Ayuda con virus

Cerrado
the mappy
Mensajes: 9
Registrado: 20 Jun 2015, 09:30

Ayuda con virus

Mensaje por the mappy » 20 Jun 2015, 09:59

hola a todos tengo un problema con mi maquina le inserto una USB la abre bien la expulso y al insertarla y abrirla,

todos los archivos estan convertidos en una imagen de disco duro con acceso directo y al darle doble clic me habre

otra ventana con los archivos sin estar dañados este es el problema que tengo y mi antivirus AVIRA no me detecta nada

si me pudiera hacer el favor de ayudarme se los agradesco no quiero formatear por que tengo 2 ddr instalados el ddr 1 es el del sistema operativo con capacidad de 1 tera utilizado el 50% de su capacidad.

el ddr 2 es de 3 teras ocupado al 75% esto no es por presumir me dedico a la filmacion de video y el video HD me ocupa bastante

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con virus

Mensaje por msc hotline sat » 20 Jun 2015, 21:19

Posiblemente el pendrive tenga un virus que te haya afectado a los ficheros de tus discos duros, escondiendolos y poniendo en su lugar enlaces al virus, es lo que hacen muchos virus de este tipo.



Prueba el ELISTARA y posteanos el informe resultante, con un COPIAR Y PEGAR del contenido de c:/infosat.txt



saludos



ms, 20-6-2015

Avatar de Usuario
flacoroo
Mensajes: 6289
Registrado: 09 Mar 2004, 20:32
Ubicación: Paso del Macho,Ver.México

Re: Ayuda con virus

Mensaje por flacoroo » 23 Jun 2015, 15:09

mandanos la imagen de tu problema



Saludos
:lol: :lol: La vida es hermosa....para que complicarnosla :lol: :lol:

the mappy
Mensajes: 9
Registrado: 20 Jun 2015, 09:30

Re: Ayuda con virus

Mensaje por the mappy » 29 Jun 2015, 03:01

HOLA AMIGOS DE TANTA CHAMBA QUE TENGO AQUI ESTA EL RESULTADO



(28-6-2015 21:42:13 (GMT))

EliStartPage v32.54 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 19 de Junio del 2015)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.0) (64 bits)

Usuario: DEMON

ID de Usuario: S-1-5-21-2914038318-979438615-1519570116-1000

Cadenas Víricas: 24183



Lista de Acciones (por Acción Directa):

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(28-6-2015 22:01:26 (GMT))

EliStartPage v32.54 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 19 de Junio del 2015)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.0) (64 bits)

Usuario: UpdatusUser

ID de Usuario: S-1-5-21-2914038318-979438615-1519570116-1001

Cadenas Víricas: 24183



Lista de Acciones (por Acción Directa):

Acceso Denegado al Usuario.



(28-6-2015 22:32:52 (GMT))

EliStartPage v32.54 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 19 de Junio del 2015)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.0) (64 bits)

Usuario: UpdatusUser

ID de Usuario: S-1-5-21-2914038318-979438615-1519570116-1001

Cadenas Víricas: 24183



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 32379

Nº Total de Ficheros: 212605

Nº de Ficheros Analizados: 59164

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0

the mappy
Mensajes: 9
Registrado: 20 Jun 2015, 09:30

Re: Ayuda con virus

Mensaje por the mappy » 29 Jun 2015, 03:33

asi es como me aparece el contenido de la usb le cliqueo y abre otra ventana con los archivos intactos
Adjuntos
usb_1.jpg

the mappy
Mensajes: 9
Registrado: 20 Jun 2015, 09:30

Re: Ayuda con virus

Mensaje por the mappy » 29 Jun 2015, 03:38

esta es la segunda ventana y estan los archivos intactos la bronca que hasta en los ddr portatiles es una bronca que ya no se que hacer
Adjuntos
usb_2.png

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con virus

Mensaje por msc hotline sat » 29 Jun 2015, 07:05

Al no detectar virus conocido, veamos el informe del SPROCES para investigar al respecto.



Ejecuta el SPROCES, pulsa en SALIR y posteanos el informe resultante.



Tras analizarlo, comentaremos el resultado



ms, 29-6-2015

ALVAROP7
Mensajes: 48
Registrado: 09 Ene 2006, 22:27
Contactar:

Re: Ayuda con virus

Mensaje por ALVAROP7 » 29 Jun 2015, 20:37

BUENA TARDE



Tengo el mismo problema del virus en el usb, aunado al virus que te subraya las letras de las paginas del internet y el de cuando das click en una pagina de Internet te manda a otra que es como de publicidad. el ELISTAR no detecto nada





(29-6-2015 17:21:38 (GMT))

EliStartPage v32.59 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 29 de Junio del 2015)

--------------------------------------------------

Sistema Operativo: Windows 7 Professional (6.1.0)

Usuario: Resp Sistemas

ID de Usuario: S-1-5-21-1675859011-2920491781-431972115-1002

Cadenas Víricas: 24237



Lista de Acciones (por Acción Directa):



(29-6-2015 17:37:34 (GMT))

EliStartPage v32.59 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 29 de Junio del 2015)

--------------------------------------------------

Sistema Operativo: Windows 7 Professional (6.1.0)

Usuario: Resp Sistemas

ID de Usuario: S-1-5-21-1675859011-2920491781-431972115-1002

Cadenas Víricas: 24237



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 33982

Nº Total de Ficheros: 238003

Nº de Ficheros Analizados: 64933

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



(29-6-2015 17:46:34 (GMT))

EliStartPage v32.59 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 29 de Junio del 2015)

--------------------------------------------------

Sistema Operativo: Windows 7 Professional (6.1.0)

Usuario: Resp Sistemas

ID de Usuario: S-1-5-21-1675859011-2920491781-431972115-1002

Cadenas Víricas: 24237



Lista de Acciones (por Cierre):

Detectados Programas Potecialmente No Deseados (PUPs).

Ejecute el EliPUPs para proceder con su Desinstalación.

"Opera Stable 30.0.1835.88"

"TuneUp Utilities 2014"

"EZDownloader"

"LPT System Updater Service"















ojala pudiera ayudarme posteo lo que sale en el sprocess





(29-6-2015 18:33:05 GMT)

SProces v8.6 (c)2015 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Professional (v6.1)

Internet Explorer: (v9.0.8112.16421) 0

Equipo: RESPSIS

Usuario: Resp Sistemas

Sesión de Usuario: CEPRA01



84 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\USERS\RESP SISTEMAS\APPDATA\ROAMING\NTSVC\NTSVC.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\APPLEMOBILEDEVICESERVICE.EXE

C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE

C:\PROGRAM FILES\CHECKPOINT\SSL NETWORK EXTENDER\SLIMSVC.EXE

C:\PROGRAM FILES\INTEL\ICLS CLIENT\HECISERVER.EXE

C:\WINDOWS\SYSTEM32\IPROSETMONITOR.EXE

C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE

C:\PROGRAM FILES\LENOVO\LBAI\LBAEVENT.EXE

C:\PROGRAM FILES\NITRO PDF\PROFESSIONAL 7\NITROPDFDRIVERSERVICE2.EXE

C:\USERS\RESP SISTEMAS\APPDATA\LOCAL\RGMSERVICE\RGMUPDATER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\TEAMVIEWER\TEAMVIEWER_SERVICE.EXE

