Troyano Generic FF1 redirecciona a paginas fraudulentas (SOLUCIONADO)

jennifu · Mensaje por **jennifu** » 09 Mar 2012, 21:20

En primer lugar, muchas gracias de antemano para aquellos que se tomen la molestia de ayudarme con esto. :)

El caso es que mi antivirus (Clamwin) me detectó varios troyanos Generic FF-1en mis Common Files \ Windows Live... Busqué en internet cómo eliminarlo y seguí varios procedimientos:

1. Descargué y ejecuté el Malware bytes Anti-Malware: encontró muchísimos troyanos y en principio me los eliminó.

2. Pasé el Ccleaner y en principio me limpió todo.

3. Y pasé el Panda Antivirus online scan, así como el Kaspersky online para comprobar que no hubiera nada, y me decían que no había nada.

4. Comprobé si seguía google redireccionándome las páginas que buscara, y ya no lo hace... :shock:

Parecía estar todo bien pero cuando vuelvo a pasar el Clamwin Antivirus, me siguen apareciendo troyanos, y me preocupa que vuelva a aparecer el problema o que lo empeore si lo dejo estar. :cry:

Así, intenté formatear el ordenador y por algún motivo que desconozco, no me permite hacerlo.

¿Podríais echarme una mano, por favor? No entiendo qué tengo que hacer ahora, y no quiero ignorar esos troyanos que "supuestamente" sigo teniendo.

Gracias de nuevo

Mensaje por **msc hotline sat** » 10 Mar 2012, 07:37

Nada de lo que ha hecho es lo que aconsejamos en este foro...

No sé lo que le pudieron hacer o dejar de hacer las utilidades empleadas, frente a "tantos" troyanos... ???, ni lo que realmente eran ni lo que pudieran haber modificado en el registro de sistema, que quizas no restauraron dichas utilidades.

Y ahora veremos si, con lo que queda, podemos ver la causa del problema:

Pues pruebe el ELISTARA y nos postea el informe resultante:

[quote="para DESCARGAR el ELISTARA, msc"]

http://www.zonavirus.com/descargas/descargar-elistara.asp

Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el

resultado

del proceso [/quote]

Y si en el informe no se detectara nada ni pidiera muestra para analizar, proceder

con el SPROCES :

[quote="msc"]
~~[b]~~SPROCES.EXE[/b] (herramienta de investigación)

http://www.zonavirus.com/descargas/descargar-sproces.asp

Y tras pulsar en SALIR, postearnos el contenido del C:\SPROCLOG.TXT [/quote]

lo analizaremos e informaremos al respecto.

saludos

ms, 10-3-2012

jennifu · Mensaje por **jennifu** » 10 Mar 2012, 15:19

El c:\infosat.txt me pone esto:

(10-3-2012 13:52:06 (GMT))

EliStartPage v25.06 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 9 de Marzo del 2012)

--------------------------------------------------

Usuario: sonny tan

ID de Usuario: S-1-5-21-3046643138-2774111009-3859868861-1001

Lista de Acciones (por Acción Directa):

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE

(10-3-2012 14:00:22 (GMT))

EliStartPage v25.06 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 9 de Marzo del 2012)

--------------------------------------------------

Usuario: sonny tan

ID de Usuario: S-1-5-21-3046643138-2774111009-3859868861-1001

Lista de Acciones (por Exploración):

Explorando "C:\"

C:\Program Files (x86)\shARES\TBSHAR.DLL --> Eliminado, TBConduit(tb)

Nº Total de Directorios: 31679

Nº Total de Ficheros: 155499

Nº de Ficheros Analizados: 37976

Nº de Ficheros Infectados: 1

Nº de Ficheros Limpiados: 1

(10-3-2012 14:04:14 (GMT))

EliStartPage v25.06 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 9 de Marzo del 2012)

--------------------------------------------------

Usuario: sonny tan

ID de Usuario: S-1-5-21-3046643138-2774111009-3859868861-1001

Lista de Acciones (por Exploración):

Explorando "C:\"

Nº Total de Directorios: 31679

Nº Total de Ficheros: 155498

Nº de Ficheros Analizados: 37975

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0

Así que al no detectar nada, usé el que me dijisteis, y aparecía esto al salir:

(10-3-2012 14:15:21 GMT)

SProces v6.1 (c)2012 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Home Premium (v6.1.7601)

Internet Explorer: (v9.0.8112.16421) 0

Equipo: SONNYTAN-PC

Usuario: sonny tan

Sesión de Usuario: sonny tan

93 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\ATIESRXX.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\ATIECLXX.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\FBAGENT.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ASLDRSRV.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKGFNEX\GFNEXSRV.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\APPLEMOBILEDEVICESERVICE.EXE

