Buenos días, el problema que tengo con el troyano Trj/CI.A es que no me lo elimina el antivirus, me dice No Desinfectable, y me gustaría saber cómo eliminarlo. El S.O. es el Windows 7, y el antivirus es el Global Protection 2010.
Gracias por vuestra ayuda, y un saludo.
No puedo eliminar el troyano Trj/CI.A (SOLUCIONADO)
Re: No puedo eliminar el troyano Trj/CI.A
Haz lo siguiente: bajate estos programitas y ejecutalos de modo seguro, después que termine nos pegas el resultado que se crea en C:infosat.txt
Descargar ElistAra
Descargar Elinotif (complemento de ElistAra deben estar en el mismo lugar)
Descargar ElistAra
Descargar Elinotif (complemento de ElistAra deben estar en el mismo lugar)
La vida es hermosa....para que complicarnosla Re: No puedo eliminar el troyano Trj/CI.A
Buenas tardes, ya me descargué el Elistara y el fichero complemento Elinotif, pero no me termina de realizar el escaneo completo, el programa se rompe cuando llega a un punto y se cierra.... Al menos ha encontrado un malware y el TBConduit (creo), y en el 2º escaneo los ha eliminado... Pero me sigue fallando algo, pues cuando me conecto a Internet, o abro el navegador me salen unos anuncios pesadísimos constantemente...... Os suena qué clase de bicho se me abrá instalado? Alguna idea? Gracias por la ayuda....
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: No puedo eliminar el troyano Trj/CI.A
Puede tratarse de cualquier adware de los que hay miles de nuevos cada día...
Si no lo conoce el ELISTARA, lanza el SPROCES y tras pulsar en SALIR generará un informe, abrelo con el bloc de notas y con un copiar y pegar, nos posteas su contenido como respuesta de este Tema, y tras analizarlo te informaremos de lo que encontremos sospechoso:
ms, 7-4-2011
Si no lo conoce el ELISTARA, lanza el SPROCES y tras pulsar en SALIR generará un informe, abrelo con el bloc de notas y con un copiar y pegar, nos posteas su contenido como respuesta de este Tema, y tras analizarlo te informaremos de lo que encontremos sospechoso:
saludosmsc escribió: SPROCES.EXE (herramienta de investigación)
http://www.zonavirus.com/descargas/sproces.asp
ms, 7-4-2011
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: No puedo eliminar el troyano Trj/CI.A
(8-4-2011 09:12:14 GMT)
SProces v5.2 (c)2010 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Ultimate (v6.1)
Internet Explorer: (v9.0.8112.16421) 0
Nombre Equipo: SERVIDOR
Nombre Usuario: HYDRO
Procesos Activos:
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\USERS\HYDRO\APPDATA\ROAMING\EOREZO\SOFTWAREUPDATE\SOFTWAREUPDATEHP.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 8.0\ACROBAT\ACROTRAY.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQSRMON.EXE
C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\PROGRAM FILES\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\NOKIAMSERVER.EXE
C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
C:\PROGRAM FILES\COMMON FILES\NERO\LIB\NMINDEXSTORESVR.EXE
C:\USERS\HYDRO\APPDATA\LOCAL\APPS\2.0\OR45J9MM.X86\X154AXN3.TXP\MESS..TION_6A54BFF4286A68B1_0001.0000_5FB476926FA2F83F\MESSENGERTBHIDER.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE14\MSOSYNC.EXE
C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\NOKIAOVISUITE.EXE
C:\PROGRAM FILES\SPICEWORKS\BIN\SPICETRAY.EXE
C:\PROGRAM FILES\SPICEWORKS\HTTPD\BIN\SPICEWORKS-HTTPD.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\PROGRAM FILES\SPICEWORKS\HTTPD\BIN\SPICEWORKS-HTTPD.EXE
C:\PROGRA~1\SPICEW~1\BIN\SPICEWORKS.EXE
C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLMSBTSRVEX.EXE
D:\GRUPOSP\SPPANEL\SPPG.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\PAVBCKPT.EXE
D:\GRUPOSP\COE11R01\CONTAPLW.EXE
D:\GRUPOSP\COE11R01\DASHBOARDFRAME.EXE
D:\GRUPOSP\FAE11R01\EXE\GESTIONW.EXE
D:\GRUPOSP\FAE11R01\EXE\DASHBOARDFRAME.EXE
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\GOOGLE\GOOGLE TOOLBAR\GOOGLETOOLBARUSER_32.EXE
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASHUTIL10M_ACTIVEX.EXE
C:\PROGRAM FILES\WINDOWS LIVE\CONTACTS\WLCOMM.EXE
C:\PROGRAM FILES\WINDOWS LIVE\COMPANION\COMPANIONUSER.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INCREDIMAIL\BIN\INCMAIL.EXE
C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE
C:\PROGRAM FILES\NETVIDEO\VSVIEW\VSVIEW.EXE
C:\WINDOWS\SYSTEM32\CALC.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WEBPROXY.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 8.0\ACROBAT\ACROBATINFO.EXE
