Dichoso Iminent
- elExposimetro
- Mensajes: 6
- Registrado: 20 Nov 2013, 18:43
Dichoso Iminent
Hola, me gustaría preguntarles si saben que es Iminent y como se cuela con tanta facilidad en los navegadores.
Tengo windows 8 en el que viene instalado internet explorer pero me bajé desde el primer día el Chrome por que me gusta más trabajar con él y es mi navegador predeterminado.
De alguna manera se me coló el dichoso buscador de Iminent y a pesar de que lo he eliminado en programas del panel de control, también en los complementos de Chrome y extensiones eliminado. Hice una búsqueda en el equipo con la palabra Iminent y encontré un ejecutable que también eliminé entrando en modo seguro. Creo que no tengo huellas de él pero cuando menos lo espero me aparece una ventanita Pop-up en el escritorio (aunque no esté usando el navegador) y a partir de ahí abro el navegador y ya me encuentro Starweb iminent como navegador predeterminado.
Tengo instalado Mcafee Internet security y ni se entera ni lo ve como malicioso. Existe alguna manera de frenar su entrada. Por que hoy se me coló pero en vez de en el Chrome en el Internet Explorer.
Gracias de antemano por vuestra ayuda. Saludos y seguiré indagando.
Tengo windows 8 en el que viene instalado internet explorer pero me bajé desde el primer día el Chrome por que me gusta más trabajar con él y es mi navegador predeterminado.
De alguna manera se me coló el dichoso buscador de Iminent y a pesar de que lo he eliminado en programas del panel de control, también en los complementos de Chrome y extensiones eliminado. Hice una búsqueda en el equipo con la palabra Iminent y encontré un ejecutable que también eliminé entrando en modo seguro. Creo que no tengo huellas de él pero cuando menos lo espero me aparece una ventanita Pop-up en el escritorio (aunque no esté usando el navegador) y a partir de ahí abro el navegador y ya me encuentro Starweb iminent como navegador predeterminado.
Tengo instalado Mcafee Internet security y ni se entera ni lo ve como malicioso. Existe alguna manera de frenar su entrada. Por que hoy se me coló pero en vez de en el Chrome en el Internet Explorer.
Gracias de antemano por vuestra ayuda. Saludos y seguiré indagando.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Dichoso Iminent
No es propiamente un virus, pero digamos que es bastante pesado...
Se instala con algunos domwares de instalacion de aplicaciones, que ademas de las que quieres, te instalan estos regalitos.
Es posible que lo tengas añadido al link del navegador. Pulsa boton derecho sobre su icono y en PROPIEDADES mira si tras el .EXE hay algo mas añadido, y si es el caso, lo eliminas,
Y sino, descargate el SPROCES y sigue estas instrucciones:
lanzar el SPROCES y pulsar en SALIR, tras lo cual generará informe en c:\sproclog.txt, que nos puede postear para analizar:
saludos
ms, 9-12-2013
Se instala con algunos domwares de instalacion de aplicaciones, que ademas de las que quieres, te instalan estos regalitos.
Es posible que lo tengas añadido al link del navegador. Pulsa boton derecho sobre su icono y en PROPIEDADES mira si tras el .EXE hay algo mas añadido, y si es el caso, lo eliminas,
Y sino, descargate el SPROCES y sigue estas instrucciones:
lanzar el SPROCES y pulsar en SALIR, tras lo cual generará informe en c:\sproclog.txt, que nos puede postear para analizar:
[quote="para DESCARGAR el SPROCES, msc"]http://www.zonavirus.com/descargas/sproces.asp [/quote]
saludos
ms, 9-12-2013
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
- elExposimetro
- Mensajes: 6
- Registrado: 20 Nov 2013, 18:43
Re: Dichoso Iminent
No he visto ninguna extension detrás de .exe
Este es el análisis de Sprocess:
(9-12-2013 21:08:39 GMT)
SProces v7.2 (c)2013 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 8 (v6.2.9200)
Internet Explorer: (v9.10.9200.16736) 0
Equipo: TODOTERRENO
Usuario: Xemari
Sesión de Usuario: Xemari
93 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVVSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVXDSYNC.EXE
C:\WINDOWS\SYSTEM32\NVVSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ASLDRSRV.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKGFNEX\GFNEXSRV.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS INSTANTON\INSONSRV.EXE
C:\WINDOWS\SYSTEM32\DPTFPARTICIPANTPROCESSORSERVICE.EXE
C:\WINDOWS\SYSTEM32\DASHOST.EXE
C:\WINDOWS\SYSTEM32\DPTFPOLICYCONFIGTDPSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPRESSCACHE.EXE
C:\WINDOWS\SYSTEM32\HECISERVER.EXE
C:\WINDOWS\SYSWOW64\IRSTRTSV.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE
C:\WINDOWS\SYSTEM32\MCAPEXE.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
C:\WINDOWS\SYSWOW64\RUNDLL32.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\UMBRELLA\UMBRELLA.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MCSHIELD.EXE
C:\WINDOWS\SYSTEM32\MFEFIRE.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\SPLENDID\ACMON.EXE
C:\WINDOWS\SYSTEM32\BATTERYLIFE.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROL.EXE
C:\PROGRAM FILES (X86)\ASUS\USBCHARGERPLUS\USBCHARGERPLUS.EXE
C:\PROGRAM FILES (X86)\ASUS\SPLENDID\COLORUSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS INSTANTON\INSONWMI.EXE
C:\WINDOWS\SYSTEM32\TASKHOSTEX.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\KBFILTR.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKOSD2\ATKOSD2.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK MEDIA\DMEDIA.EXE
C:\WINDOWS\SYSTEM32\LIVECOMM.EXE
C:\WINDOWS\SYSTEM32\NVTRAY.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\RAVCPL64.EXE
C:\WINDOWS\SYSTEM32\WRAPPERTRAYICON.EXE
C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE
C:\USERS\XEMARI\APPDATA\ROAMING\DROPBOX\BIN\DROPBOX.EXE
C:\PROGRAM FILES (X86)\CYBERLINK\POWERDVD10\PDVD10SERV.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDTRAY.EXE
C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE
C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS LIVE UPDATE\LIVEUPDATE.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\FWSERVICE\INTELMEFWSERVICE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\WINDOWS\SYSTEM32\MOBKBACKUP.EXE
C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\DAEMONU.EXE
C:\WINDOWS\SYSTEM32\MOBKBACKUP.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\WINDOWS\SYSTEM32\WMPNETWK.EXE
