Actualización problemática de IExplorer/Windows (CERRADO)

Cerrado
okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Actualización problemática de IExplorer/Windows (CERRADO)

Mensaje por okean » 26 Ene 2011, 20:12

Hace uno o dos meses tuve problemas con un virus que no se iba de mi ordenador. Por fin logré acabar con él y poco después, cuando mi ordenador ya iba bien, tal como me aconsejaron, actualicé tanto el sistema operativo como Internet Explorer. A partir de entonces a pesar de que ahora uso Opera el ordenador va mucho más lento y tarda más en arrancar. Mi ordenador no puede albergar demasiada información y al parecer el tener actualizado Windows e Internet Explorer es demasiado para la capacidad de mi ordenador. He intentado volver a la situación original pero después de cada intento de restauración del sistema no me deja. Tenéis algún consejo para intentar solucionar el problema? Mi ordenador va mucho más lento que antes a pesar de que ya no tengo virus. La información de mi equipo es la siguiente: Windows XP SP2, InterCeleron, 40 GB, 495 MB RAM,1400 MHg,1.40GHz.

Avatar de Usuario
lucl
Moderador
Moderador
Mensajes: 6499
Registrado: 17 Ene 2006, 18:09
Ubicación: España
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por lucl » 26 Ene 2011, 20:50

Mira haz una cosa primero , descargate este programa que te indico para ver si realmente no tienes virus





http://www.zonavirus.com/descargas/sproces.asp





Nos pegas el log que te dejara en C llamado sproclog.txt. Lo miramos y asi vemos si no hay virus , que tienes en el inicio y todos esos pequeños datos que parece que no pero son importantes. Saludos.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 27 Ene 2011, 09:13

Y te faltan muchos parches si tienes el "Windows XP SP2" ..., lanza un windowsupdate, que el SP3 aparte de parchear mas de 1000 vulnerabilidades, acelera un 10 % el sistema.



Y como que no nos dices el virus que eliminaste, por si hubieran quedado restos en el registro, antes del SPROCES, lanza el ELISTARA, Y LUEGO EL OTRO, Y NOS POSTEAS LOS INFORMES RESULTANTES DE LOS DOS, GRACIAS:


[quote]
[b] ELISTARA: [/b]

http://www.zonavirus.com/descargas/elistara.asp



Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
[/quote]




y si en el informe no detecta nada ni pide el envio de ninguna muestra sospechosas para analizar, lanza el SPROCES y posteanos el informe resultante:





SPROCES (herramienta de investigación)

http://www.zonavirus.com/descargas/sproces.asp



Tras lanzarlo, pulsar en SALIR y con un copiar y pegar, nos posteas el contenido del C:\sproclog.txt en tu proximo post, como respuesta de este Tema



saludos



ms, 27-1-2011

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 29 Ene 2011, 15:03

Muchas gracias por tus consejos. He hecho lo que me decías: he actualizado Windows XP a Pack3 y he lanzado Elistara primero y luego Sproces. He visto que el Elistara me ha detectado 21 amenazas (o virus) que ha eliminado. Los virus que tuve en noviembre-diciembre fueron bastantes, pero no recuerdo sus nombres. Sé que tenía muchos troyanos. Bueno, aquí están los resultados:



(29-1-2011 12:23:41 (GMT))

EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(29-1-2011 12:50:47 (GMT))

EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)

--------------------------------------------------

Lista de Acciones (por Exploración):

Explorando "C:\"

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179111.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179117.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179120.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179216.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179267.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179272.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179274.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179325.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179390.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179396.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179399.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179436.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179499.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179505.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179508.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179553.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179620.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179626.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179629.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP514\A0183556.DLL --> Eliminado, CrawlerToolbar(bho/tb)

C:\WINDOWS\NIRCMD.EXE --> Eliminado, Tool-NirCmd



Nº Total de Directorios: 6121

Nº Total de Ficheros: 97699

Nº de Ficheros Analizados: 44238

Nº de Ficheros Infectados: 21

Nº de Ficheros Limpiados: 21









(29-1-2011 13:51:46 GMT)

SProces v5.0 (c)2010 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3

Parche MS08-067 (Servicio Servidor) Instalado.

Internet Explorer: (v8.0.6001.18702) 0

Nombre Equipo: YOUR-G5GMB6N1SD

Nombre Usuario: A-50a



Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE

C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE

C:\PROGRAM\OPERA\OPERA.EXE

C:\DOWNLOADS\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"

O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe

O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe

O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe

O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar

O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Panda Security Toolbar Antiphishing] "C:\Documents and Settings\All Users\Application Data\Panda Security Toolbar Antiphishing\panda2_0dn.exe"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe

O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_2] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmnetmgr.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_4] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmod.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_5] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmoe2.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_6] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmoe.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_7] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmod.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_8] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmoe.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_9] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_10] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe2.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_20] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmod.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_21] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mpg4dmod.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_22] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp43dmod.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_23] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp4sdmod.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_24] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmod.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_30] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\laprxy.dll"

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_31] "C:\WINDOWS\system32\logagent.exe" /RegServer

O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_32] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvcore.dll"

O4 - HKLM\..\RunOnce: [KB923561] rundll32.exe apphelp.dll,ShimFlushCache

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE

O4 - Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1291742229038

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) - http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL

O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll

O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL

O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll



Información Adicional:

----------------------

WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.

WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software

WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.

WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT

WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA

WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation

WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.

WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation

WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link

WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.

WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation

WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe

O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)

O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys

O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe

O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys

O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys

O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys

O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys

O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys

O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe

O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys

O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys

**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys

O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys

O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys

O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys

O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)

O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys

O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys

O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys

O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys

O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys

O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys

O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS

O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys

O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys

O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys

O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys

O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys

O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys

O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys

O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys

O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys

O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys



Listado de Servicios (Deshabilitados):

--------------------------------------

**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys

**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys

**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys

O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)

O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys



45 Servicios.

14 de Carga Automatica.

26 de Carga Manual.

