Ayuda HiJackThis

Cerrado
r.levancini
Novato
Novato
Mensajes: 4
Registrado: 18 Nov 2012, 04:43

Ayuda HiJackThis

Mensaje por r.levancini » 18 Nov 2012, 04:48

Hola soy nuevo el en foro y nesecito su ayuda ... ya que tengo un pendrive infectado (y esto infecto mi pc) ... asi que quiero que porfavor me digan cual es la que me esta causando el error para asi yo poder eliminarlo.





Saludos.



Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 0:42:03, on 18-11-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16455)

Boot mode: Normal



Running processes:

C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Hewlett-Packard\HP My Display\OSDManager.exe

C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Winrar-StartUp2.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\BrowserCompanion\BCHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Users\Levancini\Downloads\HijackThis.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Windows\SysWOW64\DllHost.exe



R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL/55

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll

O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll

O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Levancini\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (file missing)

O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)

O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O3 - Toolbar: Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll

O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPO

O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Winrar-Agent] c:\Winrar-StartUp2.exe

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI={$CHROM_GUID_UNINSTALLS}

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs:

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Levancini\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: MyEpson Portal Service - SEIKO EPSON CORPORATION - C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90781
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda HiJackThis

Mensaje por msc hotline sat » 18 Nov 2012, 07:55

Pues antes que nada debe pasar el ELISTARA, tanto al ordenador como al PENDRIVE supuestamente infectado:


[quote="para DESCARGAR el ELISTARA, msc"]



http://www.zonavirus.com/descargas/descargar-elistara.asp



Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el

resultado del proceso [/quote]




Y si en el informe no se detectara nada ni pidiera muestra para analizar, proceder

con el SPROCES :




[quote="msc"]
[b]SPROCES.EXE[/b] (herramienta de investigación)

http://www.zonavirus.com/descargas/descargar-sproces.asp



Y tras pulsar en SALIR, postearnos el contenido del C:\SPROCLOG.TXT [/quote]


lo analizaremos e informaremos al respecto.



saludos



ms, 18-11-2012





NOTA:



Y recuerde proteger con el ELIPEN tanto el ordenador como los pendrives, para impedir que se que se propaguen este tipo de virus.



[b] ELIPEN.EXE: [/b]

http://www.zonavirus.com/descargas/descargar-elipen.asp



saludos



ms, 18-11-2012

r.levancini
Novato
Novato
Mensajes: 4
Registrado: 18 Nov 2012, 04:43

Re: Ayuda HiJackThis

Mensaje por r.levancini » 18 Nov 2012, 18:39

Esto es lo que analice en el pendrive



(18-11-2012 17:26:34 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Error Creando TEST2.SAT

Unidad E:\ No se Pudo Proteger



(18-11-2012 17:26:39 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Error Creando TEST2.SAT

Unidad G:\ No se Pudo Proteger



(18-11-2012 17:27:01 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------

Desactivado el AutoPlay Totalmente.



(18-11-2012 17:28:51 (GMT))

EliStartPage v26.56 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 16 de Noviembre del 2012)

--------------------------------------------------

Sistema Operativo: Windows 7 Home Basic

Usuario: Levancini

ID de Usuario: S-1-5-21-280263680-3829481785-1499567855-1000



Lista de Acciones (por Acción Directa):

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(18-11-2012 17:29:35 (GMT))

EliStartPage v26.56 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 16 de Noviembre del 2012)

--------------------------------------------------

Sistema Operativo: Windows 7 Home Basic

Usuario: Levancini

ID de Usuario: S-1-5-21-280263680-3829481785-1499567855-1000



Lista de Acciones (por Exploración):

Explorando "I:\"



Nº Total de Directorios: 60

Nº Total de Ficheros: 454

Nº de Ficheros Analizados: 101

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



(18-11-2012 17:29:54 (GMT))

EliStartPage v26.56 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 16 de Noviembre del 2012)

--------------------------------------------------

Sistema Operativo: Windows 7 Home Basic

Usuario: Levancini

ID de Usuario: S-1-5-21-280263680-3829481785-1499567855-1000



Lista de Acciones (por Exploración):

Explorando "I:\"



Nº Total de Directorios: 60

Nº Total de Ficheros: 454

Nº de Ficheros Analizados: 101

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90781
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda HiJackThis

Mensaje por msc hotline sat » 18 Nov 2012, 18:43

No parece que las unidades examinadas fueran las que tenían el pendrive:



Esto es lo que analice en el pendrive



(18-11-2012 17:26:34 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Error Creando TEST2.SAT

Unidad E:\ No se Pudo Proteger



(18-11-2012 17:26:39 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Error Creando TEST2.SAT