C:\WINDOWS\SYSTEM32\ASUSTPHELPER.EXE
C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.22.3\GOOGLECRASHHANDLER.EXE
C:\WINDOWS\SYSTEM32\GOOGLECRASHHANDLER64.EXE
C:\WINDOWS\SYSTEM32\ASUSTPCENTER.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\MCUICNT.EXE
C:\WINDOWS\SYSTEM32\MCODS.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\USERS\XEMARI\DESKTOP\ELISTARA Y SPROCES\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =https://www.google.es/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKUS\S-1-5-21-4215438573-196197954-3387240069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'UpdatusUser')
R0 - HKUS\S-1-5-21-4215438573-196197954-3387240069-1001\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'UpdatusUser')
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (User 'UpdatusUser')
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (file missing)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKCU\..\Run: [AdobeBridge]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
O4 - HKLM\..\WOW6432node\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\WOW6432node\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\WOW6432node\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\WOW6432node\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\WOW6432node\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\WOW6432node\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\WOW6432node\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\WOW6432node\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\WOW6432node\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\WOW6432node\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\WOW6432node\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\WOW6432node\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\WOW6432node\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
O4 - Startup: Dropbox.lnk = C:\Users\Xemari\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll c:\windows\syswow64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWINLOGON - SDWINLOGON.DLL (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem18.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem18.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McATScheduler - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
*O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
**O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
*O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
*O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WinkHandler - Unknown owner - C:\Program Files (x86)\Iminent\WinkHandler.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: @mdmags64.inf,%FullProductName%;Agere Systems Soft Modem (AgereSoftModem) - LSI Corp - C:\WINDOWS\system32\DRIVERS\agrsm64.sys (file missing)
O23 - Service: ASUS Charger Driver (AiCharger) - ASUSTek Computer Inc. - C:\WINDOWS\system32\DRIVERS\AiCharger.sys (file missing)
O23 - Service: @oem21.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver (athr) - Qualcomm Atheros Communications, Inc. - C:\WINDOWS\system32\DRIVERS\athw8x.sys (file missing)
O23 - Service: @oem13.inf,%PS2.DeviceDesc%;ASUS Input Device (ATP) - ASUS Corporation - C:\WINDOWS\System32\drivers\AsusTP.sys (file missing)
O23 - Service: McAfee Inc. cfwids (cfwids) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\cfwids.sys (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DptfDevDram - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys (file missing)
O23 - Service: DptfDevFan - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys (file missing)
O23 - Service: DptfDevGen - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys (file missing)
O23 - Service: DptfDevProc - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys (file missing)
O23 - Service: DptfManager - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfManager.sys (file missing)
O23 - Service: @net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I (e1iexpress) - Intel Corporation - C:\WINDOWS\system32\DRIVERS\e1i63x64.sys (file missing)
O23 - Service: esgiguard - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (file missing)
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control (HIDSwitch) - ASUS - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys (file missing)
O23 - Service: McAfee Inc. HipShieldK (HipShieldK) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\HipShieldK.sys (file missing)
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys (file missing)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\drivers\RTKVHD64.sys (file missing)
O23 - Service: @oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\system32\DRIVERS\IntcDAud.sys (file missing)
O23 - Service: @oem16.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver (irstrtdv) - Intel Corporation - C:\WINDOWS\System32\drivers\irstrtdv.sys (file missing)
O23 - Service: @oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter (kbfiltr) - - C:\WINDOWS\System32\drivers\kbfiltr.sys (file missing)
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: @oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\HECIx64.sys (file missing)
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
**O23 - Service: McAfee Inc. mfefirek (mfefirek) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfefirek.sys (file missing)
O23 - Service: McAfee Inc. mfencbdc (mfencbdc) - McAfee, Inc. - C:\WINDOWS\system32\DRIVERS\mfencbdc.sys (file missing)
O23 - Service: McAfee Inc. mfencrk (mfencrk) - McAfee, Inc. - C:\WINDOWS\system32\DRIVERS\mfencrk.sys (file missing)
O23 - Service: @netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit (NETwNs64) - Intel Corporation - C:\WINDOWS\system32\DRIVERS\NETwNs64.sys (file missing)
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys (file missing)
O23 - Service: @oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA (RSBASTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys (file missing)
O23 - Service: @oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver (RTL8168) - Realtek - C:\WINDOWS\system32\DRIVERS\Rt630x64.sys (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
**O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
73 Servicios.
38 de Carga Automatica.
