Mi ordenador va lento, tarda mucho en arrancarse, y de vez en cuando la adsl se corta; además en ocasiones, cuando hago click derecho sobre un fichero me salen opciones en algun idioma oriental (chino o japones o algo asi), y yo no he instalado nada en ese idioma.
Mi antivirus (mcafee) dice que aparentemente el ordenador está limpio, pero el problema está ahi...Habría alguna manera de contrastarlo?
Gracias por anticipado y saludos
creo que tengo un virus en el ordenador
-
desperadoooo
- Mensajes: 7
- Registrado: 09 Sep 2011, 19:17
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: creo que tengo un virus en el ordenador
Cada día aparecen miles de nuevos malwares que los AV aun no conocen, para lo que puede probar el ELISTARA y nos postea el informe resultante:
Y si en el informe no se detectara nada ni pidiera muestra para analizar, proceder
con el SPROCES :
lo analizaremos e informaremos al respecto.
saludos
ms, 9-9-2011
[quote="para DESCARGAR el ELISTARA, msc"]http://www.zonavirus.com/descargas/descargar-elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el
resultado
del proceso[/quote]
Y si en el informe no se detectara nada ni pidiera muestra para analizar, proceder
con el SPROCES :
[quote="msc"][b]SPROCES.EXE(herramienta de investigación) [/b] http://www.zonavirus.com/descargas/descargar-sproces.asp
Y tras pulsar en SALIR, postearnos el contenido del C:\SPROCLOG.TXT[/quote]
lo analizaremos e informaremos al respecto.
saludos
ms, 9-9-2011
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
desperadoooo
- Mensajes: 7
- Registrado: 09 Sep 2011, 19:17
Re: creo que tengo un virus en el ordenador
Hola, he intentado descargar el elistara, me bajo un fichero rar, al ejecutarlo (no he podido instalarlo porque no me ha dado opcion para ello) me hace una serie de preguntas, pero no genera ningun fichero de informes...tal vez he hecho algo mal?
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: creo que tengo un virus en el ordenador
Puede contestar que NO a las preguntas, luego le ofrecerá escanear su disco duro, hágalo y tras ello le ofrecerá SALIR, y encontrará el informe en C:\infosat.txt
Y con el SPROCES es mucho mas rápido, lancelo, pulse en SALIR y ya creará el log en C:\sproclog.txt
Posteenos ambos informes con un copiar y pegar en su proximo post, de respuesta a este Tema, y los analizaremos e informaremos
saludos
ms, 14-9-2011
Y con el SPROCES es mucho mas rápido, lancelo, pulse en SALIR y ya creará el log en C:\sproclog.txt
Posteenos ambos informes con un copiar y pegar en su proximo post, de respuesta a este Tema, y los analizaremos e informaremos
saludos
ms, 14-9-2011
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
desperadoooo
- Mensajes: 7
- Registrado: 09 Sep 2011, 19:17
Re: creo que tengo un virus en el ordenador
Buenos días,
He aqui el contenido del fichero infosat.txt
(17-9-2011 08:06:10 (GMT))
EliStartPage v23.84 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Septiembre del 2011)
--------------------------------------------------
Usuario: JC
ID de Usuario: S-1-5-21-319546440-4016643874-1057788903-1000
Lista de Acciones (por Acción Directa):
Entrada Eliminada [HKLM\...\Run] "GrooveMonitor"=""C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe""
Detectado HOSTS no Standar.
Detectado AUTORUN.INF en la Unidad (D)
ShellExecute=Info.exe protect.ed 480 480
Si Desconoce la Aplicación, por favor envienosla
acompañada del AUTORUN.INF a "virus@satinfo.es ". Gracias.
(17-9-2011 08:29:23 (GMT))
EliStartPage v23.84 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Septiembre del 2011)
--------------------------------------------------
Usuario: JC
ID de Usuario: S-1-5-21-319546440-4016643874-1057788903-1000
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Program Files (x86)\ConduitEngine\CONDUITENGIN.DLL --> Eliminado, TBConduit(tb)
Nº Total de Directorios: 40629
Nº Total de Ficheros: 462829
Nº de Ficheros Analizados: 107516
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Me gustaría señalar que justo antes de empezar a escanear con el elistara, recibí este mensaje:
Detectado AUTORUN.INF en la Unidad (D)
ShellExecute=Info.exe protect.ed 480 480
Si Desconoce la Aplicación, por favor envienosla
acompañada del AUTORUN.INF a "virus@satinfo.es ". Gracias.
Por otra parte, el contenido del SProcLog es el siguiente:
(17-9-2011 08:34:25 GMT)
SProces v5.7 (c)2011 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows (TM) Vista Home Premium (v6.0.6002)
Parche MS08-067 (Servicio Servidor) NO Instalado.
