Ayuda tengo problemas
Ayuda tengo problemas
Hola, les agradesco de ante mano por su ayuda, bien les cuento a ver si me pueden dar una mano, ok, en los ultimos dias mi pc se le a desaparecido el control panel y el task manager se a desabilitado solo, me dice que tengo que contactarme con el administrador, ok trate con el con varios foros viendo lo que se comentaba acerca de este problema pero nada me funciono, resulta ser que antes de esto me esta apareciendo un letrero de un triangulo amarillo de atencion diciendo que windows a detectado un gran numero de virus, y que recomienda un antispyware dice que le de doble click para descargarlo, pues le eh dado doble click y me sale un tremendo popup, pues nada la pc se me pone lenta que parece pentium II pues, me puse a buscar un buen antivirus y un buen antispyware bien entonces me recomendaron el spyware doctor y el nod32 que de antemano lo tenia intalado en el ordenador, bien cuando instale el doctor spyware me aparecen muchos letreros de acciones bloqueadas y nada lo escaneo y me borra muchos malware, spyware, etc. luego veo que la pc sigue igual, y encuentro el McAfee 2007 y se lo instalo pensado que era un problema de actualizacion, pues el pc sigue igual y empeorando, por favor necesito que me ayuden, por que ya me han ayudado otras veces. les doy las gracias de ante mano.:enfermo:
Ayudar al necesitado, para luego ser ayudado, asi nadie pierde sino que todos ganamos
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Pues posteenos log del HJT para ver si hay algo de mas:
[b]
[color=yellow]HJT : (HiJackThis)[/color] [/b]
[i]¿Como utilizar el Hijackthis ?[/i]
Lo primero que debemos hacer es descargarlo en nuestro ordenador y ubicarlo en una carpeta propia C:\HijackThis\
Ejecútarlo y presionar el botón "[b]Do a system scan and save a logfile[/b]
Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta de este Tema
·[url=http://www.zonavirus.com/descargas/trendmicro-hijackthis.asp][b]Descargar Hijackthis[/b] [/url]
Tras analizarlo, informaremos
saludos
ms, 5-08-2007
[i]¿Como utilizar el Hijackthis ?
Lo primero que debemos hacer es descargarlo en nuestro ordenador y ubicarlo en una carpeta propia C:\HijackThis\
Ejecútarlo y presionar el botón "
Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta de este Tema
·
Tras analizarlo, informaremos
saludos
ms, 5-08-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:21:20 AM, on 8/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Mcafee\MWL\MwlSvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\McAfee\MPS\mps.exe
C:\WINDOWS\system32\printer.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\Mcafee\MWL\MWLGui.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\alg.exe
c:\program files\mcafee\msc\mcupdui.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee\MSC\Updates\Installs\1\msk\mcinst.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =http://www.dell.com
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ODBCJET.exe,
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr323.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\Eset\nodlogin.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
O4 - HKLM\..\RunOnce: [!mcagntps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee.com\agent\mcagntps.dll
O4 - HKLM\..\RunOnce: [mcagent.exe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe -regserver
O4 - HKLM\..\RunOnce: [!mcmispps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcmispps.dll
O4 - HKLM\..\RunOnce: [!mccfgpv.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mccfgpv.dll
O4 - HKLM\..\RunOnce: [!mcdbmgr.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcdbmgr.dll
O4 - HKLM\..\RunOnce: [!mcmscver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcmscver.dll
O4 - HKLM\..\RunOnce: [!mcshllps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcshllps.dll
O4 - HKLM\..\RunOnce: [!mcuicfg.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcuicfg.dll
O4 - HKLM\..\RunOnce: [mcupdmgr.exe] c:\PROGRA~1\mcafee\msc\mcupdmgr.exe -regserver
O4 - HKLM\..\RunOnce: [mcupdui.exe] c:\PROGRA~1\mcafee\msc\mcupdui.exe -regserver
O4 - HKLM\..\RunOnce: [!qcmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mqc\qcmisp.dll
O4 - HKLM\..\RunOnce: [!mcnmcsps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcnmcsps.dll
O4 - HKLM\..\RunOnce: [!mcnmcsrv.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcnmcsrv.dll