5 Deshabilitados.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 29 Ene 2011, 16:55

El ELISTARA ya ha eliminado los malwares conocidos, aunque estuvieran aparcados en el RESTORE. y ahora solo vemos claves que lanzan estos tres ficheros sospechosos:





apphelp.dll



C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe



C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys



envianoslos para analizar y tras ello informaremos del resultado



>[b]ENVIO DE MUESTRAS Y ELIMINACIÓN DE CLAVES - Para ello recordar[/b]:

https://foros.zonavirus.com/viewtopic.php?f=5&t=14253



Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos



saludos



ms, 29-1-2011

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 31 Ene 2011, 12:42

Recibidas las muestras solicitadas, no han resultado ser maliciosas, asi que puedes dejarlas estar y ver si tras reiniciar persiste alguna anomalia o ya se ha solucionado el problema, y nos informas al respecto, gracias



saludos



ms, 31-1-2011

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 02 Feb 2011, 20:11

El ordenador va parece algo mejor pero bastante más lento que antes de la actualización. No sé si se debe a la actualización o a otros motivos. He intentado quitar algunos programas y limpio regularmente el ordenador con Ccleaner o con Advanced System Care, pero va aun así lento y sobre todo tarda mucho más que antes en arrancar.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 02 Feb 2011, 21:38

Pues aparte de virus, cabe indicar estas entradas anomalas:





O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_2] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmnetmgr.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_4] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmod.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_5] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmoe2.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_6] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmoe.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_7] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmod.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_8] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmoe.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_9] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_10] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe2.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_20] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmod.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_21] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mpg4dmod.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_22] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp43dmod.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_23] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp4sdmod.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_24] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmod.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_30] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\laprxy.dll"



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_31] "C:\WINDOWS\system32\logagent.exe" /RegServer



O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_32] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvcore.dll"



O4 - HKLM\..\RunOnce: [KB923561] rundll32.exe apphelp.dll,ShimFlushCache





parece como si estuviera a medias una instalacion del parche KB923561 (http://www.google.es/url?sa=t&source=web&cd=2&ved=0CCUQFjAB&url=http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F923561&ei=fsBJTbjcFY648gPXl6XdDg&usg=AFQjCNGbpJsxbqjw9d6cMz5exYpvjb-K7Q)



Sugiero ver si en Panel de Control -> Agregar o quitar programas, aparece dicha instalacion y en tal caso, desinstalarla y volverla a instalar, pues no está bien instalada (aunque no se trate de virus)



Por lo demas todo lo vemos ya normal.



saludos



ms, 2-2-2011

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 05 Feb 2011, 13:49

En agregar o quitar programas del panel de control no aparece la actualización KB923561. ¿La instalo pese a todo? ¿O puede que esté a medias instalada en mi ordenador aunque no aparezca en el panel de control?

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 05 Feb 2011, 14:17

Parece como si la instalacion estuviera a medias.



SI no la ves instalada, prueba de instalarla, como dices, y tras reiniciar dinos si persiste alguna anomalia, gracias



saludos



ms, 5-2-2011

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 06 Feb 2011, 14:57

La verdad es que no noto ningún cambio significativo después de haber instalado (o reinstalado) la actualización KB923561. El ordenador sigue lento y tarda en arrancar más que antes, hace un par de meses. ES cierto que va algo mejor que en las semanas previas que iba fatal pero esto tal vez se deba simplemente a que tengo una conexión más rápida a internet. No sé si se puede hacer algo más o me tenga quizás que resignar a que el ordenador va más lento que antes.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 06 Feb 2011, 19:04

Debería ir tan rápido como antes o incluso mas, pues el SP3 acelera como en un 10 % la velocidad de proceso.



Lanza ahora el SPROCES y posteanos el informe resultante actual, a ver si queda algo que podamos mejorar.



saludos



ms, 5-2-2011

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 07 Feb 2011, 19:37

He lanzado el SProces y el resultado ha sido este:

(7-2-2011 18:32:29 GMT)

SProces v5.0 (c)2010 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3

Parche MS08-067 (Servicio Servidor) Instalado.

Internet Explorer: (v8.0.6001.18702) 0

Nombre Equipo: YOUR-G5GMB6N1SD

Nombre Usuario: Administratör



Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM\OPERA\OPERA.EXE

C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE

C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE

C:\DOWNLOADS\SPROCES(1).EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe" "/remove"

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe

O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe

O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe

O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar

O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe

O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe

O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE

O4 - Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1291742229038

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) - http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL

O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll

O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL

O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll



Información Adicional:

----------------------

WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.

WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software

WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.

WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT

WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA

WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation

WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.

WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation

WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link

WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.

WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation

WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe

O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)

O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys

O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe

O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys

O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys

O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys

O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys

O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys

O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe

O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys

O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys

**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys

O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys

O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys

O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys

O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)

O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys

O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys

O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys

O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys

O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys

O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys

O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS

O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys

O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys

O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys

O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys

O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys

O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys

O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys

O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys

O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys

O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys



Listado de Servicios (Deshabilitados):

--------------------------------------

**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys

**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys

**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys

O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)

O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys



45 Servicios.

14 de Carga Automatica.

26 de Carga Manual.

5 Deshabilitados.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 08 Feb 2011, 09:26

pues puedes enviarnos estos ficheros para analizar:





C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe



C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe



C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys





No los conocemos, en ningun sentido, los analizaremos e informaremos



Dinos igualmente si los conoces y han sido instalados voluntariamente, gracias



saludos



ms, 8-2-2011

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 10 Feb 2011, 21:38

Los archivos C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe

y

C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys

ya os los mandé hace unos días y me dijisteis que no había problema. Me parece que son archivos para internet móvil que usé hace unos meses. El otro archivo que me decíais acabo de enviarlo.

Avatar de Usuario
lucl
Moderador
Moderador
Mensajes: 6499
Registrado: 17 Ene 2006, 18:09
Ubicación: España
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por lucl » 11 Feb 2011, 07:54

Pues hoy te lo analizaran y te diran algo al respecto. Estate atento al post, saludos.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 11 Feb 2011, 10:18

Pues el fichero recibido es la desinstalacion del Crawler Toolbar, puede ejecutarlo a ver si asi elimina el dichoso Crawler o eliminarlo si ya lo ha hecho.



y, tras reiniciar, nos informas del resultado, gracias



saludos



ms, 11-202-2011

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 27 Feb 2012, 10:02

Hola,

Después de un año sigue el ordenador lento, mucho más lento que antes. Pero en las últimas semanas he observado alguna cosa rara y he sospechado que podía tener algún virus. He lanzado el Elistar y después el Sproces y os adjunto los dos informes que recibí. Creeis que ahora está todo bien?