C:\PROGRAM FILES (X86)\MICROSOFT\BINGBAR\BBSVC.EXE

C:\PROGRAM FILES (X86)\MICROSOFT\BINGBAR\SEAPORT.EXE

C:\WINDOWS\SYSTEM32\MDNSRESPONDER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\E_S40STB.EXE

C:\WINDOWS\SYSTEM32\E_S40RPB.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\TOMTOM HOME 2\TOMTOMHOMESERVICE.EXE

C:\PROGRAM FILES (X86)\YAHOO!\SOFTWAREUPDATE\YAHOOAUSERVICE.EXE

C:\WINDOWS\SYSTEM32\TRUSTEDINSTALLER.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\PROGRAM FILES (X86)\ASUS\ASUS LIVE UPDATE\ALU.EXE

C:\WINDOWS\SYSTEM32\ASPG.EXE

C:\PROGRAM FILES (X86)\ASUS\SMARTLOGON\SENSORSRV.EXE

C:\PROGRAM FILES (X86)\ASUS\WIRELESS CONSOLE 3\WCOURIER.EXE

C:\WINDOWS\SYSTEM32\BATTERYLIFE.EXE

C:\WINDOWS\SYSTEM32\ACMON.EXE

C:\PROGRAM FILES (X86)\ASUS\CONTROLDECK\CONTROLDECKSTARTUP.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\WINDOWS\SYSTEM32\ACENGSVR.EXE

C:\WINDOWS\SYSTEM32\EXPLORER.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\PROGRAM FILES (X86)\ADOBE\READER 9.0\READER\READER_SL.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROL.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\WINDOWS\SYSTEM32\ETDCTRL.EXE

C:\WINDOWS\SYSTEM32\ASUSWSSERVICE.EXE

C:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE

C:\PROGRAM FILES (X86)\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE

C:\PROGRAM FILES (X86)\ARES\ARES.EXE

C:\PROGRAM FILES (X86)\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE

C:\PROGRAM FILES (X86)\TOMTOM HOME 2\TOMTOMHOMERUNNER.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ATKOSD.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\WDC.EXE

C:\WINDOWS\ASSCRPRO.EXE

C:\WINDOWS\SYSTEM32\ETDCTRLHELPER.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKOSD2\ATKOSD2.EXE

C:\WINDOWS\SYSTEM32\MOM.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK MEDIA\DMEDIA.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROLUSER.EXE

C:\PROGRAM FILES (X86)\CLAMWIN\BIN\CLAMTRAY.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE

C:\PROGRAM FILES (X86)\ITUNES\ITUNESHELPER.EXE

C:\PROGRAM FILES (X86)\CYBERLINK\POWER2GO\CLMLSVC.EXE

C:\WINDOWS\SYSTEM32\IPODSERVICE.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\WINDOWS\SYSTEM32\SRSPREMIUMPANEL_64.EXE

C:\PROGRAM FILES (X86)\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.EXE

C:\PROGRAM FILES (X86)\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.BIN

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\CCC.EXE

C:\WINDOWS\SYSTEM32\WMPNETWK.EXE

C:\PROGRAM FILES (X86)\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE

C:\PROGRAM FILES (X86)\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE

C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IELOWUTIL.EXE

C:\WINDOWS\SYSTEM32\SPPSVC.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\WINDOWS\SYSWOW64\RUNDLL32.EXE

C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE

C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE

C:\USERS\SONNY TAN\DOWNLOADS\SPROCES\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)

R3 - URLSearchHook: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll (HKLM)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll

R3 - URLSearchHook: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

R3 - URLSearchHook: (no name) - {093dd24a-efd4-468a-a18e-29a572101d72} - (no file)

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: shARES - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O3 - Toolbar: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe

O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S583D.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"

O4 - HKLM\..\Run: [ClamWin] "C:\Program Files (x86)\ClamWin\bin\ClamTray.exe" --logon

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: FancyStart daemon.lnk = C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d

O4 - Global Startup: SRS Premium Sound.lnk = C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

Información Adicional:

----------------------

Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: AFBAgent - ASUSTeK Computer Inc. - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bing Bar Update Service (BBSvc) - Microsoft Corporation. - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: Belgium_id_card_service (SaiNtHid) - Unknown owner - C:\WINDOWS\SYSTEM32\\\.\globalroot\SystemRoot\system32\svchost.exe (file missing)

O23 - Service: Vwlogger (scanexplicit) - Unknown owner - C:\WINDOWS\SYSTEM32\\\.\globalroot\SystemRoot\system32\svchost.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Turbo Boost UI Monitor driver (TurboB) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\TurboB.sys (file missing)

O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles(x86)%\Windows Defender\mpsvc.dll (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys (file missing)

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys (file missing)

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys (file missing)