O4 - HKLM\..\RunOnce: [!mcnmcver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcnmcver.dll
O4 - HKLM\..\RunOnce: [!mccoreps.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll
O4 - HKLM\..\RunOnce: [!mcevtbrk.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll
O4 - HKLM\..\RunOnce: [!MCNASV~1.DLL] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL
O4 - HKLM\..\RunOnce: [mcnasvc.exe] c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe -regserver
O4 - HKLM\..\RunOnce: [!mcuj.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\mna\mcuj.dll
O4 - HKLM\..\RunOnce: [mcsysmon.exe] c:\PROGRA~1\mcafee\VIRUSS~1\mcsysmon.exe -regserver
O4 - HKLM\..\RunOnce: [!mcvsps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll
O4 - HKLM\..\RunOnce: [!naiannps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll
O4 - HKLM\..\RunOnce: [!mcvsqt.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mcvsqt.dll
O4 - HKLM\..\RunOnce: [!mvscfg.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll
O4 - HKLM\..\RunOnce: [!mvsver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mvsver.dll
O4 - HKLM\..\RunOnce: [!naiann.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\naiann.dll
O4 - HKLM\..\RunOnce: [mcods.exe] c:\PROGRA~1\mcafee\VIRUSS~1\mcods.exe -regserver
O4 - HKLM\..\RunOnce: [!mvsap.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mvsap.dll
O4 - HKLM\..\RunOnce: [!mvslog.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mvslog.dll
O4 - HKLM\..\RunOnce: [!hwapips.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll
O4 - HKLM\..\RunOnce: [hwapi.exe] c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.exe -regserver
O4 - HKLM\..\RunOnce: [!redirps.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirps.dll
O4 - HKLM\..\RunOnce: [redirsvc.exe] c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe -regserver
O4 - HKLM\..\RunOnce: [!empxyver.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\emproxy\empxyver.dll
O4 - HKLM\..\RunOnce: [!fwdrvver.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\fwdriver\fwdrvver.dll
O4 - HKLM\..\RunOnce: [!mpfmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll
O4 - HKLM\..\RunOnce: [mcproxy.exe] c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe -regserver
O4 - HKLM\..\RunOnce: [!mskset.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskset.dll
O4 - HKLM\..\RunOnce: [!mskmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskmisp.dll
O4 - HKLM\..\RunOnce: [!mskp3plg.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskp3plg.dll
O4 - HKLM\..\RunOnce: [!mskengn.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskengn.dll
O4 - HKLM\..\RunOnce: [!mskwm.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskwm.dll
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: autorun.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra 'Tools' menuitem: GigaSize Toolbar - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1155949250489
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181939569515
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\hrum323.txt
O23 - Service: McAfee Application Installer Cleanup (0106381186315546) (0106381186315546mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\010638~1.EXE
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\Program Files\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 16777 bytes
Scan saved at 4:21:20 AM, on 8/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Mcafee\MWL\MwlSvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\McAfee\MPS\mps.exe
C:\WINDOWS\system32\printer.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\Mcafee\MWL\MWLGui.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\alg.exe
c:\program files\mcafee\msc\mcupdui.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee\MSC\Updates\Installs\1\msk\mcinst.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ODBCJET.exe,
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr323.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\Eset\nodlogin.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
O4 - HKLM\..\RunOnce: [!mcagntps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee.com\agent\mcagntps.dll
O4 - HKLM\..\RunOnce: [mcagent.exe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe -regserver
O4 - HKLM\..\RunOnce: [!mcmispps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcmispps.dll
