Saludos. A ver si alguien me puede orientar, aunque sea mínimamente...
Desde hace tres semanas, mi portátil (Windows 7 Ultimate, al día en actualizaciones, y con AVG antivirus actualizado y funcionando poerfectamente desde hace la tira de tiempo), se resetea él solito. Nunca lo he comprobado, pero parece que va por tiempo fijo (cada dos horas, quizá). Además, he detectado otra cosa que puede ser significativa: Ejecuto el bloc de notas, escribo lo que sea, guardo con cualquier nombre.txt, abro el archivo... ¡¡¡y en lugar de lo escrito todo ha sido sustituido por caracteres raros!!! Estas cosas JAMÁS me pasaron en el ordenador, JAMÁS.
Más: Los primeros días intenté una restauración de sistema de Windows y no sólo comprobé que sospechosamente había muy pocas copias de seguridad, sino que ninguna de las dos funcionó...
He hecho escaneos completos de virus con el AVG y nada... He descargado cuatro antitroyanos distintos, incluyendo Trojan Remover y NADA...
Es la primera vez en muchísimos años que no soy capaz de averiguar por mí mismo qué le ocurre a mi sistema.
¿A alguien le suenan esos síntomas? ¿Es esto un virus, un troyano... o qué puñetas?
GRACIAS A MOGOLLÓN!!!!
¿Un virus o qué rayos es ESTO?
Re: ¿Un virus o qué rayos es ESTO?
Us esta Utilidad de investigación para visualizar procesos y modulos utilizados por los mismos.
Genera un fichero en C: llamado SPROCLOG.TXT el cuál debe copiar y pegarnos en el siguiente post.
[url=http://www.zonavirus.com/descargas/sproces.asp]Descargar Sproces[/url]
Genera un fichero en C: llamado SPROCLOG.TXT el cuál debe copiar y pegarnos en el siguiente post.
La vida es hermosa....para que complicarnosla Re: ¿Un virus o qué rayos es ESTO?
Pues ahí va...
(4-10-2011 19:28:08 GMT)
SProces v5.7 (c)2011 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Ultimate (v6.1)
Internet Explorer: (v8.0.7601.17105) 0
Equipo: PORTÁTIL
Usuario: WEKurtz
Sesión de Usuario: WEKurtz
66 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGCHSVX.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGRSX.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGCSRVX.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\ATIESRXX.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\ATIECLXX.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\ASTSRV.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGWDSVC.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGFWS9.EXE
C:\WINDOWS\PLFSETI.EXE
C:\PROGRAM FILES\INTEL\INTEL MATRIX STORAGE MANAGER\IAANOTIF.EXE
C:\WINDOWS\TEMP\MRT98E4.TMP\STDRT.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGTRAY.EXE
C:\WINDOWS\PLFSETL.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RTHDVCPL.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
C:\USERS\WEKURTZ\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
C:\USERS\WEKURTZ\APPDATA\LOCAL\TEMP\RTKBTMNT.EXE
C:\USERS\WEKURTZ\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
C:\USERS\WEKURTZ\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGAM.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGNSX.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
C:\PROGRAM FILES\AVG\AVG9\IDENTITY PROTECTION\AGENT\BIN\AVGIDSMONITOR.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\PROGRAM FILES\INTEL\INTEL MATRIX STORAGE MANAGER\IAANTMON.EXE
C:\WINDOWS\SYSTEM32\NLSSRV32.EXE
C:\PROGRAM FILES\COMMON FILES\PROTEXIS\LICENSE SERVICE\PSISERVICE_2.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVC.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\XAUDIO.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGEMC.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVCM.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGCSRVX.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\WINDOWS\SYSTEM32\WUDFHOST.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGUPD.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\SPPSVC.EXE
C:\WINDOWS\SERVICING\TRUSTEDINSTALLER.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
D:\UTILIDADES ANTIVIRUS\SPROCES\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 WWIS-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 WWIS-dubc1-vip60.adobe.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKCU\..\Run: [Google Update] "C:\Users\WEKurtz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [RegistrarUsrDNIeCertStoreDLL] "C:\Program Files\DNIe\udcs.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - AppInit_DLLs: avgrsstx.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
WinSys\Drivers\adp94xx.sys (de 422976 bytes) () Adaptec, Inc.