35 de Carga Manual.
0 Deshabilitados.
Este es el análisis de Sprocess:
(9-12-2013 21:08:39 GMT)
SProces v7.2 (c)2013 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 8 (v6.2.9200)
Internet Explorer: (v9.10.9200.16736) 0
Equipo: TODOTERRENO
Usuario: Xemari
Sesión de Usuario: Xemari
93 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVVSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVXDSYNC.EXE
C:\WINDOWS\SYSTEM32\NVVSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ASLDRSRV.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKGFNEX\GFNEXSRV.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS INSTANTON\INSONSRV.EXE
C:\WINDOWS\SYSTEM32\DPTFPARTICIPANTPROCESSORSERVICE.EXE
C:\WINDOWS\SYSTEM32\DASHOST.EXE
C:\WINDOWS\SYSTEM32\DPTFPOLICYCONFIGTDPSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPRESSCACHE.EXE
C:\WINDOWS\SYSTEM32\HECISERVER.EXE
C:\WINDOWS\SYSWOW64\IRSTRTSV.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE
C:\WINDOWS\SYSTEM32\MCAPEXE.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
C:\WINDOWS\SYSWOW64\RUNDLL32.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\UMBRELLA\UMBRELLA.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MCSHIELD.EXE
C:\WINDOWS\SYSTEM32\MFEFIRE.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\SPLENDID\ACMON.EXE
C:\WINDOWS\SYSTEM32\BATTERYLIFE.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROL.EXE
C:\PROGRAM FILES (X86)\ASUS\USBCHARGERPLUS\USBCHARGERPLUS.EXE
C:\PROGRAM FILES (X86)\ASUS\SPLENDID\COLORUSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS INSTANTON\INSONWMI.EXE
C:\WINDOWS\SYSTEM32\TASKHOSTEX.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\KBFILTR.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKOSD2\ATKOSD2.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK MEDIA\DMEDIA.EXE
C:\WINDOWS\SYSTEM32\LIVECOMM.EXE
C:\WINDOWS\SYSTEM32\NVTRAY.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\RAVCPL64.EXE
C:\WINDOWS\SYSTEM32\WRAPPERTRAYICON.EXE
C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE
C:\USERS\XEMARI\APPDATA\ROAMING\DROPBOX\BIN\DROPBOX.EXE
C:\PROGRAM FILES (X86)\CYBERLINK\POWERDVD10\PDVD10SERV.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDTRAY.EXE
C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE
C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS LIVE UPDATE\LIVEUPDATE.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\FWSERVICE\INTELMEFWSERVICE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\WINDOWS\SYSTEM32\MOBKBACKUP.EXE
C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\DAEMONU.EXE
C:\WINDOWS\SYSTEM32\MOBKBACKUP.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\WINDOWS\SYSTEM32\WMPNETWK.EXE
C:\WINDOWS\SYSTEM32\ASUSTPHELPER.EXE
C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.22.3\GOOGLECRASHHANDLER.EXE
C:\WINDOWS\SYSTEM32\GOOGLECRASHHANDLER64.EXE
C:\WINDOWS\SYSTEM32\ASUSTPCENTER.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\MCUICNT.EXE
C:\WINDOWS\SYSTEM32\MCODS.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\USERS\XEMARI\DESKTOP\ELISTARA Y SPROCES\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKUS\S-1-5-21-4215438573-196197954-3387240069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'UpdatusUser')
R0 - HKUS\S-1-5-21-4215438573-196197954-3387240069-1001\Software\Microsoft\Internet Explorer\Main,Search Page =
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (User 'UpdatusUser')
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (file missing)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKCU\..\Run: [AdobeBridge]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
O4 - HKLM\..\WOW6432node\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\WOW6432node\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\WOW6432node\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\WOW6432node\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\WOW6432node\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\WOW6432node\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\WOW6432node\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\WOW6432node\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\WOW6432node\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\WOW6432node\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\WOW6432node\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\WOW6432node\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\WOW6432node\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
O4 - Startup: Dropbox.lnk = C:\Users\Xemari\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll c:\windows\syswow64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWINLOGON - SDWINLOGON.DLL (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem18.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem18.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McATScheduler - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
*O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
**O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
*O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
*O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WinkHandler - Unknown owner - C:\Program Files (x86)\Iminent\WinkHandler.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: @mdmags64.inf,%FullProductName%;Agere Systems Soft Modem (AgereSoftModem) - LSI Corp - C:\WINDOWS\system32\DRIVERS\agrsm64.sys (file missing)
O23 - Service: ASUS Charger Driver (AiCharger) - ASUSTek Computer Inc. - C:\WINDOWS\system32\DRIVERS\AiCharger.sys (file missing)
O23 - Service: @oem21.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver (athr) - Qualcomm Atheros Communications, Inc. - C:\WINDOWS\system32\DRIVERS\athw8x.sys (file missing)
