PC Realentizado (sobre todo al navegar)- (CERRADO)

Cerrado
metalmorfosis
Asiduo al foro
Asiduo al foro
Mensajes: 123
Registrado: 05 Ene 2005, 00:57
Ubicación: los mochis, sin. mexico

PC Realentizado (sobre todo al navegar)- (CERRADO)

Mensaje por metalmorfosis » 21 Sep 2013, 18:36

Hola buenos días, les comento que mi PC con windows 7 de un tiempo para acá se me ha hecho muy lenta. Ya pase antivirus (avast) y AntiSpyware (Spybot S&D), ambos encontraron buena cantidad de problemas pero mi Pc sigue igual. Tambien instale Tune Up Utilities para optimizar el sistema, incluso desactive funciones graficas pero sigue igual.

De antemano yo se que 1Gb de ram es poco para Windows 7 pero antes la Pc no me iva tan lenta, se tarda demasiado en abrir programas (hasta 3 minutos). Otra cosa extraña que observo es que al entrar a la pagina de Facebook se queda congelada la maquina por 1 minuto aproximadamente(Chrome), después de esto, intento iniciar sesión y me redirige a la página de login (no me marca ningún error), y me puedo ingresar hasta el segundo intento. Esto solo pasa en esta Pc.

También la pagina de inicio de los navegadores (Explorer y Chrome) se cambia a search.conduit.com, he intentado cambiarla pero al próximo inicio esta de nuevo.

He también instalado las últimas actualizaciones de Windows Update.



Les dejo mi log de HijackThis (v.2.0.4) De antemano muchas gracias



Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:30:26 a.m., on 21/09/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16686)

Boot mode: Normal



Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe

C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mario\Downloads\HijackThis.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP5C0530C4-6FDA-434A-B14B-CE708CCF1856

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Aplicación auxiliar de la Grabadora de prueba web de Microsoft 10.0 - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')

O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: Dropbox.lnk = Mario\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: GameRanger.lnk = Mario\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe

O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe



--

End of file - 22273 bytes

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 89175
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: PC Realentizado (sobre todo al navegar)

Mensaje por msc hotline sat » 22 Sep 2013, 11:10

El HJT ya es anticuado, sobre todo para el W7. En su lugar pruebe el SPROCES, que es mucho mas exhaustivo. De todas formas, empiece por probar el ELISTARA:


[quote="para DESCARGAR el ELISTARA, msc"]



http://www.zonavirus.com/descargas/elistara.asp



Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el

resultado del proceso [/quote]




y si no detectara malwares ni pidiera envio de sospechosos, lanzar el SPROCES y

pulsar en SALIR, tras lo cual generará informe en c:\sproclog.txt, que nos puede

postear para analizar:


[quote="para DESCARGAR el SPROCES, msc"]



http://www.zonavirus.com/descargas/sproces.asp


[/quote]


saludos



ms, 22-9-2013

metalmorfosis
Asiduo al foro
Asiduo al foro
Mensajes: 123
Registrado: 05 Ene 2005, 00:57
Ubicación: los mochis, sin. mexico

Re: PC Realentizado (sobre todo al navegar)

Mensaje por metalmorfosis » 22 Sep 2013, 22:47

Aqui les adjunto los log de ambas herramientas.



[b]Log de ELISTARA:[/b]



(24-5-2012 06:08:24 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Unidad G:\ Protegida



(22-9-2013 18:16:32 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: Mario.UAS

ID de Usuario: S-1-5-21-206454329-4292763015-2830404525-1001

Cadenas Víricas: 20125



Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\CONTROLLER EDITOR.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\EXCEL.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\GROOVE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\INFOPATH.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MISC.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSACCESS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSOXMLED.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSPUB.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSTORE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OIS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\ONENOTE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OUTLOOK.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\POWERPNT.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\TEAMVIEWER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\VISIO.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WAMPMANAGER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WINWORD.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(22-9-2013 18:16:45 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: rosa