C:\USERS\RESP SISTEMAS\APPDATA\LOCAL\RGMSERVICE\RGMLOADER.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE32.EXE

C:\PROGRAM FILES\REALVNC\VNC SERVER\VNCSERVER.EXE

C:\PROGRAM FILES\WORDINATOR_1.10.0.17\SERVICE\WSVC.EXE

C:\PROGRAM FILES\REALVNC\VNC SERVER\VNCSERVER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM FILES\TUNEUP UTILITIES 2014\TUNEUPUTILITIESAPP32.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\PROGRAM FILES\DROPBOX\CLIENT\DROPBOX.EXE

C:\PROGRAM FILES\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE

C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\TP-LINK\UTILIDAD DE CONFIGURACIóN INALáMBRICA DE TP-LINK\TWCU.EXE

C:\PROGRAM FILES\MYPC BACKUP\MYPC BACKUP.EXE

C:\PROGRAM FILES\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\PROGRAM FILES\REALVNC\VNC SERVER\VNCSERVER.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE

C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE

C:\WINDOWS\SYSTEM32\MSIEXEC.EXE

C:\PROGRAM FILES\NERO\UPDATE\NASVC.EXE

C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\WINDOWS\SYSTEM32\WUDFHOST.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\WINRAR\WINRAR.EXE

C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE15\OUTLOOK.EXE

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICESOFTWAREPROTECTIONPLATFORM\OSPPSVC.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE

C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE

C:\PROGRAM FILES\WINRAR\WINRAR.EXE

C:\USERS\RESPSI~1\APPDATA\LOCAL\TEMP\RAR$EXB0.396\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchult.com/?bd=hp&oem=testsinstcr&uid=ST500DM002-1BD142_S2AJ7NJ8XXXXS2AJ7NJ8&version=2.3.0.9239&pid=414031160&tid=555

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy60EioCUAaq-wzypol6qrt5LY5hzapPM0CjPM2-US35j56j1zIxMcOe9RmJuo5aRApmKQg73DMjeu4mWkPJR8PqCTg2jmljwgPi9bzf-IgDdkloPnczjzNZ3MuSG-o2XYsUIvo-zrhRzY,&q={searchTerms}

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:14412 (0)

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)

F3 - REG:win.ini: load=C:\ProgramData\msrvc.exe

O2 - BHO: BeStSaiveForYoou - {b47eae20-0373-4e9c-9c72-63a1fa809c55} - C:\Program Files\BeStSaiveForYoou\KoeUcqA4TYnJ7C.dll (file missing)

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [2953BE27AC06FE9E8B08E93100B8355FC468281C._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service

O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')

O4 - Startup: MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe

O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (HKLM)

O9 - Extra button: Complemento Hacer clic para llamar de Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (HKLM)

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (HKLM)

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\BONJOUR\MDNSNSP.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 10.51.2) - http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} (Java Plug-in 1.6.0_22) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 10.51.2) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)



Información Adicional:

----------------------

Acceso Rapido ('Resp Sistemas'): Chrome.lnk = C:\Users\Resp Sistemas\AppData\Local\Chrome\Application\chrome.exe http://www.searchult.com/?bd=sc&oem=testsinstcr&uid=ST500DM002-1BD142_S2AJ7NJ8XXXXS2AJ7NJ8&version=2.3.0.9239&pid=414031160&tid=555

Acceso Rapido ('Resp Sistemas'): GOM Player.lnk = C:\Program Files\GRETECH\GomPlayer\GOM.EXE

Acceso Rapido ('Resp Sistemas'): Google Chrome.lnk = C:\Program Files\Google\Chrome\Application\chrome.exe http://www.searchult.com/?bd=sc&oem=testsinstcr&uid=ST500DM002-1BD142_S2AJ7NJ8XXXXS2AJ7NJ8&version=2.3.0.9239&pid=414031160&tid=555

Acceso Rapido ('Resp Sistemas'): Launch Internet Explorer Browser.lnk = C:\Program Files\Internet Explorer\iexplore.exe http://www.searchult.com/?bd=sc&oem=testsinstcr&uid=ST500DM002-1BD142_S2AJ7NJ8XXXXS2AJ7NJ8&version=2.3.0.9239&pid=414031160&tid=555

Acceso Rapido ('Resp Sistemas'): Microsoft Outlook.lnk = C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE /recycle

Acceso Rapido ('Resp Sistemas'): Nero Express.lnk = C:\Program Files\Nero\Core\nero.exe /w

Acceso Rapido ('Resp Sistemas'): Shows Desktop.lnk =

Acceso Rapido ('Resp Sistemas'): VNC Viewer.lnk = C:\Program Files\RealVNC\VNC Viewer\vncviewer.exe

Acceso Rapido ('Resp Sistemas'): Window Switcher.lnk =

Ext.Google Chrome. ('Resp Sistemas') Id: aapocclcgogkmnckokdopfmhonfmgoek

Ext.Google Chrome. ('Resp Sistemas') Id: aohghmighlieiainnegkcijnfilokake

Ext.Google Chrome. ('Resp Sistemas') Id: apdfllckaahabafndbhieahigkjlhalf

Ext.Google Chrome. ('Resp Sistemas') Id: blpcfgokakmgnkcojhhkbfbldkacnbeo

Ext.Google Chrome. ('Resp Sistemas') Id: cchjabbpienhimbelhmapejpadmeoajm

Ext.Google Chrome. ('Resp Sistemas') Id: cfhdojbkjhnklbpkdaibdccddilifddb

Ext.Google Chrome. ('Resp Sistemas') Id: coobgpohoikkiipiblmjeljniedjpjpf

Ext.Google Chrome. ('Resp Sistemas') Id: felcaaldnbdncclmgdcncolpebgiejap

Ext.Google Chrome. ('Resp Sistemas') Id: gighmmpiobklfepjocnamgkkbiglidom

Ext.Google Chrome. ('Resp Sistemas') Id: lccekmodgklaepjeofjdjpbminllajkg

Ext.Google Chrome. ('Resp Sistemas') Id: lcobmakfmlflmcmaphfifdinfocpnjmh

Ext.Google Chrome. ('Resp Sistemas') Id: lmjegmlicamnimmfhcmpkclmigmmcbeh

Ext.Google Chrome. ('Resp Sistemas') Id: nafaimnnclfjfedmmabolbppcngeolgf

Ext.Google Chrome. ('Resp Sistemas') Id: nmmhkkegccagdldgiimedpiccmgmieda

Ext.Google Chrome. ('Resp Sistemas') Id: pjkljhegncpnkpknbcohdijeoejaedia

DataBases Google Chrome. ('Resp Sistemas'): Databases.db

DataBases Google Chrome. ('Resp Sistemas'): Databases.db-journal

Tarea Programada: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

Tarea Programada: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

Tarea Programada: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

Tarea Programada: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1675859011-2920491781-431972115-1002Core.job

Tarea Programada: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1675859011-2920491781-431972115-1002UA.job

Tarea Programada: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf6bc5381c669c.job

Tarea Programada: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6bc53b7d2a75.job



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: TroubleFix (7a7e367c) - Unknown owner - C:\Windows\system32\rundll32.exe" "c:\Program Files\TroubleFix\TroubleFix.dll (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe

O23 - Service: Servicio de Actualización de Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe

O23 - Service: Google Update Servicio (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe

O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

O23 - Service: Lenovo LBA Event Service (LBAEvent) - Lenovo - C:\Program Files\Lenovo\LBAI\LBAEvent.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: LPT System Updater Service (LPTSystemUpdater) - Unknown owner - C:\Program Files\LPT\srpts.exe

O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: NitroPDFDriverCreatorReadSpool2 (NitroDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe

O23 - Service: RG Manage Updater (RGMUpdater) - Unknown owner - C:\Users\Resp Sistemas\AppData\Local\RGMService\RGMUpdater.exe