O4 - HKLM\..\RunOnce: [!mccfgpv.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mccfgpv.dll
O4 - HKLM\..\RunOnce: [!mcdbmgr.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcdbmgr.dll
O4 - HKLM\..\RunOnce: [!mcmscver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcmscver.dll
O4 - HKLM\..\RunOnce: [!mcshllps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcshllps.dll
O4 - HKLM\..\RunOnce: [!mcuicfg.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcuicfg.dll
O4 - HKLM\..\RunOnce: [mcupdmgr.exe] c:\PROGRA~1\mcafee\msc\mcupdmgr.exe -regserver
O4 - HKLM\..\RunOnce: [mcupdui.exe] c:\PROGRA~1\mcafee\msc\mcupdui.exe -regserver
O4 - HKLM\..\RunOnce: [!qcmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mqc\qcmisp.dll
O4 - HKLM\..\RunOnce: [!mcnmcsps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcnmcsps.dll
O4 - HKLM\..\RunOnce: [!mcnmcsrv.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcnmcsrv.dll
O4 - HKLM\..\RunOnce: [!mcnmcver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msc\mcnmcver.dll
O4 - HKLM\..\RunOnce: [!mccoreps.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll
O4 - HKLM\..\RunOnce: [!mcevtbrk.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll
O4 - HKLM\..\RunOnce: [!MCNASV~1.DLL] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL
O4 - HKLM\..\RunOnce: [mcnasvc.exe] c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe -regserver
O4 - HKLM\..\RunOnce: [!mcuj.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\mna\mcuj.dll
O4 - HKLM\..\RunOnce: [mcsysmon.exe] c:\PROGRA~1\mcafee\VIRUSS~1\mcsysmon.exe -regserver
O4 - HKLM\..\RunOnce: [!mcvsps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll
O4 - HKLM\..\RunOnce: [!naiannps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll
O4 - HKLM\..\RunOnce: [!mcvsqt.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mcvsqt.dll
O4 - HKLM\..\RunOnce: [!mvscfg.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll
O4 - HKLM\..\RunOnce: [!mvsver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mvsver.dll
O4 - HKLM\..\RunOnce: [!naiann.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\naiann.dll
O4 - HKLM\..\RunOnce: [mcods.exe] c:\PROGRA~1\mcafee\VIRUSS~1\mcods.exe -regserver
O4 - HKLM\..\RunOnce: [!mvsap.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mvsap.dll
O4 - HKLM\..\RunOnce: [!mvslog.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\VIRUSS~1\mvslog.dll
O4 - HKLM\..\RunOnce: [!hwapips.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapips.dll
O4 - HKLM\..\RunOnce: [hwapi.exe] c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.exe -regserver
O4 - HKLM\..\RunOnce: [!redirps.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirps.dll
O4 - HKLM\..\RunOnce: [redirsvc.exe] c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe -regserver
O4 - HKLM\..\RunOnce: [!empxyver.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\emproxy\empxyver.dll
O4 - HKLM\..\RunOnce: [!fwdrvver.dll] regsvr32.exe /s c:\PROGRA~1\COMMON~1\mcafee\fwdriver\fwdrvver.dll
O4 - HKLM\..\RunOnce: [!mpfmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll
O4 - HKLM\..\RunOnce: [mcproxy.exe] c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe -regserver
O4 - HKLM\..\RunOnce: [!mskset.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskset.dll
O4 - HKLM\..\RunOnce: [!mskmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskmisp.dll
O4 - HKLM\..\RunOnce: [!mskp3plg.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskp3plg.dll
O4 - HKLM\..\RunOnce: [!mskengn.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskengn.dll
O4 - HKLM\..\RunOnce: [!mskwm.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\msk\mskwm.dll
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: autorun.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra 'Tools' menuitem: GigaSize Toolbar - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
O20 - AppInit_DLLs: C:\WINDOWS\system32\hrum323.txt
O23 - Service: McAfee Application Installer Cleanup (0106381186315546) (0106381186315546mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\010638~1.EXE
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\Program Files\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 16777 bytes
Ayudar al necesitado, para luego ser ayudado, asi nadie pierde sino que todos ganamos
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Tiene instalado McAfee y NOD32 simultaneamente, desinstale uno de los dos !!!