O23 - Service: @oem13.inf,%PS2.DeviceDesc%;ASUS Input Device (ATP) - ASUS Corporation - C:\WINDOWS\System32\drivers\AsusTP.sys (file missing)
O23 - Service: McAfee Inc. cfwids (cfwids) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\cfwids.sys (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DptfDevDram - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys (file missing)
O23 - Service: DptfDevFan - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys (file missing)
O23 - Service: DptfDevGen - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys (file missing)
O23 - Service: DptfDevProc - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys (file missing)
O23 - Service: DptfManager - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfManager.sys (file missing)
O23 - Service: @net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I (e1iexpress) - Intel Corporation - C:\WINDOWS\system32\DRIVERS\e1i63x64.sys (file missing)
O23 - Service: esgiguard - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (file missing)
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control (HIDSwitch) - ASUS - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys (file missing)
O23 - Service: McAfee Inc. HipShieldK (HipShieldK) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\HipShieldK.sys (file missing)
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys (file missing)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\drivers\RTKVHD64.sys (file missing)
O23 - Service: @oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\system32\DRIVERS\IntcDAud.sys (file missing)
O23 - Service: @oem16.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver (irstrtdv) - Intel Corporation - C:\WINDOWS\System32\drivers\irstrtdv.sys (file missing)
O23 - Service: @oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter (kbfiltr) - - C:\WINDOWS\System32\drivers\kbfiltr.sys (file missing)
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: @oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\HECIx64.sys (file missing)
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
**O23 - Service: McAfee Inc. mfefirek (mfefirek) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfefirek.sys (file missing)
O23 - Service: McAfee Inc. mfencbdc (mfencbdc) - McAfee, Inc. - C:\WINDOWS\system32\DRIVERS\mfencbdc.sys (file missing)
O23 - Service: McAfee Inc. mfencrk (mfencrk) - McAfee, Inc. - C:\WINDOWS\system32\DRIVERS\mfencrk.sys (file missing)
O23 - Service: @netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit (NETwNs64) - Intel Corporation - C:\WINDOWS\system32\DRIVERS\NETwNs64.sys (file missing)
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys (file missing)
O23 - Service: @oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA (RSBASTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys (file missing)
O23 - Service: @oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver (RTL8168) - Realtek - C:\WINDOWS\system32\DRIVERS\Rt630x64.sys (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
**O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
73 Servicios.
38 de Carga Automatica.
35 de Carga Manual.
0 Deshabilitados.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Dichoso Iminent
No has ejecutado el SPROCES actual (7.3) , que nos muestra los enlaces que queríamos ver. Primero descarga la ultima version y procede igual que antes.
De todas formas miraremos si aparece algo aqui del iminent:
pues si:
Pues vemos estas claves:
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (file missing)
O4 - HKLM\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
Luego, cuando tengas el nuevo SPROCES, ejecutalo, luego dale a SCAN, marca las claves indicadas y selecciona ELIMINAR
Luego le das a SALIR y nos vuelves a postear el sproclog, que ahora será el de la nueva version y tras haber eliminado las claves indicadas, y dinos si aun persiste el problam, gracias
saludos
ms, 10-12-2013
Nota: Hay estas otras dos claves que hacen referencia al Iminent, pero las dejaremos para despues, sin hace falta:
O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
O23 - Service: WinkHandler - Unknown owner - C:\Program Files (x86)\Iminent\WinkHandler.exe (file missing)
ms.
De todas formas miraremos si aparece algo aqui del iminent:
pues si:
Pues vemos estas claves:
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (file missing)
O4 - HKLM\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
Luego, cuando tengas el nuevo SPROCES, ejecutalo, luego dale a SCAN, marca las claves indicadas y selecciona ELIMINAR
Luego le das a SALIR y nos vuelves a postear el sproclog, que ahora será el de la nueva version y tras haber eliminado las claves indicadas, y dinos si aun persiste el problam, gracias
saludos
ms, 10-12-2013
Nota: Hay estas otras dos claves que hacen referencia al Iminent, pero las dejaremos para despues, sin hace falta:
O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
O23 - Service: WinkHandler - Unknown owner - C:\Program Files (x86)\Iminent\WinkHandler.exe (file missing)
ms.
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
- elExposimetro
- Mensajes: 6
- Registrado: 20 Nov 2013, 18:43
Re: Dichoso Iminent
Bueno pues ejecuté el sproces 7,3 y seguí vuestras instrucciones, borrar las tres claves que indicasteis arriba y este es el archivo log. Hay una clave o proceso o como se llame (aparte de los dos de arriba últimos que mencionasteis), yo no entiendo muy bien de esto pero la ruta me hace desconfiar y es esta que os marco aquí:
O20 - AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll c:\windows\syswow64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll
creo que es una librería de windows no? por lo de .dll, pero lo que me llama la atención es lo de bitguard que ya me estuvo molestando en tiempos.