Un saludo y gracias por adelantado. A continuación tenéis los dos informes:





(29-1-2011 12:23:41 (GMT))

EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE

(29-1-2011 12:50:47 (GMT))

EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)

--------------------------------------------------

Lista de Acciones (por Exploración):

Explorando "C:\"

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179111.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179117.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179120.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179216.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179267.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179272.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179274.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179325.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179390.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179396.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179399.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179436.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179499.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179505.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179508.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179553.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179620.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179626.PIF --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179629.EXE --> Eliminado, Tool-NirCmd

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP514\A0183556.DLL --> Eliminado, CrawlerToolbar(bho/tb)

C:\WINDOWS\NIRCMD.EXE --> Eliminado, Tool-NirCmd

Nº Total de Directorios: 6121

Nº Total de Ficheros: 97699

Nº de Ficheros Analizados: 44238

Nº de Ficheros Infectados: 21

Nº de Ficheros Limpiados: 21

(26-3-2011 11:53:54 (GMT))

EliStartPage v22.89 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 25 de Marzo del 2011)

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Restaurado "Userinit"

[Userinit anterior] = "c:\windows\system32\userinit.exe,"

[Userinit actual] = "C:\WINDOWS\SYSTEM32\Userinit.exe,"

Por favor, envienos el INFOSAT.TXT y una muestra del fichero

C:\Muestras\PANDA_URL_FILTERING.EXE.Muestra EliStartPage v22.89

a "virus@satinfo.es". Gracias.

C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\PANDA SECURITY URL FILTERING\PANDA_URL_FILTERING.EXE --> Eliminado

Entrada Eliminada [HKLM\...\Run] "PANDA SECURITY URL FILTERING"=""C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe""

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE

(26-3-2011 12:10:41 (GMT))

EliStartPage v22.89 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 25 de Marzo del 2011)

--------------------------------------------------

Lista de Acciones (por Exploración):

Explorando "C:\"

C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP545\A0217009.EXE --> Eliminado, Tool-NirCmd

Nº Total de Directorios: 5975

Nº Total de Ficheros: 76030

Nº de Ficheros Analizados: 26988

Nº de Ficheros Infectados: 1

Nº de Ficheros Limpiados: 1

(25-2-2012 15:16:47 (GMT))

EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)

--------------------------------------------------

Usuario: A-50a

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006

Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE

(25-2-2012 15:16:57 (GMT))

EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)

--------------------------------------------------

Usuario: Administratör

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500

Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE

(25-2-2012 15:17:13 (GMT))

EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501

Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE

(25-2-2012 15:32:15 (GMT))

EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501

Lista de Acciones (por Exploración):

Explorando "C:\"

Nº Total de Directorios: 4952

Nº Total de Ficheros: 59806

Nº de Ficheros Analizados: 21577

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0





(25-2-2012 15:45:05 GMT)

SProces v5.9 (c)2011 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3

Parche MS08-067 (Servicio Servidor) Instalado.

Internet Explorer: (v8.0.6001.18702) 0

Equipo: YOUR-G5GMB6N1SD

Usuario: Administratör

Sesión de Usuario: Administratör

17 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM\FOXMAIL\FOXMAIL.EXE

C:\PROGRAM\OPERA\OPERA.EXE

C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE

C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE

C:\PROGRAM\WINRAR\WINRAR.EXE

C:\DOCUME~1\ADMINI~1\LOKALA~1\TEMP\RAR$EX00.841\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'A-50a')

R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'A-50a')

R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'Gäst')

R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'Gäst')

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe" "/remove"

O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'A-50a')

O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'A-50a')

O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Gäst')

O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'Gäst')

O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [swg] "C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Gäst')

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe

O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe

O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe

O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar

O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe

O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe

O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe /H

O8 - Extra context menu item: &Download by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/201 (User 'A-50a')

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/204 (User 'A-50a')

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/203 (User 'A-50a')

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/202 (User 'A-50a')

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1291742229038

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) - http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL

O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll

O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL

O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll

Información Adicional:

----------------------

WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.

WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software

WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.

WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT

WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA

WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation

WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.

WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation

WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link

WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.

WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation

WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation

Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe

O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)

O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys

O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe

O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys

O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys

O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys

O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys

O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys

O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe

O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys

Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys

O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys

**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys

O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys

O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys

O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys

O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)

O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys

O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys

O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys

O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys

O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys

O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys

O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: USB PC Camera (SN9C102) (snpstd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snpstd.sys

O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS

O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys

O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys

O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys

O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys

O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys

O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys

O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys

O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys

O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys

O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys

Listado de Servicios (Deshabilitados):

--------------------------------------

**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys

**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys

**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys

O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)

O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys

46 Servicios.

14 de Carga Automatica.

27 de Carga Manual.

5 Deshabilitados.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 27 Feb 2012, 19:57

Pues hay este fichero sospechoso:



C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe



envienoslo para analizar:



Para ello recordar[/b]:

https://foros.zonavirus.com/viewtopic.php?f=5&t=14253



Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos



saludos



ms, 27-2-2012

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 29 Feb 2012, 11:38

El fichero recibido ni queda residente ni modifica claves de registro, SOLO CREA UNA CARPETA de DATA CARD SERVICES y crea un log e instala un servicio...



Su descripcion es



[b][i]product..................: DCSHOST

internal name............: DCSHOST

copyright................: Copyright (C) 2008

original name............: DCSHOST.EXE

file version.............: 2, 0, 0, 18

description..............: DCSHOST[/i]
[/b]




No se considera malicioso, a pesar de que hay esta deteccion por ByteHero:



[b][i]Trojan.Malware.Win32.xPack.m 20120225[/i][/b]



Si no lo conoce ni es voluntario, eliminelo, pero no lo pasamos a controlar.



saludos



ms, 29-2-2012

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 29 Feb 2012, 11:52

Muchas gracias por la ayuda. Aprovecho también para preguntaros una cosa: Debido a que mi ordenador va demasiado lento lo utilizo muy a menudo en línea "en modo seguro, o a prueba de fallos" (creo que se llama así). Ya que el nombre es "modo seguro" me sentía tranquilo protegido de virus en mis consultas en internet, pero después caí en la cuenta de que el antivirus y el cortafuegos están desactivados en esos casos. Hay entonces riesgo serio de coger virus? Es más seguro usar el ordenador con antivirus en modo normal?

