: C:\WINDOWS\system32\pprfts.dll Successfully Deleted: C:\WINDOWS\system32\pprfts.dll Deleting: C:\WINDOWS\system32\qeery.dll Successfully Deleted: C:\WINDOWS\system32\qeery.dll Deleting: C:\WINDOWS\system32\rkbdyctl.dll Successfully Deleted: C:\WINDOWS\system32\rkbdyctl.dll Deleting: C:\WINDOWS\system32\rZsmontr.dll Successfully Deleted: C:\WINDOWS\system32\rZsmontr.dll Deleting: C:\WINDOWS\system32\shlwoa.dll Successfully Deleted: C:\WINDOWS\system32\shlwoa.dll Deleting: C:\WINDOWS\system32\sji_ci.dll Successfully Deleted: C:\WINDOWS\system32\sji_ci.dll Deleting: C:\WINDOWS\system32\syrenacm.dll Successfully Deleted: C:\WINDOWS\system32\syrenacm.dll Deleting: C:\WINDOWS\system32\u6rulg9916.dll Successfully Deleted: C:\WINDOWS\system32\u6rulg9916.dll Deleting: C:\WINDOWS\system32\wdhext.dll Successfully Deleted: C:\WINDOWS\system32\wdhext.dll msg11?.dll 0 archivos copiados. Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: ************************************************** ************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33, 00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e, 00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69, 00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74, 00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69, 00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WindowsUpdate] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\l6j8lg1u16.d ll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEven t" "Logoff"="UnregisterTicketExpiredNotificationEvent " "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier] "Asynchronous"=dword:00000000 "DllName"="WRLogonNTF.dll" "Impersonate"=dword:00000001 "Lock"="WRLock" "StartScreenSaver"="WRStartScreenSaver" "StartShell"="WRStartShell" "Startup"="WRStartup" "StopScreenSaver"="WRStopScreenSaver" "Unlock"="WRUnlock" "Shutdown"="WRShutdown" "Logoff"="WRLogoff" "Logon"="WRLogon" The following are the files found: ************************************************** ************************** C:\WINDOWS\system32\az12099oe.dll C:\WINDOWS\system32\aza0lahm1d4a.dll C:\WINDOWS\system32\aza2099oe.dll C:\WINDOWS\system32\dynput8.dll C:\WINDOWS\system32\eeent97.dll C:\WINDOWS\system32\en0ul1d91.dll C:\WINDOWS\system32\en2ol1f31.dll C:\WINDOWS\system32\en2ul1f91.dll C:\WINDOWS\system32\enj6l11s1.dll C:\WINDOWS\system32\enjsl1171.dll C:\WINDOWS\system32\ennql1551.dll C:\WINDOWS\system32\enpol1731.dll C:\WINDOWS\system32\enpsl1771.dll C:\WINDOWS\system32\eysadu.dll C:\WINDOWS\system32\f6l02g3mg6.dll C:\WINDOWS\system32\fpr6039se.dll C:\WINDOWS\system32\g040lahm1d4a.dll C:\WINDOWS\system32\h0n0la5m1d.dll C:\WINDOWS\system32\hr4u05h9e.dll C:\WINDOWS\system32\hrnu0559e.dll C:\WINDOWS\system32\i0nmla511d.dll C:\WINDOWS\system32\i4060edseh060.dll C:\WINDOWS\system32\i624lgfq162e.dll C:\WINDOWS\system32\ir40l5hm1.dll C:\WINDOWS\system32\ir6ml5j11.dll C:\WINDOWS\system32\irl2l53o1.dll C:\WINDOWS\system32\irn2l55o1.dll C:\WINDOWS\system32\irnml5511.dll C:\WINDOWS\system32\iwrtrmgr.dll C:\WINDOWS\system32\j0l4la3q1d.dll C:\WINDOWS\system32\j40s0ed7eh0.dll C:\WINDOWS\system32\khdir.dll C:\WINDOWS\system32\kidkyr.dll C:\WINDOWS\system32\l0j80a1ued.dll C:\WINDOWS\system32\l6j8lg1u16.dll C:\WINDOWS\system32\ldkrn13n.dll C:\WINDOWS\system32\ltl0273mg.dll C:\WINDOWS\system32\lv0o09d3e.dll