C:\USERS\HYDRO\DESKTOP\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.yahoo.es/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: Messenger Plus ES Toolbar - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - C:\Program Files\Messenger_Plus_ES\prxtbMess.dll
R3 - URLSearchHook: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: Softonic.com Toolbar - {56dad8fb-415b-4f9a-86e8-c17d58bca7c3} - C:\Program Files\Softonic.com\tbSof1.dll (file missing)
R3 - URLSearchHook: (no name) - {3796e649-4334-4cbf-89d3-a927554ad438} - (no file)
R3 - URLSearchHook: Messenger Plus ES Toolbar - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - C:\Program Files\Messenger_Plus_ES\prxtbMess.dll (HKLM)
R3 - URLSearchHook: Softonic.com Toolbar - {56dad8fb-415b-4f9a-86e8-c17d58bca7c3} - C:\Program Files\Softonic.com\tbSof1.dll (file missing) (HKLM)
R3 - URLSearchHook: (no name) - {3796e649-4334-4cbf-89d3-a927554ad438} - (no file) (HKLM)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Softonic.com Toolbar - {56dad8fb-415b-4f9a-86e8-c17d58bca7c3} - C:\Program Files\Softonic.com\tbSof1.dll (file missing)
O2 - BHO: Messenger Plus ES - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - C:\Program Files\Messenger_Plus_ES\prxtbMess.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Softonic.com Toolbar - {56dad8fb-415b-4f9a-86e8-c17d58bca7c3} - C:\Program Files\Softonic.com\tbSof1.dll (file missing)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus ES Toolbar - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - C:\Program Files\Messenger_Plus_ES\prxtbMess.dll
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Messenger Taskbar Hider] C:\Users\HYDRO\AppData\Local\Apps\2.0\OR45J9MM.X86\X154AXN3.TXP\mess..tion_6a54bff4286a68b1_0001.0000_5fb476926fa2f83f\MessengerTBHider.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Spiceworks] C:\Program Files\Spiceworks\bin\spicetray_silent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EoEngine]
O4 - HKLM\..\Run: [EoWeather]
O4 - HKLM\..\Run: [eorezo]
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\HYDRO\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\Conceptronic\Software Bluetooth\BTTray.exe
O4 - Global Startup: Inicio rápido de Adobe Acrobat.lnk = C:\Windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe
O8 - Extra context menu item: Abrir imagen en &Microsoft PhotoDraw - res://C:\PROGRA~1\MIC581~1\Office\3082\phdintl.dll/phdContext.htm
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a archivo PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir vínculos seleccionados a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Program Files\Conceptronic\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O8 - Extra context menu item: S&end to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIFE82~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) -http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1270732741958
O16 - DPF: {648B424D-2FD9-4F13-9417-EC8466614673} (SDFlPlyr Control) -https://software.securitasdirect.es/viewer/activex/sdflplyr.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) -https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) -http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) -http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_24) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) -http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) -https://aeat.es/imagenes/comun/cactivex.cab
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -http://download.macromedia.com/pub/shockwave/cabs/flash/swflash5r42.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{786530D8-F7F6-4C06-8A5A-1794638D4B4F}: NameServer = 80.58.61.250,80.58.61.254
O18 - Protocol hijack: about - (datos no accesibles)
O18 - Protocol hijack: dvd - (datos no accesibles)
O18 - Protocol hijack: its - (datos no accesibles)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol hijack: mhtml - (datos no accesibles)
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol hijack: ms-its - (datos no accesibles)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol hijack: tv - (datos no accesibles)
O18 - Protocol hijack: vbscript - (datos no accesibles)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: AVLDR - AVLDR.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
Información Adicional:
----------------------
WinSys\Drivers\adp94xx.sys (de 422976 bytes) () Adaptec, Inc.