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 29 Feb 2012, 12:02

El arrancar en MODO SEGURO es para que no se cargue mas que el sistema de windows, con lo que algunos de los malwares que se han instalado no se cargan en memoria y asi windows permite eliminarlos, y al no tener conexion a internet, claro que se evita la entrada de ellos, pero con que selecciones modo seguro con funciones de red, ya tiene acceso y puede recibir, e infectarse tanto o mas, al no tener el antivirus residente, como lo tendria arrancando en modo normal.



Y diganos si conoce el fichero de marras, y si no, tras eliminarlo, diganos si se ha solucionado el problem, gracias



saludos



ms, 29-2-2012

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 02 Mar 2012, 20:57

El fichero DCSHOST.EXE creo que es de internet móvil que instalé hace año y medio, o sea que debe ser un falso positivo. Por eso no lo he eliminado. Saludos.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 03 Mar 2012, 10:49

Pues por si se tratara de algun RootKit no visible, lance el MCAFEE ROOTKIT DETECTIVE y posteenos el informe resultante:



mcafee rootkit detective



http://download.nai.com/products/mcafee-avert/McafeeRootkitDetective.zip





saludos



ms, 3-3-2012

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 03 Mar 2012, 18:37

El informe del Rootkit es este:





Object-Type: Registry-key

Object-Name: 000d180151f3ystem32\drivers\PSINProc.sys

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-value

Object-Name: 00128abb0565

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-value

Object-Name: 001370a5fc5c

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-key

Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Status: Hidden



Object-Type: Registry-key

Object-Name: 000d180151f3olSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-value

Object-Name: 00128abb0565

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-value

Object-Name: 001370a5fc5c

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-key

Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Status: Hidden



Object-Type: Registry-key

Object-Name: 0D79C293C1ED61418462E24595C90D04td\Cfg\0D79C293C1ED61418462E24595C90D04

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Status: Hidden



Object-Type: Registry-key

Object-Name: 000d180151f3olSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-value

Object-Name: 00128abb0565

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-value

Object-Name: 001370a5fc5c

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3

Status: Hidden



Object-Type: Registry-key

Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3

Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Status: Hidden



Object-Type: Registry-value

Object-Name: {e9523f94-f971-422a-9ad5-578d5aea1969}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\ahead\NeroVision\Effects

Status: Registy value-data mismatch



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\ProxyStubClsid

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\ProxyStubClsid32

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\TypeLib

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\TypeLib

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\ProxyStubClsid

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\ProxyStubClsid32

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\TypeLib

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\TypeLib

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: 0OFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: 2d0a49a13cd865bc

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 64545cb3ccafc424

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 37121f3b17b4ceef

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 5ee681619865568e

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 73859ebbe5faf090

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 07474156ec9947f2

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 95e710f2ecdf2114

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a0d42d24d

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8ecab3918

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a83af09ccc

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8d28c8ace

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5aa85a9e21

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a2acf22d3

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5afdd07f4a

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a6ac274e5

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5ae8709f33

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a8caaf8d9

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a27c4a825

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a30ed5ae3

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5aedb96f49

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a3e9f1b2c

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5ab9e40001

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a8f2fab2e

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a508432b2

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a244d5f89

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a03e6d26d

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a13f7814f

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a790e6d04

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a1007083e

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5afdaf9eb3

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a353d8f43

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a22464935

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 1e7c04d30016a059

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c5038989

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a83868a0b5

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8d58caf6e

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a844b059a7

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c2e2bef9

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8d2046514

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a86aa07389

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c7b3ec08

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a86142b1ee

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a805ac5838

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8bf2ed774

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8295c9e16

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c307920d

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a81cac0b91

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8a721a774

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a83182a4ef

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8a4b04a07

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a861711260

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c86ea4ef

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8fba70e01

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8b17c1d4f

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 3bb7df5375b8c672

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: eef4be2c23465cad

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: b5de661fb0b1c58f

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: eef4be2c0787955b

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: f4122c45b8b6205b

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 6f0ba7eb4a0efa86

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-key

Object-Name: 0.mapARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: 2d0a49a13cd865bc

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 64545cb3ccafc424

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 37121f3b17b4ceef

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 5ee681619865568e

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 73859ebbe5faf090

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 07474156ec9947f2

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 95e710f2ecdf2114

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a0d42d24d

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8ecab3918

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a83af09ccc

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8d28c8ace

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5aa85a9e21

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a2acf22d3

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5afdd07f4a

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a6ac274e5

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5ae8709f33

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a8caaf8d9

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a27c4a825

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a30ed5ae3

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5aedb96f49

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a3e9f1b2c

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5ab9e40001

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a8f2fab2e

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a508432b2

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a244d5f89

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a03e6d26d

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a13f7814f

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a790e6d04

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a1007083e

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5afdaf9eb3

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a353d8f43

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 984a4b5a22464935

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 1e7c04d30016a059

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c5038989

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a83868a0b5

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8d58caf6e

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a844b059a7

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c2e2bef9

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8d2046514

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a86aa07389

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c7b3ec08

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a86142b1ee

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a805ac5838

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8bf2ed774

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8295c9e16

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c307920d

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a81cac0b91

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8a721a774

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a83182a4ef

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8a4b04a07

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a861711260

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8c86ea4ef

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8fba70e01

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 250a50a8b17c1d4f

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 3bb7df5375b8c672

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: eef4be2c23465cad

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: b5de661fb0b1c58f

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: eef4be2c0787955b

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: f4122c45b8b6205b

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 6f0ba7eb4a0efa86

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: 0OFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: 2d0a49a1a1046eaf

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 64545cb37c929674

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 37121f3bfa7ebc95

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 5ee68161f3be3a28

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 73859ebbe046fede

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 07474156ec9947f2

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: 3bb7df537a5d8bc8

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: eef4be2c5ca720b2

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: b5de661f3f25942a

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-value

Object-Name: eef4be2c7866e944

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Status: Hidden



Object-Type: Registry-key

Object-Name: 0.mapARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: 2d0a49a1a1046eaf