ID de Usuario: S-1-5-21-206454329-4292763015-2830404525-1003

Cadenas Víricas: 20125



Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\CONTROLLER EDITOR.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\EXCEL.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\GROOVE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\INFOPATH.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MISC.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSACCESS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSOXMLED.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSPUB.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSTORE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OIS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\ONENOTE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OUTLOOK.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\POWERPNT.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\TEAMVIEWER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\VISIO.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WAMPMANAGER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WINWORD.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(22-9-2013 18:16:56 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: juanito

ID de Usuario: S-1-5-21-206454329-4292763015-2830404525-1124

Cadenas Víricas: 20125



Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\CONTROLLER EDITOR.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\EXCEL.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\GROOVE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\INFOPATH.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MISC.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSACCESS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSOXMLED.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSPUB.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSTORE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OIS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\ONENOTE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OUTLOOK.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\POWERPNT.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\TEAMVIEWER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\VISIO.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WAMPMANAGER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WINWORD.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(22-9-2013 18:17:07 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: administrador

ID de Usuario: S-1-5-21-206454329-4292763015-2830404525-500

Cadenas Víricas: 20125



Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\CONTROLLER EDITOR.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\EXCEL.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\GROOVE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\INFOPATH.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MISC.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSACCESS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSOXMLED.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSPUB.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSTORE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OIS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\ONENOTE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OUTLOOK.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\POWERPNT.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\TEAMVIEWER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\VISIO.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WAMPMANAGER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WINWORD.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(22-9-2013 18:17:17 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: juanito.UAS

ID de Usuario: S-1-5-21-2716576656-1692010773-2593291113-1104

Cadenas Víricas: 20125



Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\CONTROLLER EDITOR.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\EXCEL.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\GROOVE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\INFOPATH.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MISC.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSACCESS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSOXMLED.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSPUB.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSTORE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OIS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\ONENOTE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OUTLOOK.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\POWERPNT.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\TEAMVIEWER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\VISIO.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WAMPMANAGER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WINWORD.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(22-9-2013 18:17:28 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: juan

ID de Usuario: S-1-5-21-2903203451-3355526397-237079406-1000

Cadenas Víricas: 20125



Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\CONTROLLER EDITOR.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\EXCEL.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\GROOVE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\INFOPATH.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MISC.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSACCESS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSOXMLED.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSPUB.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSTORE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OIS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\ONENOTE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OUTLOOK.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\POWERPNT.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\TEAMVIEWER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\VISIO.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WAMPMANAGER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WINWORD.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(22-9-2013 18:17:39 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: pancho

ID de Usuario: S-1-5-21-2903203451-3355526397-237079406-1002

Cadenas Víricas: 20125



Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\CONTROLLER EDITOR.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\EXCEL.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\GROOVE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\INFOPATH.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MISC.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSACCESS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSOXMLED.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSPUB.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSTORE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OIS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\ONENOTE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OUTLOOK.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\POWERPNT.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\TEAMVIEWER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\VISIO.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WAMPMANAGER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WINWORD.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(22-9-2013 18:18:02 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: Mario

ID de Usuario: S-1-5-21-3757266208-3876375130-1726270990-1001

Cadenas Víricas: 20125



Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\CONTROLLER EDITOR.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\EXCEL.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\GROOVE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\INFOPATH.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MISC.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSACCESS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSOXMLED.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSPUB.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\MSTORE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OIS.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\ONENOTE.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\OUTLOOK.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\POWERPNT.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\TEAMVIEWER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\VISIO.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WAMPMANAGER.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Sospechosa Clave "HKLM\...\Image File Execution Options\WINWORD.EXE"

"Debugger"=""C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUAUTOREACTIVATOR32.EXE""

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(22-9-2013 18:59:25 (GMT))

EliStartPage v28.38 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 19 de Septiembre del 2013)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.7601) SERVICE PACK 1

Usuario: Mario

ID de Usuario: S-1-5-21-3757266208-3876375130-1726270990-1001

Cadenas Víricas: 20125



Lista de Acciones (por Exploración):

Explorando "C:\"

C:\Program Files\LemurLeap\UPDATELEMURLEAP.EXE --> Eliminado, Adware.LemurLeap



Nº Total de Directorios: 61666

Nº Total de Ficheros: 333739

Nº de Ficheros Analizados: 110582

Nº de Ficheros Infectados: 1

Nº de Ficheros Limpiados: 1







[b]Log de SPROCES:[/b]