Y este fichero es sospechoso:
C:\WINDOWS\system32\printer.exe
envielo al VirusTotal y veamos el resultado:
https://www.virustotal.com/es/
y si resulta ser virus, envienoslo tambien para analizar:
->[b] Para ello recordar[/b] https://foros.zonavirus.com/viewtopic.php?f=2&t=45334
y solo si detectan virus, pruebe el ELISHELL.EXE:
ELISHELL
http://www.zonavirus.com/descargas/elishell.asp
________
Aparte, elimine estas claves:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =http://search.bearshare.com/sidebar.html?src=ssb
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
O4 - HKLM\..\RunOnce: [mcnasvc.exe] c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe -regserver
O4 - HKLM\..\RunOnce: [mcsysmon.exe] c:\PROGRA~1\mcafee\VIRUSS~1\mcsysmon.exe -regserver
O4 - HKLM\..\RunOnce: [mcods.exe] c:\PROGRA~1\mcafee\VIRUSS~1\mcods.exe -regserver
O4 - HKLM\..\RunOnce: [hwapi.exe] c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.exe -regserver
O4 - HKLM\..\RunOnce: [redirsvc.exe] c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe -regserver
O4 - HKLM\..\RunOnce: [mcproxy.exe] c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe -regserver
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra 'Tools' menuitem: GigaSize Toolbar - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
y vemos que usa el Spyware Doctor, que ralentiza mucho, aconsejamos desinstalarlo...
Y tras todo ello, reinicia y nos cuenta el resultado, gracias
saludos
ms, 5-08-2007
Y este fichero es sospechoso:
C:\WINDOWS\system32\printer.exe
envielo al VirusTotal y veamos el resultado:
y si resulta ser virus, envienoslo tambien para analizar:
->
y solo si detectan virus, pruebe el ELISHELL.EXE:
ELISHELL
________
Aparte, elimine estas claves:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
O4 - HKLM\..\RunOnce: [mcnasvc.exe] c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe -regserver
O4 - HKLM\..\RunOnce: [mcsysmon.exe] c:\PROGRA~1\mcafee\VIRUSS~1\mcsysmon.exe -regserver
O4 - HKLM\..\RunOnce: [mcods.exe] c:\PROGRA~1\mcafee\VIRUSS~1\mcods.exe -regserver
O4 - HKLM\..\RunOnce: [hwapi.exe] c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.exe -regserver
O4 - HKLM\..\RunOnce: [redirsvc.exe] c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe -regserver
O4 - HKLM\..\RunOnce: [mcproxy.exe] c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe -regserver
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra 'Tools' menuitem: GigaSize Toolbar - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
y vemos que usa el Spyware Doctor, que ralentiza mucho, aconsejamos desinstalarlo...
Y tras todo ello, reinicia y nos cuenta el resultado, gracias
saludos
ms, 5-08-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
HOLA, estuVe buscando el archivo y Ha desaparecido. encontre este PRINTER.EXE-183018B7.pf lo scanee pero con virustotal y no encontro ningun virus, ahora mismo no me estan saliendo los letreros de advertencias. pero ahun se mantiene el control panel y el task manager blocked, si me pueden ayudar con eso por que lo necesito para borrar nod32.
Análisis del archivo PRINTER.EXE-183019B7.pf recibido el 06.08.2007 05:41:11 (CET)
Estado actual: Cargando ... en cola en espera en proceso análisis terminado NO ENCONTRADO DETENIDO
Resultado: 0/31 (0%)
Cargando información del servidor..
Su archivo se encuentra encolado en la posición: 8.
Se estima que tendrá que esperar entre 81 y 116 segundos
hasta el comienzo del análisis.
Análisis del archivo PRINTER.EXE-183019B7.pf recibido el 06.08.2007 05:41:11 (CET)
Estado actual: Cargando ... en cola en espera en proceso análisis terminado NO ENCONTRADO DETENIDO
Resultado: 0/31 (0%)
Cargando información del servidor..
Su archivo se encuentra encolado en la posición: 8.
Se estima que tendrá que esperar entre 81 y 116 segundos
hasta el comienzo del análisis.
