mensaje de alerta worm.win32.netbooster

[guess400]

luego se inicia explorer, cuanto fui a pasar el hijck no logro ver c: en mi pc ni en modo a prueba de fallo pase el elistara y eliptiip y no logre nada por favor que hago?

[msc hotline sat]

Pues el título de este Tema parece que te da una pista:



worm.win32.netbooster



dinos la aplicacion que te informa al respecto, pues si es el antivirus, procederíamos en consecuencia



Y como que dices que el ELISTARA no te ha detectado nada ... comprueba que pruebes la última versión (actualmente hay en la web la 16.78) y posteanos el c:\infosat.txt que generó dicho proceso, gracias



saludos



ms, 25-07-2008





NOTA: y de paso, prieba el SPROCES y tambien nos posteas el informe resultante:



[b]SPROCES[/b] (herramienta de investigación)

http://www.zonavirus.com/descargas/sproces.asp

Y tras pulsar en SALIR, posteanos el contenido del C:\SPROCLOG.TXT con un copiar y pegar



ms.

[guess400]

buenas noches, es una ventana emergente la que me lo informa, no sabria decir la aplicacion, abajo a la derecha al lado del reloj aparece en mayusculas VIRUS ALERT!

y no puedo accesar al disco C: por ningun lado, dolo a mis documentos

[msc hotline sat]

Entonces es propio de un FAKE ALERT, de los que aparecen nuevos a diario ...



Posteenos el informe que genera el SPROCES, como decia en mi anterior post, para tratar de descubrir al culpable.



saludos



ms, 26-07-2008

[guess400]

buenos dia, no puedo postear ningun informe ya que ellos se generan en c: y no puedo verlo!! solo me funciona mis documentos y internet explorer

saludos

[msc hotline sat]

Mira de ir a C:\ con el explorador de windows, no con MIPC a ver si asi llegas, igualmente prueba abriendo el bloc de Notas con Inicio-> ejecutar-> notepad.exe a ver si puedes navegar hasta C:\ y abrir el SPROCLOG.TXT , y nos cuentas el resultado



SI de ninguna de las formas pudieras, excepcionalmente añadelo a tu proximo post de respuesta de este Tema



saludos



ms, 25-07-2008

[guess400]

buenas noches aqui le coloco lo solicitado

gracias

Sun Jul 27 19:19:00 2008

SProces v3.1 (c)2008 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3

Internet Explorer: (v7.0.5730.13) 0



Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE

C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRA~1\AVG\AVG8\AVGWDSVC.EXE

C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE

C:\WINDOWS\OEM02MON.EXE

C:\PROGRAM FILES\DELL NETWORK ASSISTANT\HNM_SVC.EXE

C:\PROGRAM FILES\INTEL\WIRELESS\BIN\ZCFGSVC.EXE

C:\PROGRA~1\AVG\AVG8\AVGAM.EXE

C:\PROGRAM FILES\NERO\NERO8\NERO BACKITUP\NBSERVICE.EXE

C:\PROGRAM FILES\INTEL\WIRELESS\BIN\IFRMEWRK.EXE

C:\PROGRA~1\AVG\AVG8\AVGRSX.EXE

C:\PROGRAM FILES\DELL\DELL WEBCAM MANAGER\DELLWMGR.EXE

C:\PROGRA~1\AVG\AVG8\AVGNSX.EXE

C:\PROGRA~1\AVG\AVG8\AVGTRAY.EXE

C:\PROGRAM FILES\DELL SUPPORT CENTER\BIN\SPRTCMD.EXE

C:\WINDOWS\SYSTEM32\RUNDLL32.EXE

C:\WINDOWS\SYSTEM32\RUNDLL32.EXE

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE

C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE

C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE

C:\WINDOWS\SYSTEM32\CTFMON.EXE

C:\WINDOWS\SYSTEM32\NVSVC32.EXE

C:\WINDOWS\SYSTEM32\MPXA.EXE

C:\PROGRAM FILES\INTEL\WIRELESS\BIN\REGSRVC.EXE

C:\PROGRAM FILES\DELL SUPPORT CENTER\BIN\SPRTSVC.EXE

C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BTTRAY.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\INTEL\WIRELESS\BIN\WLKEEPER.EXE