(22-9-2013 19:08:43 GMT)

SProces v7.2 (c)2013 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Ultimate (v6.1.7601) Service Pack 1

Internet Explorer: (v9.10.9200.16686) 0

Equipo: MARIO-PC

Usuario: Mario

Sesión de Usuario: Mario



49 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTSVC.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\APPLEMOBILEDEVICESERVICE.EXE

C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL10.SQLEXPRESS\MSSQL\BINN\SQLSERVR.EXE

C:\PROGRAM FILES\MICROSOFT SQL SERVER\90\SHARED\SQLWRITER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE32.EXE

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVC.EXE

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVCM.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE

C:\WINDOWS\SYSTEM32\HKCMD.EXE

C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE

C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\WUAUCLT.EXE

C:\WINDOWS\SYSTEM32\IGFXSRVC.EXE

C:\WINDOWS\SYSTEM32\CTFMON.EXE

C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUNEUPUTILITIESAPP32.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE

C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\MARIO\DESKTOP\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R0 - HKUS\S-1-5-21-206454329-4292763015-2830404525-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'Mario.UAS')

R0 - HKUS\S-1-5-21-206454329-4292763015-2830404525-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'Mario.UAS')

R0 - HKUS\S-1-5-21-206454329-4292763015-2830404525-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'rosa')

R0 - HKUS\S-1-5-21-206454329-4292763015-2830404525-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'rosa')

R0 - HKUS\S-1-5-21-206454329-4292763015-2830404525-1124\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'juanito')

R0 - HKUS\S-1-5-21-206454329-4292763015-2830404525-1124\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'juanito')

R0 - HKUS\S-1-5-21-206454329-4292763015-2830404525-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'administrador')

R0 - HKUS\S-1-5-21-206454329-4292763015-2830404525-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'administrador')

R0 - HKUS\S-1-5-21-2716576656-1692010773-2593291113-1104\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'juanito.UAS')

R0 - HKUS\S-1-5-21-2716576656-1692010773-2593291113-1104\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'juanito.UAS')

R0 - HKUS\S-1-5-21-2903203451-3355526397-237079406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'juan')

R0 - HKUS\S-1-5-21-2903203451-3355526397-237079406-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'juan')

R0 - HKUS\S-1-5-21-2903203451-3355526397-237079406-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'pancho')

R0 - HKUS\S-1-5-21-2903203451-3355526397-237079406-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'pancho')

R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Aplicación auxiliar de la Grabadora de prueba web de Microsoft 10.0 - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

O3 - Toolbar: (no name) - 10 - (no file)

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKUS\S-1-5-21-206454329-4292763015-2830404525-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'rosa')

O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')

O4 - Startup: Dropbox.lnk = C:\Users\Mario\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

O4 - Startup: GameRanger.lnk = C:\Users\Mario\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart

O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\BONJOUR\MDNSNSP.DLL

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_31) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} (Java Plug-in 1.6.0_31) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_31) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL



Información Adicional:

----------------------

Clave "HKLM\...\Image File Execution Options\controller editor.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\excel.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\groove.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\infopath.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\misc.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\msaccess.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\msoxmled.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\mspub.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\mstore.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\ois.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\onenote.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\outlook.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\powerpnt.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\teamviewer.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\visio.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\wampmanager.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

Clave "HKLM\...\Image File Execution Options\Winword.exe"

"Debugger"=""C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe""

WinSys\Drivers\adp94xx.sys (de 422976 bytes) () Adaptec, Inc.

WinSys\Drivers\aswSnx.sys (de 770344 bytes) () AVAST Software

WinSys\Drivers\bxvbdx.sys (de 430080 bytes) () Broadcom Corporation

WinSys\Drivers\dxgkrnl.sys (de 728424 bytes) () Microsoft Corporation

WinSys\Drivers\elxstor.sys (de 453712 bytes) () Emulex

WinSys\Drivers\http.sys (de 513536 bytes) () Microsoft Corporation

WinSys\Drivers\ndis.sys (de 712576 bytes) () Microsoft Corporation

WinSys\Drivers\netr28u.sys (de 657408 bytes) () Ralink Technology Corp.