Ayudar al necesitado, para luego ser ayudado, asi nadie pierde sino que todos ganamos
Hola gracias amigo por su tiempo, le digo que le pc me ha mejorado Bastante, ya no esta lenta, pero me estan saliendo vastantes popups, y el panel de control y todas las funciones administrativas estan bloqueadas. intente utilizar regedit, gpedit, entre otros. bien aqui le dejo el hijackthis. realmente gracias x todo, soy nuevo en esta pagina y se la he recomendado a mucho.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:29:26 a.m., on 06/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\windows\system32\RUNDDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\McAfee\MPS\mps.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\mcafee\msc\mcupdui.exe
c:\program files\mcafee\msc\mcuimgr.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.mbuscas.com/buscador.php?id=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ODBCJET.exe,
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr323.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\Eset\nodlogin.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
O4 - HKLM\..\RunOnce: [!mpsps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mps\mpsps.dll
O4 - HKLM\..\RunOnce: [!mpsppm.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mps\mpsppm.dll
O4 - HKLM\..\RunOnce: [!mpsver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mps\mpsver.dll
O4 - HKLM\..\RunOnce: [!mpsmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mps\mpsmisp.dll
O4 - HKLM\..\RunOnce: [!mwlmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mwl\mwlmisp.dll
O4 - HKLM\..\RunOnce: [!mcmwlver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mwl\mcmwlver.dll
O4 - HKLM\..\RunOnce: [!PRESTO~2.DLL] regsvr32.exe /s c:\PROGRA~1\mcafee\mwl\PRESTO~2.DLL
O4 - HKLM\..\RunOnce: [!PRESTO~1.DLL] regsvr32.exe /s c:\PROGRA~1\mcafee\mwl\PRESTO~1.DLL
O4 - HKLM\..\RunOnce: [!mcensrv.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mhn\mcensrv.dll
O4 - HKLM\..\RunOnce: [!mcmhnver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mhn\mcmhnver.dll
O4 - HKLM\..\RunOnce: [!mbkprov.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mbk\mbkprov.dll
O4 - HKLM\..\RunOnce: [!MBKCLI~1.DLL] regsvr32.exe /s c:\PROGRA~1\mcafee\mbk\MBKCLI~1.DLL
O4 - HKCU\..\Run: [Rundll32] c:\windows\system32\RUNDDLL32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SafeBows] C:\DOCUME~1\Kikito\APPLIC~1\PHONED~1\ford deaf atom.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra 'Tools' menuitem: GigaSize Toolbar - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1155949250489
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181939569515
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\hrum323.txt
O23 - Service: McAfee Application Installer Cleanup (0014341186382968) (0014341186382968mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\001434~1.EXE
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 11900 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:29:26 a.m., on 06/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\windows\system32\RUNDDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\McAfee\MPS\mps.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\mcafee\msc\mcupdui.exe
c:\program files\mcafee\msc\mcuimgr.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ODBCJET.exe,
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr323.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\Eset\nodlogin.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
O4 - HKLM\..\RunOnce: [!mpsps.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mps\mpsps.dll
O4 - HKLM\..\RunOnce: [!mpsppm.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mps\mpsppm.dll
O4 - HKLM\..\RunOnce: [!mpsver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mps\mpsver.dll
O4 - HKLM\..\RunOnce: [!mpsmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mps\mpsmisp.dll
O4 - HKLM\..\RunOnce: [!mwlmisp.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mwl\mwlmisp.dll
O4 - HKLM\..\RunOnce: [!mcmwlver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mwl\mcmwlver.dll
O4 - HKLM\..\RunOnce: [!PRESTO~2.DLL] regsvr32.exe /s c:\PROGRA~1\mcafee\mwl\PRESTO~2.DLL
O4 - HKLM\..\RunOnce: [!PRESTO~1.DLL] regsvr32.exe /s c:\PROGRA~1\mcafee\mwl\PRESTO~1.DLL