(10-12-2013 18:47:03 GMT)
SProces v7.3 (c)2013 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 8 (v6.2.9200)
Internet Explorer: (v9.10.9200.16736) 0
Equipo: TODOTERRENO
Usuario: Xemari
Sesión de Usuario: Xemari
107 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVVSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVXDSYNC.EXE
C:\WINDOWS\SYSTEM32\NVVSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ASLDRSRV.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKGFNEX\GFNEXSRV.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS INSTANTON\INSONSRV.EXE
C:\WINDOWS\SYSTEM32\DPTFPARTICIPANTPROCESSORSERVICE.EXE
C:\WINDOWS\SYSTEM32\DASHOST.EXE
C:\WINDOWS\SYSTEM32\DPTFPOLICYCONFIGTDPSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPRESSCACHE.EXE
C:\WINDOWS\SYSTEM32\HECISERVER.EXE
C:\WINDOWS\SYSWOW64\IRSTRTSV.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE
C:\WINDOWS\SYSTEM32\MCAPEXE.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
C:\WINDOWS\SYSWOW64\RUNDLL32.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\UMBRELLA\UMBRELLA.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MCSHIELD.EXE
C:\WINDOWS\SYSTEM32\MFEFIRE.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\SPLENDID\ACMON.EXE
C:\WINDOWS\SYSTEM32\BATTERYLIFE.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROL.EXE
C:\PROGRAM FILES (X86)\ASUS\USBCHARGERPLUS\USBCHARGERPLUS.EXE
C:\PROGRAM FILES (X86)\ASUS\SPLENDID\COLORUSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS INSTANTON\INSONWMI.EXE
C:\WINDOWS\SYSTEM32\TASKHOSTEX.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\KBFILTR.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKOSD2\ATKOSD2.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK MEDIA\DMEDIA.EXE
C:\WINDOWS\SYSTEM32\LIVECOMM.EXE
C:\WINDOWS\SYSTEM32\NVTRAY.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\RAVCPL64.EXE
C:\WINDOWS\SYSTEM32\WRAPPERTRAYICON.EXE
C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE
C:\USERS\XEMARI\APPDATA\ROAMING\DROPBOX\BIN\DROPBOX.EXE
C:\PROGRAM FILES (X86)\CYBERLINK\POWERDVD10\PDVD10SERV.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDTRAY.EXE
C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE
C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS LIVE UPDATE\LIVEUPDATE.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\FWSERVICE\INTELMEFWSERVICE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\WINDOWS\SYSTEM32\MOBKBACKUP.EXE
C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\DAEMONU.EXE
C:\WINDOWS\SYSTEM32\MOBKBACKUP.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\WINDOWS\SYSTEM32\WMPNETWK.EXE
C:\WINDOWS\SYSTEM32\ASUSTPHELPER.EXE
C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.22.3\GOOGLECRASHHANDLER.EXE
C:\WINDOWS\SYSTEM32\GOOGLECRASHHANDLER64.EXE
C:\WINDOWS\SYSTEM32\TASKHOSTEX.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\TRUSTEDINSTALLER.EXE
C:\WINDOWS\SYSTEM32\TIWORKER.EXE
C:\WINDOWS\SYSTEM32\ASUSTPCENTER.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\MCUICNT.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
C:\WINDOWS\SYSTEM32\WINRAR.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\USERS\XEMARI\APPDATA\LOCAL\TEMP\RAR$EX72.168\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =https://www.google.es/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKUS\S-1-5-21-4215438573-196197954-3387240069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'UpdatusUser')
R0 - HKUS\S-1-5-21-4215438573-196197954-3387240069-1001\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'UpdatusUser')
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (User 'UpdatusUser')
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKCU\..\Run: [AdobeBridge]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\WOW6432node\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\WOW6432node\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\WOW6432node\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\WOW6432node\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\WOW6432node\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\WOW6432node\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\WOW6432node\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\WOW6432node\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\WOW6432node\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\WOW6432node\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\WOW6432node\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - Startup: Dropbox.lnk = C:\Users\Xemari\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll c:\windows\syswow64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWINLOGON - SDWINLOGON.DLL (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
Acceso Rapido ('Xemari'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Acceso Rapido ('Xemari'): Launch Internet Explorer Browser.lnk = C:\Program Files (x86)\Internet Explorer\iexplore.exe
Acceso Rapido ('Xemari'): Shows Desktop.lnk =
Acceso Rapido ('Xemari'): Window Switcher.lnk =
Acceso Rapido ('UpdatusUser'): Shows Desktop.lnk =
Acceso Rapido ('UpdatusUser'): Window Switcher.lnk =
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: McAfee Application Installer Cleanup (0260541386676348) (0260541386676348mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\026054~1.EXE
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem18.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem18.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McATScheduler - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
*O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
**O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
*O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
*O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WinkHandler - Unknown owner - C:\Program Files (x86)\Iminent\WinkHandler.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: @mdmags64.inf,%FullProductName%;Agere Systems Soft Modem (AgereSoftModem) - LSI Corp - C:\WINDOWS\system32\DRIVERS\agrsm64.sys (file missing)
O23 - Service: ASUS Charger Driver (AiCharger) - ASUSTek Computer Inc. - C:\WINDOWS\system32\DRIVERS\AiCharger.sys (file missing)
O23 - Service: @oem21.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver (athr) - Qualcomm Atheros Communications, Inc. - C:\WINDOWS\system32\DRIVERS\athw8x.sys (file missing)