Internet Explorer: (v9.0.8112.16421) 0
Equipo: JUANCARLOS
Usuario: JC
Sesión de Usuario: JC
27 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MFEFIRE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\CONIME.EXE
C:\WINDOWS\SYSTEM32\MCAGENT.EXE
C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES (X86)\WINRAR\WINRAR.EXE
C:\USERS\JC\DESKTOP\SPROCES\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.google.es/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) - {68d6c015-c699-4b66-800f-5709bdeddd8b} - (no file)
R3 - URLSearchHook: (no name) - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110916035224.dll
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [LogitechGalleryRepair] "C:\Program Files (x86)\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TQ566808] "E:\Setup.exe"
O4 - HKLM\..\Run: [Telefonica] "C:\Program Files (x86)\Telefonica\bin\StartCmd.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio de red')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr
O4 - Startup: Tabla de contenido de OneNote.onetoc2
O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7613\Launcher.exe /t
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: ????3?? - (no file)
O8 - Extra context menu item: ????3?????? - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\VMWARE\VMWARE WORKSTATION\VSOCKLIB.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\VMWARE\VMWARE WORKSTATION\VSOCKLIB.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sagetp - {EB0D4937-D3F4-4CEC-9EB4-2B9DAA1676EC} - C:\GRUPOSP\NOE09R07\EXE\SageProtocol.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\google\google~3\goec62~1.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Información Adicional:
----------------------
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\3.1\AGCoreService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: dlbk_device - - C:\Windows\system32\dlbkcoms.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Common Files\firebird\bin\fbguard.exe
O23 - Service: Servicio Google Update (gupdate1ca60d1b9092422) (gupdate1ca60d1b9092422) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: VMware hcmon (hcmon) - VMware, Inc. - C:\Windows\system32\drivers\hcmon.sys (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
*O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
**O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
*O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
*O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: SupportSoft Sprocket Service (Telefonica) (sprtsvc_Telefonica) - SupportSoft, Inc. - C:\Program Files (x86)\Telefonica\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware vmci (vmci) - VMware, Inc. - C:\Windows\system32\drivers\vmci.sys (file missing)
O23 - Service: VMware Bridge Protocol (VMnetBridge) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetbridge.sys (file missing)
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Network Application Interface (VMnetuserif) - VMware, Inc. - C:\Windows\system32\drivers\vmnetuserif.sys (file missing)
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware vmx86 (vmx86) - VMware, Inc. - C:\Windows\system32\drivers\vmx86.sys (file missing)
O23 - Service: Vstor2 WS60 Virtual Storage Driver (vstor2-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)
O23 - Service: Bing Bar Update Service (BBSvc) - Microsoft Corporation. - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltlo.sys (file missing)
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltup.sys (file missing)
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Unknown owner - C:\WINDOWS\system32\drivers\brusbser.sys (file missing)
O23 - Service: Bluetooth AVDT (btwavdt) - Broadcom Corporation. - C:\WINDOWS\system32\drivers\btwavdt.sys (file missing)
O23 - Service: McAfee Inc. cfwids (cfwids) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\cfwids.sys (file missing)
O23 - Service: Intel(R) PRO/1000 PCI Express Network Connection Driver (e1express) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e1e6032e.sys (file missing)
O23 - Service: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\E1G6032E.sys (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Common Files\firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Administrador de Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IP in IP Tunnel Driver (IpInIp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys (file missing)
O23 - Service: Kernel Streaming Thunks (ksthunk) - Unknown owner - C:\WINDOWS\system32\drivers\ksthunk.sys (file missing)
O23 - Service: Logitech LVPr2M64 Driver (LVPr2M64) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2M64.sys (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
**O23 - Service: McAfee Inc. mfefirek (mfefirek) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfefirek.sys (file missing)
O23 - Service: McAfee Inc. mferkdet (mferkdet) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mferkdet.sys (file missing)
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec /V (file missing)
O23 - Service: Proxy de servicio de transmisión por secuencias de Microsoft (MSKSSRV) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSKSSRV.sys (file missing)
O23 - Service: Proxy del reloj de transmisión por secuencias de Microsoft (MSPCLOCK) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPCLOCK.sys (file missing)
O23 - Service: Proxy del administrador de calidad de transmisión por secuencias de Microsoft (MSPQM) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPQM.sys (file missing)
O23 - Service: Convertidor Tee/Sink-to-Sink de transmisión por secuencias de Microsoft (MSTEE) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSTEE.sys (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: IPX Traffic Filter Driver (NwlnkFlt) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkflt.sys (file missing)
O23 - Service: IPX Traffic Forwarder Driver (NwlnkFwd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkfwd.sys (file missing)
O23 - Service: Controladora de host Texas Instruments OHCI Compliant IEEE 1394 (ohci1394) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ohci1394.sys (file missing)
O23 - Service: Trust 100K Series Webcam (PAC207) - PixArt Imaging Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\PFC027.SYS (file missing)
O23 - Service: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) - Unknown owner - c:\program files\dell support center\pcdsrvc_x64.pkm (file missing)
O23 - Service: R300 - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)
O23 - Service: IDT High Definition Audio CODEC (STHDA) - IDT, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\stwrt64.sys (file missing)
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files (x86)\VMware\VMware Workstation\\" -s ufad-p2v.xm (file missing)
O23 - Service: VMware kbd (vmkbd) - VMware, Inc. - C:\Windows\system32\drivers\VMkbd.sys (file missing)
O23 - Service: VMware Virtual Ethernet Adapter Driver (VMnetAdapter) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetadapter.sys (file missing)
O23 - Service: VMware USB Client Driver (vmusb) - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\vmusb.sys (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys (file missing)
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys (file missing)
O23 - Service: adpu160m - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu160m.sys (file missing)
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys (file missing)
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\djsvs.sys (file missing)
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (file missing)
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys (file missing)
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys (file missing)
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserid.sys (file missing)
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserwdm.sys (file missing)
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Unknown owner - C:\WINDOWS\system32\drivers\brusbmdm.sys (file missing)
O23 - Service: btwrchid - Broadcom Corporation. - C:\WINDOWS\system32\drivers\btwrchid.sys (file missing)
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (file missing)
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys (file missing)
O23 - Service: HpCISSs - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\hpcisss.sys (file missing)
O23 - Service: Intel RAID Controller Vista (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iastorv.sys (file missing)
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys (file missing)
O23 - Service: ITEATAPI_Service_Install (iteatapi) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteatapi.sys (file missing)
O23 - Service: ITERAID_Service_Install (iteraid) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteraid.sys (file missing)
O23 - Service: LSI_FC - LSI Logic - C:\WINDOWS\system32\drivers\lsi_fc.sys (file missing)
O23 - Service: LSI_SAS - LSI Logic - C:\WINDOWS\system32\drivers\lsi_sas.sys (file missing)
O23 - Service: LSI_SCSI - LSI Logic - C:\WINDOWS\system32\drivers\lsi_scsi.sys (file missing)
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys (file missing)
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\megasr.sys (file missing)
O23 - Service: Mraid35x - LSI Logic Corporation - C:\WINDOWS\system32\drivers\mraid35x.sys (file missing)
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys (file missing)
O23 - Service: NVIDIA nForce RAID Driver (nvraid) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (file missing)
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (file missing)
O23 - Service: QLogic Fibre Channel Miniport Driver (ql2300) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys (file missing)
O23 - Service: QLogic iSCSI Miniport Driver (ql40xx) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys (file missing)
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys (file missing)
O23 - Service: Symc8xx - LSI Logic - C:\WINDOWS\system32\drivers\symc8xx.sys (file missing)
O23 - Service: Sym_hi - LSI Logic - C:\WINDOWS\system32\drivers\sym_hi.sys (file missing)
O23 - Service: Sym_u3 - LSI Logic - C:\WINDOWS\system32\drivers\sym_u3.sys (file missing)
O23 - Service: uliahci - ULi Electronics Inc. - C:\WINDOWS\system32\drivers\uliahci.sys (file missing)
O23 - Service: UlSata - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata.sys (file missing)
O23 - Service: ulsata2 - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata2.sys (file missing)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (file missing)
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys (file missing)
O23 - Service: Wacom Serial Pen HID Driver (WacomPen) - Unknown owner - C:\WINDOWS\system32\drivers\wacompen.sys (file missing)