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 64545cb37c929674

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 37121f3bfa7ebc95

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 5ee68161f3be3a28

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 73859ebbe046fede

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 07474156ec9947f2

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: 3bb7df537a5d8bc8

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: eef4be2c5ca720b2

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: b5de661f3f25942a

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: eef4be2c7866e944

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: Registrationrosoft\MediaPlayer\9.0

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: UDBVersion

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration

Status: Hidden



Object-Type: Registry-value

Object-Name: UDBRev

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration

Status: Hidden



Object-Type: Registry-value

Object-Name: ProductID

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimDllExclusionList

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimDllInclusionList

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimExclusionList

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimInclusionList

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Priority

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}

Status: Hidden



Object-Type: Registry-value

Object-Name: AutoInsert

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}

Status: Hidden



Object-Type: Registry-value

Object-Name: Name

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Priority

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}

Status: Hidden



Object-Type: Registry-value

Object-Name: AutoInsert

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}

Status: Hidden



Object-Type: Registry-value

Object-Name: Name

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Priority

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}

Status: Hidden



Object-Type: Registry-value

Object-Name: AutoInsert

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}

Status: Hidden



Object-Type: Registry-value

Object-Name: Name

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Priority

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}

Status: Hidden



Object-Type: Registry-value

Object-Name: AutoInsert

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}

Status: Hidden



Object-Type: Registry-value

Object-Name: Name

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Priority

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}

Status: Hidden



Object-Type: Registry-value

Object-Name: AutoInsert

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}

Status: Hidden



Object-Type: Registry-value

Object-Name: Name

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Priority

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}

Status: Hidden



Object-Type: Registry-value

Object-Name: AutoInsert

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}

Status: Hidden



Object-Type: Registry-value

Object-Name: Name

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Priority

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}

Status: Hidden



Object-Type: Registry-value

Object-Name: AutoInsert

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}

Status: Hidden



Object-Type: Registry-value

Object-Name: Name

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Priority

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}

Status: Hidden



Object-Type: Registry-value

Object-Name: AutoInsert

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}

Status: Hidden



Object-Type: Registry-value

Object-Name: Name

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: wmp.dll

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions

Status: Hidden



Object-Type: Registry-value

Object-Name: wmploc.dll

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions

Status: Hidden



Object-Type: Registry-value

Object-Name: wmplayer.exe

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: FMPLAYER.DLLrosoft\MediaPlayer\ShimDllExclusionList

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: HWAUDIO.DLLcrosoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: XACTMP.DLLicrosoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\XACTMP.DLL

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\XACTMP.DLL

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllInclusionList

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: ENC2002.EXEcrosoft\MediaPlayer\ShimExclusionList

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: EXCEL.EXEMicrosoft\MediaPlayer\ShimExclusionList\ENC2002.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: MPLAYER2.EXErosoft\MediaPlayer\ShimExclusionList\EXCEL.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: NHL2003.EXEcrosoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: NHL2003DEMO.EXEoft\MediaPlayer\ShimExclusionList\NHL2003.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: POWERPNT.EXErosoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: WINWORD.EXEcrosoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: AOLTRAY.EXEcrosoft\MediaPlayer\ShimExclusionList\WINWORD.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: FIREFOX.EXEcrosoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE

Status: Hidden



Object-Type: Registry-key

Object-Name: MSN6.EXE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: NETSCAPE.EXErosoft\MediaPlayer\ShimInclusionList\MSN6.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: NETSCP.EXEicrosoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: NETSCP6.EXEcrosoft\MediaPlayer\ShimInclusionList\NETSCP.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: OPERA.EXEMicrosoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\OPERA.EXE

Status: Hidden



Object-Type: Registry-key

Object-Name: WAOL.EXE\Microsoft\MediaPlayer\ShimInclusionList\OPERA.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\WAOL.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\WAOL.EXE

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: NonSourceFiltersft\MediaPlayer\SmartPlaylist

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: {BC5E21B0-504C-46F6-82BF-FB975C911AD6}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters

Status: Hidden



Object-Type: Registry-key

Object-Name: SourceFiltersosoft\MediaPlayer\SmartPlaylist\NonSourceFilters

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: {4202947A-A563-4B05-A754-A1B4B5989849}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters

Status: Hidden



Object-Type: Registry-value

Object-Name: {B2D9BDDC-8E49-444B-9BA4-193ABF9C7870}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: {0890F930-4F80-4646-BAB1-4B6E5571FB89}ns

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}

Status: Hidden



Object-Type: Registry-key

Object-Name: {171B4B25-2DD9-4b0b-912A-1AFAE79369B8}ns\{0890F930-4F80-4646-BAB1-4B6E5571FB89}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}

Status: Hidden



Object-Type: Registry-value

Object-Name: Description

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}

Status: Hidden



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}

Status: Hidden



Object-Type: Registry-key

Object-Name: {1F32514F-1561-4922-A604-8A1F478B5A42}ns\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}

Status: Hidden



Object-Type: Registry-key

Object-Name: {292AE934-4F49-40bb-9E7E-6F6398ED9C31}ns\{1F32514F-1561-4922-A604-8A1F478B5A42}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}

Status: Hidden



Object-Type: Registry-value

Object-Name: Description

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}

Status: Hidden



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}

Status: Hidden



Object-Type: Registry-key

Object-Name: {52903d79-f993-4de6-8317-20c9c176d823}ns\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}

Status: Hidden



Object-Type: Registry-key

Object-Name: {59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}ns\{52903d79-f993-4de6-8317-20c9c176d823}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}

Status: Hidden



Object-Type: Registry-key

Object-Name: {5DF031B7-6A37-42D9-8802-E27F4F224332}ns\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}

Status: Hidden



Object-Type: Registry-key

Object-Name: {5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}ns\{5DF031B7-6A37-42D9-8802-E27F4F224332}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}

Status: Hidden



Object-Type: Registry-key

Object-Name: {7F2B1D6B-1357-402C-A1C8-67E59583B41D}ns\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Description

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}

Status: Hidden



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}

Status: Hidden



Object-Type: Registry-key

Object-Name: {93075F62-16B3-43EC-A53B-FFAD0E01D5E7}ns\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}