WinSys\Drivers\bxvbdx.sys (de 430080 bytes) () Broadcom Corporation
WinSys\Drivers\dxgkrnl.sys (de 728448 bytes) () Microsoft Corporation
WinSys\Drivers\elxstor.sys (de 453712 bytes) () Emulex
WinSys\Drivers\HSX_CNXT.sys (de 659968 bytes) () Conexant Systems, Inc.
WinSys\Drivers\HSX_DPV.sys (de 986624 bytes) () Conexant Systems, Inc.
WinSys\Drivers\http.sys (de 513536 bytes) () Microsoft Corporation
WinSys\Drivers\ndis.sys (de 712576 bytes) () Microsoft Corporation
WinSys\Drivers\PEAuth.sys (de 586752 bytes) () Microsoft Corporation
WinSys\Drivers\spsys.sys (de 405504 bytes) () Microsoft Corporation
WinSys\Drivers\VSTCNXT3.SYS (de 661504 bytes) () Conexant Systems, Inc.
WinSys\Drivers\VSTDPV3.SYS (de 980992 bytes) () Conexant Systems, Inc.
WinSys\Drivers\Wdf01000.sys (de 445008 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: AST HighEnd Service (ASTSRV) - Nalpeiron Ltd. - C:\Windows\system32\ASTSRV.EXE
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: FLEXnet Licensing Manager for Adobe Products (FLEXnet Licensing Manager) - - C:\WINDOWS\system32\regw2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: mdmxsdk - Conexant - C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: XAudio - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\xaudio.sys
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys
O23 - Service: amdkmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys
O23 - Service: amdkmdap - Advanced Micro Devices, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmpag.sys
O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys
O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG9IDSDriver (AVGIDSDriverw7x) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys
O23 - Service: AVG9IDSFilter (AVGIDSFilterw7x) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys
O23 - Service: AVG9IDSShim (AVGIDSShimw7x) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet: NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - %ProgramFiles%\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys
O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys
O23 - Service: HSF_DPV - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSX_DPV.sys
O23 - Service: HSXHWAZL - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSXHWAZL.sys
O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys
O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys
O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys
O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys
O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys
O23 - Service: MHIKEY10 - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\MHIKEY10.sys (file missing)
O23 - Service: Tablet Mouse Filter Driver (moufiltr) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\moufiltr.sys (file missing)
O23 - Service: Controlador del adaptador Intel(R) Wireless WiFi Link 5000 Series para Windows Vista de 32 bits (netw5v32) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\netw5v32.sys
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys
O23 - Service: NSC Infrared Device Driver (NSCIRDA) - National Semiconductor Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nscirda.sys
O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: Office Software Protection Platform (osppsvc) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (file missing)
O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys
O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys
O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys
O23 - Service: USB2.0 PC Camera (SNP2UVC) (SNP2UVC) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2uvc.sys
O23 - Service: SrvHsfHDA - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTAZL3.SYS
O23 - Service: SrvHsfV92 - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTDPV3.SYS
O23 - Service: SrvHsfWinac - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTCNXT3.SYS
O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Synth3dVsc - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\synth3dvsc.sys (file missing)
O23 - Service: tifm21 - Texas Instruments - C:\WINDOWS\SYSTEM32\drivers\tifm21.sys
O23 - Service: @%SystemRoot%\system32\drivers\tsusbhub.sys,-1 (tsusbhub) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tsusbhub.sys (file missing)
O23 - Service: VGPU - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\rdvgkmd.sys (file missing)
O23 - Service: Generic Virtual HID Driver (vhidmini) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\walvhid.sys (file missing)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys
O23 - Service: winachsf - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSX_CNXT.sys
**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
83 Servicios.
13 de Carga Automatica.