WinSys\Drivers\bxvbdx.sys (de 430080 bytes) () Broadcom Corporation
WinSys\Drivers\dxgkrnl.sys (de 728448 bytes) () Microsoft Corporation
WinSys\Drivers\elxstor.sys (de 453712 bytes) () Emulex
WinSys\Drivers\http.sys (de 513536 bytes) () Microsoft Corporation
WinSys\Drivers\ndis.sys (de 712576 bytes) () Microsoft Corporation
WinSys\Drivers\PEAuth.sys (de 586752 bytes) () Microsoft Corporation
WinSys\Drivers\spsys.sys (de 405504 bytes) () Microsoft Corporation
WinSys\Drivers\Wdf01000.sys (de 445008 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AmFSM - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\amm8660.sys
O23 - Service: App Filter Plugin (APPFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\APPFLT.SYS
O23 - Service: Bluetooth Serial Driver (BTSERIAL) - Broadcom Corporation. - C:\Windows\system32\drivers\btserial.sys
O23 - Service: Bluetooth Port Client Driver (BTSLBCSP) - Broadcom Corporation. - C:\Windows\system32\drivers\btslbcsp.sys
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Conceptronic\Software Bluetooth\bin\btwdins.exe
O23 - Service: Panda Anti-Dialer (ComFiltr) - Unknown owner - C:\Windows\system32\DRIVERS\COMFiltr.sys
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Firebird Server - Firebird 2.1 Sage Instance (FirebirdServerFirebird 2.1 Sage Instance) - Unknown owner - C:\Program Files\Firebird 2.1\bin\fbserver.exe" -s "Firebird 2.1 S (file missing)
O23 - Service: NetMon Filter Plugin (FNETMON) - Panda Security, S.L. - C:\Windows\system32\Drivers\fnetmon.SYS
O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Panda Goodware Cache Manager (Gwmsrv) - Panda Security, S.L. - C:\Windows\system32\svchost -k Panda - C:\Program Files\Panda Security\Panda Global Protection 2010\Gwmsrv.dll
O23 - Service: HP Network Devices Support (HPSLPSVC) - Hewlett-Packard Co. - %SystemRoot%\system32\svchost.exe -k HPService - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
O23 - Service: Ids Filter Plugin (IDSFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\IDSFLT.SYS
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Net Driver HPZ12 - Hewlett-Packard - %SystemRoot%\System32\svchost.exe -k HPZ12 - C:\Windows\system32\HPZinw12.dll
O23 - Service: Panda Net Driver [TDI Layer] (NETFLTDI) - Panda Security, S.L. - C:\Windows\system32\Drivers\NETFLTDI.SYS
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
O23 - Service: Panda Process Protection Driver (PavProc) - Panda Security, S.L. - C:\Windows\system32\DRIVERS\PavProc.sys
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
O23 - Service: Pml Driver HPZ12 - Hewlett-Packard - %SystemRoot%\System32\svchost.exe -k HPZ12 - C:\Windows\system32\HPZipm12.dll
O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe
*O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe
O23 - Service: srenum (srenum.old) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\srenum.sys (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe
**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
O23 - Service: Wifi Monitor Filter Plugin (WNMFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\WNMFLT.SYS
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys
O23 - Service: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVAC.SYS
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys
O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys
O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Antivirus Filter Driver (AvFlt) - Unknown owner - C:\WINDOWS\system32\drivers\av5flt.sys (file missing)
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys
O23 - Service: WIDCOMM USB Bluetooth Driver (BTWUSB) - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\Drivers\btwusb.sys
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - %SystemRoot%\system32\svchost.exe -k defragsvc - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys
O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys
O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys
O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys
O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys
O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys
O23 - Service: LUMDriver - IBM - C:\Windows\system32\drivers\LUMDriver.sys
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - %SystemRoot%\System32\svchost.exe -k NetworkService - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: PANDA NDIS IM Filter Miniport v1.6.0.39 (NETIMFLT01060039) - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\neti1639.sys
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NetGroup Packet Filter Driver (NPF) - CACE Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\npf.sys
O23 - Service: NVIDIA nForce Networking Controller Driver (NVENETFD) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nvmfdx32.sys
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nvlddmkm.sys
O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: PavSRK.sys - Unknown owner - C:\Windows\system32\PavSRK.sys (file missing)
O23 - Service: PavTPK.sys - Unknown owner - C:\Windows\system32\PavTPK.sys (file missing)
O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys
O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - %SystemRoot%\system32\svchost.exe -k SDRSVC - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys
O23 - Service: USB2.0 PC Camera (SNP2STD) (SNP2STD) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2sxp.sys
O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys
O23 - Service: Synth3dVsc - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\synth3dvsc.sys (file missing)
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: TeamViewer VPN Adapter (teamviewervpn) - TeamViewer GmbH - C:\WINDOWS\SYSTEM32\DRIVERS\teamviewervpn.sys
O23 - Service: @%SystemRoot%\system32\drivers\tsusbhub.sys,-1 (tsusbhub) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tsusbhub.sys (file missing)
O23 - Service: VGPU - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\rdvgkmd.sys (file missing)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - %SystemRoot%\System32\svchost.exe -k WerSvcGroup - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