Status: Hidden



Object-Type: Registry-key

Object-Name: {9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}ns\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Description

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}

Status: Hidden



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}

Status: Hidden



Object-Type: Registry-key

Object-Name: {976ABECA-93F7-4d81-9187-2A6137829675}ns\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}

Status: Hidden



Object-Type: Registry-key

Object-Name: {99DB05E3-F81E-4C8A-A252-F396306AB6FE}ns\{976ABECA-93F7-4d81-9187-2A6137829675}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Description

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}

Status: Hidden



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}

Status: Hidden



Object-Type: Registry-key

Object-Name: {9F9562EB-15B6-46C6-A7CB-0A66FC65130E}ns\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}

Status: Hidden



Object-Type: Registry-key

Object-Name: {9FA014E3-076F-4865-A73C-117131B8E292}ns\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}

Status: Hidden



Object-Type: Registry-key

Object-Name: {D5E49195-ED19-40fb-9EE0-E6625A808B77}ns\{9FA014E3-076F-4865-A73C-117131B8E292}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}

Status: Hidden



Object-Type: Registry-key

Object-Name: {E641D09E-E500-4c09-8260-F1CD7B902E9C}ns\{D5E49195-ED19-40fb-9EE0-E6625A808B77}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}

Status: Hidden



Object-Type: Registry-value

Object-Name: Description

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}

Status: Hidden



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}

Status: Hidden



Object-Type: Registry-key

Object-Name: {F24A1BC2-2331-4B91-8A13-5A549DA56E9D}ns\{E641D09E-E500-4c09-8260-F1CD7B902E9C}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}

Status: Hidden



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}

Status: Hidden



Object-Type: Registry-key

Object-Name: {FD981763-B6BB-4d51-9143-6D372A0ED56F}ns\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}

Status: Hidden



Object-Type: Registry-value

Object-Name: Description

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}

Status: Hidden



Object-Type: Registry-value

Object-Name: Capabilities

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}

Status: Hidden



Object-Type: Registry-value

Object-Name: ComponentGUID

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}

Status: Hidden



Object-Type: Registry-value

Object-Name: Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}

Status: Hidden



Object-Type: Registry-value

Object-Name: Sub-Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}

Status: Hidden



Object-Type: Registry-value

Object-Name: ExceptionInfName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}

Status: Hidden



Object-Type: Registry-value

Object-Name: ExceptionCatalogName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}

Status: Hidden



Object-Type: Registry-value

Object-Name: ComponentGUID

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}

Status: Hidden



Object-Type: Registry-value

Object-Name: Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}

Status: Hidden



Object-Type: Registry-value

Object-Name: Sub-Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}

Status: Hidden



Object-Type: Registry-value

Object-Name: ExceptionInfName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}

Status: Hidden



Object-Type: Registry-value

Object-Name: ExceptionCatalogName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}

Status: Hidden



Object-Type: Registry-value

Object-Name: ComponentGUID

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}

Status: Hidden



Object-Type: Registry-value

Object-Name: Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}

Status: Hidden



Object-Type: Registry-value

Object-Name: Sub-Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}

Status: Hidden



Object-Type: Registry-value

Object-Name: ExceptionInfName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}

Status: Hidden



Object-Type: Registry-value

Object-Name: ExceptionCatalogName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: FriendlyName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}

Status: Hidden



Object-Type: Registry-value

Object-Name: ComponentGUID

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}

Status: Hidden



Object-Type: Registry-value

Object-Name: Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}

Status: Hidden



Object-Type: Registry-value

Object-Name: Sub-Version

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}

Status: Hidden



Object-Type: Registry-value

Object-Name: ExceptionInfName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}

Status: Hidden



Object-Type: Registry-value

Object-Name: ExceptionCatalogName

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: SanDiskIM

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList

Status: Hidden



Object-Type: Registry-value

Object-Name: SanDiskIMb

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList

Status: Hidden



Object-Type: Registry-value

Object-Name: Lexmark

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: ProgID

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies

Status: Unable to access registry key



Object-Type: Registry-value

Object-Name: MachinePolicies

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies

Status: Hidden



Object-Type: Registry-value

Object-Name: UserPolicies

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies

Status: Hidden



Object-Type: Registry-value

Object-Name: ProcessorPolicies

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies

Status: Hidden



Object-Type: Process

Object-Name: Rootkit_Detecti

Pid: 1084

Object-Path: C:\DOCUME~1\A-50a\LOKALA~1\Temp\Rar$EX00.430\Rootkit_Detective.exe

Status: Visible



Object-Type: Process

Object-Name: ServiceLayer.ex

Pid: 3472

Object-Path: C:\Program\PC Connectivity Solution\ServiceLayer.exe

Status: Visible



Object-Type: File/Folder

Object-Name: History.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\History.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: csrss.exe

Pid: 900

Object-Path: C:\WINDOWS\system32\csrss.exe

Status: Visible



Object-Type: Process

Object-Name: svchost.exe

Pid: 1520

Object-Path: C:\WINDOWS\System32\svchost.exe

Status: Visible



Object-Type: Process

Object-Name: FixCamera.exe

Pid: 2760

Object-Path: C:\WINDOWS\FixCamera.exe

Status: Visible



Object-Type: Process

Object-Name: winlogon.exe

Pid: 932

Object-Path: C:\WINDOWS\system32\winlogon.exe

Status: Visible



Object-Type: Process

Object-Name: explorer.exe

Pid: 716

Object-Path: C:\WINDOWS\Explorer.EXE

Status: Visible



Object-Type: Process

Object-Name: TOSCDSPD.exe

Pid: 2948

Object-Path: C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe

Status: Visible



Object-Type: Process

Object-Name: NclRSSrv.exe

Pid: 3972

Object-Path: C:\Program\PC Connectivity Solution\Transports\NclRSSrv.exe

Status: Visible



Object-Type: Process

Object-Name: System

Pid: 4

Object-Path:

Status: Visible



Object-Type: File/Folder

Object-Name: Cache.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Cache.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: MsPMSPSv.exe

Pid: 656

Object-Path: C:\WINDOWS\system32\MsPMSPSv.exe

Status: Visible



Object-Type: Process

Object-Name: TPSBattM.exe

Pid: 2516

Object-Path: C:\WINDOWS\system32\TPSBattM.exe

Status: Visible



Object-Type: File/Folder

Object-Name: Personal.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Personal.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: Programs.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Programs.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: svchost.exe