O23 - Service: Net Service Event Handler (Sed) - Navigation - C:\Users\Resp Sistemas\AppData\Roaming\ntsvc\ntsvc.exe

O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe

O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

O23 - Service: VNC Server (vncserver) - RealVNC Ltd - C:\Program Files\RealVNC\VNC Server\vncserver.exe

O23 - Service: WN 1.10.0.17 Client Service (wsvc_1.10.0.17) - WN - C:\Program Files\Wordinator_1.10.0.17\Service\wsvc.exe



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys

O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\djsvs.sys

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\drivers\amdsbs.sys

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\bxvbdx.sys

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys

O23 - Service: Controlador de filtro inferior de almacenamiento USB Brother (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltLo.sys

O23 - Service: Controlador de filtro superior de almacenamiento USB Brother (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltUp.sys

O23 - Service: Controlador de interfaz de puerto serie Brother MFC (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys

O23 - Service: Controlador serie WDM de Brother (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys

O23 - Service: Módem Brother MFC USB sólo Fax (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys

O23 - Service: Controlador WDM de serie USB Brother MFC (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys

O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe

O23 - Service: cpuz134 - Unknown owner - C:\Users\RESPSI~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys (file missing)

O23 - Service: Servicio de Actualización de Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe

O23 - Service: Intel(R) PRO/1000 PCI Express Network Connection Driver C (e1cexpress) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e1c6232.sys

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\evbdx.sys

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys

O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys

O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys

O23 - Service: iaStorV - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys

O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd32.sys

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Controlador del concentrador Intel(R) USB 3.0 (iusb3hub) - Intel Corporation - C:\WINDOWS\system32\drivers\iusb3hub.sys

O23 - Service: Controlador de la controladora de host Intel(R) USB 3.0 eXtensible (iusb3xhc) - Intel Corporation - C:\WINDOWS\system32\drivers\iusb3xhc.sys

O23 - Service: Lenovo application interface driver (LBAI) - Lenovo - C:\WINDOWS\System32\Drivers\LBAI.sys

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_fc.sys

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas.sys

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas2.sys

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_scsi.sys

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\MegaSR.sys

O23 - Service: Intel(R) Management Engine Interface (MEI) - Intel Corporation - C:\WINDOWS\system32\drivers\HECI.sys

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Controlador de la Tarjeta de LAN inalámbrica USB RT2870 para Vista (netr28u) - Ralink Technology Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\netr28u.sys

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys

O23 - Service: Wireless LAN 802.11n USB 2.0 Network Adapter (RtlWlanu) - Realtek Semiconductor Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\rtwlanu.sys

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\drivers\SiSRaid2.sys

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\drivers\stexstor.sys

O23 - Service: TuneUpUtilitiesDrv - TuneUp Software - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys

O23 - Service: Apple Mobile USB Driver (USBAAPL) - Apple, Inc. - C:\WINDOWS\SYSTEM32\Drivers\usbaapl.sys

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys

O23 - Service: VMware VMCI Bus Driver (vmci) - Unknown owner - C:\WINDOWS\system32\DRIVERS\vmci.sys (file missing)

O23 - Service: VMware Virtual Ethernet Adapter Driver (VMnetAdapter) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetadapter.sys (file missing)

O23 - Service: Check Point Virtual Network Adapter (VNA) - Check Point Software Technologies - C:\WINDOWS\SYSTEM32\DRIVERS\vna.sys

O23 - Service: vncmirror - RealVNC Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\vncmirror.sys

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys



Listado de Servicios (Deshabilitados):

--------------------------------------



84 Servicios.

22 de Carga Automatica.

62 de Carga Manual.

0 Deshabilitados.



Listado de Programas Instalados:

--------------------------------

Paquete de controladores de Windows - Arduino LLC (http://www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) -> C:\PROGRA~1\DIFX\25C232B9F73C1237\dpinst-x86.exe /u C:\Windows\System32\DriverStore\FileRepository\arduino.inf_x86_neutral_844213a156728dfe\arduino.inf

4K Video Downloader 3.5 -> "C:\Program Files\4KDownload\4kvideodownloader\unins000.exe"

Adobe Flash Player 12 ActiveX -> C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_70_ActiveX.exe -maintain activex

Adobe Flash Player 16 NPAPI -> C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_235_Plugin.exe -maintain plugin

CCleaner -> "C:\Program Files\CCleaner\uninst.exe"

Adobe Download Assistant -> msiexec /qb /x {B8B7838E-449E-B187-57E1-1AA686F225DC}

Comanche 4 (remove only) -> "C:\Program Files\Comanche 4\Uninstall.exe"

Dropbox -> "C:\Program Files\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE

Edraw Mind Map 7.5 -> "C:\Program Files\Edraw Mind Map\unins000.exe"

GOM Player -> "C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"

Google Chrome -> "C:\Program Files\Google\Chrome\Application\43.0.2357.130\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Mozilla Firefox 37.0.2 (x86 es-MX) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"

Mozilla Thunderbird 31.1.2 (x86 es-ES) -> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe

Mozilla Maintenance Service -> "C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

Nero 7.5.9.0 -> "C:\Program Files\Nero\unins000.exe"

Opera Stable 30.0.1835.88 -> "C:\Program Files\Opera\Launcher.exe" /uninstall

Intel(R) Network Connections 16.8.46.0 -> MsiExec.exe /i{6438A99C-A37E-4758-A0AE-95F8A63AAFF5} ARPREMOVE=1

VNC Viewer 5.0.3 -> "C:\Program Files\RealVNC\VNC Viewer\unins000.exe"

VNC Server 5.0.3 -> "C:\Program Files\RealVNC\VNC Server\unins000.exe"

RGMUpdater Monetization Control -> C:\ProgramData\Packercc56729e-9fc2-4c79-a5a8-77edc7087390\25688.exe {"packer":{"runMode":"unpacker"}}

Searchult -> C:\Users\Resp Sistemas\AppData\Roaming\Searchult\uninstall.exe

SHARP MX/MX-M Series PCL/PS Printer Driver -> C:\Program Files\InstallShield Installation Information\{673E2CB8-8306-4F99-9DF9-6492C2F57072}\setup.exe -l000a -uninst ss0eis.sii

TeamViewer 10 -> C:\Program Files\TeamViewer\uninstall.exe

TuneUp Utilities 2014 -> C:\Program Files\TuneUp Utilities 2014\TUInstallHelper.exe --Trigger-Uninstall

VNC Mirror Driver 1.8.0 -> "C:\Program Files\RealVNC\VNC Server\Mirror Driver\unins000.exe"

VNC Printer Driver 1.8.0 -> "C:\Program Files\RealVNC\VNC Server\Printer Driver\unins000.exe"

WinRAR 4.20 (32-bit) -> C:\Program Files\WinRAR\uninstall.exe

Wordinator 1.10.0.17 -> C:\Program Files\Wordinator_1.10.0.17\Uninstall.exe

Ubuntu -> C:\ubuntu\uninstall-wubi.exe

Dropbox Update Helper -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94}

EZDownloader -> "C:\Program Files\EZDownloader\unins000.exe"

Facebook Video Calling 3.1.0.521 -> MsiExec.exe /X{2091F234-EB58-4B80-8C96-8EB78C808CF7}

Nero SharedVideoCodecs -> MsiExec.exe /X{2432E589-6256-4513-B0BF-EFA8E325D5F0}

Java(TM) 6 Update 22 -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}

Java 7 Update 51 -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF}

Sharpdesk -> MsiExec.exe /X{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}

Cuevana Storm versión 0.3b -> "C:\Program Files\Cuevana Storm\unins001.exe"