117 Servicios.
35 de Carga Automatica.
42 de Carga Manual.
40 Deshabilitados.
Gracias por su ayuda y saludos,
He aqui el contenido del fichero infosat.txt
(17-9-2011 08:06:10 (GMT))
EliStartPage v23.84 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Septiembre del 2011)
--------------------------------------------------
Usuario: JC
ID de Usuario: S-1-5-21-319546440-4016643874-1057788903-1000
Lista de Acciones (por Acción Directa):
Entrada Eliminada [HKLM\...\Run] "GrooveMonitor"=""C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe""
Detectado HOSTS no Standar.
Detectado AUTORUN.INF en la Unidad (D)
ShellExecute=Info.exe protect.ed 480 480
Si Desconoce la Aplicación, por favor envienosla
acompañada del AUTORUN.INF a "
(17-9-2011 08:29:23 (GMT))
EliStartPage v23.84 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Septiembre del 2011)
--------------------------------------------------
Usuario: JC
ID de Usuario: S-1-5-21-319546440-4016643874-1057788903-1000
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Program Files (x86)\ConduitEngine\CONDUITENGIN.DLL --> Eliminado, TBConduit(tb)
Nº Total de Directorios: 40629
Nº Total de Ficheros: 462829
Nº de Ficheros Analizados: 107516
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Me gustaría señalar que justo antes de empezar a escanear con el elistara, recibí este mensaje:
Detectado AUTORUN.INF en la Unidad (D)
ShellExecute=Info.exe protect.ed 480 480
Si Desconoce la Aplicación, por favor envienosla
acompañada del AUTORUN.INF a "
Por otra parte, el contenido del SProcLog es el siguiente:
(17-9-2011 08:34:25 GMT)
SProces v5.7 (c)2011 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows (TM) Vista Home Premium (v6.0.6002)
Parche MS08-067 (Servicio Servidor) NO Instalado.
Internet Explorer: (v9.0.8112.16421) 0
Equipo: JUANCARLOS
Usuario: JC
Sesión de Usuario: JC
27 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MFEFIRE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\CONIME.EXE
C:\WINDOWS\SYSTEM32\MCAGENT.EXE
C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES (X86)\WINRAR\WINRAR.EXE
C:\USERS\JC\DESKTOP\SPROCES\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) - {68d6c015-c699-4b66-800f-5709bdeddd8b} - (no file)
R3 - URLSearchHook: (no name) - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110916035224.dll
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [LogitechGalleryRepair] "C:\Program Files (x86)\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TQ566808] "E:\Setup.exe"
O4 - HKLM\..\Run: [Telefonica] "C:\Program Files (x86)\Telefonica\bin\StartCmd.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio de red')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr
O4 - Startup: Tabla de contenido de OneNote.onetoc2
O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7613\Launcher.exe /t
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: ????3?? - (no file)
O8 - Extra context menu item: ????3?????? - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\VMWARE\VMWARE WORKSTATION\VSOCKLIB.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\VMWARE\VMWARE WORKSTATION\VSOCKLIB.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sagetp - {EB0D4937-D3F4-4CEC-9EB4-2B9DAA1676EC} - C:\GRUPOSP\NOE09R07\EXE\SageProtocol.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\google\google~3\goec62~1.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Información Adicional:
----------------------
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\3.1\AGCoreService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: dlbk_device - - C:\Windows\system32\dlbkcoms.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Common Files\firebird\bin\fbguard.exe
O23 - Service: Servicio Google Update (gupdate1ca60d1b9092422) (gupdate1ca60d1b9092422) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: VMware hcmon (hcmon) - VMware, Inc. - C:\Windows\system32\drivers\hcmon.sys (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
*O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
**O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
*O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
*O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: SupportSoft Sprocket Service (Telefonica) (sprtsvc_Telefonica) - SupportSoft, Inc. - C:\Program Files (x86)\Telefonica\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware vmci (vmci) - VMware, Inc. - C:\Windows\system32\drivers\vmci.sys (file missing)
O23 - Service: VMware Bridge Protocol (VMnetBridge) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetbridge.sys (file missing)
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Network Application Interface (VMnetuserif) - VMware, Inc. - C:\Windows\system32\drivers\vmnetuserif.sys (file missing)
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware vmx86 (vmx86) - VMware, Inc. - C:\Windows\system32\drivers\vmx86.sys (file missing)
O23 - Service: Vstor2 WS60 Virtual Storage Driver (vstor2-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)
O23 - Service: Bing Bar Update Service (BBSvc) - Microsoft Corporation. - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltlo.sys (file missing)
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltup.sys (file missing)
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Unknown owner - C:\WINDOWS\system32\drivers\brusbser.sys (file missing)
O23 - Service: Bluetooth AVDT (btwavdt) - Broadcom Corporation. - C:\WINDOWS\system32\drivers\btwavdt.sys (file missing)
O23 - Service: McAfee Inc. cfwids (cfwids) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\cfwids.sys (file missing)
O23 - Service: Intel(R) PRO/1000 PCI Express Network Connection Driver (e1express) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e1e6032e.sys (file missing)
O23 - Service: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\E1G6032E.sys (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Common Files\firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Administrador de Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IP in IP Tunnel Driver (IpInIp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys (file missing)
O23 - Service: Kernel Streaming Thunks (ksthunk) - Unknown owner - C:\WINDOWS\system32\drivers\ksthunk.sys (file missing)
O23 - Service: Logitech LVPr2M64 Driver (LVPr2M64) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2M64.sys (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
**O23 - Service: McAfee Inc. mfefirek (mfefirek) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfefirek.sys (file missing)
O23 - Service: McAfee Inc. mferkdet (mferkdet) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mferkdet.sys (file missing)