WinSys\Drivers\PEAuth.sys (de 586752 bytes) () Microsoft Corporation

WinSys\Drivers\spsys.sys (de 405504 bytes) () Microsoft Corporation

WinSys\Drivers\Wdf01000.sys (de 445008 bytes) () Microsoft Corporation



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: aswMonFlt - AVAST Software - C:\Windows\system32\drivers\aswMonFlt.sys

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update Servicio (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - TuneUp Software - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\System32\uxtuneup.dll



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys

O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys

O23 - Service: LGE AndroidNet USB Serial Port (AndNetDiag) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\lgandnetdiag.sys (file missing)

O23 - Service: LGE AndroidNet USB Modem (ANDNetModem) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\lgandnetmodem.sys (file missing)

O23 - Service: SAMSUNG Android Composite ADB Interface Driver (androidusb) - Google Inc - C:\WINDOWS\SYSTEM32\Drivers\ssadadb.sys

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys

O23 - Service: DroidCam Virtual Audio (DroidCam) - Dev47Apps - C:\WINDOWS\SYSTEM32\drivers\droidcam.sys

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys

O23 - Service: epmntdrv - Unknown owner - C:\Windows\system32\epmntdrv.sys

O23 - Service: EuGdiDrv - Unknown owner - C:\Windows\system32\EuGdiDrv.sys

O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys

O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys

O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd32.sys

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys

O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys

O23 - Service: mv2 - UVNC BVBA - C:\WINDOWS\SYSTEM32\DRIVERS\mv2.sys

O23 - Service: Controlador de la Tarjeta de LAN inalámbrica USB RT2870 para Vista (netr28u) - Ralink Technology Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\netr28u.sys

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys

O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys (file missing)

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys

O23 - Service: Controlador x86 NDIS Realtek 10/100 NIC Family (RTL8023xp) - Realtek Semiconductor Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\Rtnicxp.sys

O23 - Service: Controlador NT de Realtek 8167 (RTL8167) - Realtek Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\Rt86win7.sys

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys

O23 - Service: SAMSUNG Android USB Composite Device driver (WDM) (ssadbus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ssadbus.sys

O23 - Service: SAMSUNG Android USB Modem (Filter) (ssadmdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ssadmdfl.sys

O23 - Service: SAMSUNG Android USB Modem Drivers (ssadmdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ssadmdm.sys

O23 - Service: SAMSUNG Android USB Diagnostic Serial Port (WDM) (ssadserd) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ssadserd.sys

O23 - Service: SAMSUNG USB Composite Device driver (WDM) (sscdbus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdbus.sys

O23 - Service: SAMSUNG Mobile Modem Filter (sscdmdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdmdfl.sys

O23 - Service: SAMSUNG Mobile Modem Drivers (sscdmdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdmdm.sys

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys

O23 - Service: Synth3dVsc - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\synth3dvsc.sys (file missing)

O23 - Service: @%SystemRoot%\system32\drivers\tsusbhub.sys,-1 (tsusbhub) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tsusbhub.sys (file missing)

O23 - Service: TuneUpUtilitiesDrv - TuneUp Software - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys

O23 - Service: Apple Mobile USB Driver (USBAAPL) - Apple, Inc. - C:\WINDOWS\SYSTEM32\Drivers\usbaapl.sys

O23 - Service: Scientific-Atlanta USB Cable Modem Driver (USBCM) - - C:\WINDOWS\SYSTEM32\DRIVERS\Sacm2A.sys

O23 - Service: VGPU - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\rdvgkmd.sys (file missing)

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys

O23 - Service: Virtual Serial Bus Enumerator (vsbus) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vsb.sys

O23 - Service: ELTIMA Virtual Serial Ports Driver (vserial) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vserial.sys

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys

O23 - Service: XDva404 - Unknown owner - C:\Windows\system32\XDva404.sys (file missing)



Listado de Servicios (Deshabilitados):

--------------------------------------

O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe



82 Servicios.

7 de Carga Automatica.

71 de Carga Manual.