Utilidad de configuración inalámbrica de TP-LINK -> "C:\Program Files\InstallShield Installation Information\{319D91C6-3D44-436C-9F79-36C0D22372DC}\setup.exe" -runfromtemp -l0x000a -removeonly

BlockIt Ad remover -> "C:\ProgramData\BlockIt Ad remover\BlockIt Ad remover.exe" /progname=BlockIt Ad remover /progver=3.4.2 /progpub=BlockIt Ad remover /proguninstallurl=asdahjka.com /deleteappfolder=0 /VERYSILENT

iTunes -> MsiExec.exe /I{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}

TP-LINK TL-WN725N_TL-WN723N Controlador -> "C:\Program Files\InstallShield Installation Information\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}\setup.exe" -runfromtemp -l0x000a -removeonly DriverOnly

QuickTime 7 -> MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}

Intel(R) Rapid Storage Technology -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall

Apple Application Support (32 bits) -> MsiExec.exe /I{447CDCE5-F555-429B-BFA6-642C3C6D684F}

Google Update Helper -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}

swMSM -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

Intel(R) Network Connections 16.8.46.0 -> MsiExec.exe /i{6438A99C-A37E-4758-A0AE-95F8A63AAFF5} ARPREMOVE=1

Intel(R) Management Engine Components -> C:\Program Files\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall

Nero Update -> MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}

VoiceOver Kit -> MsiExec.exe /I{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}

iCloud -> MsiExec.exe /I{760BB327-3973-4608-85C8-88162E2FF3B6}

Apple Software Update -> MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

Bonjour -> MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}

Nitro Pro 7 -> MsiExec.exe /X{7A2F6840-426B-487C-AD36-71AE3ABFDC31}

Google Earth -> MsiExec.exe /I{817750FA-EC6A-485D-9901-0683AE6FFDF1}

Microsoft Silverlight -> MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) -> MsiExec.exe /I{8D6181F3-CACB-4B48-8B08-981F3A7F318B}

LibreOffice 4.2.5.2 -> MsiExec.exe /I{8D8F47B2-0E03-4C50-9803-A01120878F96}

Microsoft Access MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0015-0C0A-0000-0000000FF1CE}

Microsoft Excel MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0016-0C0A-0000-0000000FF1CE}

Microsoft PowerPoint MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0018-0C0A-0000-0000000FF1CE}

Microsoft Publisher MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0019-0C0A-0000-0000000FF1CE}

Microsoft Outlook MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-001A-0C0A-0000-0000000FF1CE}

Microsoft Word MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-001B-0C0A-0000-0000000FF1CE}

Microsoft InfoPath MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0044-0C0A-0000-0000000FF1CE}

Microsoft DCF MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0090-0C0A-0000-0000000FF1CE}

Microsoft OneNote MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-00A1-0C0A-0000-0000000FF1CE}

Microsoft Groove MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-00BA-0C0A-0000-0000000FF1CE}

Microsoft Lync MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-012B-0C0A-0000-0000000FF1CE}

Check Point SSL Network Extender -> MsiExec.exe /X{955b86ef-8dbc-4a6e-a3a5-f04f0b6a8e68}

Nero Burning ROM 2014 -> MsiExec.exe /I{972A1A15-5B3D-4096-BAE1-3F37974664A6}

Nero ControlCenter -> MsiExec.exe /X{ABC88553-8770-4B97-B43E-5A90647A5B63}

Muvic Smartbar -> MsiExec.exe /X{AFF1052D-3D75-4A4F-9513-26A65E1F5E6D} /quiet

Nero Burning Core -> MsiExec.exe /X{B166374C-105E-445E-8E5D-A86CA5742645}

Adobe Download Assistant -> MsiExec.exe /I{B8B7838E-449E-B187-57E1-1AA686F225DC}

LPT System Updater Service -> MsiExec.exe /I{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}

Intel® Trusted Connect Service Client -> MsiExec.exe /I{BCED7487-44BC-487C-94CF-824AB27909E0}

Nero Core Components -> MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}

MySQL Connector/ODBC 3.51 -> MsiExec.exe /I{C0D3D93F-C200-4F45-A7B0-4B7753E18590}

Python 2.7.6 -> MsiExec.exe /I{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}

LBAI -> "C:\Program Files\InstallShield Installation Information\{C5C91B7B-38A6-40B7-84D6-E44885E44B13}\setup.exe" -runfromtemp -l0x040a -removeonly

Cuevana Storm versión 0.1b -> "C:\Program Files\Cuevana Storm\unins000.exe"

Google Drive -> MsiExec.exe /X{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}

Nero ControlCenter Help (CHM) -> MsiExec.exe /X{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}

aTube Catcher versión 3.8 -> "C:\Program Files\DsNET Corp\aTube Catcher 2.0\unins000.exe"

Apple Mobile Device Support -> MsiExec.exe /I{E1DB0812-2D60-43DB-AE09-6C7027D93B28}

Intel(R) Processor Graphics -> C:\Program Files\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall

Nero Burning ROM -> MsiExec.exe /X{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}

Nero Burning ROM Help (CHM) -> MsiExec.exe /X{FA78CC15-9F90-443B-BA61-A66595F06432}

OpenOffice 4.0.0 -> MsiExec.exe /I{FBD275C7-DD8C-4056-BD4F-5ECC1A56DE6A}

SCO -> rundll32.exe dfshim.dll,ShArpMaintain SCO.application, Culture=neutral, PublicKeyToken=8ec0833ef345ff1f, processorArchitecture=x86

Chromium Browser -> "C:\Users\Resp Sistemas\AppData\Local\Chrome\Application\41.0.2231.0\Installer\setup.exe" --uninstall

Popcorn Time -> C:\Users\Resp Sistemas\AppData\Local\Popcorn Time\Uninstall.exe

Songr -> C:\Users\Resp Sistemas\AppData\Local\Songr\Uninstall.exe

Muvic Smartbar Engine -> MsiExec.exe /X{AFF1052D-3D75-4A4F-9513-26A65E1F5E6D} /quiet ENGINE=1

the mappy
Mensajes: 9
Registrado: 20 Jun 2015, 09:30

Re: Ayuda con virus

Mensaje por the mappy » 30 Jun 2015, 07:28

HOLA BUENA NOCHE AQUI ESTA EL RESULTADO......





(30-6-2015 05:18:11 GMT)

SProces v8.6 (c)2015 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Ultimate (v6.1) (64 bits)

Internet Explorer: (v9.11.9600.17843) 0

Equipo: DEMON-PC

Usuario: DEMON

Sesión de Usuario: DEMON



74 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\NVVSVC.EXE

C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\3D VISION\NVSCPAPISVR.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\NVXDSYNC.EXE

C:\WINDOWS\SYSTEM32\NVVSVC.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\ESET\ESET SMART SECURITY\X86\EKRN.EXE

C:\WINDOWS\SYSTEM32\GFEXPERIENCESERVICE.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE

C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NETSERVICE\NVNETWORKSERVICE.EXE

C:\WINDOWS\SYSTEM32\NVSTREAMSVC.EXE

C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEO.EXE

C:\WINDOWS\SYSTEM32\RICHVIDEO64.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\NVSTREAMNETWORKSERVICE.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\WUDFHOST.EXE

C:\WINDOWS\SYSTEM32\NVSTREAMSVC.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\WINDOWS\SYSTEM32\EXPLORER.EXE

C:\WINDOWS\SYSTEM32\RAVCPL64.EXE

C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\UPDATE CORE\NVBACKEND.EXE

C:\WINDOWS\SYSTEM32\EGUI.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\LIGHTSCRIBE\LIGHTSCRIBECONTROLPANEL.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\AHEAD\LIB\NMBGMONITOR.EXE