70 de Carga Manual.
0 Deshabilitados.
(4-10-2011 19:28:08 GMT)
SProces v5.7 (c)2011 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Ultimate (v6.1)
Internet Explorer: (v8.0.7601.17105) 0
Equipo: PORTÁTIL
Usuario: WEKurtz
Sesión de Usuario: WEKurtz
66 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGCHSVX.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGRSX.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGCSRVX.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\ATIESRXX.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\ATIECLXX.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\ASTSRV.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGWDSVC.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGFWS9.EXE
C:\WINDOWS\PLFSETI.EXE
C:\PROGRAM FILES\INTEL\INTEL MATRIX STORAGE MANAGER\IAANOTIF.EXE
C:\WINDOWS\TEMP\MRT98E4.TMP\STDRT.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGTRAY.EXE
C:\WINDOWS\PLFSETL.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RTHDVCPL.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
C:\USERS\WEKURTZ\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
C:\USERS\WEKURTZ\APPDATA\LOCAL\TEMP\RTKBTMNT.EXE
C:\USERS\WEKURTZ\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
C:\USERS\WEKURTZ\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGAM.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGNSX.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
C:\PROGRAM FILES\AVG\AVG9\IDENTITY PROTECTION\AGENT\BIN\AVGIDSMONITOR.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\PROGRAM FILES\INTEL\INTEL MATRIX STORAGE MANAGER\IAANTMON.EXE
C:\WINDOWS\SYSTEM32\NLSSRV32.EXE
C:\PROGRAM FILES\COMMON FILES\PROTEXIS\LICENSE SERVICE\PSISERVICE_2.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVC.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\XAUDIO.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGEMC.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVCM.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGCSRVX.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\WINDOWS\SYSTEM32\WUDFHOST.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGUPD.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\SPPSVC.EXE
C:\WINDOWS\SERVICING\TRUSTEDINSTALLER.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
D:\UTILIDADES ANTIVIRUS\SPROCES\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 WWIS-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 WWIS-dubc1-vip60.adobe.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKCU\..\Run: [Google Update] "C:\Users\WEKurtz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [RegistrarUsrDNIeCertStoreDLL] "C:\Program Files\DNIe\udcs.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - AppInit_DLLs: avgrsstx.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
WinSys\Drivers\adp94xx.sys (de 422976 bytes) () Adaptec, Inc.
WinSys\Drivers\bxvbdx.sys (de 430080 bytes) () Broadcom Corporation
WinSys\Drivers\dxgkrnl.sys (de 728448 bytes) () Microsoft Corporation
WinSys\Drivers\elxstor.sys (de 453712 bytes) () Emulex
WinSys\Drivers\HSX_CNXT.sys (de 659968 bytes) () Conexant Systems, Inc.
WinSys\Drivers\HSX_DPV.sys (de 986624 bytes) () Conexant Systems, Inc.
WinSys\Drivers\http.sys (de 513536 bytes) () Microsoft Corporation
WinSys\Drivers\ndis.sys (de 712576 bytes) () Microsoft Corporation
WinSys\Drivers\PEAuth.sys (de 586752 bytes) () Microsoft Corporation
WinSys\Drivers\spsys.sys (de 405504 bytes) () Microsoft Corporation
WinSys\Drivers\VSTCNXT3.SYS (de 661504 bytes) () Conexant Systems, Inc.
WinSys\Drivers\VSTDPV3.SYS (de 980992 bytes) () Conexant Systems, Inc.
