No puedo accesar a Archivos de Programa

[Diana83]

Hola, espero que alguien pueda ayudarme.



La cosa es esta, trate de entrar a mi carpeta de archivo de programas y me sale un mensaje que dice que requiero de permisos especiales para acceder a ella, al darle en aceptar me niega el acceso, ya revise en la pestaña de seguridad de la carpeta y aparecen marcadas dos casillas de permisos especiales y no hay manera de cambiar nada en ese cuadro de dialogo.



No estoy segura que sea un virus, pero como a ultimas fechas mi maquina esta lenta, se traba, y firefox no funciona correctamente, supuse que podría ser un virus.



Gracias de antemano.

[msc hotline sat]

Puede ser uno de los malwares de última generación, no detectados todavía por los actuales antivirus.



Pruebe el ELISTARA y nos postea el informe resultante:


[quote="para DESCARGAR el ELISTARA, msc"]



http://www.zonavirus.com/descargas/elistara.asp



Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado

del proceso [/quote]



Y si en el informe no se detectara nada ni pidiera muestra para analizar, proceder con el SPROCES :




[quote="msc"]
[b]SPROCES.EXE[/b] (herramienta de investigación)

http://www.zonavirus.com/descargas/sproces.asp



Y tras pulsar en SALIR, postearnos el contenido del C:\SPROCLOG.TXT [/quote]
lo analizaremos e informaremos al respecto.



saludos



ms, 13-5-2011

RMXDF

[Diana83]

(14-5-2011 01:56:58 GMT)

SProces v5.5 (c)2010 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows Vista (TM) Home Premium (v6.0.6002)

Parche MS08-067 (Servicio Servidor) NO Instalado.

Internet Explorer: (v8.0.6001.19048) 0

Equipo: NANA

Usuario: Especial

Sesión de Usuario: Especial



Procesos Activos:

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM FILES\SAFARI\SAFARI.EXE

C:\USERS\ESPECIAL\APPDATA\LOCAL\TEMP\I04R8XDJ.TMP\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R0 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.mx/ (User 'walmaert')

R0 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (User 'walmaert')

R0 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ (User 'Cheef')

R0 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (User 'Cheef')

R0 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-501\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.mx/ig/dell?hl=es&client=dell-row&channel=mx&ibd=4081022 (User 'Invitado')

R0 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-501\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (User 'Invitado')

R1 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0) (User 'walmaert')

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (User 'walmaert')

R3 - URLSearchHook: (no name) - - (no file) (User 'walmaert')

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (User 'Cheef')

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (User 'Invitado')

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll

O4 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'walmaert')

O4 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1000\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User 'walmaert')

O4 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1000\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (User 'walmaert')

O4 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1000\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray (User 'walmaert')

O4 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1001\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Cheef')

O4 - HKUS\S-1-5-21-3611491758-3653059179-3370647883-1001\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -update plugin (User 'Cheef')

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2

O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup

O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio Local')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio Local')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio de red')

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe

O4 - User Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr (User 'walmaert')

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 (User 'walmaert')

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html (User 'walmaert')

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\walmaert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\BONJOUR\MDNSNSP.DLL

O13 - Gopher Prefix: NULL2

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_24) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O20 - Winlogon Notify: GOTOASSIST - C:\PROGRAM FILES\CITRIX\GOTOASSIST\514\G2AWINLOGON.DLL

O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll



Información Adicional:

----------------------

WinSys\Drivers\adp94xx.sys (de 422968 bytes) () Adaptec, Inc.