C:\PROGRAM FILES (X86)\SONY\SONY PICTURE UTILITY\PMBCORE\SPUVOLUMEWATCHER.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\AHEAD\LIB\NMINDEXINGSERVICE.EXE

C:\PROGRAM FILES (X86)\CYBERLINK\POWER2GO\CLMLSVC.EXE

C:\PROGRAM FILES (X86)\CYBERLINK\POWERDVD10\PDVD10SERV.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\AHEAD\LIB\NMINDEXSTORESVR.EXE

C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\BRS.EXE

C:\PROGRAM FILES (X86)\EPSON SOFTWARE\EVENT MANAGER\EEVENTMANAGER.EXE

C:\WINDOWS\SYSTEM32\NVTRAY.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\WINDOWS\SYSWOW64\MSIEXEC.EXE

C:\WINDOWS\SYSTEM32\CCLEANER64.EXE

C:\WINDOWS\SYSTEM32\GWX.EXE

C:\WINDOWS\SYSTEM32\UNSECAPP.EXE

C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE

C:\WINDOWS\SYSTEM32\WMPNETWK.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\NERO\NERO 7\NERO STARTSMART\NEROSTARTSMART.EXE

C:\WINDOWS\SYSTEM32\TRUSTEDINSTALLER.EXE

C:\PROGRAM FILES (X86)\NERO\NERO 7\CORE\NERO.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\PROGRAM FILES (X86)\NERO\NERO 7\CORE\NERO.EXE

C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGIN-CONTAINER.EXE

C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_18_0_0_160.EXE

C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_18_0_0_160.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\USERS\DEMON\DOWNLOADS\SPROCES.EXE

C:\WINDOWS\SYSTEM32\MPCMDRUN.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SPROCES

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

F3 - REG:win.ini: load=C:\ProgramData\msrfxqx.exe

O2 - BHO (x86): AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O4 - HKCU\..\Run: [EPSON TX110 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBL.EXE /FU "C:\Windows\TEMP\E_S7EA1.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [AdobeBridge]

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Wow6432Node\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Wow6432Node\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Wow6432Node\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Wow6432Node\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Wow6432Node\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

O4 - HKLM\..\Wow6432Node\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe

O4 - HKLM\..\Wow6432Node\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Wow6432Node\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')

O4 - Startup: Herramienta de búsqueda de soportes de PMB.lnk = C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe /noballoononstart

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (HKLM x86)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics (x86)

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

O21 - SSODL (x86): WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)



Información Adicional:

----------------------

Acceso Rapido ('DEMON'): Launch Internet Explorer Browser.lnk = C:\Program Files (x86)\Internet Explorer\iexplore.exe

Acceso Rapido ('DEMON'): Nero Home.lnk = C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8

Acceso Rapido ('DEMON'): Nero StartSmart.lnk = C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8

Acceso Rapido ('DEMON'): Shows Desktop.lnk =

Acceso Rapido ('DEMON'): Window Switcher.lnk =

Tarea Programada: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: CyberLink Product - 2015/01/04 18:27:46 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

O23 - Service: epfw - ESET - C:\WINDOWS\SYSTEM32\DRIVERS\epfw.sys

O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: Philips SAA713x PCI Card (3xHybr64) - Crypto SA - C:\WINDOWS\SYSTEM32\DRIVERS\3xHybr64.sys

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\drivers\amdsbs.sys

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\bxvbda.sys

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltLo.sys

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltUp.sys

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\evbda.sys

O23 - Service: ECSIoDriver_1_1_0_0 - Unknown owner - C:\Users\DEMON\AppData\Local\Temp\is-C6H7O.tmp\ECSIoDriverX64.sys (file missing)

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys

O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys

O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHD64.sys

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_fc.sys

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas.sys

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas2.sys

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_scsi.sys

O23 - Service: MBAMSwissArmy - Unknown owner - C:\Windows\system32\drivers\MBAMSwissArmy.sys (file missing)

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\MegaSR.sys

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: Service for NVIDIA High Definition Audio Driver (NVHDA) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\drivers\nvhda64v.sys

O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nvlddmkm.sys

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys

O23 - Service: NvStreamKms - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys

O23 - Service: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) (nvvad_WaveExtensible) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\drivers\nvvad64v.sys

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys

O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek - C:\WINDOWS\SYSTEM32\DRIVERS\Rt64win7.sys

O23 - Service: %RTL8192cu.DeviceDesc.DispName% (RTL8192cu) - Realtek Semiconductor Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\rtwlanu.sys

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\drivers\SiSRaid2.sys

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\drivers\stexstor.sys

O23 - Service: AMD USB Filter Driver (usbfilter) - Advanced Micro Devices - C:\WINDOWS\SYSTEM32\DRIVERS\usbfilter.sys

O23 - Service: VGPU - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\rdvgkmd.sys (file missing)

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys



Listado de Servicios (Deshabilitados):

--------------------------------------



66 Servicios.

11 de Carga Automatica.

55 de Carga Manual.

0 Deshabilitados.



Listado de Programas Instalados:

--------------------------------

Paquete de controladores de Windows - Realtek (RTL8167) Net (03/04/2010 7.017.0304.2010) -> C:\PROGRA~1\DIFX\F4092DA208C2C970\Install64.exe /u C:\Windows\System32\DriverStore\FileRepository\rt64win7.inf_amd64_neutral_63bfdf0bdc2e0684\rt64win7.inf

CCleaner -> "C:\Program Files\CCleaner\uninst.exe"

Desinstalador de impresoras EPSON TX110 Series -> C:\Windows\system32\spool\DRIVERS\x64\3\E_IINSFBL.EXE /R /APD /P:"EPSON TX110 Series"

NewBlue Video Essentials for PowerDirector -> "C:\Program Files\CyberLink\Shared files\Plugin\NewBlue\UninstallVideoEssentialsBundleForPDR12.exe"

proDAD Adorage 3.0 (64bit) -> "C:\Program Files\proDAD\Adorage-3.0\uninstall.exe" uninstall spcp PATHVERSION "3.0" MAINNAME "Adorage"

ATI Catalyst Install Manager -> msiexec /q/x{0C798FBB-2BA6-D113-C055-936965550F33} REBOOT=ReallySuppress

ESET Smart Security -> MsiExec.exe /I{1E78D605-B10E-489D-BEA4-CD0F5E341BE0}

NVIDIA Controlador de 3D Vision 347.09 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision

NVIDIA Controlador de gráficos 347.09 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver

NVIDIA GeForce Experience 2.4.5.28 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience

NVIDIA Controlador de la controladora 3D Vision 347.09 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB

NVIDIA Software del sistema PhysX 9.14.0702 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX

NVIDIA Controlador de audio HD 1.3.33.0 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver

Vegas Pro 13.0 (64-bit) -> MsiExec.exe /X{D3B9508F-6A9B-11E4-8482-F04DA23A5C58}

MSVCRT Redists -> MsiExec.exe /I{D66B7840-6A9B-11E4-8FED-F04DA23A5C58}

CyberLink PowerDirector 12 -> "C:\Program Files (x86)\InstallShield Installation Information\{E1646825-D391-42A0-93AA-27FA810DA093}\setup.exe" /z-uninstall

Adobe AIR -> C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe Flash Player 18 NPAPI -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_160_Plugin.exe -maintain plugin