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec /V (file missing)
O23 - Service: Proxy de servicio de transmisión por secuencias de Microsoft (MSKSSRV) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSKSSRV.sys (file missing)
O23 - Service: Proxy del reloj de transmisión por secuencias de Microsoft (MSPCLOCK) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPCLOCK.sys (file missing)
O23 - Service: Proxy del administrador de calidad de transmisión por secuencias de Microsoft (MSPQM) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPQM.sys (file missing)
O23 - Service: Convertidor Tee/Sink-to-Sink de transmisión por secuencias de Microsoft (MSTEE) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSTEE.sys (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: IPX Traffic Filter Driver (NwlnkFlt) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkflt.sys (file missing)
O23 - Service: IPX Traffic Forwarder Driver (NwlnkFwd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkfwd.sys (file missing)
O23 - Service: Controladora de host Texas Instruments OHCI Compliant IEEE 1394 (ohci1394) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ohci1394.sys (file missing)
O23 - Service: Trust 100K Series Webcam (PAC207) - PixArt Imaging Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\PFC027.SYS (file missing)
O23 - Service: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) - Unknown owner - c:\program files\dell support center\pcdsrvc_x64.pkm (file missing)
O23 - Service: R300 - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)
O23 - Service: IDT High Definition Audio CODEC (STHDA) - IDT, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\stwrt64.sys (file missing)
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files (x86)\VMware\VMware Workstation\\" -s ufad-p2v.xm (file missing)
O23 - Service: VMware kbd (vmkbd) - VMware, Inc. - C:\Windows\system32\drivers\VMkbd.sys (file missing)
O23 - Service: VMware Virtual Ethernet Adapter Driver (VMnetAdapter) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetadapter.sys (file missing)
O23 - Service: VMware USB Client Driver (vmusb) - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\vmusb.sys (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys (file missing)
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys (file missing)
O23 - Service: adpu160m - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu160m.sys (file missing)
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys (file missing)
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\djsvs.sys (file missing)
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (file missing)
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys (file missing)
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys (file missing)
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserid.sys (file missing)
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserwdm.sys (file missing)
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Unknown owner - C:\WINDOWS\system32\drivers\brusbmdm.sys (file missing)
O23 - Service: btwrchid - Broadcom Corporation. - C:\WINDOWS\system32\drivers\btwrchid.sys (file missing)
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (file missing)
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys (file missing)
O23 - Service: HpCISSs - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\hpcisss.sys (file missing)
O23 - Service: Intel RAID Controller Vista (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iastorv.sys (file missing)
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys (file missing)
O23 - Service: ITEATAPI_Service_Install (iteatapi) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteatapi.sys (file missing)
O23 - Service: ITERAID_Service_Install (iteraid) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteraid.sys (file missing)
O23 - Service: LSI_FC - LSI Logic - C:\WINDOWS\system32\drivers\lsi_fc.sys (file missing)
O23 - Service: LSI_SAS - LSI Logic - C:\WINDOWS\system32\drivers\lsi_sas.sys (file missing)
O23 - Service: LSI_SCSI - LSI Logic - C:\WINDOWS\system32\drivers\lsi_scsi.sys (file missing)
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys (file missing)
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\megasr.sys (file missing)
O23 - Service: Mraid35x - LSI Logic Corporation - C:\WINDOWS\system32\drivers\mraid35x.sys (file missing)
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys (file missing)
O23 - Service: NVIDIA nForce RAID Driver (nvraid) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (file missing)
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (file missing)
O23 - Service: QLogic Fibre Channel Miniport Driver (ql2300) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys (file missing)
O23 - Service: QLogic iSCSI Miniport Driver (ql40xx) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys (file missing)
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys (file missing)
O23 - Service: Symc8xx - LSI Logic - C:\WINDOWS\system32\drivers\symc8xx.sys (file missing)
O23 - Service: Sym_hi - LSI Logic - C:\WINDOWS\system32\drivers\sym_hi.sys (file missing)
O23 - Service: Sym_u3 - LSI Logic - C:\WINDOWS\system32\drivers\sym_u3.sys (file missing)
O23 - Service: uliahci - ULi Electronics Inc. - C:\WINDOWS\system32\drivers\uliahci.sys (file missing)
O23 - Service: UlSata - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata.sys (file missing)
O23 - Service: ulsata2 - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata2.sys (file missing)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (file missing)
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys (file missing)
O23 - Service: Wacom Serial Pen HID Driver (WacomPen) - Unknown owner - C:\WINDOWS\system32\drivers\wacompen.sys (file missing)
117 Servicios.
35 de Carga Automatica.
42 de Carga Manual.
40 Deshabilitados.
Gracias por su ayuda y saludos,
-
desperadoooo
- Mensajes: 7
- Registrado: 09 Sep 2011, 19:17
Re: creo que tengo un virus en el ordenador
Buenos días,
He aqui el contenido del fichero infosat.txt
(17-9-2011 08:06:10 (GMT))
EliStartPage v23.84 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Septiembre del 2011)
--------------------------------------------------
Usuario: JC
ID de Usuario: S-1-5-21-319546440-4016643874-1057788903-1000
Lista de Acciones (por Acción Directa):
Entrada Eliminada [HKLM\...\Run] "GrooveMonitor"=""C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe""
Detectado HOSTS no Standar.