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\PROGRA~1\AVG\AVG8\AVGEMC.EXE

C:\PROGRAM FILES\DELL NETWORK ASSISTANT\EZI_HNM2.EXE

C:\PROGRAM FILES\DELL SUPPORT CENTER\GS_AGENT\DSC.EXE

C:\WINDOWS\SYSTEM32\WUAUCLT.EXE

C:\DOCUMENTS AND SETTINGS\GUSTAVO SANCHEZ\MY DOCUMENTS\BAJADOS\ANTIVIRUS\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/en/us/default.aspxisapi/redir.dll?prd=ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [mpt] c:\WINDOWS\system32\mpt.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe

O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start

O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO

O4 - Startup: desktop.ini

O4 - Global Startup: Adobe Gamma Loader.lnk

O4 - Global Startup: Bluetooth.lnk

O4 - Global Startup: Dell Network Assistant.lnk

O4 - Global Startup: desktop.ini

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1215056990531

O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL

O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL

O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll

O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll



Información Adicional:

----------------------

ShellExecuteHooks: {7E156AAE-FA60-44A1-8E69-2E0E0030F1F6} - - (no file)



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: AEGIS Protocol (IEEE 802.1x) v3.7.4.0 (AegisP) - Cisco Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\AegisP.sys

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: AVG8 Network Redirector (AvgTdiX) - AVG Technologies CZ, s.r.o. - C:\WINDOWS\System32\Drivers\avgtdix.sys

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: DellAutomatedPCTuneUp UniDriver (datunidr) - Gteko Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\datunidr.sys

**O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost -k DcomLaunch (file missing)

O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe

O23 - Service: mdmxsdk - Conexant - C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Auto Internet Protocol (Packet) - SingleClick Systems - C:\WINDOWS\SYSTEM32\DRIVERS\packet.sys

O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: rimmptsk - REDC - C:\WINDOWS\SYSTEM32\DRIVERS\rimmptsk.sys

O23 - Service: rimsptsk - REDC - C:\WINDOWS\SYSTEM32\DRIVERS\rimsptsk.sys

O23 - Service: Ricoh xD-Picture Card Driver (rismxdp) - REDC - C:\WINDOWS\SYSTEM32\DRIVERS\rixdptsk.sys

**O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost -k rpcss (file missing)

O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: ATE_PROCMON - Unknown owner - C:\Program Files\Anti Trojan Elite\ATEPMon.sys

O23 - Service: Broadcom 440x 10/100 Integrated Controller XP Driver (bcm4sbxp) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys

O23 - Service: Dispositivo de audio Bluetooth (btaudio) - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\drivers\btaudio.sys

O23 - Service: Controlador de comunicaciones virtual Bluetooth (BTDriver) - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\btport.sys

O23 - Service: Enumerador de bus Bluetooth (BTKRNL) - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\btkrnl.sys

O23 - Service: Servidor de acceso a LAN Bluetooth (BTWDNDIS) - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\btwdndis.sys

O23 - Service: btwhid - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\btwhid.sys

O23 - Service: Fax-módem Bluetooth (btwmodem) - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\btwmodem.sys

O23 - Service: WIDCOMM USB Bluetooth Driver (BTWUSB) - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\Drivers\btwusb.sys

O23 - Service: DellAMBrokerService - Unknown owner - C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe

**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corp., Veritas Software - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: DXEC02 - Knowles Acoustics - C:\WINDOWS\SYSTEM32\drivers\dxec02.sys

O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys

O23 - Service: USB EMP Audio Device (emAudio) - Empia Technology, Inc. - C:\WINDOWS\SYSTEM32\drivers\emAudio.sys

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Microsoft UAA Bus Driver for High Definition Audio (HDAudBus) - Windows (R) Server 2003 DDK provider - C:\WINDOWS\SYSTEM32\DRIVERS\HDAudBus.sys

O23 - Service: HSFHWAZL - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWAZL.sys

O23 - Service: HSF_DPV - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DPV.sys

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: MS1000 - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\MS1000.sys

O23 - Service: Controlador del adaptador Intel(R) Wireless WiFi Link para Windows XP de 32 bits (NETw4x32) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\NETw4x32.sys

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Nokia USB Generic - Nokia - C:\WINDOWS\SYSTEM32\drivers\nmwcdc.sys