C:\WINDOWS\system32\lv6m09j1e.dll C:\WINDOWS\system32\lvj2091oe.dll C:\WINDOWS\system32\lvj4091qe.dll C:\WINDOWS\system32\lvjo0913e.dll C:\WINDOWS\system32\lvl2093oe.dll C:\WINDOWS\system32\lvn6095se.dll C:\WINDOWS\system32\lvr2099oe.dll C:\WINDOWS\system32\LZX2KUSB.DLL C:\WINDOWS\system32\m0ju0a19ed.dll C:\WINDOWS\system32\m0rmla911d.dll C:\WINDOWS\system32\m4640ejqehoe0.dll C:\WINDOWS\system32\m664lgjq16oe.dll C:\WINDOWS\system32\m6lslg3716.dll C:\WINDOWS\system32\mqcshext.dll C:\WINDOWS\system32\mxswch.dll C:\WINDOWS\system32\myr2cenu.dll C:\WINDOWS\system32\n46q0ej5eho.dll C:\WINDOWS\system32\n64slgh7164.dll C:\WINDOWS\system32\owbccr32.dll C:\WINDOWS\system32\p6p60g7se6.dll C:\WINDOWS\system32\pprfts.dll C:\WINDOWS\system32\qeery.dll C:\WINDOWS\system32\rkbdyctl.dll C:\WINDOWS\system32\rZsmontr.dll C:\WINDOWS\system32\shlwoa.dll C:\WINDOWS\system32\sji_ci.dll C:\WINDOWS\system32\syrenacm.dll C:\WINDOWS\system32\u6rulg9916.dll C:\WINDOWS\system32\wdhext.dll Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. ************************************************** ************************** Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}] @="" [HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}\InprocServer32] @="C:\\WINDOWS\\system32\\dynput8.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}] @="" [HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}\InprocServer32] @="C:\\WINDOWS\\system32\\mxswch.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}] @="" [HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}\InprocServer32] @="C:\\WINDOWS\\system32\\kidkyr.dll" "ThreadingModel"="Apartment" REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Shell Extensions\Approved] "{4C048309-45FB-4AAF-86F0-557E8B3A35E3}"=- "{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}"=- "{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}"=- [-HKEY_CLASSES_ROOT\CLSID\{4C048309-45FB-4AAF-86F0-557E8B3A35E3}] [-HKEY_CLASSES_ROOT\CLSID\{22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1}] [-HKEY_CLASSES_ROOT\CLSID\{1A214F73-D2F9-4A9D-87D9-14F011D2F6F4}] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform] "SV1"="" ************************************************** ************************** Desktop.ini Contents: ************************************************** ************************** ************************************************** ************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: adding: dlls/az12099oe.dll (164 bytes security) (deflated 5%) adding: dlls/aza0lahm1d4a.dll (164 bytes security) (deflated 5%) adding: dlls/aza2099oe.dll (164 bytes security) (deflated 5%) adding: dlls/dynput8.dll (164 bytes security) (deflated 5%) adding: dlls/eeent97.dll (164 bytes security) (deflated 5%) adding: dlls/en0ul1d91.dll (164 bytes security) (deflated 6%) adding: dlls/en2ol1f31.dll (164 bytes security) (deflated 5%) adding: dlls/en2ul1f91.dll (164 bytes security) (deflated 5%) adding: dlls/enj6l11s1.dll (164 bytes security) (deflated 5%) adding: dlls/enjsl1171.dll (164 bytes security) (deflated 5%) adding: dlls/ennql1551.dll (164 bytes security) (deflated 5%) adding: dlls/enpol1731.dll (164 bytes security) (deflated 5%) adding: dlls/enpsl1771.dll (164 bytes security) (deflated 5%) adding: dlls/eysadu.dll (164 bytes