Detectado AUTORUN.INF en la Unidad (D)
ShellExecute=Info.exe protect.ed 480 480
Si Desconoce la Aplicación, por favor envienosla
acompañada del AUTORUN.INF a "virus@satinfo.es ". Gracias.
(17-9-2011 08:29:23 (GMT))
EliStartPage v23.84 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Septiembre del 2011)
--------------------------------------------------
Usuario: JC
ID de Usuario: S-1-5-21-319546440-4016643874-1057788903-1000
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Program Files (x86)\ConduitEngine\CONDUITENGIN.DLL --> Eliminado, TBConduit(tb)
Nº Total de Directorios: 40629
Nº Total de Ficheros: 462829
Nº de Ficheros Analizados: 107516
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Me gustaría señalar que justo antes de empezar a escanear con el elistara, recibí este mensaje:
Detectado AUTORUN.INF en la Unidad (D)
ShellExecute=Info.exe protect.ed 480 480
Si Desconoce la Aplicación, por favor envienosla
acompañada del AUTORUN.INF a "virus@satinfo.es ". Gracias.
Por otra parte, el contenido del SProcLog es el siguiente:
(17-9-2011 08:34:25 GMT)
SProces v5.7 (c)2011 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows (TM) Vista Home Premium (v6.0.6002)
Parche MS08-067 (Servicio Servidor) NO Instalado.
Internet Explorer: (v9.0.8112.16421) 0
Equipo: JUANCARLOS
Usuario: JC
Sesión de Usuario: JC
27 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MFEFIRE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\CONIME.EXE
C:\WINDOWS\SYSTEM32\MCAGENT.EXE
C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES (X86)\WINRAR\WINRAR.EXE
C:\USERS\JC\DESKTOP\SPROCES\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.google.es/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) - {68d6c015-c699-4b66-800f-5709bdeddd8b} - (no file)
R3 - URLSearchHook: (no name) - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110916035224.dll
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [LogitechGalleryRepair] "C:\Program Files (x86)\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TQ566808] "E:\Setup.exe"
O4 - HKLM\..\Run: [Telefonica] "C:\Program Files (x86)\Telefonica\bin\StartCmd.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio de red')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr
O4 - Startup: Tabla de contenido de OneNote.onetoc2
O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7613\Launcher.exe /t
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: ????3?? - (no file)
O8 - Extra context menu item: ????3?????? - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\VMWARE\VMWARE WORKSTATION\VSOCKLIB.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\VMWARE\VMWARE WORKSTATION\VSOCKLIB.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sagetp - {EB0D4937-D3F4-4CEC-9EB4-2B9DAA1676EC} - C:\GRUPOSP\NOE09R07\EXE\SageProtocol.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\google\google~3\goec62~1.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Información Adicional:
----------------------
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\3.1\AGCoreService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: dlbk_device - - C:\Windows\system32\dlbkcoms.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Common Files\firebird\bin\fbguard.exe
O23 - Service: Servicio Google Update (gupdate1ca60d1b9092422) (gupdate1ca60d1b9092422) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: VMware hcmon (hcmon) - VMware, Inc. - C:\Windows\system32\drivers\hcmon.sys (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
*O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
**O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
*O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
*O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: SupportSoft Sprocket Service (Telefonica) (sprtsvc_Telefonica) - SupportSoft, Inc. - C:\Program Files (x86)\Telefonica\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware vmci (vmci) - VMware, Inc. - C:\Windows\system32\drivers\vmci.sys (file missing)
O23 - Service: VMware Bridge Protocol (VMnetBridge) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetbridge.sys (file missing)
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Network Application Interface (VMnetuserif) - VMware, Inc. - C:\Windows\system32\drivers\vmnetuserif.sys (file missing)
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware vmx86 (vmx86) - VMware, Inc. - C:\Windows\system32\drivers\vmx86.sys (file missing)
O23 - Service: Vstor2 WS60 Virtual Storage Driver (vstor2-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)
O23 - Service: Bing Bar Update Service (BBSvc) - Microsoft Corporation. - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltlo.sys (file missing)
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltup.sys (file missing)
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Unknown owner - C:\WINDOWS\system32\drivers\brusbser.sys (file missing)
O23 - Service: Bluetooth AVDT (btwavdt) - Broadcom Corporation. - C:\WINDOWS\system32\drivers\btwavdt.sys (file missing)
O23 - Service: McAfee Inc. cfwids (cfwids) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\cfwids.sys (file missing)
O23 - Service: Intel(R) PRO/1000 PCI Express Network Connection Driver (e1express) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e1e6032e.sys (file missing)
O23 - Service: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\E1G6032E.sys (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Common Files\firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Administrador de Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IP in IP Tunnel Driver (IpInIp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys (file missing)
O23 - Service: Kernel Streaming Thunks (ksthunk) - Unknown owner - C:\WINDOWS\system32\drivers\ksthunk.sys (file missing)
O23 - Service: Logitech LVPr2M64 Driver (LVPr2M64) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2M64.sys (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
**O23 - Service: McAfee Inc. mfefirek (mfefirek) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfefirek.sys (file missing)
O23 - Service: McAfee Inc. mferkdet (mferkdet) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mferkdet.sys (file missing)
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec /V (file missing)
O23 - Service: Proxy de servicio de transmisión por secuencias de Microsoft (MSKSSRV) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSKSSRV.sys (file missing)
O23 - Service: Proxy del reloj de transmisión por secuencias de Microsoft (MSPCLOCK) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPCLOCK.sys (file missing)
O23 - Service: Proxy del administrador de calidad de transmisión por secuencias de Microsoft (MSPQM) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPQM.sys (file missing)