4 Deshabilitados.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 89175
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: PC Realentizado (sobre todo al navegar)

Mensaje por msc hotline sat » 23 Sep 2013, 12:42

Pues aparte de haber detectado y eliminado un malware:





C:\Program Files\LemurLeap\UPDATELEMURLEAP.EXE --> Eliminado, Adware.LemurLeap





Aparecen muchas entradas del TUNEUP UTILITIES, por lo que se recomienda desinstalarlo.





Y en el log del SPROCES, vemos estas claves que pueden eliminar:



ya que corresponde a un Toolbar de 4shared.com, segun:


[quote]
is a DLL module designed as a plugin for Microsoft's Internet Explorer web browser to provide added functionality.

Display name : 4shared.com Toolbar

File path : C:\Program Files\4shared.com\prxtb4sh2.dll

BHO CLSID : {09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
[/quote]


y esta otra que parece no ser funcionable:



O3 - Toolbar: (no name) - 10 - (no file)





y este fichero C:\Users\Mario\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe puede ser malicioso, segun:



http://incodesolutions.com/threats.php?file=ProfileFolderappdataroaminggamerangergamerangergamerangerexe



Añada .VIR a su extension y envienoslo para analizar







Y a este otro tambien, por ser sospechoso:



Image File Execution Options\mstore.exe





Una vez hecho lo indicado, reinicie y envienos los ficheros indicados, comentandonos si tras ello persiste alguna anomalía o ya se han solucionado, gracias



saludos



ms, 23-9-2013



RMXGUAD

metalmorfosis
Asiduo al foro
Asiduo al foro
Mensajes: 123
Registrado: 05 Ene 2005, 00:57
Ubicación: los mochis, sin. mexico

Re: PC Realentizado (sobre todo al navegar)

Mensaje por metalmorfosis » 24 Sep 2013, 02:45

Intentare hacerlo, en cuanto a las entradas que menciona, solo fui capaz de encontrar:



03 - Toolbar (no name) - 10 - (no file)



Las demás entradas no las encontré debido a que el SPROCES presenta unas deficiencias de programación, como son que la ventana no permite mostrar las rutas completamente (falta espacio en la ventana, que por cierto, no puede re dimensionarse ni maximizarse) y al intentar borrar la que mencione arriba me sale un mensaje de error (posiblemente porque el proceso esta en memoria), pero seguidamente me sale un mensaje de que la entrada se borro correctamente.



Posiblemente descargue una versión antigua (baje la 7.2).



En cuanto a GameRanger.exe es un programa que yo uso para jugar juegos en linea, ¿aun así podría ser sospechoso?



Tratare de borrar esas entradas manualmente y comentare los resultados, muchas gracias.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 89175
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: PC Realentizado (sobre todo al navegar)

Mensaje por msc hotline sat » 24 Sep 2013, 08:44

No es deficiencia del SPROCES, sino que, por construcción, en el proceso de SCAN, al pulsar doble click sobre las claves, es cuando se visualizan en su totalidad, sin afectarlas.



Si quiere, con cuidado, y solo si es experto, use el REGEDIT para la eliminacion de dichas claves.



Sepa que si elimina alguna clave con el SPROCES, luego se puede restaurar si es su deseo.



Y cuentenos sus progresos al respecto, gracias



saludos



ms, 24-9-2013

Juanquis
Novato
Novato
Mensajes: 1
Registrado: 28 Nov 2013, 08:31

Re: PC Realentizado (sobre todo al navegar)

Mensaje por Juanquis » 28 Nov 2013, 16:03

Normalmente me borro esas cosas manualmente - [url]http://webeducativa.net/conduit.php[/url]

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 89175
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: PC Realentizado (sobre todo al navegar)

Mensaje por msc hotline sat » 28 Nov 2013, 18:19

Este Tema es de hace mas de 2 meses ...



Recordar :



https://foros.zonavirus.com/viewtopic.php?f=1&t=17382



se cierra el Tema en consecuencia



ms, 28-11-2013

RMX+CH

Cerrado

Volver a “Foro HijackThis - copia y pega tu log”

¿Quién está conectado?

Usuarios navegando por este Foro: Bing [Bot] y 1 invitado