O23 - Service: @oem13.inf,%PS2.DeviceDesc%;ASUS Input Device (ATP) - ASUS Corporation - C:\WINDOWS\System32\drivers\AsusTP.sys (file missing)
O23 - Service: McAfee Inc. cfwids (cfwids) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\cfwids.sys (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DptfDevDram - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys (file missing)
O23 - Service: DptfDevFan - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys (file missing)
O23 - Service: DptfDevGen - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys (file missing)
O23 - Service: DptfDevProc - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys (file missing)
O23 - Service: DptfManager - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfManager.sys (file missing)
O23 - Service: @net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I (e1iexpress) - Intel Corporation - C:\WINDOWS\system32\DRIVERS\e1i63x64.sys (file missing)
O23 - Service: esgiguard - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (file missing)
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control (HIDSwitch) - ASUS - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys (file missing)
O23 - Service: McAfee Inc. HipShieldK (HipShieldK) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\HipShieldK.sys (file missing)
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys (file missing)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\drivers\RTKVHD64.sys (file missing)
O23 - Service: @oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\system32\DRIVERS\IntcDAud.sys (file missing)
O23 - Service: @oem16.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver (irstrtdv) - Intel Corporation - C:\WINDOWS\System32\drivers\irstrtdv.sys (file missing)
O23 - Service: @oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter (kbfiltr) - - C:\WINDOWS\System32\drivers\kbfiltr.sys (file missing)
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: @oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\HECIx64.sys (file missing)
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
**O23 - Service: McAfee Inc. mfefirek (mfefirek) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfefirek.sys (file missing)
O23 - Service: McAfee Inc. mfencbdc (mfencbdc) - McAfee, Inc. - C:\WINDOWS\system32\DRIVERS\mfencbdc.sys (file missing)
O23 - Service: McAfee Inc. mfencrk (mfencrk) - McAfee, Inc. - C:\WINDOWS\system32\DRIVERS\mfencrk.sys (file missing)
O23 - Service: @netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit (NETwNs64) - Intel Corporation - C:\WINDOWS\system32\DRIVERS\NETwNs64.sys (file missing)
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys (file missing)
O23 - Service: @oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA (RSBASTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys (file missing)
O23 - Service: @oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver (RTL8168) - Realtek - C:\WINDOWS\system32\DRIVERS\Rt630x64.sys (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
**O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
74 Servicios.
39 de Carga Automatica.
35 de Carga Manual.
0 Deshabilitados.
O20 - AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll c:\windows\syswow64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll
creo que es una librería de windows no? por lo de .dll, pero lo que me llama la atención es lo de bitguard que ya me estuvo molestando en tiempos.
(10-12-2013 18:47:03 GMT)
SProces v7.3 (c)2013 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 8 (v6.2.9200)
Internet Explorer: (v9.10.9200.16736) 0
Equipo: TODOTERRENO
Usuario: Xemari
Sesión de Usuario: Xemari
107 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVVSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVXDSYNC.EXE
C:\WINDOWS\SYSTEM32\NVVSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ASLDRSRV.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKGFNEX\GFNEXSRV.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS INSTANTON\INSONSRV.EXE
C:\WINDOWS\SYSTEM32\DPTFPARTICIPANTPROCESSORSERVICE.EXE
C:\WINDOWS\SYSTEM32\DASHOST.EXE
C:\WINDOWS\SYSTEM32\DPTFPOLICYCONFIGTDPSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPRESSCACHE.EXE
C:\WINDOWS\SYSTEM32\HECISERVER.EXE
C:\WINDOWS\SYSWOW64\IRSTRTSV.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE
C:\WINDOWS\SYSTEM32\MCAPEXE.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
C:\WINDOWS\SYSWOW64\RUNDLL32.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\UMBRELLA\UMBRELLA.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MCSHIELD.EXE
C:\WINDOWS\SYSTEM32\MFEFIRE.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\SPLENDID\ACMON.EXE
C:\WINDOWS\SYSTEM32\BATTERYLIFE.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROL.EXE
C:\PROGRAM FILES (X86)\ASUS\USBCHARGERPLUS\USBCHARGERPLUS.EXE
C:\PROGRAM FILES (X86)\ASUS\SPLENDID\COLORUSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS INSTANTON\INSONWMI.EXE
C:\WINDOWS\SYSTEM32\TASKHOSTEX.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\KBFILTR.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKOSD2\ATKOSD2.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK MEDIA\DMEDIA.EXE
C:\WINDOWS\SYSTEM32\LIVECOMM.EXE
C:\WINDOWS\SYSTEM32\NVTRAY.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\RAVCPL64.EXE
C:\WINDOWS\SYSTEM32\WRAPPERTRAYICON.EXE
C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE
C:\USERS\XEMARI\APPDATA\ROAMING\DROPBOX\BIN\DROPBOX.EXE
C:\PROGRAM FILES (X86)\CYBERLINK\POWERDVD10\PDVD10SERV.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDTRAY.EXE
C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE
C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS LIVE UPDATE\LIVEUPDATE.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\FWSERVICE\INTELMEFWSERVICE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\WINDOWS\SYSTEM32\MOBKBACKUP.EXE
C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\DAEMONU.EXE
C:\WINDOWS\SYSTEM32\MOBKBACKUP.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\WINDOWS\SYSTEM32\WMPNETWK.EXE
C:\WINDOWS\SYSTEM32\ASUSTPHELPER.EXE
C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.22.3\GOOGLECRASHHANDLER.EXE
C:\WINDOWS\SYSTEM32\GOOGLECRASHHANDLER64.EXE
C:\WINDOWS\SYSTEM32\TASKHOSTEX.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\TRUSTEDINSTALLER.EXE
C:\WINDOWS\SYSTEM32\TIWORKER.EXE
C:\WINDOWS\SYSTEM32\ASUSTPCENTER.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\MCUICNT.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