Adobe Help Manager -> msiexec /qb /x {AF37176A-78CA-545B-34EF-8B6A21514DD1}

DVD Shrink 3.2 -> "C:\Program Files (x86)\DVD Shrink\unins000.exe"

eBLU -> "C:\Program Files (x86)\ECS Motherboard Utility\eBLU\unins000.exe"

eDLU -> "C:\Program Files (x86)\ECS Motherboard Utility\eDLU\unins000.exe"

EPSON Scan -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r

LG CyberLink Media Suite -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

SmartSound Quicktracks 5 -> "C:\Program Files (x86)\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly

LG Burning Tool -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

LG CyberLink MediaShow -> "C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall

LG CyberLink PowerProducer -> "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall

LG CyberLink LabelPrint -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

LG CyberLink PowerDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall

CyberLink PowerDirector 12 -> "C:\Program Files (x86)\InstallShield Installation Information\{E1646825-D391-42A0-93AA-27FA810DA093}\setup.exe" /z-uninstall

LG CyberLink MediaEspresso -> "C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall

Mozilla Firefox 38.0.5 (x86 es-ES) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"

Mozilla Maintenance Service -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"

NewBlue Titler Pro for Windows -> "C:\Program Files (x86)\NewBlue\Titler Pro for Windows\Uninstall.exe"

NewBlue Video Essentials for Windows -> "C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Uninstall.exe"

NewBlue Video Essentials V for Windows -> "C:\Program Files (x86)\NewBlue\Video Essentials V for Windows\Uninstall.exe"

NVIDIA 3D Vision Controller Driver -> "C:\Program Files (x86)\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe" -runfromtemp -l0x0009 -removeonly

NVIDIA Stereoscopic 3D Driver -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask

Xiph.Org Open Codecs 0.85.17777 -> C:\Program Files (x86)\Xiph.Org\Open Codecs\uninst.exe

SIMPLE 4.5W -> "C:\Program Files (x86)\SIMPLE45W\miniuins.exe"

Compresor WinRAR -> C:\Program Files (x86)\WinRAR\uninstall.exe

eJIFFY -> "C:\ejiffy\unins000.exe"

LG CyberLink Media Suite -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

Acrobat.com -> MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}

LG CyberLink BD Advisor -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}\Setup.exe" -uninstall

SmartSound Quicktracks 5 -> MsiExec.exe /I{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}

TP-LINK Wireless Configuration Utility -> "C:\Program Files (x86)\InstallShield Installation Information\{319D91C6-3D44-436C-9F79-36C0D22372DC}\setup.exe" -runfromtemp -l0x0009 -removeonly

CyberLink WaveEditor 2 -> C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}

QuickTime 7 -> MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}

LG Burning Tool -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

Compatibilidad con Aplicaciones de Apple -> MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D}

Adobe After Effects CS6 -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{4817D846-700B-474E-A31B-80892B3E92E3}"

Epson Event Manager -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\Setup.exe" -l0xa -u

neroxml -> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

Apple Software Update -> MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

CyberLink AudioDirector 5 -> C:\Program Files (x86)\NSIS Uninstall Information\{78D01FB2-57B6-4612-89EC-5B19A93E5F43}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{78D01FB2-57B6-4612-89EC-5B19A93E5F43}

LG CyberLink MediaShow -> "C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall

MSXML 4.0 SP2 (KB954430) -> MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

AMD USB Filter Driver -> MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850}

Adobe Reader 9.1 -> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}

ABBYY FineReader 6.0 Sprint -> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}

Adobe Help Manager -> MsiExec.exe /I{AF37176A-78CA-545B-34EF-8B6A21514DD1}

NVIDIA PhysX -> MsiExec.exe /I{B455E95A-B804-439F-B533-336B1635AE97}

LG CyberLink PowerProducer -> "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall

CyberLink PowerDirector 13 -> C:\Program Files (x86)\NSIS Uninstall Information\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}

LG CyberLink LabelPrint -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

Nero 7 Premium -> MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301033}

Sony Picture Utility -> C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x000a uninstall -removeonly

LG CyberLink PowerDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall

LightScribe System Software -> MsiExec.exe /X{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}

LG CyberLink MediaEspresso -> "C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall

Adobe Photoshop CS -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0xa

Realtek High Definition Audio Driver -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly

ENLTV-FM3 Driver Setup -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F60BCCC3-561F-47BE-B1F9-8F208617B830}\setup.exe" -l0xa -removeonly

MSXML 4.0 SP2 (KB973688) -> MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

VirtualDJ PRO Full -> MsiExec.exe /I{F77E7AB3-A8D4-4049-A0B1-A84E12121AFB}

TP-LINK TL-WN8200ND Driver -> "C:\Program Files (x86)\InstallShield Installation Information\{FDA7E907-6539-42C1-9721-0239C281B336}\setup.exe" -runfromtemp -l0x0009 -removeonly DriverOnly

Adobe AIR -> MsiExec.exe /I{FE23D063-934D-4829-A0D8-00634CE79B4A}







ESTO FUE EL RESULTADO QUE MEDIO ESPERO SUS COMENTARIOS... GRACIAS Y SALU2.

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con virus

Mensaje por msc hotline sat » 30 Jun 2015, 07:53

Pues de entrada vemos que tiene PUPS que debe desinstalar.

Lance el ELIPUPS, marque los que le indique al final y seleccione DESINSTALAR



Luego se ven redirecciones al final de los enlaces directos a los navegadores. Pulse boton derecho sobre el link de acceso a ellos, y vea que en PRPIEDADES -destino , detras del .Exe hay un añadido:



http://www.searchult.com/?bd=sc&oem=testsinstcr&uid=ST500DM002-1BD142_S2AJ7NJ8XXXXS2AJ7NJ8&version=2.3.0.9239&pid=414031160&tid=555



. Elimina dicho añadido y salva los nuevos enlaces.



Aparte hay varios ficheros sospechosos que conviene aparcar añadiendo .VIR a su extension, y luego envienoslos para analizar.



Procede con ello con los siguientes ficheros :



C:\USERS\RESP SISTEMAS\APPDATA\ROAMING\NTSVC\NTSVC.EXE



Luego sigo

the mappy
Mensajes: 9
Registrado: 20 Jun 2015, 09:30

Re: Ayuda con virus

Mensaje por the mappy » 30 Jun 2015, 08:38

HOLA YA NO SE SI FUE PARA MI LA RESPUESTA PERO DE TODOS MODOS AQUI ESTA EL RESULTADO QUE ME DIO EL EliPups





(30-6-2015 06:19:47 (GMT))

EliPUPs v2.35 (c)2015 S.G.H. / Satinfo S.L. (Modificado el 23 de Junio del 2015)

-------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.NULL2) NULL2 (64 bits)



Lista de Todos los Programas Instalados.

Descripción -> Cadena de Desinstalación.