111 Servicios.
32 de Carga Automatica.
79 de Carga Manual.
0 Deshabilitados.
SProces v5.2 (c)2010 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Ultimate (v6.1)
Internet Explorer: (v9.0.8112.16421) 0
Nombre Equipo: SERVIDOR
Nombre Usuario: HYDRO
Procesos Activos:
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\USERS\HYDRO\APPDATA\ROAMING\EOREZO\SOFTWAREUPDATE\SOFTWAREUPDATEHP.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 8.0\ACROBAT\ACROTRAY.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQSRMON.EXE
C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\PROGRAM FILES\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\NOKIAMSERVER.EXE
C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
C:\PROGRAM FILES\COMMON FILES\NERO\LIB\NMINDEXSTORESVR.EXE
C:\USERS\HYDRO\APPDATA\LOCAL\APPS\2.0\OR45J9MM.X86\X154AXN3.TXP\MESS..TION_6A54BFF4286A68B1_0001.0000_5FB476926FA2F83F\MESSENGERTBHIDER.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE14\MSOSYNC.EXE
C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\NOKIAOVISUITE.EXE
C:\PROGRAM FILES\SPICEWORKS\BIN\SPICETRAY.EXE
C:\PROGRAM FILES\SPICEWORKS\HTTPD\BIN\SPICEWORKS-HTTPD.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\PROGRAM FILES\SPICEWORKS\HTTPD\BIN\SPICEWORKS-HTTPD.EXE
C:\PROGRA~1\SPICEW~1\BIN\SPICEWORKS.EXE
C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLMSBTSRVEX.EXE
D:\GRUPOSP\SPPANEL\SPPG.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\PAVBCKPT.EXE
D:\GRUPOSP\COE11R01\CONTAPLW.EXE
D:\GRUPOSP\COE11R01\DASHBOARDFRAME.EXE
D:\GRUPOSP\FAE11R01\EXE\GESTIONW.EXE
D:\GRUPOSP\FAE11R01\EXE\DASHBOARDFRAME.EXE
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\GOOGLE\GOOGLE TOOLBAR\GOOGLETOOLBARUSER_32.EXE
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASHUTIL10M_ACTIVEX.EXE
C:\PROGRAM FILES\WINDOWS LIVE\CONTACTS\WLCOMM.EXE
C:\PROGRAM FILES\WINDOWS LIVE\COMPANION\COMPANIONUSER.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INCREDIMAIL\BIN\INCMAIL.EXE
C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE
C:\PROGRAM FILES\NETVIDEO\VSVIEW\VSVIEW.EXE
C:\WINDOWS\SYSTEM32\CALC.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WEBPROXY.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 8.0\ACROBAT\ACROBATINFO.EXE
C:\USERS\HYDRO\DESKTOP\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: Messenger Plus ES Toolbar - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - C:\Program Files\Messenger_Plus_ES\prxtbMess.dll
R3 - URLSearchHook: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: Softonic.com Toolbar - {56dad8fb-415b-4f9a-86e8-c17d58bca7c3} - C:\Program Files\Softonic.com\tbSof1.dll (file missing)
R3 - URLSearchHook: (no name) - {3796e649-4334-4cbf-89d3-a927554ad438} - (no file)
R3 - URLSearchHook: Messenger Plus ES Toolbar - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - C:\Program Files\Messenger_Plus_ES\prxtbMess.dll (HKLM)
R3 - URLSearchHook: Softonic.com Toolbar - {56dad8fb-415b-4f9a-86e8-c17d58bca7c3} - C:\Program Files\Softonic.com\tbSof1.dll (file missing) (HKLM)
R3 - URLSearchHook: (no name) - {3796e649-4334-4cbf-89d3-a927554ad438} - (no file) (HKLM)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Softonic.com Toolbar - {56dad8fb-415b-4f9a-86e8-c17d58bca7c3} - C:\Program Files\Softonic.com\tbSof1.dll (file missing)
O2 - BHO: Messenger Plus ES - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - C:\Program Files\Messenger_Plus_ES\prxtbMess.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Softonic.com Toolbar - {56dad8fb-415b-4f9a-86e8-c17d58bca7c3} - C:\Program Files\Softonic.com\tbSof1.dll (file missing)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus ES Toolbar - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - C:\Program Files\Messenger_Plus_ES\prxtbMess.dll
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Messenger Taskbar Hider] C:\Users\HYDRO\AppData\Local\Apps\2.0\OR45J9MM.X86\X154AXN3.TXP\mess..tion_6a54bff4286a68b1_0001.0000_5fb476926fa2f83f\MessengerTBHider.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Spiceworks] C:\Program Files\Spiceworks\bin\spicetray_silent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EoEngine]