C:\WINDOWS\SYSTEM32\WINRAR.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\USERS\XEMARI\APPDATA\LOCAL\TEMP\RAR$EX72.168\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKUS\S-1-5-21-4215438573-196197954-3387240069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'UpdatusUser')
R0 - HKUS\S-1-5-21-4215438573-196197954-3387240069-1001\Software\Microsoft\Internet Explorer\Main,Search Page =
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (User 'UpdatusUser')
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKCU\..\Run: [AdobeBridge]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\WOW6432node\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\WOW6432node\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\WOW6432node\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\WOW6432node\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\WOW6432node\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\WOW6432node\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\WOW6432node\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\WOW6432node\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\WOW6432node\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\WOW6432node\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\WOW6432node\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - Startup: Dropbox.lnk = C:\Users\Xemari\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll c:\windows\syswow64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWINLOGON - SDWINLOGON.DLL (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
Acceso Rapido ('Xemari'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Acceso Rapido ('Xemari'): Launch Internet Explorer Browser.lnk = C:\Program Files (x86)\Internet Explorer\iexplore.exe
Acceso Rapido ('Xemari'): Shows Desktop.lnk =
Acceso Rapido ('Xemari'): Window Switcher.lnk =
Acceso Rapido ('UpdatusUser'): Shows Desktop.lnk =
Acceso Rapido ('UpdatusUser'): Window Switcher.lnk =
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: McAfee Application Installer Cleanup (0260541386676348) (0260541386676348mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\026054~1.EXE
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem18.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem18.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McATScheduler - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
*O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
**O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
*O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
*O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WinkHandler - Unknown owner - C:\Program Files (x86)\Iminent\WinkHandler.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: @mdmags64.inf,%FullProductName%;Agere Systems Soft Modem (AgereSoftModem) - LSI Corp - C:\WINDOWS\system32\DRIVERS\agrsm64.sys (file missing)
O23 - Service: ASUS Charger Driver (AiCharger) - ASUSTek Computer Inc. - C:\WINDOWS\system32\DRIVERS\AiCharger.sys (file missing)
O23 - Service: @oem21.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver (athr) - Qualcomm Atheros Communications, Inc. - C:\WINDOWS\system32\DRIVERS\athw8x.sys (file missing)
O23 - Service: @oem13.inf,%PS2.DeviceDesc%;ASUS Input Device (ATP) - ASUS Corporation - C:\WINDOWS\System32\drivers\AsusTP.sys (file missing)
O23 - Service: McAfee Inc. cfwids (cfwids) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\cfwids.sys (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DptfDevDram - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys (file missing)
O23 - Service: DptfDevFan - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys (file missing)
O23 - Service: DptfDevGen - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys (file missing)
O23 - Service: DptfDevProc - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys (file missing)
O23 - Service: DptfManager - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfManager.sys (file missing)
O23 - Service: @net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I (e1iexpress) - Intel Corporation - C:\WINDOWS\system32\DRIVERS\e1i63x64.sys (file missing)
O23 - Service: esgiguard - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (file missing)
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control (HIDSwitch) - ASUS - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys (file missing)
O23 - Service: McAfee Inc. HipShieldK (HipShieldK) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\HipShieldK.sys (file missing)
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys (file missing)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\drivers\RTKVHD64.sys (file missing)
O23 - Service: @oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\system32\DRIVERS\IntcDAud.sys (file missing)
O23 - Service: @oem16.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver (irstrtdv) - Intel Corporation - C:\WINDOWS\System32\drivers\irstrtdv.sys (file missing)
O23 - Service: @oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter (kbfiltr) - - C:\WINDOWS\System32\drivers\kbfiltr.sys (file missing)
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: @oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\HECIx64.sys (file missing)
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
**O23 - Service: McAfee Inc. mfefirek (mfefirek) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfefirek.sys (file missing)
O23 - Service: McAfee Inc. mfencbdc (mfencbdc) - McAfee, Inc. - C:\WINDOWS\system32\DRIVERS\mfencbdc.sys (file missing)
O23 - Service: McAfee Inc. mfencrk (mfencrk) - McAfee, Inc. - C:\WINDOWS\system32\DRIVERS\mfencrk.sys (file missing)
O23 - Service: @netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit (NETwNs64) - Intel Corporation - C:\WINDOWS\system32\DRIVERS\NETwNs64.sys (file missing)
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys (file missing)
O23 - Service: @oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA (RSBASTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys (file missing)
O23 - Service: @oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver (RTL8168) - Realtek - C:\WINDOWS\system32\DRIVERS\Rt630x64.sys (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
**O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
74 Servicios.
39 de Carga Automatica.