security) (deflated 5%) adding: dlls/f6l02g3mg6.dll (164 bytes security) (deflated 5%) adding: dlls/fpr6039se.dll (164 bytes security) (deflated 5%) adding: dlls/g040lahm1d4a.dll (164 bytes security) (deflated 5%) adding: dlls/h0n0la5m1d.dll (164 bytes security) (deflated 5%) adding: dlls/hr4u05h9e.dll (164 bytes security) (deflated 5%) adding: dlls/hrnu0559e.dll (164 bytes security) (deflated 5%) adding: dlls/i0nmla511d.dll (164 bytes security) (deflated 6%) adding: dlls/i4060edseh060.dll (164 bytes security) (deflated 5%) adding: dlls/i624lgfq162e.dll (164 bytes security) (deflated 4%) adding: dlls/ir40l5hm1.dll (164 bytes security) (deflated 5%) adding: dlls/ir6ml5j11.dll (164 bytes security) (deflated 5%) adding: dlls/irl2l53o1.dll (164 bytes security) (deflated 5%) adding: dlls/irn2l55o1.dll (164 bytes security) (deflated 4%) adding: dlls/irnml5511.dll (164 bytes security) (deflated 5%) adding: dlls/iwrtrmgr.dll (164 bytes security) (deflated 5%) adding: dlls/j0l4la3q1d.dll (164 bytes security) (deflated 5%) adding: dlls/j40s0ed7eh0.dll (164 bytes security) (deflated 4%) adding: dlls/khdir.dll (164 bytes security) (deflated 5%) adding: dlls/kidkyr.dll (164 bytes security) (deflated 4%) adding: dlls/l0j80a1ued.dll (164 bytes security) (deflated 5%) adding: dlls/l6j8lg1u16.dll (164 bytes security) (deflated 5%) adding: dlls/ldkrn13n.dll (164 bytes security) (deflated 5%) adding: dlls/ltl0273mg.dll (164 bytes security) (deflated 6%) adding: dlls/lv0o09d3e.dll (164 bytes security) (deflated 4%) adding: dlls/lv6m09j1e.dll (164 bytes security) (deflated 5%) adding: dlls/lvj2091oe.dll (164 bytes security) (deflated 5%) adding: dlls/lvj4091qe.dll (164 bytes security) (deflated 5%) adding: dlls/lvjo0913e.dll (164 bytes security) (deflated 5%) adding: dlls/lvl2093oe.dll (164 bytes security) (deflated 5%) adding: dlls/lvn6095se.dll (164 bytes security) (deflated 5%) adding: dlls/lvr2099oe.dll (164 bytes security) (deflated 5%) adding: dlls/LZX2KUSB.DLL (164 bytes security) (deflated 5%) adding: dlls/m0ju0a19ed.dll (164 bytes security) (deflated 5%) adding: dlls/m0rmla911d.dll (164 bytes security) (deflated 5%) adding: dlls/m4640ejqehoe0.dll (164 bytes security) (deflated 4%) adding: dlls/m664lgjq16oe.dll (164 bytes security) (deflated 5%) adding: dlls/m6lslg3716.dll (164 bytes security) (deflated 5%) adding: dlls/mqcshext.dll (164 bytes security) (deflated 4%) adding: dlls/mxswch.dll (164 bytes security) (deflated 5%) adding: dlls/myr2cenu.dll (164 bytes security) (deflated 5%) adding: dlls/n46q0ej5eho.dll (164 bytes security) (deflated 5%) adding: dlls/n64slgh7164.dll (164 bytes security) (deflated 5%) adding: dlls/owbccr32.dll (164 bytes security) (deflated 5%) adding: dlls/p6p60g7se6.dll (164 bytes security) (deflated 4%) adding: dlls/pprfts.dll (164 bytes security) (deflated 5%) adding: dlls/qeery.dll (164 bytes security) (deflated 5%) adding: dlls/rkbdyctl.dll (164 bytes security) (deflated 4%) adding: dlls/rZsmontr.dll (164 bytes security) (deflated 5%) adding: dlls/shlwoa.dll (164 bytes security) (deflated 5%) adding: dlls/sji_ci.dll (164 bytes security) (deflated 5%) adding: dlls/syrenacm.dll (164 bytes security) (deflated 5%) adding: dlls/u6rulg9916.dll (164 bytes security) (deflated 5%) adding: dlls/wdhext.dll (164 bytes security) (deflated 5%) adding: backregs/1A214F73-D2F9-4A9D-87D9-14F011D2F6F4.reg (212 bytes security) (deflated 70%) adding: backregs/22A7B19D-B8BD-415A-8DAE-9A45AFB3C1C1.reg (212 bytes security) (deflated 70%) adding: backregs/4C048309-45FB-4AAF-86F0-557E8B3A35E3.reg (212 bytes security) (deflated 70%) adding: backregs/notibac.reg (164 bytes security) (deflated 87%) adding: backregs/shell.reg (164 bytes security) (deflated 74%) ----------------------------------------------- Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\Explorer.EXE C:\Archivos de programa\Lexmark 3100 Series\lxbrbmgr.exe C:\WINDOWS\System32\00THotkey.exe C:\Archivos de programa\Lexmark 3100 Series\lxbrbmon.exe C:\Archivos de programa\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Archivos de programa\TOSHIBA\TouchED\TouchED.Exe C:\ARCHIV~1\SCROLL~1\MouseElf.EXE C:\Archivos de programa\Java\jre1.5.0_06\bin\jusched.exe C:\Archivos de programa\Internet Explorer\iexplore.exe C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Archivos de programa\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\helper.exe C:\WINDOWS\system32\wuauclt.exe C:\Archivos de programa\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forospyware.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.cl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Archivos de programa\Lexmark 3100 Series\lxbrbmgr.exe" O4 - HKLM\..\Run: [Apoint] C:\Archivos de programa\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 20 O4 - HKLM\..\Run: [TouchED] C:\Archivos de programa\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [mouseElf] C:\ARCHIV~1\SCROLL~1\MouseElf.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Erroropenmanagerbuild] C:\Documents and Settings\All Users\Datos de programa\Dumb ref error open\LOUDSIXTH.exe O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Archivos de programa\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137008772402 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARCHIV~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WindowsUpdate - C:\WINDOWS\system32\l6j8lg1u16.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: Schedule - {6823A778-3D13-4140-C2DE-DAC838980045} - C:\WINDOWS\help\netcfg.hlp O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe |
|
14/01/06, 15:42:46
| |
| |||
| Re: Se me abren ventanas de internet Noticia!! Te Cuento Que Despues De Todo Lo Que Hemos Hecho, Mi Pc A Vuelvo A La Vida.. Ya No Tengo Ningun Problema.. Gracias Por Todo.. Problema Solucionado. Última edición por panchitonachito fecha: 15/01/06 a las 13:13:05. |
|
« Tema Anterior
|
Próximo Tema »
| Herramientas | |
| |
| 
Temas Similares | |
| Tema | Autor | Foro | Respuestas | Último mensaje |
| Hola ... a ver si tiene algo que ver... VX2 y Look2Me (Solucionado) | IkoMaster | Temas Solucionados | 7 | 13/01/06 13:49:49 |
| ventanas q se abren solas no hay forma (solucionado) | newsgi | Temas Solucionados | 9 | 08/01/06 22:40:52 |
| Una ayudita, please secure32 (Solucionado) | Lololo | Temas Solucionados | 5 | 30/12/05 06:22:37 |
| Ayuda para recuperar mi escritorio. Maldito Spysheriff ¡¡¡¡ (Solucionado) | manucd | Temas Solucionados | 3 | 25/11/05 12:59:31 |
| No consigo eliminar CWS (solucionado) | Verdu | Temas Solucionados | 8 | 23/06/05 14:16:50 |
Todas las horas son GMT -4. La hora es 10:46:30.