WinSys\Drivers\Wdf01000.sys (de 445008 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: AST HighEnd Service (ASTSRV) - Nalpeiron Ltd. - C:\Windows\system32\ASTSRV.EXE
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: FLEXnet Licensing Manager for Adobe Products (FLEXnet Licensing Manager) - - C:\WINDOWS\system32\regw2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: mdmxsdk - Conexant - C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: XAudio - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\xaudio.sys
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys
O23 - Service: amdkmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys
O23 - Service: amdkmdap - Advanced Micro Devices, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmpag.sys
O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys
O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG9IDSDriver (AVGIDSDriverw7x) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys
O23 - Service: AVG9IDSFilter (AVGIDSFilterw7x) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys
O23 - Service: AVG9IDSShim (AVGIDSShimw7x) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet: NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - %ProgramFiles%\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys
O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys
O23 - Service: HSF_DPV - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSX_DPV.sys
O23 - Service: HSXHWAZL - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSXHWAZL.sys
O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys
O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys
O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys
O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys
O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys
O23 - Service: MHIKEY10 - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\MHIKEY10.sys (file missing)
O23 - Service: Tablet Mouse Filter Driver (moufiltr) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\moufiltr.sys (file missing)
O23 - Service: Controlador del adaptador Intel(R) Wireless WiFi Link 5000 Series para Windows Vista de 32 bits (netw5v32) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\netw5v32.sys
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys
O23 - Service: NSC Infrared Device Driver (NSCIRDA) - National Semiconductor Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nscirda.sys
O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: Office Software Protection Platform (osppsvc) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (file missing)
O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys
O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys
O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys
O23 - Service: USB2.0 PC Camera (SNP2UVC) (SNP2UVC) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2uvc.sys
O23 - Service: SrvHsfHDA - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTAZL3.SYS
O23 - Service: SrvHsfV92 - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTDPV3.SYS
O23 - Service: SrvHsfWinac - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTCNXT3.SYS
O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Synth3dVsc - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\synth3dvsc.sys (file missing)
O23 - Service: tifm21 - Texas Instruments - C:\WINDOWS\SYSTEM32\drivers\tifm21.sys
O23 - Service: @%SystemRoot%\system32\drivers\tsusbhub.sys,-1 (tsusbhub) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tsusbhub.sys (file missing)
O23 - Service: VGPU - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\rdvgkmd.sys (file missing)
O23 - Service: Generic Virtual HID Driver (vhidmini) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\walvhid.sys (file missing)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys
O23 - Service: winachsf - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSX_CNXT.sys
**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
83 Servicios.
13 de Carga Automatica.
70 de Carga Manual.
0 Deshabilitados.
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: ¿Un virus o qué rayos es ESTO?
Pues envianos estos fiocheros para analizar:
C:\WINDOWS\TEMP\MRT98E4.TMP\STDRT.EXE
C:\WINDOWS\SYSTEM32\NLSSRV32.EXE
>[b]ENVIO DE MUESTRAS Y ELIMINACIÓN DE CLAVES - Para ello recordar[/b]
https://foros.zonavirus.com/viewtopic.php?f=5&t=14253
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
y lanza el LSPFIX, ya que vemos dos claves repetidas al respecto:
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
[url=http://www.zonavirus.com/articulos/manual-lsp-fix.asp][b]Manual LSP-Fix[/b] [/url]
[url=http://www.zonavirus.com/descargas/lsp-fix.asp][b]Descargar LSP-Fix[/b] [/url]
y por ultimo, lanza el ELISTARA y acepta en sustituir el HOST por el original, ya que tienes el tuyo manipulado, posiblemente por un malware.
Pues pruebe el ELISTARA y nos postea el informe resultante:
saludos
ms, 5-10-2011
C:\WINDOWS\TEMP\MRT98E4.TMP\STDRT.EXE
C:\WINDOWS\SYSTEM32\NLSSRV32.EXE
>
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
y lanza el LSPFIX, ya que vemos dos claves repetidas al respecto:
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDNSP.DLL
y por ultimo, lanza el ELISTARA y acepta en sustituir el HOST por el original, ya que tienes el tuyo manipulado, posiblemente por un malware.
Pues pruebe el ELISTARA y nos postea el informe resultante:
[quote="para DESCARGAR el ELISTARA, msc"]http://www.zonavirus.com/descargas/descargar-elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el
resultado
del proceso[/quote]
saludos
ms, 5-10-2011
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online