O4 - HKLM\..\Run: [EoWeather]
O4 - HKLM\..\Run: [eorezo]
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\HYDRO\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\Conceptronic\Software Bluetooth\BTTray.exe
O4 - Global Startup: Inicio rápido de Adobe Acrobat.lnk = C:\Windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe
O8 - Extra context menu item: Abrir imagen en &Microsoft PhotoDraw - res://C:\PROGRA~1\MIC581~1\Office\3082\phdintl.dll/phdContext.htm
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a archivo PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir vínculos seleccionados a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Program Files\Conceptronic\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O8 - Extra context menu item: S&end to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIFE82~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) -
O16 - DPF: {648B424D-2FD9-4F13-9417-EC8466614673} (SDFlPlyr Control) -
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) -
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) -
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_24) -
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) -
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) -
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{786530D8-F7F6-4C06-8A5A-1794638D4B4F}: NameServer = 80.58.61.250,80.58.61.254
O18 - Protocol hijack: about - (datos no accesibles)
O18 - Protocol hijack: dvd - (datos no accesibles)
O18 - Protocol hijack: its - (datos no accesibles)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol hijack: mhtml - (datos no accesibles)
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol hijack: ms-its - (datos no accesibles)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol hijack: tv - (datos no accesibles)
O18 - Protocol hijack: vbscript - (datos no accesibles)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: AVLDR - AVLDR.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
Información Adicional:
----------------------
WinSys\Drivers\adp94xx.sys (de 422976 bytes) () Adaptec, Inc.
WinSys\Drivers\bxvbdx.sys (de 430080 bytes) () Broadcom Corporation
WinSys\Drivers\dxgkrnl.sys (de 728448 bytes) () Microsoft Corporation
WinSys\Drivers\elxstor.sys (de 453712 bytes) () Emulex
WinSys\Drivers\http.sys (de 513536 bytes) () Microsoft Corporation
WinSys\Drivers\ndis.sys (de 712576 bytes) () Microsoft Corporation
WinSys\Drivers\PEAuth.sys (de 586752 bytes) () Microsoft Corporation
WinSys\Drivers\spsys.sys (de 405504 bytes) () Microsoft Corporation
WinSys\Drivers\Wdf01000.sys (de 445008 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AmFSM - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\amm8660.sys
O23 - Service: App Filter Plugin (APPFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\APPFLT.SYS
O23 - Service: Bluetooth Serial Driver (BTSERIAL) - Broadcom Corporation. - C:\Windows\system32\drivers\btserial.sys
O23 - Service: Bluetooth Port Client Driver (BTSLBCSP) - Broadcom Corporation. - C:\Windows\system32\drivers\btslbcsp.sys
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Conceptronic\Software Bluetooth\bin\btwdins.exe
O23 - Service: Panda Anti-Dialer (ComFiltr) - Unknown owner - C:\Windows\system32\DRIVERS\COMFiltr.sys
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Firebird Server - Firebird 2.1 Sage Instance (FirebirdServerFirebird 2.1 Sage Instance) - Unknown owner - C:\Program Files\Firebird 2.1\bin\fbserver.exe" -s "Firebird 2.1 S (file missing)
O23 - Service: NetMon Filter Plugin (FNETMON) - Panda Security, S.L. - C:\Windows\system32\Drivers\fnetmon.SYS
O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Panda Goodware Cache Manager (Gwmsrv) - Panda Security, S.L. - C:\Windows\system32\svchost -k Panda - C:\Program Files\Panda Security\Panda Global Protection 2010\Gwmsrv.dll
O23 - Service: HP Network Devices Support (HPSLPSVC) - Hewlett-Packard Co. - %SystemRoot%\system32\svchost.exe -k HPService - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
O23 - Service: Ids Filter Plugin (IDSFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\IDSFLT.SYS