Pid: 1184

Object-Path: C:\WINDOWS\system32\svchost.exe

Status: Visible



Object-Type: Process

Object-Name: ApntEx.exe

Pid: 3416

Object-Path: C:\Program\Apoint2K\Apntex.exe

Status: Visible



Object-Type: File/Folder

Object-Name: Music.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Music.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: PrintHood.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\PrintHood.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: StartUp.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\StartUp.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: S24EvMon.exe

Pid: 1372

Object-Path: C:\WINDOWS\System32\S24EvMon.exe

Status: Visible



Object-Type: Process

Object-Name: svchost.exe

Pid: 628

Object-Path: C:\WINDOWS\System32\svchost.exe

Status: Visible



Object-Type: File/Folder

Object-Name: Profiles.Folder.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: PSANHost.exe

Pid: 164

Object-Path: C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe

Status: Visible



Object-Type: File/Folder

Object-Name: Desktop.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Desktop.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: VikPev00

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\VikPev00

Status: Hidden



Object-Type: Process

Object-Name: RegSrvc.exe

Pid: 320

Object-Path: C:\WINDOWS\System32\RegSrvc.exe

Status: Visible



Object-Type: File/Folder

Object-Name: AppData.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\AppData.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: LocalAppData.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\LocalAppData.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: svchost.exe

Pid: 1592

Object-Path: C:\WINDOWS\system32\svchost.exe

Status: Visible



Object-Type: Process

Object-Name: scardsvr.exe

Pid: 1840

Object-Path: C:\WINDOWS\System32\SCardSvr.exe

Status: Visible



Object-Type: Process

Object-Name: svchost.exe

Pid: 1252

Object-Path: C:\WINDOWS\system32\svchost.exe

Status: Visible



Object-Type: Process

Object-Name: vsnpstd.exe

Pid: 2864

Object-Path: C:\WINDOWS\vsnpstd.exe

Status: Visible



Object-Type: File/Folder

Object-Name: SetPath.bat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\SetPath.bat

Status: Hidden



Object-Type: Process

Object-Name: CFSvcs.exe

Pid: 1936

Object-Path: C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe

Status: Visible



Object-Type: Process

Object-Name: stacmon.exe

Pid: 1564

Object-Path: C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe

Status: Visible



Object-Type: Process

Object-Name: rundll32.exe

Pid: 4044

Object-Path: C:\WINDOWS\system32\rundll32.exe

Status: Visible



Object-Type: Process

Object-Name: 00THotkey.exe

Pid: 2432

Object-Path: C:\WINDOWS\system32\00THotkey.exe

Status: Visible



Object-Type: Process

Object-Name: wscntfy.exe

Pid: 820

Object-Path: C:\WINDOWS\system32\wscntfy.exe

Status: Visible



Object-Type: Process

Object-Name: smss.exe

Pid: 852

Object-Path: C:\WINDOWS\System32\smss.exe

Status: Visible



Object-Type: Process

Object-Name: services.exe

Pid: 976

Object-Path: C:\WINDOWS\system32\services.exe

Status: Visible



Object-Type: File/Folder

Object-Name: Pictures.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Pictures.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: StartMenu.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\StartMenu.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: Foxmail.exe

Pid: 3612

Object-Path: C:\Program\Foxmail\Foxmail.exe

Status: Visible



Object-Type: File/Folder

Object-Name: Cookies.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Cookies.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: wuauclt.exe

Pid: 1412

Object-Path: C:\WINDOWS\system32\wuauclt.exe

Status: Visible



Object-Type: Process

Object-Name: orbitnet.exe

Pid: 4016

Object-Path: C:\Program\Orbitdownloader\orbitnet.exe

Status: Visible



Object-Type: Process

Object-Name: alg.exe

Pid: 1568

Object-Path: C:\WINDOWS\System32\alg.exe

Status: Visible



Object-Type: File/Folder

Object-Name: BackEnv

Pid: n/a

Object-Path: C:\Qoobox\BackEnv

Status: Hidden



Object-Type: File/Folder

Object-Name: Favorites.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Favorites.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: Templates.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Templates.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: DCSHOST.exe

Pid: 1972

Object-Path: C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe

Status: Visible



Object-Type: Process

Object-Name: SmoothView.exe

Pid: 1476

Object-Path: C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe

Status: Visible



Object-Type: Process

Object-Name: orbitdm.exe

Pid: 3460

Object-Path: C:\Program\Orbitdownloader\orbitdm.exe

Status: Visible



Object-Type: File/Folder

Object-Name: LocalSettings.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\LocalSettings.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: incdsrv.exe

Pid: 2004

Object-Path: C:\Program\Ahead\InCD\InCDsrv.exe

Status: Visible



Object-Type: Process

Object-Name: svchost.exe

Pid: 3988

Object-Path: C:\WINDOWS\System32\svchost.exe

Status: Visible



Object-Type: Process

Object-Name: ctfmon.exe

Pid: 2996

Object-Path: C:\WINDOWS\system32\CTFMON.EXE

Status: Visible



Object-Type: Process

Object-Name: svchost.exe

Pid: 1292

Object-Path: C:\WINDOWS\System32\svchost.exe

Status: Visible



Object-Type: Process

Object-Name: jqs.exe

Pid: 2036

Object-Path: C:\Program\Java\jre6\bin\jqs.exe

Status: Visible



Object-Type: Process

Object-Name: TouchED.exe

Pid: 4052

Object-Path: C:\Program\TOSHIBA\TouchED\TouchED.Exe

Status: Visible



Object-Type: Process

Object-Name: NclUSBSrv.exe

Pid: 3836

Object-Path: C:\Program\PC Connectivity Solution\Transports\NclUSBSrv.exe

Status: Visible



Object-Type: Process

Object-Name: igfxtray.exe

Pid: 3868

Object-Path: C:\WINDOWS\System32\igfxtray.exe

Status: Visible



Object-Type: Process

Object-Name: Apoint.exe

Pid: 2380

Object-Path: C:\Program\Apoint2K\Apoint.exe

Status: Visible



Object-Type: Process

Object-Name: spoolsv.exe

Pid: 1792

Object-Path: C:\WINDOWS\system32\spoolsv.exe

Status: Visible



Object-Type: File/Folder

Object-Name: NetHood.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\NetHood.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: Profiles.Folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: SendTo.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\SendTo.folder.dat