----------------------------------------

Paquete de controladores de Windows - Realtek (RTL8167) Net (03/04/2010 7.017.0304.2010) -> C:\PROGRA~1\DIFX\F4092DA208C2C970\Install64.exe /u C:\Windows\System32\DriverStore\FileRepository\rt64win7.inf_amd64_neutral_63bfdf0bdc2e0684\rt64win7.inf

CCleaner -> "C:\Program Files\CCleaner\uninst.exe"

Desinstalador de impresoras EPSON TX110 Series -> C:\Windows\system32\spool\DRIVERS\x64\3\E_IINSFBL.EXE /R /APD /P:"EPSON TX110 Series"

NewBlue Video Essentials for PowerDirector -> "C:\Program Files\CyberLink\Shared files\Plugin\NewBlue\UninstallVideoEssentialsBundleForPDR12.exe"

proDAD Adorage 3.0 (64bit) -> "C:\Program Files\proDAD\Adorage-3.0\uninstall.exe" uninstall spcp PATHVERSION "3.0" MAINNAME "Adorage"

ATI Catalyst Install Manager -> msiexec /q/x{0C798FBB-2BA6-D113-C055-936965550F33} REBOOT=ReallySuppress

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 -> MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}

ESET Smart Security -> MsiExec.exe /I{1E78D605-B10E-489D-BEA4-CD0F5E341BE0}

Microsoft .NET Framework 4.5.2 -> MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 -> MsiExec.exe /X{2DFD8316-9EF1-3210-908C-4CB61961C1AC}

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 -> MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 -> MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 -> MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}

Microsoft Office Office 64-bit Components 2007 -> MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}

Microsoft Office Shared 64-bit MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-002A-0C0A-1000-0000000FF1CE}

Microsoft .NET Framework 4.5.2 -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64

Microsoft .NET Framework 4.5.1 (español) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\ESN\\Setup.exe /repair /x86 /x64 /lcid 3082

Microsoft Visual C++ 2005 Redistributable (x64) -> MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}

NVIDIA Controlador de 3D Vision 347.09 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision

NVIDIA Controlador de gráficos 347.09 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver

NVIDIA GeForce Experience 2.4.5.28 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience

NVIDIA Controlador de la controladora 3D Vision 347.09 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB

NVIDIA Software del sistema PhysX 9.14.0702 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX

NVIDIA Controlador de audio HD 1.3.33.0 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 -> MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}

Vegas Pro 13.0 (64-bit) -> MsiExec.exe /X{D3B9508F-6A9B-11E4-8482-F04DA23A5C58}

MSVCRT Redists -> MsiExec.exe /I{D66B7840-6A9B-11E4-8FED-F04DA23A5C58}

Microsoft .NET Framework 4.5.1 (ESN) -> MsiExec.exe /X{D6E5E5FE-83CF-3CFC-AF7A-11F05613705B}

CyberLink PowerDirector 12 -> "C:\Program Files (x86)\InstallShield Installation Information\{E1646825-D391-42A0-93AA-27FA810DA093}\setup.exe" /z-uninstall

Adobe AIR -> C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe Flash Player 18 NPAPI -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_160_Plugin.exe -maintain plugin

Adobe Help Manager -> msiexec /qb /x {AF37176A-78CA-545B-34EF-8B6A21514DD1}

DVD Shrink 3.2 -> "C:\Program Files (x86)\DVD Shrink\unins000.exe"

eBLU -> "C:\Program Files (x86)\ECS Motherboard Utility\eBLU\unins000.exe"

eDLU -> "C:\Program Files (x86)\ECS Motherboard Utility\eDLU\unins000.exe"

EPSON Scan -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r

LG CyberLink Media Suite -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

SmartSound Quicktracks 5 -> "C:\Program Files (x86)\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly

LG Burning Tool -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

LG CyberLink MediaShow -> "C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall

LG CyberLink PowerProducer -> "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall

LG CyberLink LabelPrint -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

LG CyberLink PowerDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall

CyberLink PowerDirector 12 -> "C:\Program Files (x86)\InstallShield Installation Information\{E1646825-D391-42A0-93AA-27FA810DA093}\setup.exe" /z-uninstall

LG CyberLink MediaEspresso -> "C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall

Mozilla Firefox 38.0.5 (x86 es-ES) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"

Mozilla Maintenance Service -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"

NewBlue Titler Pro for Windows -> "C:\Program Files (x86)\NewBlue\Titler Pro for Windows\Uninstall.exe"

NewBlue Video Essentials for Windows -> "C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Uninstall.exe"

NewBlue Video Essentials V for Windows -> "C:\Program Files (x86)\NewBlue\Video Essentials V for Windows\Uninstall.exe"

NVIDIA 3D Vision Controller Driver -> "C:\Program Files (x86)\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe" -runfromtemp -l0x0009 -removeonly

NVIDIA Stereoscopic 3D Driver -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask

Xiph.Org Open Codecs 0.85.17777 -> C:\Program Files (x86)\Xiph.Org\Open Codecs\uninst.exe

SIMPLE 4.5W -> "C:\Program Files (x86)\SIMPLE45W\miniuins.exe"

Compresor WinRAR -> C:\Program Files (x86)\WinRAR\uninstall.exe

eJIFFY -> "C:\ejiffy\unins000.exe"

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 -> MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

LG CyberLink Media Suite -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

Acrobat.com -> MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}

LG CyberLink BD Advisor -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}\Setup.exe" -uninstall

SmartSound Quicktracks 5 -> MsiExec.exe /I{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}

TP-LINK Wireless Configuration Utility -> "C:\Program Files (x86)\InstallShield Installation Information\{319D91C6-3D44-436C-9F79-36C0D22372DC}\setup.exe" -runfromtemp -l0x0009 -removeonly

CyberLink WaveEditor 2 -> C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 -> "C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall

QuickTime 7 -> MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}

LG Burning Tool -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

Compatibilidad con Aplicaciones de Apple -> MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D}

Adobe After Effects CS6 -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{4817D846-700B-474E-A31B-80892B3E92E3}"

Epson Event Manager -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\Setup.exe" -l0xa -u

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 -> MsiExec.exe /X{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}

neroxml -> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

Microsoft Visual C++ 2005 Redistributable -> MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Apple Software Update -> MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

CyberLink AudioDirector 5 -> C:\Program Files (x86)\NSIS Uninstall Information\{78D01FB2-57B6-4612-89EC-5B19A93E5F43}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{78D01FB2-57B6-4612-89EC-5B19A93E5F43}

LG CyberLink MediaShow -> "C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall

MSXML 4.0 SP2 (KB954430) -> MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Microsoft Office Professional Plus 2007 -> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Access MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0015-0C0A-0000-0000000FF1CE}

Microsoft Office Excel MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0016-0C0A-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0018-0C0A-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0019-0C0A-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-001A-0C0A-0000-0000000FF1CE}

Microsoft Office Word MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-001B-0C0A-0000-0000000FF1CE}

Microsoft Office Proof (Catalan) 2007 -> MsiExec.exe /X{90120000-001F-0403-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007 -> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007 -> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Portuguese (Brazil)) 2007 -> MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}

Microsoft Office Proof (Basque) 2007 -> MsiExec.exe /X{90120000-001F-042D-0000-0000000FF1CE}

Microsoft Office Proof (Galician) 2007 -> MsiExec.exe /X{90120000-001F-0456-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007 -> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (Spanish) 2007 -> MsiExec.exe /X{90120000-002C-0C0A-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0044-0C0A-0000-0000000FF1CE}

Microsoft Office Shared MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-006E-0C0A-0000-0000000FF1CE}

Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {175C1563-5389-3174-A18B-A90AD45208D2}

Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {6F197100-4BF3-3105-AA93-C5731C4FA85F}

Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {99A495FF-BC65-375D-B3C9-934E1DE4F558}

AMD USB Filter Driver -> MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 -> MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Adobe Reader 9.1 -> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}

ABBYY FineReader 6.0 Sprint -> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}

Adobe Help Manager -> MsiExec.exe /I{AF37176A-78CA-545B-34EF-8B6A21514DD1}

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 -> MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}

NVIDIA PhysX -> MsiExec.exe /I{B455E95A-B804-439F-B533-336B1635AE97}

LG CyberLink PowerProducer -> "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall

CyberLink PowerDirector 13 -> C:\Program Files (x86)\NSIS Uninstall Information\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 -> MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}

LG CyberLink LabelPrint -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 -> "C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall

Nero 7 Premium -> MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301033}

Sony Picture Utility -> C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x000a uninstall -removeonly

LG CyberLink PowerDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall

LightScribe System Software -> MsiExec.exe /X{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}

LG CyberLink MediaEspresso -> "C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall

Adobe Photoshop CS -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0xa

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 -> MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

Realtek High Definition Audio Driver -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly

ENLTV-FM3 Driver Setup -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F60BCCC3-561F-47BE-B1F9-8F208617B830}\setup.exe" -l0xa -removeonly

MSXML 4.0 SP2 (KB973688) -> MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

VirtualDJ PRO Full -> MsiExec.exe /I{F77E7AB3-A8D4-4049-A0B1-A84E12121AFB}

TP-LINK TL-WN8200ND Driver -> "C:\Program Files (x86)\InstallShield Installation Information\{FDA7E907-6539-42C1-9721-0239C281B336}\setup.exe" -runfromtemp -l0x0009 -removeonly DriverOnly

Adobe AIR -> MsiExec.exe /I{FE23D063-934D-4829-A0D8-00634CE79B4A}



Lista de PUPs conocidos.