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (file missing)

O23 - Service: amdkmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atipmdag.sys (file missing)

O23 - Service: amdkmdap - Advanced Micro Devices, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmpag.sys (file missing)

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys (file missing)

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys (file missing)

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys (file missing)

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys (file missing)

O23 - Service: Atheros Extensible Wireless LAN device driver (athr) - Atheros Communications, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\athrx.sys (file missing)

O23 - Service: ATI Function Driver for High Definition Audio Service (AtiHdmiService) - ATI Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\AtiHdmi.sys (file missing)

O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbda.sys (file missing)

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys (file missing)

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys (file missing)

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys (file missing)

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys (file missing)

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys (file missing)

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys (file missing)

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys (file missing)

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (file missing)

O23 - Service: Conexant UAA Function Driver for High Definition Audio Service (CnxtHdAudService) - Conexant Systems Inc. - C:\WINDOWS\SYSTEM32\drivers\CHDRT64.sys (file missing)

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbda.sys (file missing)

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys (file missing)

O23 - Service: esgiguard - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (file missing)

O23 - Service: ELAN PS/2 Port Input Device (ETD) - ELAN Microelectronic Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\ETD.sys (file missing)

O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (file missing)

O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys (file missing)

O23 - Service: Intel(R) Management Engine Interface (HECIx64) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\HECIx64.sys (file missing)

O23 - Service: Hitman Pro 3.5 Support Driver (hitmanpro35) - Unknown owner - C:\Windows\system32\drivers\hitmanpro36.sys (file missing)

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys (file missing)

O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys (file missing)

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys (file missing)

O23 - Service: Impcd - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\Impcd.sys (file missing)

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: JMCR - JMicron Technology Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\jmcr.sys (file missing)

O23 - Service: JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits) (JME) - JMicron Technology Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\JME.sys (file missing)

O23 - Service: Keyboard Filter (kbfiltr) - - C:\WINDOWS\SYSTEM32\DRIVERS\kbfiltr.sys (file missing)

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys (file missing)

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys (file missing)

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys (file missing)

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys (file missing)

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys (file missing)

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys (file missing)

O23 - Service: ATK0100 ACPI UTILITY (MTsensor) - ASUS - C:\WINDOWS\SYSTEM32\DRIVERS\ATK64AMD.sys (file missing)

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys (file missing)

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (file missing)

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (file missing)

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys (file missing)

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys (file missing)

O23 - Service: Serial - Brother Industries Ltd. - C:\WINDOWS\system32\DRIVERS\serial.sys (file missing)

O23 - Service: SiS191/SiS190 Ethernet Device NDIS 6.0 Driver (SiSGbeLH) - Silicon Integrated Systems Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\SiSG664.sys (file missing)

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys (file missing)

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys (file missing)

O23 - Service: USB2.0 PC Camera (SNP2UVC) (SNP2UVC) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2uvc.sys (file missing)

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys (file missing)

O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (file missing)

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys (file missing)

Listado de Servicios (Deshabilitados):

--------------------------------------

82 Servicios.

21 de Carga Automatica.

61 de Carga Manual.

0 Deshabilitados.

No saben cuánto agradezco su ayuda. Un abrazo!

Mensaje por **msc hotline sat** » 10 Mar 2012, 19:35

Vemos estos ficheros atipicos:

C:\WINDOWS\SYSTEM32\FBAGENT.EXE

C:\WINDOWS\SYSTEM32\ASUSWSSERVICE.EXE

C:\WINDOWS\SYSTEM32\SRSPREMIUMPANEL_64.EXE

Para ello recordar[/b]:

https://foros.zonavirus.com/viewtopic.php?f=5&t=14253

Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos

y elimimar estas claves:

R3 - URLSearchHook: (no name) - {093dd24a-efd4-468a-a18e-29a572101d72} - (no file)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

para ello lanzar el SPROCES, pulse en SCAN, marcar dichas claves y seleccionar ELIMINAR

saludos

ms, 10-3-2012

jennifu · Mensaje por **jennifu** » 11 Mar 2012, 13:13

Me temo que sólo he conseguido encontrar el fichero fbagent.exe. Los otros dos ficheros, nada, por mucho que se muestren los archivos ocultos y demás, lo siento mucho. :?

Y éste es el log del SProces tras eliminar las claves que me indicábais.