Status: Hidden



Object-Type: Process

Object-Name: lsass.exe

Pid: 988

Object-Path: C:\WINDOWS\system32\lsass.exe

Status: Visible



Object-Type: Process

Object-Name: PSUNMain.exe

Pid: 2104

Object-Path: C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

Status: Visible



Object-Type: File/Folder

Object-Name: Recent.folder.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\Recent.folder.dat

Status: Hidden



Object-Type: File/Folder

Object-Name: SysPath.dat

Pid: n/a

Object-Path: C:\Qoobox\BackEnv\SysPath.dat

Status: Hidden



Object-Type: Process

Object-Name: opera.exe

Pid: 3004

Object-Path: C:\Program\Opera\Opera.exe

Status: Visible



Object-Type: Process

Object-Name: svchost.exe

Pid: 1920

Object-Path: C:\WINDOWS\system32\svchost.exe

Status: Visible



Object-Type: Process

Object-Name: TPSMain.exe

Pid: 2044

Object-Path: C:\WINDOWS\system32\TPSMain.exe

Status: Visible



Object-Type: Process

Object-Name: NclMSBTSrv.exe

Pid: 804

Object-Path: C:\Program\PC Connectivity Solution\Transports\NclMSBTSrv.exe

Status: Visible



Scan complete. Found hidden Processes and Files: 25 .

Total files scanned: 66842

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 03 Mar 2012, 20:31

Pues sí, vemos todos estos procesos de ficheros ejecutables corriendo en modo oculto, propio de lols rootkits:



Object-Name: ENC2002.EXEcrosoft\MediaPlayer\ShimExclusionList

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: EXCEL.EXEMicrosoft\MediaPlayer\ShimExclusionList\ENC2002.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: MPLAYER2.EXErosoft\MediaPlayer\ShimExclusionList\EXCEL.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: NHL2003.EXEcrosoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: NHL2003DEMO.EXEoft\MediaPlayer\ShimExclusionList\NHL2003.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: POWERPNT.EXErosoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: WINWORD.EXEcrosoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: AOLTRAY.EXEcrosoft\MediaPlayer\ShimExclusionList\WINWORD.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE

Status: Hidden



Object-Type: Registry-value

Object-Name: (Default)

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE

Status: Unable to access registry key



Object-Type: Registry-key

Object-Name: FIREFOX.EXEcrosoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE

Status: Hidden



Object-Type: Registry-key

Object-Name: MSN6.EXE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE

Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE

Status: Hidden





Si alguno de ellos no lo has instalado voluntariamente, envianoslo y tras analizarlo informaremos del resultado



Para ello recordar[/b]:

https://foros.zonavirus.com/viewtopic.php?f=5&t=14253



saludos



ms, 3-3-2012

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 06 Mar 2012, 22:08

Gracias por la respuesta. Desgraciadamente no puedo encontrar esos ficheros, ¿dónde puedo encontrar esos "registry keys" y "registry values"? En el informe no veo la ruta indicada para encontrarlos en el ordenador. Aparte de esto observo que Word está algo defectuoso y me cambia la lengua al inglés. Lo curioso es que yo no tengo el inglés en la barra de idiomas. El programa de correo Foxmail, que aparece en una de esas entradas sospechosas de Rootkits, me pide últimamente la contraseña, lo cual es también sospechoso. En fin, qué no se qué hacer para comprobar si alguno de esos 25 ficheros es un rootkit

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 07 Mar 2012, 10:57

Los ficheros en cuestion son los que figuran antes de .EXE, por ejemplo, del primer bloque, el ENC2002.EXE



Pero si son RootKits, puede que no los veas facilmente.



En cualquier caso buscalos con un Inicio -> Buscar en modo avanzado, buscando archivos ocultos y de sistema.



saludos



ms, 7-3-2012

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 92216
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Actualización problemática de IExplorer/Windows

Mensaje por msc hotline sat » 07 Mar 2012, 11:03

Pero parece que el infosat.txt que nos ha posteado es el de hace mas de 1 año !!!



[i][b](29-1-2011 12:23:41 (GMT))

EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)[/b]
[/i]




Por favor ! ... El Elistara se actualiza a diario, y siempre se ha de usar la ultima version disponible, además de enviarnos el informe resultante actualizado.



Descargue el ELISTARA actual y tras probarlo, posteenos el informe resultante:


[quote="para DESCARGAR el ELISTARA, msc"]



http://www.zonavirus.com/descargas/descargar-elistara.asp



Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el

resultado

del proceso [/quote]


saludos



ms, 7-3-2012

okean
Usuario
Usuario
Mensajes: 32
Registrado: 26 Ene 2011, 20:05

Re: Actualización problemática de IExplorer/Windows

Mensaje por okean » 07 Abr 2012, 10:22

Bueno, por fin he podido descargar la nueva versión de Elistara y aquí tenéis los resultados, que parecen positivos:

(7-4-2012 06:49:59 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: A-50a

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 06:50:11 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Administratör

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 06:50:21 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 07:07:36 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 5595

Nº Total de Ficheros: 73465

Nº de Ficheros Analizados: 27646

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



(7-4-2012 07:44:40 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: A-50a

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 07:44:53 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Administratör

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 07:45:05 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 08:02:51 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 7236

Nº Total de Ficheros: 82011

Nº de Ficheros Analizados: 28856

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



Como ayer el ordenador me hizo cosas raras he descargado también a continuación el Sproces 6.1 y este es el resultado:

(7-4-2012 06:49:59 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: A-50a

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 06:50:11 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Administratör

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 06:50:21 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 07:07:36 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 5595

Nº Total de Ficheros: 73465

Nº de Ficheros Analizados: 27646

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



(7-4-2012 07:44:40 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: A-50a

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 07:44:53 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Administratör

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 07:45:05 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501



Lista de Acciones (por Acción Directa):

Restaurado fichero de Configuración del IE, (IERESET.INF)

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(7-4-2012 08:02:51 (GMT))

EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)

--------------------------------------------------

Usuario: Gäst

ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 7236

Nº Total de Ficheros: 82011

Nº de Ficheros Analizados: 28856

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



Gracias por adelantado.

Cerrado

Volver a “Foro Software”