Descripción -> Cadena de Desinstalación.

----------------------------------------

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con virus

Mensaje por msc hotline sat » 30 Jun 2015, 09:35

Efectivamente, no me habia dado cuenta de que otro usuario, tambien de su pais y con el mismo ISP, habia interferido posteando en este mismo Tema, contra lo indicado al respecto en:



https://foros.zonavirus.com/viewtopic.php?f=13&t=6268





[b]Se pide a este usuario"ALVAROP7" que no postee mas en este Tema[/b], y que si quiere algo, lo haga en uno que abra para él, pues de lo contrario consigue "liar la troca" !



Y olvidando la interferencia de dicho usuario, prosigo con el analisis del log del SPROCES de "the mappy"



[b]Relacion de archivos sospechosos a los que conviene añadir .VIR a su extension y enviarnoslos para analizar:[/b]



C:\ProgramData\msrfxqx.exe



A ver si este es el culpable de todo...





Pues tras añadir .VIR a su extension, reinicie y cuentenos si con ello se ha solucionado la anomalía, y en cualquier caso, envienos dicho fichero para analizar y, si es el caso, controlar en la proxima version del ELISTARA.





saludos



ms, 30-6-2016

Avatar de Usuario
flacoroo
Mensajes: 6289
Registrado: 09 Mar 2004, 20:32
Ubicación: Paso del Macho,Ver.México

Re: Ayuda con virus

Mensaje por flacoroo » 30 Jun 2015, 15:03

Sigue las instrucciones que te da Msc.



Aparte de ello, en todos tus disco portatiles (dd o usb) entra al icono del dd que se te crea, copia todos tus archivos, en otro lado, deja solo la carpeta de tal DD que se crea, trata de comprimir dicha carpeta y envianos de muestra, despues formateas cada DD portatil o usb y ya puedes regresar tus archivos a los DD portatiles o usb donde antes los tenias.



En tu computadora sigue estos pasos:



Adwcleaner

Al igual bájate esta herramienta [url=https://toolslib.net/downloads/viewdownload/1-adwcleaner/]adwcleaner[/url],

reinicias en modo seguro tu computadora, lo ejecutas, escaneas y después le das limpiar, después nos pegas su log.

Como lo ejecutarás en windows 7 ó 8.1 dale click derecho del mouse para que lo instales como Administrador.



Saludos
:lol: :lol: La vida es hermosa....para que complicarnosla :lol: :lol:

ALVAROP7
Mensajes: 48
Registrado: 09 Ene 2006, 22:27
Contactar:

Re: Ayuda con virus

Mensaje por ALVAROP7 » 30 Jun 2015, 18:10

OK entendido procedo a abrir un nuevo tema saludos

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con virus

Mensaje por msc hotline sat » 30 Jun 2015, 20:30

Bien hecho Alvarop7, pues alli nos vemos



Saludos



ms, 30-6-2015

the mappy
Mensajes: 9
Registrado: 20 Jun 2015, 09:30

Re: Ayuda con virus

Mensaje por the mappy » 01 Jul 2015, 06:54

ANALISIS DE LA HERRAMIENTE "Adwcleaner"



# AdwCleaner v4.207 - Registro generado 30/06/2015 en 21:25:46

# Actualizado 21/06/2015 por Xplode

# Base de datos : 2015-06-21.1 [Local]

# Sistema operativo : Windows 7 Ultimate Service Pack 1 (x64)

# Nombre de usuario : DEMON - DEMON-PC

# Ejecutado desde : C:\Users\DEMON\Downloads\adwcleaner_4.207.exe

# Opción : Limpiar



***** [ Servicios ] *****





***** [ Archivos / Carpetas ] *****



Archivo Eliminar : C:\Users\DEMON\AppData\Roaming\Mozilla\Firefox\Profiles\qifjc6ef.default\searchplugins\securesearch.xml



***** [ Tareas programadas... ] *****





***** [ Accesos directos ] *****





***** [ Registro ] *****



Llave Eliminar : HKCU\Software\AppDataLow\Software\adawarebp



***** [ Navegadores Web ] *****



-\\ Internet Explorer v11.0.9600.17840



Configuración Restauró : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]

Configuración Restauró : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

Configuración Restauró : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

Configuración Restauró : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]



-\\ Mozilla Firefox v38.0.5 (x86 es-ES)





*************************



AdwCleaner[R0].txt - [1488 bytes] - [30/06/2015 21:24:05]

AdwCleaner[S0].txt - [1273 bytes] - [30/06/2015 21:25:46]



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1332 bytes] ##########



LES MANDE EL FICHERO QUE ME PIDIERON ESTA COMPRIMIDO EN RAR

CON EL ANALISIS "Adwcleaner" APARENTEMENTE YA NO APARECE EL INCONO DE DISCO DURO EN LAS MEMORIAS

the mappy
Mensajes: 9
Registrado: 20 Jun 2015, 09:30

Re: Ayuda con virus

Mensaje por the mappy » 01 Jul 2015, 07:09

Quedo resuelto el problema en esta PC y la LAP



"MUCHISIMAS GRACIAS" Y SALU2



A TOD@S Y CADA UN@ DE L@S QUE COLABORAN EN "ZONA VIRUS"

:D GRACIAS :wink:

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con virus

Mensaje por msc hotline sat » 01 Jul 2015, 07:17

Pues lo celebramos, y aunque ya resuelto el problema en tu caso, analizaremos el fichero que indicas habernos enviado y, si procede, añadiremos su control y eliminacion al ELISTARA 32.61 de hoy, para el aprovechamiento de otros con el mismo problema.



Y dando por solucionado el Tema, procedemos a cerrarlo.



Saludos



ms, 1-7-2015

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con virus

Mensaje por msc hotline sat » 01 Jul 2015, 09:55

Recibido el fichero, ha resultado ser un DOWNLOADER SOUNDER (alias GAMARUE) que pasamos a controlar con el ELISTARA 32-61 de hoy



El preanalisis lo hemos realizado con jotti debido a que virustotal no deja subir ficheros de mas de 20 MB:



http://virusscan.jotti.org/es/scanresult/60e6595545085eb6e0137bc42e58e272e011f723



Cabe añadir que el fichero es de tamaño anormal, pues mide 67,4 MB, contra los 33 a 380 kB que miden los habituales SOUNDER, por lo que ademas de downloader puede tener otras funciones (McAfee lo detecta como backdoor) que alteraban el comportamiento del ordenador, como ha sido el caso.



Y sin mas que comunicar, agradeciendo su colaboración, reciba nuestros saludos.



ms, 1-7-2015

Cerrado

Volver a “Foro Virus - Cuentanos tu problema”