O23 - Service: Nokia USB Modem - Nokia - C:\WINDOWS\SYSTEM32\drivers\nmwcdcm.sys

O23 - Service: Nokia USB Phone Parent - Nokia - C:\WINDOWS\SYSTEM32\drivers\nmwcd.sys

O23 - Service: Nokia USB Port - Nokia - C:\WINDOWS\SYSTEM32\drivers\nmwcdcj.sys

O23 - Service: nv - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys

O23 - Service: Provides a software interface to control audio effects of OEM002 camera. (OEM02Afx) - Creative Technology Ltd. - C:\WINDOWS\system32\Drivers\OEM02Afx.sys

O23 - Service: Creative Camera OEM002 Driver (OEM02Dev) - Creative Technology Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\OEM02Dev.sys

O23 - Service: Creative Camera OEM002 Video VFX Driver (OEM02Vfx) - EyePower Games Pte. Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\OEM02Vfx.sys

O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys

O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys

O23 - Service: PTproct - Gteko Ltd. - C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys

O23 - Service: Secdrv - Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

O23 - Service: SigmaTel High Definition Audio CODEC (STHDA) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\sthda.sys

O23 - Service: Synaptics TouchPad Driver (SynTP) - Synaptics, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys

*O23 - Service: Terminal Services (TermService) - Unknown owner - C:\WINDOWS\System32\svchost -k DComLaunch (file missing)

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: USB 2861 Device (USB28xxBGA) - eMPIA Technology, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\emBDA.sys

O23 - Service: USB 28xx OEM Filter (USB28xxOEM) - eMPIA Technology, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\emOEM.sys

O23 - Service: winachsf - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys



Listado de Servicios (Deshabilitados):

--------------------------------------

O23 - Service: AliIde - Acer Laboratories Inc. - C:\WINDOWS\system32\DRIVERS\aliide.sys

O23 - Service: AMD AGP Bus Filter Driver (amdagp) - Advanced Micro Devices, Inc. - C:\WINDOWS\system32\DRIVERS\amdagp.sys

O23 - Service: asc - Advanced System Products, Inc. - C:\WINDOWS\system32\DRIVERS\asc.sys

O23 - Service: asc3550 - Advanced System Products, Inc. - C:\WINDOWS\system32\DRIVERS\asc3550.sys

O23 - Service: CmdIde - CMD Technology, Inc. - C:\WINDOWS\system32\DRIVERS\cmdide.sys

O23 - Service: dac2w2k - Mylex Corporation - C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

**O23 - Service: dmboot - Microsoft Corp., Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys

O23 - Service: mraid35x - American Megatrends Inc. - C:\WINDOWS\system32\DRIVERS\mraid35x.sys

O23 - Service: ql1080 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql1080.sys

O23 - Service: ql12160 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql12160.sys

O23 - Service: ql1280 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql1280.sys

O23 - Service: SIS AGP Bus Filter (sisagp) - Silicon Integrated Systems Corporation - C:\WINDOWS\system32\DRIVERS\sisagp.sys

O23 - Service: Sparrow - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\sparrow.sys

O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)

O23 - Service: symc810 - Symbios Logic Inc. - C:\WINDOWS\system32\DRIVERS\symc810.sys

O23 - Service: symc8xx - LSI Logic - C:\WINDOWS\system32\DRIVERS\symc8xx.sys

O23 - Service: sym_hi - LSI Logic - C:\WINDOWS\system32\DRIVERS\sym_hi.sys

O23 - Service: sym_u3 - LSI Logic - C:\WINDOWS\system32\DRIVERS\sym_u3.sys

O23 - Service: ultra - Promise Technology, Inc. - C:\WINDOWS\system32\DRIVERS\ultra.sys



83 Servicios.

22 de Carga Automatica.

42 de Carga Manual.

19 Deshabilitados.

[msc hotline sat]

Pues tienes buena cantidad de residentes ... ! empecemos por este



Envianos muestra para analizar de:





C:\WINDOWS\SYSTEM32\MPXA.EXE





[b]¿Como enviar las muestras a zonavirus? - Para ello recordar[/b]:

https://foros.zonavirus.com/viewtopic.php?f=5&t=14253



saludos



ms, 28-07-2008