WinSys\Drivers\dxgkrnl.sys (de 638336 bytes) () Microsoft Corporation

WinSys\Drivers\hdaudbus.sys (de 561152 bytes) () Microsoft Corporation

WinSys\Drivers\http.sys (de 411648 bytes) () Microsoft Corporation

WinSys\Drivers\ksecdd.sys (de 439864 bytes) () Microsoft Corporation

WinSys\Drivers\ndis.sys (de 527848 bytes) () Microsoft Corporation

WinSys\Drivers\PEAuth.sys (de 878080 bytes) () Microsoft Corporation

WinSys\Drivers\spsys.sys (de 684032 bytes) () Microsoft Corporation

WinSys\Drivers\tcpip.sys (de 905088 bytes) () Microsoft Corporation

WinSys\Drivers\VSTCNXT3.SYS (de 654336 bytes) () Conexant Systems, Inc.

WinSys\Drivers\VSTDPV3.SYS (de 987648 bytes) () Conexant Systems, Inc.

WinSys\Drivers\Wdf01000.sys (de 445008 bytes) () Microsoft Corporation



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\WINDOWS\system32\AERTSrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Norton AntiVirus (NAV) - Unknown owner - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe" /s "NAV" /m "C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\diMaster.dll (file missing)

O23 - Service: Realtek NDIS Protocol Driver (RtNdPt60) - Windows (R) Codename Longhorn DDK provider - C:\WINDOWS\SYSTEM32\DRIVERS\RtNdPt60.sys

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing)

**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE %SystemRoot%\System32\bcmwltry.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: BCM42RLY - Broadcom Corporation - C:\WINDOWS\SYSTEM32\drivers\BCM42RLY.sys

O23 - Service: Controlador de la tarjeta de red inalámbrica WLAN de Dell (BCM43XX) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\bcmwl6.sys

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltlo.sys

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltup.sys

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brusbser.sys

O23 - Service: DLXPDisplayName - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\DLACPI.sys

O23 - Service: Controlador de conexión de red PCI Express Intel(R) PRO/1000 (e1express) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e1e6032.sys

O23 - Service: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\E1G60I32.sys

O23 - Service: EraserUtilRebootDrv - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys

O23 - Service: Administrador de Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

*O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd32.sys

O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys

O23 - Service: IP in IP Tunnel Driver (IpInIp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys (file missing)

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec /V (file missing)

O23 - Service: NAVENG - Symantec Corporation - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20110513.019\NAVENG.SYS

O23 - Service: NAVEX15 - Symantec Corporation - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20110513.019\NAVEX15.SYS

O23 - Service: IPX Traffic Filter Driver (NwlnkFlt) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkflt.sys (file missing)

O23 - Service: IPX Traffic Forwarder Driver (NwlnkFwd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkfwd.sys (file missing)

O23 - Service: Provides a software interface to control audio effects of OA002 camera. (OA002Afx) - Creative Technology Ltd. - C:\Windows\system32\Drivers\OA002Afx.sys

O23 - Service: Creative Camera OA002 Upper Filter Driver (OA002Ufd) - Creative Technology Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\OA002Ufd.sys

O23 - Service: Creative Camera OA002 Function Driver (OA002Vid) - Creative Technology Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\OA002Vid.sys

O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys

O23 - Service: PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver (PCDSRVC{E9D79540-57D5953E-06020101}_0) - Unknown owner - c:\program files\dell support center\pcdsrvc.pkm (file missing)

O23 - Service: R300 - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys

O23 - Service: Live! Cam Virtual (RLDesignVirtualAudioCableWdm) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\livecamv.sys

O23 - Service: Realtek 8169 NT Driver (RTL8169) - Realtek - C:\WINDOWS\SYSTEM32\DRIVERS\Rtlh86.sys

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Symantec Real Time Storage Protection (SRTSP) - Symantec Corporation - C:\WINDOWS\System32\Drivers\NAV\1206000.01D\SRTSP.SYS

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: SymEvent - Symantec Corporation - C:\Windows\system32\Drivers\SYMEVENT.SYS

O23 - Service: Apple Mobile USB Driver (USBAAPL) - Apple, Inc. - C:\WINDOWS\SYSTEM32\Drivers\usbaapl.sys

O23 - Service: VSTHWBS2 - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTBS23.SYS

O23 - Service: VST_DPV - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTDPV3.SYS