Unidad G:\ No se Pudo Proteger





Primero mira donde está, y luego escoge dicha unidad para seleccionarla en el ELIPEN.



y haz lo mismo al escoger la unidad a escanear con el ELISTARA.



saludos



ms, 18-11-2012

r.levancini
Novato
Novato
Mensajes: 4
Registrado: 18 Nov 2012, 04:43

Re: Ayuda HiJackThis

Mensaje por r.levancini » 18 Nov 2012, 19:05

Aqui esta el otro analisis que me pidieron ... ojala me puedan ayudar



(18-11-2012 18:03:22 GMT)

SProces v6.6 (c)2012 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Home Basic (v6.1.7601)

Internet Explorer: (v9.0.8112.16421) 0

Equipo: LEVANCINI-HP

Usuario: Levancini

Sesión de Usuario: Levancini



87 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\ATIESRXX.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\ATIECLXX.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\ABBYY\FINEREADERSPRINT\9.00\LICENSING\NETWORKLICENSESERVER.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ARM\1.0\ARMSVC.EXE

C:\WINDOWS\SYSTEM32\AERTSR64.EXE

C:\USERS\LEVANCINI\APPDATA\ROAMING\DEFAULTTAB\DEFAULTTAB\DTUPDATE.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\PORTRAIT DISPLAYS\SHARED\DTSRVC.EXE

C:\PROGRAM FILES\ESET\ESET SMART SECURITY\X86\EKRN.EXE

C:\WINDOWS\SYSTEM32\HPCLIENTSERVICES.EXE

C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPDRVMNTSVC.EXE

C:\PROGRAM FILES (X86)\EPSON\MYEPSON PORTAL\MEPSERVICE.EXE

C:\WINDOWS\SYSTEM32\NITROPDFREADERDRIVERSERVICE2X64.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\PC TOOLS\SMONITOR\STARTMANSVC.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\PROGRAM FILES (X86)\PDF COMPLETE\PDFSVC.EXE

C:\WINDOWS\SYSTEM32\EXPLORER.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\PORTRAIT DISPLAYS\DRIVERS\PDISRVC.EXE

C:\PROGRAM FILES (X86)\EPSON\MYEPSON PORTAL\MEP.EXE

C:\PROGRAM FILES (X86)\MICROSOFT APPLICATION VIRTUALIZATION CLIENT\SFTVSA.EXE

C:\WINDOWS\SYSTEM32\SPLWOW64.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\WLIDSVC.EXE

C:\WINDOWS\SYSTEM32\HPAUTO.EXE

C:\PROGRAM FILES (X86)\MICROSOFT APPLICATION VIRTUALIZATION CLIENT\SFTLIST.EXE

C:\WINDOWS\SYSTEM32\WLIDSVCM.EXE

C:\WINDOWS\SYSTEM32\UNSECAPP.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\VIRTUALIZATION HANDLER\CVHSVC.EXE

C:\WINDOWS\SYSTEM32\RAVCPL64.EXE

C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP ODOMETER\HPSYSDRV.EXE

C:\WINDOWS\SYSTEM32\EGUI.EXE

C:\WINDOWS\SYSTEM32\SIDEBAR.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\OSPPSVC.EXE

C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP MY DISPLAY\OSDMANAGER.EXE

C:\PROGRAM FILES (X86)\EPSON SOFTWARE\EVENT MANAGER\EEVENTMANAGER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\PC TOOLS\SMONITOR\SSDMONITOR.EXE

C:\PROGRAM FILES (X86)\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE

C:\WINRAR-STARTUP2.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\WINDOWS\SYSTEM32\SPLWOW64.EXE

C:\PROGRAM FILES (X86)\SAMSUNG\KIES\KIESTRAYAGENT.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\PROGRAM FILES (X86)\CYBERLINK\YOUCAM\YCMMIRAGE.EXE

C:\PROGRAM FILES (X86)\DIVX\DIVX UPDATE\DIVXUPDATE.EXE

C:\WINDOWS\SYSTEM32\WMPNETWK.EXE

C:\PROGRAM FILES (X86)\BROWSERCOMPANION\BCHELPER.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE

C:\PROGRAM FILES (X86)\DAEMON TOOLS PRO\DTSHELLHLP.EXE

C:\WINDOWS\SYSTEM32\UNSECAPP.EXE

C:\WINDOWS\SYSTEM32\MOM.EXE

C:\WINDOWS\SYSTEM32\CCC.EXE

C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MSCORSVW.EXE

C:\WINDOWS\SYSTEM32\MSCORSVW.EXE

C:\WINDOWS\SYSTEM32\HPSA_SERVICE.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE

C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGIN-CONTAINER.EXE

C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_11_5_502_110.EXE

C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_11_5_502_110.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IELOWUTIL.EXE

C:\WINDOWS\SYSTEM32\WUDFHOST.EXE

C:\USERS\LEVANCINI\DESKTOP\ELISTARA.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\USERS\LEVANCINI\DESKTOP\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll

O2 - BHO: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll

O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Levancini\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (file missing)

O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)

O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O3 - Toolbar: (no name) - 10 - (no file)

O3 - Toolbar: Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll

O4 - HKCU\..\Run: [AdobeBridge]

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPO

O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Winrar-Agent] c:\Winrar-StartUp2.exe

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI={$CHROM_GUID_UNINSTALLS}

O4 - HKLM\..\Run: [DATAMNGR]

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 10.9.2) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} (Java Plug-in 1.6.0_22) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 10.9.2) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL



Información Adicional:

----------------------



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE

O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe (file missing)

O23 - Service: DefaultTabUpdate - Search Results, LLC - C:\Users\Levancini\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

O23 - Service: epfw - ESET - C:\WINDOWS\SYSTEM32\DRIVERS\epfw.sys (file missing)

**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Google Update Servicio (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

O23 - Service: MyEpson Portal Service - SEIKO EPSON CORPORATION - C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe

O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: Buttons and OSDs ACPI driver gen2 (ACPIService) - Unknown owner - C:\WINDOWS\system32\drivers\OSDACPI.SYS (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys (file missing)

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys (file missing)

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys (file missing)

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (file missing)

O23 - Service: amdkmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)

O23 - Service: amdkmdap - Advanced Micro Devices, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmpag.sys (file missing)

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys (file missing)

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\drivers\amdsbs.sys (file missing)

O23 - Service: SAMSUNG Android Composite ADB Interface Driver (androidusb) - Google Inc - C:\WINDOWS\SYSTEM32\Drivers\ssadadb.sys (file missing)

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys (file missing)

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys (file missing)

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\bxvbda.sys (file missing)

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys (file missing)

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltLo.sys (file missing)

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltUp.sys (file missing)

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys (file missing)

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys (file missing)

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys (file missing)

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys (file missing)

O23 - Service: CyberLink WebCam Virtual Driver (clwvd) - CyberLink Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\clwvd.sys (file missing)

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (file missing)

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\evbda.sys (file missing)

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys (file missing)

O23 - Service: ESLvnic Virtual Network 64 Bit (ESLvnic1) - Turtle Entertainment GmbH - C:\WINDOWS\SYSTEM32\DRIVERS\ESLvnic.sys (file missing)

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hamachi Network Interface (hamachi) - LogMeIn, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\hamachi.sys (file missing)

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys (file missing)

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys (file missing)

O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys (file missing)

O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd64.sys (file missing)

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys (file missing)

O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHD64.sys (file missing)

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_fc.sys (file missing)

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas.sys (file missing)

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas2.sys (file missing)

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_scsi.sys (file missing)

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys (file missing)

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\MegaSR.sys (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Ralink 802.11n Extensible Wireless Driver (netr28x) - Ralink Technology, Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\netr28x.sys (file missing)

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys (file missing)

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (file missing)

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (file missing)

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys (file missing)

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys (file missing)

O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek - C:\WINDOWS\SYSTEM32\DRIVERS\Rt64win7.sys (file missing)

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\drivers\SiSRaid2.sys (file missing)

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys (file missing)

O23 - Service: SAMSUNG Android USB Composite Device driver (WDM) (ssadbus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ssadbus.sys (file missing)

O23 - Service: SAMSUNG Android USB Modem (Filter) (ssadmdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ssadmdfl.sys (file missing)

O23 - Service: SAMSUNG Android USB Modem Drivers (ssadmdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ssadmdm.sys (file missing)

O23 - Service: SAMSUNG Android USB Diagnostic Serial Port (WDM) (ssadserd) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ssadserd.sys (file missing)

O23 - Service: SAMSUNG USB Composite Device driver (WDM) (sscdbus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdbus.sys (file missing)

O23 - Service: SAMSUNG Mobile Modem Filter (sscdmdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdmdfl.sys (file missing)

O23 - Service: SAMSUNG Mobile Modem Drivers (sscdmdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdmdm.sys (file missing)

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\drivers\stexstor.sys (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: AMD USB Filter Driver (usbfilter) - Advanced Micro Devices - C:\WINDOWS\system32\drivers\usbfilter.sys (file missing)

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (file missing)

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys (file missing)



Listado de Servicios (Deshabilitados):

--------------------------------------



88 Servicios.

23 de Carga Automatica.