O4 - HKLM\..\RunOnce: [!mcensrv.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mhn\mcensrv.dll
O4 - HKLM\..\RunOnce: [!mcmhnver.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mhn\mcmhnver.dll
O4 - HKLM\..\RunOnce: [!mbkprov.dll] regsvr32.exe /s c:\PROGRA~1\mcafee\mbk\mbkprov.dll
O4 - HKLM\..\RunOnce: [!MBKCLI~1.DLL] regsvr32.exe /s c:\PROGRA~1\mcafee\mbk\MBKCLI~1.DLL
O4 - HKCU\..\Run: [Rundll32] c:\windows\system32\RUNDDLL32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SafeBows] C:\DOCUME~1\Kikito\APPLIC~1\PHONED~1\ford deaf atom.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra 'Tools' menuitem: GigaSize Toolbar - {18955D47-882E-48fc-B903-A4BDD030E7FD} - (no file)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
O20 - AppInit_DLLs: C:\WINDOWS\system32\hrum323.txt
O23 - Service: McAfee Application Installer Cleanup (0014341186382968) (0014341186382968mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\001434~1.EXE
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 11900 bytes
Ayudar al necesitado, para luego ser ayudado, asi nadie pierde sino que todos ganamos
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Pues empecemos con eliminar estas clave de NOD32 si no lo quiere tener instalado:
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\Eset\nodlogin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =http://search.bearshare.com/sidebar.html?src=ssb
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O4 - HKCU\..\Run: [Rundll32] c:\windows\system32\RUNDDLL32.exe
O4 - HKCU\..\Run: [SafeBows] C:\DOCUME~1\Kikito\APPLIC~1\PHONED~1\ford deaf atom.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
y esto pueden ser malwares, renombre estos ficheros a extension .VIR
C:\windows\system32\RUNDDLL32.exe
C:\WINDOWS\system32\WinAvXX.exe
C:\DOCUME~1\Kikito\APPLIC~1\PHONED~1\ford deaf atom.exe
C:\WINDOWS\system32\vtr323.dll
y tras ello envienos estos ficheros renombrados para analizar, dado que no hizo bien lo del Virus Total (no esperó al analisis... había 8 en cola antes que Vd !) Los dejaremos aparcados hasta que volvamos de vacaciones.
Asi espero que quedará operativo el ordenador.
Por cierto, veo dos claves finales de Norton, una es del Ghost, pero y la otra ??? es que tambien instaló el antivrius de Norton ???
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
->[b] Para ello recordar[/b] https://foros.zonavirus.com/viewtopic.php?f=2&t=45334
saludos
ms, 6-08-2007
nota : y por si este RUNDDLL32 fuera un Desktoper conocido, pruebe tambien el ELISTARA:
ELISTARA:
http://www.zonavirus.com/descargas/elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
ms.
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\Eset\nodlogin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O4 - HKCU\..\Run: [Rundll32] c:\windows\system32\RUNDDLL32.exe
O4 - HKCU\..\Run: [SafeBows] C:\DOCUME~1\Kikito\APPLIC~1\PHONED~1\ford deaf atom.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
y esto pueden ser malwares, renombre estos ficheros a extension .VIR
C:\windows\system32\RUNDDLL32.exe
C:\WINDOWS\system32\WinAvXX.exe
C:\DOCUME~1\Kikito\APPLIC~1\PHONED~1\ford deaf atom.exe
C:\WINDOWS\system32\vtr323.dll
y tras ello envienos estos ficheros renombrados para analizar, dado que no hizo bien lo del Virus Total (no esperó al analisis... había 8 en cola antes que Vd !) Los dejaremos aparcados hasta que volvamos de vacaciones.
Asi espero que quedará operativo el ordenador.
Por cierto, veo dos claves finales de Norton, una es del Ghost, pero y la otra ??? es que tambien instaló el antivrius de Norton ???
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
->
saludos
ms, 6-08-2007
nota : y por si este RUNDDLL32 fuera un Desktoper conocido, pruebe tambien el ELISTARA:
ELISTARA:
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
ms.
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Con la nueva version del ELISTARA 14.51 YA DISPONIBLE EN ESTA WEB para evaluacion, se controla el virus WINAVXX , descarguela y pruebela:
ELISTARA:
http://www.zonavirus.com/descargas/elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
saludos
ms, 28-08-2007
ELISTARA:
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
saludos
ms, 28-08-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online