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Net Driver HPZ12 - Hewlett-Packard - %SystemRoot%\System32\svchost.exe -k HPZ12 - C:\Windows\system32\HPZinw12.dll
O23 - Service: Panda Net Driver [TDI Layer] (NETFLTDI) - Panda Security, S.L. - C:\Windows\system32\Drivers\NETFLTDI.SYS
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
O23 - Service: Panda Process Protection Driver (PavProc) - Panda Security, S.L. - C:\Windows\system32\DRIVERS\PavProc.sys
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
O23 - Service: Pml Driver HPZ12 - Hewlett-Packard - %SystemRoot%\System32\svchost.exe -k HPZ12 - C:\Windows\system32\HPZipm12.dll
O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe
*O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe
O23 - Service: srenum (srenum.old) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\srenum.sys (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe
**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
O23 - Service: Wifi Monitor Filter Plugin (WNMFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\WNMFLT.SYS
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys
O23 - Service: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVAC.SYS
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys
O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys
O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Antivirus Filter Driver (AvFlt) - Unknown owner - C:\WINDOWS\system32\drivers\av5flt.sys (file missing)
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys
O23 - Service: WIDCOMM USB Bluetooth Driver (BTWUSB) - Broadcom Corporation. - C:\WINDOWS\SYSTEM32\Drivers\btwusb.sys
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - %SystemRoot%\system32\svchost.exe -k defragsvc - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys
O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys
O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys
O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys
O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys
O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys
O23 - Service: LUMDriver - IBM - C:\Windows\system32\drivers\LUMDriver.sys
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - %SystemRoot%\System32\svchost.exe -k NetworkService - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: PANDA NDIS IM Filter Miniport v1.6.0.39 (NETIMFLT01060039) - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\neti1639.sys
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NetGroup Packet Filter Driver (NPF) - CACE Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\npf.sys
O23 - Service: NVIDIA nForce Networking Controller Driver (NVENETFD) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nvmfdx32.sys
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nvlddmkm.sys
O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: PavSRK.sys - Unknown owner - C:\Windows\system32\PavSRK.sys (file missing)
O23 - Service: PavTPK.sys - Unknown owner - C:\Windows\system32\PavTPK.sys (file missing)
O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys
O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - %SystemRoot%\system32\svchost.exe -k SDRSVC - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys
O23 - Service: USB2.0 PC Camera (SNP2STD) (SNP2STD) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2sxp.sys
O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys
O23 - Service: Synth3dVsc - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\synth3dvsc.sys (file missing)
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: TeamViewer VPN Adapter (teamviewervpn) - TeamViewer GmbH - C:\WINDOWS\SYSTEM32\DRIVERS\teamviewervpn.sys
O23 - Service: @%SystemRoot%\system32\drivers\tsusbhub.sys,-1 (tsusbhub) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tsusbhub.sys (file missing)
O23 - Service: VGPU - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\rdvgkmd.sys (file missing)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - %SystemRoot%\System32\svchost.exe -k WerSvcGroup - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
111 Servicios.
32 de Carga Automatica.
79 de Carga Manual.