35 de Carga Manual.
0 Deshabilitados.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Dichoso Iminent
Si, BitGuard podria ser un Bprotector, pero no conocemos estas dos DLL, envianoslas para analizar:
c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll
c:\windows\syswow64\nvinit.dll
Si no los encontraras, usa el ELIMOVER entrando ruta y nombre, y las copoiará en C:\muestras, desde donde te será facil enviarnoslas.
Recuerda:https://foros.zonavirus.com/viewtopic.php?f=5&t=45334
Y vemos muchas sesiones de Chrome abiertas (ocho):
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
Es que continuamente lanzas nuevas sesiones de Chrome o es algo anormal de este equipo ?
y en cualquier caso, elimina esta clave:
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Para ello, lanza el SPROCES, pulsa SCAN, marca dicha clave y selecciona ELIMINAR
Tras reiniciar, cuentanos el resultado, gracias
saludos
ms, 10-12-2013
Nota: Y dinos si lo del Iminent se ha solucionado ... ms.
c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll
c:\windows\syswow64\nvinit.dll
Si no los encontraras, usa el ELIMOVER entrando ruta y nombre, y las copoiará en C:\muestras, desde donde te será facil enviarnoslas.
Recuerda:
Y vemos muchas sesiones de Chrome abiertas (ocho):
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
Es que continuamente lanzas nuevas sesiones de Chrome o es algo anormal de este equipo ?
y en cualquier caso, elimina esta clave:
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Para ello, lanza el SPROCES, pulsa SCAN, marca dicha clave y selecciona ELIMINAR
Tras reiniciar, cuentanos el resultado, gracias
saludos
ms, 10-12-2013
Nota: Y dinos si lo del Iminent se ha solucionado ... ms.
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
- elExposimetro
- Mensajes: 6
- Registrado: 20 Nov 2013, 18:43
Re: Dichoso Iminent
Hola de nuevo.. seguimos peleando con los fallos del pc, nosé como en un portátil nuevo con windows 8 original incluido y con un Antivirus de serie y actualizado se pueden colar tantas cosas raras que me desestabilicen el pc. De hecho no soy capaz de conectarme al router por wifi que tengo que hacerlo por cable directo mientras que la tablet si se conecta y no he tocado nada de la configuración a internet.
Bueno.. de los dos archivos señalados arriba, los .dll les he enviado el segundo para analisis de muestra, el primero he copiado la ruta c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll directamente en el Elimover y me dice que no existe, y de hecho yo busco la ruta y no la encuentro (incluso marcando ver archivos ocultos). Perlo lanzando sproces si le marca en el log.
Borré también la entrada que me dijeron: O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
En cuanto a lo que me decís del Google Chrome no estoy lanzando el explorador tanta veces, como mucho podría ser que dentro de ese navegador tenga en ocasiones 4 o 5 pestañas abiertas pero nada más.
Respecto a lo de Iminent de momento no ha vuelto a dar guerra. Esperemos que no vuelva a hacerlo o a colarse sin permiso en el equipo.
Me daba menos problemas mi antiguo portatil con windows vista que este con windows 8 que en dos meses no para de dejarme tranquilo.
Por que no detectará Elimover la ruta o el archivo si lo detecta sproces?
Bueno.. de los dos archivos señalados arriba, los .dll les he enviado el segundo para analisis de muestra, el primero he copiado la ruta c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll directamente en el Elimover y me dice que no existe, y de hecho yo busco la ruta y no la encuentro (incluso marcando ver archivos ocultos). Perlo lanzando sproces si le marca en el log.
Borré también la entrada que me dijeron: O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
En cuanto a lo que me decís del Google Chrome no estoy lanzando el explorador tanta veces, como mucho podría ser que dentro de ese navegador tenga en ocasiones 4 o 5 pestañas abiertas pero nada más.
Respecto a lo de Iminent de momento no ha vuelto a dar guerra. Esperemos que no vuelva a hacerlo o a colarse sin permiso en el equipo.
Me daba menos problemas mi antiguo portatil con windows vista que este con windows 8 que en dos meses no para de dejarme tranquilo.
Por que no detectará Elimover la ruta o el archivo si lo detecta sproces?
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Dichoso Iminent
Si la ruta\nombre indicada en el registro apunta a un fichero que ya se ha eliminado, logicamente el ELIMOVER no lo encontrará, aparte de que ya no funcionará dicha clave, aunque si no se elimina, allí quedará sion efecto.
Puede borrar dicha clave manualmente para limpiar el registro, si bien, como hemos dicho, ya no afecta.
El otro fichero resulta ser de NVIDIA y no se detectan rutinas maliciosas.
Si aun tiene algun problema con el IMINENT, indiquenoslo, y sino, pasaremos a dar el Tema por solucionado.
saludos
ms, 12-12-2013
RSPBAD
Puede borrar dicha clave manualmente para limpiar el registro, si bien, como hemos dicho, ya no afecta.
El otro fichero resulta ser de NVIDIA y no se detectan rutinas maliciosas.
Si aun tiene algun problema con el IMINENT, indiquenoslo, y sino, pasaremos a dar el Tema por solucionado.
saludos
ms, 12-12-2013
RSPBAD
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online