O23 - Service: winachsf - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTCNXT3.SYS



Listado de Servicios (Deshabilitados):

--------------------------------------

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys

O23 - Service: adpu160m - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu160m.sys

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys

O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\djsvs.sys

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserid.sys

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserwdm.sys

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brusbmdm.sys

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys

O23 - Service: HpCISSs - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\hpcisss.sys

O23 - Service: Intel RAID Controller Vista (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iastorv.sys

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys

O23 - Service: ITEATAPI_Service_Install (iteatapi) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteatapi.sys

O23 - Service: ITERAID_Service_Install (iteraid) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteraid.sys

O23 - Service: LSI_FC - LSI Logic - C:\WINDOWS\system32\drivers\lsi_fc.sys

O23 - Service: LSI_SAS - LSI Logic - C:\WINDOWS\system32\drivers\lsi_sas.sys

O23 - Service: LSI_SCSI - LSI Logic - C:\WINDOWS\system32\drivers\lsi_scsi.sys

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\megasr.sys

O23 - Service: Mraid35x - LSI Logic Corporation - C:\WINDOWS\system32\drivers\mraid35x.sys

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys

O23 - Service: N-trig HID Tablet Driver (ntrigdigi) - N-trig Innovative Technologies - C:\WINDOWS\system32\drivers\ntrigdigi.sys

O23 - Service: NVIDIA nForce RAID Driver (nvraid) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys

O23 - Service: QLogic Fibre Channel Miniport Driver (ql2300) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys

O23 - Service: QLogic iSCSI Miniport Driver (ql40xx) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys

O23 - Service: Symc8xx - LSI Logic - C:\WINDOWS\system32\drivers\symc8xx.sys

O23 - Service: Sym_hi - LSI Logic - C:\WINDOWS\system32\drivers\sym_hi.sys

O23 - Service: Sym_u3 - LSI Logic - C:\WINDOWS\system32\drivers\sym_u3.sys

O23 - Service: uliahci - ULi Electronics Inc. - C:\WINDOWS\system32\drivers\uliahci.sys

O23 - Service: UlSata - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata.sys

O23 - Service: ulsata2 - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata2.sys

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys



91 Servicios.

13 de Carga Automatica.

39 de Carga Manual.

39 Deshabilitados.

[Diana83]

Les mando el de SPROCES porque ELISTARA ni siquiera me dejo bajarlo, ya no reconoce mi cuenta como de administrador y aunque cree otra es igual, que solo tengo permisos especiales y no los puedo modificar. ya me asuste o.o

[msc hotline sat]

Pues convendría lanzar el ELISTARA, pruebelo de hacer arrancando EN MODO SEGURO CON FUNCIONES DE RED, y tras probarlo, postearnoe el contenido de c\infosat.txt





Pero mientras vemos por el Sproclog que usa VISTA... sistema al que no da os soporte, pero que vamos a ver si tiene virus:







Sistema Operativo: Windows Vista (TM) Home Premium (v6.0.6002)



Parche MS08-067 (Servicio Servidor) NO Instalado.



Pues de entrada le faltan parches, especialmente este del MS08-067, sin el que le puede entrar el Conficker como Don Pedro por su casa... Lance un windowsupdate e instale los que encuentre a faltar.







Y vemos estos ficheros que conviene añada .VIR a su extension y enviarnoslos para analizar:



C:\Program Files\Search Settings\SearchSettings.dll



C:\Program Files\Application Updater\ApplicationUpdater.exe





y este otro, de momento no añada ,VIR; pero envienoslo tambien:



oobefldr.dll



el cual puede estar en la carpeta de sistema, sino busquelo con un Inicio -> Buscar



y para enviarnoslos:



>[b]ENVIO DE MUESTRAS Y ELIMINACIÓN DE CLAVES - Para ello recordar[/b]:

https://foros.zonavirus.com/viewtopic.php?f=5&t=14253



Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos



saludos



ms, 14-5-2011