O23 - Service: Convertidor Tee/Sink-to-Sink de transmisión por secuencias de Microsoft (MSTEE) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSTEE.sys (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: IPX Traffic Filter Driver (NwlnkFlt) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkflt.sys (file missing)
O23 - Service: IPX Traffic Forwarder Driver (NwlnkFwd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkfwd.sys (file missing)
O23 - Service: Controladora de host Texas Instruments OHCI Compliant IEEE 1394 (ohci1394) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ohci1394.sys (file missing)
O23 - Service: Trust 100K Series Webcam (PAC207) - PixArt Imaging Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\PFC027.SYS (file missing)
O23 - Service: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) - Unknown owner - c:\program files\dell support center\pcdsrvc_x64.pkm (file missing)
O23 - Service: R300 - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)
O23 - Service: IDT High Definition Audio CODEC (STHDA) - IDT, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\stwrt64.sys (file missing)
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files (x86)\VMware\VMware Workstation\\" -s ufad-p2v.xm (file missing)
O23 - Service: VMware kbd (vmkbd) - VMware, Inc. - C:\Windows\system32\drivers\VMkbd.sys (file missing)
O23 - Service: VMware Virtual Ethernet Adapter Driver (VMnetAdapter) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetadapter.sys (file missing)
O23 - Service: VMware USB Client Driver (vmusb) - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\vmusb.sys (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys (file missing)
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys (file missing)
O23 - Service: adpu160m - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu160m.sys (file missing)
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys (file missing)
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\djsvs.sys (file missing)
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (file missing)
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys (file missing)
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys (file missing)
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserid.sys (file missing)
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserwdm.sys (file missing)
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Unknown owner - C:\WINDOWS\system32\drivers\brusbmdm.sys (file missing)
O23 - Service: btwrchid - Broadcom Corporation. - C:\WINDOWS\system32\drivers\btwrchid.sys (file missing)
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (file missing)
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys (file missing)
O23 - Service: HpCISSs - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\hpcisss.sys (file missing)
O23 - Service: Intel RAID Controller Vista (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iastorv.sys (file missing)
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys (file missing)
O23 - Service: ITEATAPI_Service_Install (iteatapi) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteatapi.sys (file missing)
O23 - Service: ITERAID_Service_Install (iteraid) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteraid.sys (file missing)
O23 - Service: LSI_FC - LSI Logic - C:\WINDOWS\system32\drivers\lsi_fc.sys (file missing)
O23 - Service: LSI_SAS - LSI Logic - C:\WINDOWS\system32\drivers\lsi_sas.sys (file missing)
O23 - Service: LSI_SCSI - LSI Logic - C:\WINDOWS\system32\drivers\lsi_scsi.sys (file missing)
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys (file missing)
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\megasr.sys (file missing)
O23 - Service: Mraid35x - LSI Logic Corporation - C:\WINDOWS\system32\drivers\mraid35x.sys (file missing)
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys (file missing)
O23 - Service: NVIDIA nForce RAID Driver (nvraid) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (file missing)
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (file missing)
O23 - Service: QLogic Fibre Channel Miniport Driver (ql2300) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys (file missing)
O23 - Service: QLogic iSCSI Miniport Driver (ql40xx) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys (file missing)
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys (file missing)
O23 - Service: Symc8xx - LSI Logic - C:\WINDOWS\system32\drivers\symc8xx.sys (file missing)
O23 - Service: Sym_hi - LSI Logic - C:\WINDOWS\system32\drivers\sym_hi.sys (file missing)
O23 - Service: Sym_u3 - LSI Logic - C:\WINDOWS\system32\drivers\sym_u3.sys (file missing)
O23 - Service: uliahci - ULi Electronics Inc. - C:\WINDOWS\system32\drivers\uliahci.sys (file missing)
O23 - Service: UlSata - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata.sys (file missing)
O23 - Service: ulsata2 - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata2.sys (file missing)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (file missing)
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys (file missing)
O23 - Service: Wacom Serial Pen HID Driver (WacomPen) - Unknown owner - C:\WINDOWS\system32\drivers\wacompen.sys (file missing)
117 Servicios.
35 de Carga Automatica.
42 de Carga Manual.
40 Deshabilitados.
Gracias por su ayuda y saludos,
He aqui el contenido del fichero infosat.txt
(17-9-2011 08:06:10 (GMT))
EliStartPage v23.84 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Septiembre del 2011)
--------------------------------------------------
Usuario: JC
ID de Usuario: S-1-5-21-319546440-4016643874-1057788903-1000
Lista de Acciones (por Acción Directa):
Entrada Eliminada [HKLM\...\Run] "GrooveMonitor"=""C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe""
Detectado HOSTS no Standar.
Detectado AUTORUN.INF en la Unidad (D)
ShellExecute=Info.exe protect.ed 480 480
Si Desconoce la Aplicación, por favor envienosla
acompañada del AUTORUN.INF a "
(17-9-2011 08:29:23 (GMT))
EliStartPage v23.84 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Septiembre del 2011)
--------------------------------------------------
Usuario: JC
ID de Usuario: S-1-5-21-319546440-4016643874-1057788903-1000
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Program Files (x86)\ConduitEngine\CONDUITENGIN.DLL --> Eliminado, TBConduit(tb)
Nº Total de Directorios: 40629
Nº Total de Ficheros: 462829
Nº de Ficheros Analizados: 107516
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Me gustaría señalar que justo antes de empezar a escanear con el elistara, recibí este mensaje:
Detectado AUTORUN.INF en la Unidad (D)
ShellExecute=Info.exe protect.ed 480 480
Si Desconoce la Aplicación, por favor envienosla
acompañada del AUTORUN.INF a "
Por otra parte, el contenido del SProcLog es el siguiente:
(17-9-2011 08:34:25 GMT)
SProces v5.7 (c)2011 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows (TM) Vista Home Premium (v6.0.6002)
Parche MS08-067 (Servicio Servidor) NO Instalado.