65 de Carga Manual.

0 Deshabilitados.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90781
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda HiJackThis

Mensaje por msc hotline sat » 18 Nov 2012, 20:42

Pues en el log vemos este fichero sospechoso:



C:\WINDOWS\SYSTEM32\AERTSR64.EXE



segun



http://www.spydig.com/file-diagnosis/AERTSr64-exe.html





Añade .VIR a su extension y envianoslo para analizar





y este otro parece ser un adware:



C:\USERS\LEVANCINI\APPDATA\ROAMING\DEFAULTTAB\DEFAULTTAB\DTUPDATE.EXE





segun



http://www.prevx.com/filenames/X124177548358120472-X1/DTUPDATE.EXE.html



haga lo mismo que deciamos para con el primero.





y para enviarnos los ficheros, recordar:



>[b]



[quote]



ENVIO DE MUESTRAS Y ELIMINACIÓN DE CLAVES



Para ello recordar[/b]
:

https://foros.zonavirus.com/viewtopic.php?f=5&t=45334



Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos


[/quote]

saludos



ms, 18-11-2012

r.levancini
Novato
Novato
Mensajes: 4
Registrado: 18 Nov 2012, 04:43

Re: Ayuda HiJackThis

Mensaje por r.levancini » 18 Nov 2012, 21:16

Tambien analice el Disco local C:

(18-11-2012 17:26:20 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Unidad I:\ Protegida



(18-11-2012 17:26:28 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Unidad C:\ Protegida



(18-11-2012 17:26:31 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Unidad D:\ Protegida



(18-11-2012 17:26:34 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Error Creando TEST2.SAT

Unidad E:\ No se Pudo Proteger



(18-11-2012 17:26:39 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Error Creando TEST2.SAT

Unidad G:\ No se Pudo Proteger



(18-11-2012 17:27:01 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------

Desactivado el AutoPlay Totalmente.



(18-11-2012 17:28:51 (GMT))

EliStartPage v26.56 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 16 de Noviembre del 2012)

--------------------------------------------------

Sistema Operativo: Windows 7 Home Basic

Usuario: Levancini

ID de Usuario: S-1-5-21-280263680-3829481785-1499567855-1000



Lista de Acciones (por Acción Directa):

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(18-11-2012 17:29:35 (GMT))

EliStartPage v26.56 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 16 de Noviembre del 2012)

--------------------------------------------------

Sistema Operativo: Windows 7 Home Basic

Usuario: Levancini

ID de Usuario: S-1-5-21-280263680-3829481785-1499567855-1000



Lista de Acciones (por Exploración):

Explorando "I:\"



Nº Total de Directorios: 60

Nº Total de Ficheros: 454

Nº de Ficheros Analizados: 101

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



(18-11-2012 17:29:54 (GMT))

EliStartPage v26.56 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 16 de Noviembre del 2012)

--------------------------------------------------

Sistema Operativo: Windows 7 Home Basic

Usuario: Levancini

ID de Usuario: S-1-5-21-280263680-3829481785-1499567855-1000



Lista de Acciones (por Exploración):

Explorando "I:\"



Nº Total de Directorios: 60

Nº Total de Ficheros: 454

Nº de Ficheros Analizados: 101

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



(18-11-2012 19:39:41 (GMT))

EliStartPage v26.56 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 16 de Noviembre del 2012)

--------------------------------------------------

Sistema Operativo: Windows 7 Home Basic

Usuario: Levancini

ID de Usuario: S-1-5-21-280263680-3829481785-1499567855-1000



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 44064

Nº Total de Ficheros: 479270

Nº de Ficheros Analizados: 68210

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



(18-11-2012 20:14:41 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------



Unidad I:\ YA esta Protegida



(18-11-2012 20:14:52 (GMT))

EliPen v2.5 (c)2011 S.G.H. / Satinfo S.L.

------------------------------------------

Desactivado el AutoPlay Totalmente.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90781
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda HiJackThis

Mensaje por msc hotline sat » 20 Nov 2012, 09:33

En anterior post de este Tema le pediamos que nos enviara estos dos ficheros:





C:\WINDOWS\SYSTEM32\AERTSR64.EXE



C:\USERS\LEVANCINI\APPDATA\ROAMING\DEFAULTTAB\DEFAULTTAB\DTUPDATE.EXE





recordandole el método de envio: https://foros.zonavirus.com/viewtopic.php?f=5&t=45334



En cuanto los recibamos, los analizaremos e informaremos



saludos



ms, 20-11-2012

Cerrado

Volver a “Foro Spyware”