0 Deshabilitados.
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: No puedo eliminar el troyano Trj/CI.A
Analizado el log, puede eliminar esta clave:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
y estos ficheros no los conoocemos, si no son voluntarios, envienoslos para analizar:
C:\USERS\HYDRO\APPDATA\ROAMING\EOREZO\SOFTWAREUPDATE\SOFTWAREUPDATEHP.EXE
C:\USERS\HYDRO\APPDATA\LOCAL\APPS\2.0\OR45J9MM.X86\X154AXN3.TXP\MESS..TION_6A54BFF4286A68B1_0001.0000_5FB476926FA2F83F\MESSENGERTBHIDER.EXE
C:\PROGRA~1\SPICEW~1\BIN\SPICEWORKS.EXE
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASHUTIL10M_ACTIVEX.EXE
C:\Program Files\ConduitEngine\prxConduitEngine.dll
C:\Users\HYDRO\AppData\Local\Apps\2.0\OR45J9MM.X86\X154AXN3.TXP\mess..tion_6a54b ff4286a68b1_0001.0000_5fb476926fa2f83f\MessengerTBHider.exe
(Envienoslos solo si no los conocen y no son voluntarios)
y vemos estas dos claves LSP repetidas:
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
Lance el LSPFIX por si hubiera alguna anomalia que pudiera corregir.
http://www.zonavirus.com/articulos/manual-lsp-fix.asp
http://www.zonavirus.com/descargas/lsp-fix.asp
saludos
ms, 8-4-2011
NOTA: Y sobre lo que dice de que el ELISTARA no puede terminar el escaneo, lance una Comprobación de Errores & Desfragmentación, ya que puede que algun fichero esté dañado o mal asignado, y ahí se corte el proceso.
ms.
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
y estos ficheros no los conoocemos, si no son voluntarios, envienoslos para analizar:
C:\USERS\HYDRO\APPDATA\ROAMING\EOREZO\SOFTWAREUPDATE\SOFTWAREUPDATEHP.EXE
C:\USERS\HYDRO\APPDATA\LOCAL\APPS\2.0\OR45J9MM.X86\X154AXN3.TXP\MESS..TION_6A54BFF4286A68B1_0001.0000_5FB476926FA2F83F\MESSENGERTBHIDER.EXE
C:\PROGRA~1\SPICEW~1\BIN\SPICEWORKS.EXE
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASHUTIL10M_ACTIVEX.EXE
C:\Program Files\ConduitEngine\prxConduitEngine.dll
C:\Users\HYDRO\AppData\Local\Apps\2.0\OR45J9MM.X86\X154AXN3.TXP\mess..tion_6a54b ff4286a68b1_0001.0000_5fb476926fa2f83f\MessengerTBHider.exe
(Envienoslos solo si no los conocen y no son voluntarios)
y vemos estas dos claves LSP repetidas:
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
Lance el LSPFIX por si hubiera alguna anomalia que pudiera corregir.
http://www.zonavirus.com/articulos/manual-lsp-fix.asp
http://www.zonavirus.com/descargas/lsp-fix.asp
saludos
ms, 8-4-2011
NOTA: Y sobre lo que dice de que el ELISTARA no puede terminar el escaneo, lance una Comprobación de Errores & Desfragmentación, ya que puede que algun fichero esté dañado o mal asignado, y ahí se corte el proceso.
ms.
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: No puedo eliminar el troyano Trj/CI.A
Buenas tardes, os acabo de enviar las muestras a analizar, y he lanzado el lspfix, pero dice que no ha encontrado ningún problema. Salen las siguientes claves, pero no me atrevo a eliminar ninguna: NLAapi.dll, napinsp.dll, pnrpnsp.dll (Estos están en el System32), wshbth.dll ("Espacio de nombres de Bluetooth"), WLIDNSP.DLL ("Windows Live NSP"), mswsock.dll (system32) y winrnr.dll ("NTDS).
De momento parece que el windows 7 va bastante bien, y estable, y no me salen ya (de momento) los anuncios dichosos al abrir el navegador..... Un saludo y gracias
De momento parece que el windows 7 va bastante bien, y estable, y no me salen ya (de momento) los anuncios dichosos al abrir el navegador..... Un saludo y gracias
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: No puedo eliminar el troyano Trj/CI.A
En el EXE y la DLL que nos ha enviado no se detectan rutinas viricas, y los demas con maifest que no hemos pedido y que no vienen al caso.
Como que ademas nos dice que con lo hecho parece que ya no salen incidencias, damos por solucionado el tema y procedemos a cerrarlo
Si nos necesita de nuevo, ya sabe donde estamos
saludos
ms, 8.4.2011
Como que ademas nos dice que con lo hecho parece que ya no salen incidencias, damos por solucionado el tema y procedemos a cerrarlo
Si nos necesita de nuevo, ya sabe donde estamos
saludos
ms, 8.4.2011
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online