Internet Explorer: (v9.0.8112.16421) 0
Equipo: JUANCARLOS
Usuario: JC
Sesión de Usuario: JC
27 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MFEFIRE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\MCSVHOST.EXE
C:\WINDOWS\SYSTEM32\CONIME.EXE
C:\WINDOWS\SYSTEM32\MCAGENT.EXE
C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES (X86)\WINRAR\WINRAR.EXE
C:\USERS\JC\DESKTOP\SPROCES\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) - {68d6c015-c699-4b66-800f-5709bdeddd8b} - (no file)
R3 - URLSearchHook: (no name) - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110916035224.dll
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [LogitechGalleryRepair] "C:\Program Files (x86)\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TQ566808] "E:\Setup.exe"
O4 - HKLM\..\Run: [Telefonica] "C:\Program Files (x86)\Telefonica\bin\StartCmd.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Servicio de red')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr
O4 - Startup: Tabla de contenido de OneNote.onetoc2
O4 - Startup: Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7613\Launcher.exe /t
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: ????3?? - (no file)
O8 - Extra context menu item: ????3?????? - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\VMWARE\VMWARE WORKSTATION\VSOCKLIB.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\VMWARE\VMWARE WORKSTATION\VSOCKLIB.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sagetp - {EB0D4937-D3F4-4CEC-9EB4-2B9DAA1676EC} - C:\GRUPOSP\NOE09R07\EXE\SageProtocol.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\google\google~3\goec62~1.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Información Adicional:
----------------------
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files (x86)\AGI\core\3.1\AGCoreService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: dlbk_device - - C:\Windows\system32\dlbkcoms.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Common Files\firebird\bin\fbguard.exe
O23 - Service: Servicio Google Update (gupdate1ca60d1b9092422) (gupdate1ca60d1b9092422) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: VMware hcmon (hcmon) - VMware, Inc. - C:\Windows\system32\drivers\hcmon.sys (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
*O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
**O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
*O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
*O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: SupportSoft Sprocket Service (Telefonica) (sprtsvc_Telefonica) - SupportSoft, Inc. - C:\Program Files (x86)\Telefonica\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware vmci (vmci) - VMware, Inc. - C:\Windows\system32\drivers\vmci.sys (file missing)
O23 - Service: VMware Bridge Protocol (VMnetBridge) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetbridge.sys (file missing)
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Network Application Interface (VMnetuserif) - VMware, Inc. - C:\Windows\system32\drivers\vmnetuserif.sys (file missing)
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware vmx86 (vmx86) - VMware, Inc. - C:\Windows\system32\drivers\vmx86.sys (file missing)
O23 - Service: Vstor2 WS60 Virtual Storage Driver (vstor2-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)
O23 - Service: Bing Bar Update Service (BBSvc) - Microsoft Corporation. - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltlo.sys (file missing)
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltup.sys (file missing)
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Unknown owner - C:\WINDOWS\system32\drivers\brusbser.sys (file missing)
O23 - Service: Bluetooth AVDT (btwavdt) - Broadcom Corporation. - C:\WINDOWS\system32\drivers\btwavdt.sys (file missing)
O23 - Service: McAfee Inc. cfwids (cfwids) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\cfwids.sys (file missing)
O23 - Service: Intel(R) PRO/1000 PCI Express Network Connection Driver (e1express) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e1e6032e.sys (file missing)
O23 - Service: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\E1G6032E.sys (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Common Files\firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Administrador de Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IP in IP Tunnel Driver (IpInIp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys (file missing)
O23 - Service: Kernel Streaming Thunks (ksthunk) - Unknown owner - C:\WINDOWS\system32\drivers\ksthunk.sys (file missing)
O23 - Service: Logitech LVPr2M64 Driver (LVPr2M64) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2M64.sys (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
**O23 - Service: McAfee Inc. mfefirek (mfefirek) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfefirek.sys (file missing)
O23 - Service: McAfee Inc. mferkdet (mferkdet) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mferkdet.sys (file missing)
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec /V (file missing)
O23 - Service: Proxy de servicio de transmisión por secuencias de Microsoft (MSKSSRV) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSKSSRV.sys (file missing)
O23 - Service: Proxy del reloj de transmisión por secuencias de Microsoft (MSPCLOCK) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPCLOCK.sys (file missing)
O23 - Service: Proxy del administrador de calidad de transmisión por secuencias de Microsoft (MSPQM) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPQM.sys (file missing)
O23 - Service: Convertidor Tee/Sink-to-Sink de transmisión por secuencias de Microsoft (MSTEE) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSTEE.sys (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: IPX Traffic Filter Driver (NwlnkFlt) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkflt.sys (file missing)
O23 - Service: IPX Traffic Forwarder Driver (NwlnkFwd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkfwd.sys (file missing)
O23 - Service: Controladora de host Texas Instruments OHCI Compliant IEEE 1394 (ohci1394) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ohci1394.sys (file missing)
O23 - Service: Trust 100K Series Webcam (PAC207) - PixArt Imaging Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\PFC027.SYS (file missing)
O23 - Service: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) - Unknown owner - c:\program files\dell support center\pcdsrvc_x64.pkm (file missing)
O23 - Service: R300 - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)
O23 - Service: IDT High Definition Audio CODEC (STHDA) - IDT, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\stwrt64.sys (file missing)
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files (x86)\VMware\VMware Workstation\\" -s ufad-p2v.xm (file missing)
O23 - Service: VMware kbd (vmkbd) - VMware, Inc. - C:\Windows\system32\drivers\VMkbd.sys (file missing)
O23 - Service: VMware Virtual Ethernet Adapter Driver (VMnetAdapter) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetadapter.sys (file missing)
O23 - Service: VMware USB Client Driver (vmusb) - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\vmusb.sys (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys (file missing)
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys (file missing)
O23 - Service: adpu160m - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu160m.sys (file missing)
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys (file missing)
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\djsvs.sys (file missing)
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (file missing)
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys (file missing)
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys (file missing)
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserid.sys (file missing)
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserwdm.sys (file missing)
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Unknown owner - C:\WINDOWS\system32\drivers\brusbmdm.sys (file missing)
O23 - Service: btwrchid - Broadcom Corporation. - C:\WINDOWS\system32\drivers\btwrchid.sys (file missing)
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (file missing)
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys (file missing)
O23 - Service: HpCISSs - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\hpcisss.sys (file missing)
O23 - Service: Intel RAID Controller Vista (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iastorv.sys (file missing)
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys (file missing)
O23 - Service: ITEATAPI_Service_Install (iteatapi) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteatapi.sys (file missing)
O23 - Service: ITERAID_Service_Install (iteraid) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteraid.sys (file missing)
O23 - Service: LSI_FC - LSI Logic - C:\WINDOWS\system32\drivers\lsi_fc.sys (file missing)
O23 - Service: LSI_SAS - LSI Logic - C:\WINDOWS\system32\drivers\lsi_sas.sys (file missing)
O23 - Service: LSI_SCSI - LSI Logic - C:\WINDOWS\system32\drivers\lsi_scsi.sys (file missing)
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys (file missing)
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\megasr.sys (file missing)
O23 - Service: Mraid35x - LSI Logic Corporation - C:\WINDOWS\system32\drivers\mraid35x.sys (file missing)
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys (file missing)
O23 - Service: NVIDIA nForce RAID Driver (nvraid) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (file missing)
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (file missing)
O23 - Service: QLogic Fibre Channel Miniport Driver (ql2300) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys (file missing)
O23 - Service: QLogic iSCSI Miniport Driver (ql40xx) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys (file missing)
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys (file missing)
O23 - Service: Symc8xx - LSI Logic - C:\WINDOWS\system32\drivers\symc8xx.sys (file missing)
O23 - Service: Sym_hi - LSI Logic - C:\WINDOWS\system32\drivers\sym_hi.sys (file missing)
O23 - Service: Sym_u3 - LSI Logic - C:\WINDOWS\system32\drivers\sym_u3.sys (file missing)
O23 - Service: uliahci - ULi Electronics Inc. - C:\WINDOWS\system32\drivers\uliahci.sys (file missing)
O23 - Service: UlSata - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata.sys (file missing)
O23 - Service: ulsata2 - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata2.sys (file missing)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (file missing)
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys (file missing)
O23 - Service: Wacom Serial Pen HID Driver (WacomPen) - Unknown owner - C:\WINDOWS\system32\drivers\wacompen.sys (file missing)
117 Servicios.
35 de Carga Automatica.
42 de Carga Manual.
40 Deshabilitados.
Gracias por su ayuda y saludos,
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: creo que tengo un virus en el ordenador
Pues de entrada vemos:
Sistema Operativo: Windows (TM) Vista Home Premium (v6.0.6002)
Parche MS08-067 (Servicio Servidor) NO Instalado.
y aunque uses VISTA, sistema que no soportamos, le recordamos que debe actualizar los parches lanzando un WINDOWSUPDATE !!!
Y puede eliminar estas claves:
R3 - URLSearchHook: (no name) - {68d6c015-c699-4b66-800f-5709bdeddd8b} - (no file)
R3 - URLSearchHook: (no name) - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
y este fichero es muy sospechoso:
C:\Program Files\SGPSA\ie3sh.exe
añada .VIR a su extension y tras reiniciar, envienoslo para analizar:
>[b]ENVIO DE MUESTRAS Y ELIMINACIÓN DE CLAVES - Para ello recordar[/b]
https://foros.zonavirus.com/viewtopic.php?f=5&t=14253
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 17-9-2011
Sistema Operativo: Windows (TM) Vista Home Premium (v6.0.6002)
Parche MS08-067 (Servicio Servidor) NO Instalado.
y aunque uses VISTA, sistema que no soportamos, le recordamos que debe actualizar los parches lanzando un WINDOWSUPDATE !!!
Y puede eliminar estas claves:
R3 - URLSearchHook: (no name) - {68d6c015-c699-4b66-800f-5709bdeddd8b} - (no file)
R3 - URLSearchHook: (no name) - {68e1863e-5acb-4f2f-8e2c-41c6a4c20ca2} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
y este fichero es muy sospechoso:
C:\Program Files\SGPSA\ie3sh.exe
añada .VIR a su extension y tras reiniciar, envienoslo para analizar:
>
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 17-9-2011
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
desperadoooo
- Mensajes: 7
- Registrado: 09 Sep 2011, 19:17
Re: creo que tengo un virus en el ordenador
Ok, en cuanto al windows update, al lanzarlo me dice que mi ordenador esta actualizado y no hay actualizaciones disponibles.
El fichero que me piden que envie como muestra no lo encuentro, ni el fichero ni la carpeta que se supone que lo contiene (tengo activada la opción de ver ficheros ocultos)
¿Cómo hago para eliminar las claves que me proponen?
Gracias y saludos,
El fichero que me piden que envie como muestra no lo encuentro, ni el fichero ni la carpeta que se supone que lo contiene (tengo activada la opción de ver ficheros ocultos)
¿Cómo hago para eliminar las claves que me proponen?
Gracias y saludos,
-
desperadoooo
- Mensajes: 7
- Registrado: 09 Sep 2011, 19:17
Re: creo que tengo un virus en el ordenador
oK, creo que he eliminado las claves usando el SProces, por si eso ayuda. En cuanto al resto de problemas no hay novedad
Gracias y saludos,
Gracias y saludos,
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: creo que tengo un virus en el ordenador
Pues prueba con el ELIMOVER:
C:\Program Files\SGPSA\ie3sh.exe
y tras reiniciar, si lo has encontrado, envianoslo para analizar.
saludos
ms, 19-9-2011
[quote="msc"]
ELIMOVERhttp://www.zonavirus.com/descargas/descargar-elimover.asp
y pulsar sobre la casilla inferior izquierda para añadir .VIR al fichero original,
ya que se trata de un malware[/quote]
C:\Program Files\SGPSA\ie3sh.exe
y tras reiniciar, si lo has encontrado, envianoslo para analizar.
saludos
ms, 19-9-2011
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
desperadoooo
- Mensajes: 7
- Registrado: 09 Sep 2011, 19:17
Re: creo que tengo un virus en el ordenador
Hola,
He instalado dicho programa e intentado transferir el fichero que me indicó, pero el programa me muestra un mensaje diciendo que el fichero no existe:(
Gracias
He instalado dicho programa e intentado transferir el fichero que me indicó, pero el programa me muestra un mensaje diciendo que el fichero no existe
Gracias
Re: creo que tengo un virus en el ordenador
Pues ejecuta sprocess de nuevo y peganos el nuevo log a ver que claves salen. Saludos.