(11-3-2012 12:09:44 GMT)

SProces v6.1 (c)2012 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Home Premium (v6.1.7601)

Internet Explorer: (v9.0.8112.16421) 0

Equipo: SONNYTAN-PC

Usuario: sonny tan

Sesión de Usuario: sonny tan

80 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\ATIESRXX.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\ATIECLXX.EXE

C:\WINDOWS\SYSTEM32\FBAGENT.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ASLDRSRV.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKGFNEX\GFNEXSRV.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\APPLEMOBILEDEVICESERVICE.EXE

C:\PROGRAM FILES (X86)\MICROSOFT\BINGBAR\SEAPORT.EXE

C:\WINDOWS\SYSTEM32\MDNSRESPONDER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\E_S40STB.EXE

C:\WINDOWS\SYSTEM32\E_S40RPB.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\TOMTOM HOME 2\TOMTOMHOMESERVICE.EXE

C:\PROGRAM FILES (X86)\YAHOO!\SOFTWAREUPDATE\YAHOOAUSERVICE.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\WINDOWS\SYSTEM32\EXPLORER.EXE

C:\PROGRAM FILES (X86)\ASUS\ASUS LIVE UPDATE\ALU.EXE

C:\WINDOWS\SYSTEM32\ASPG.EXE

C:\PROGRAM FILES (X86)\ASUS\SMARTLOGON\SENSORSRV.EXE

C:\PROGRAM FILES (X86)\ASUS\CONTROLDECK\CONTROLDECKSTARTUP.EXE

C:\WINDOWS\SYSTEM32\BATTERYLIFE.EXE

C:\WINDOWS\SYSTEM32\ACMON.EXE

C:\PROGRAM FILES (X86)\ASUS\WIRELESS CONSOLE 3\WCOURIER.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\WINDOWS\SYSTEM32\ACENGSVR.EXE

C:\WINDOWS\SYSTEM32\ETDCTRL.EXE

C:\WINDOWS\SYSTEM32\ASUSWSSERVICE.EXE

C:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE

C:\PROGRAM FILES (X86)\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE

C:\PROGRAM FILES (X86)\ARES\ARES.EXE

C:\PROGRAM FILES (X86)\TOMTOM HOME 2\TOMTOMHOMERUNNER.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROL.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ATKOSD.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\WDC.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKOSD2\ATKOSD2.EXE

C:\WINDOWS\SYSTEM32\MOM.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK MEDIA\DMEDIA.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROLUSER.EXE

C:\PROGRAM FILES (X86)\CLAMWIN\BIN\CLAMTRAY.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE

C:\PROGRAM FILES (X86)\ITUNES\ITUNESHELPER.EXE

C:\WINDOWS\ASSCRPRO.EXE

C:\WINDOWS\SYSTEM32\IPODSERVICE.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\PROGRAM FILES (X86)\CYBERLINK\POWER2GO\CLMLSVC.EXE

C:\WINDOWS\SYSTEM32\WMPNETWK.EXE

C:\WINDOWS\SYSTEM32\SRSPREMIUMPANEL_64.EXE

C:\PROGRAM FILES (X86)\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.EXE

C:\PROGRAM FILES (X86)\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.BIN

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\CCC.EXE

C:\WINDOWS\SYSTEM32\ETDCTRLHELPER.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\PROGRAM FILES (X86)\OFFERBOX\OFFERBOX.EXE

C:\PROGRAM FILES (X86)\OFFERBOX\OFFERBOXHTTPPROXY.EXE

C:\PROGRAM FILES (X86)\YAHOO!\MESSENGER\YMSGR_TRAY.EXE

C:\USERS\SONNY TAN\DOWNLOADS\SPROCES\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:56847 (1)

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local> (1)

R3 - URLSearchHook: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll (HKLM)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll

R3 - URLSearchHook: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: shARES - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O3 - Toolbar: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe

O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S583D.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"

O4 - HKLM\..\Run: [ClamWin] "C:\Program Files (x86)\ClamWin\bin\ClamTray.exe" --logon

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [offerbox] C:\Program Files (x86)\OfferBox\OfferBox.exe

O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: FancyStart daemon.lnk = C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d

O4 - Global Startup: SRS Premium Sound.lnk = C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

Información Adicional:

----------------------

Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: AFBAgent - ASUSTeK Computer Inc. - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bing Bar Update Service (BBSvc) - Microsoft Corporation. - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: Belgium_id_card_service (SaiNtHid) - Unknown owner - C:\WINDOWS\SYSTEM32\\\.\globalroot\SystemRoot\system32\svchost.exe (file missing)

O23 - Service: Vwlogger (scanexplicit) - Unknown owner - C:\WINDOWS\SYSTEM32\\\.\globalroot\SystemRoot\system32\svchost.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Turbo Boost UI Monitor driver (TurboB) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\TurboB.sys (file missing)

O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles(x86)%\Windows Defender\mpsvc.dll (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys (file missing)

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys (file missing)

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys (file missing)

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (file missing)

O23 - Service: amdkmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atipmdag.sys (file missing)

O23 - Service: amdkmdap - Advanced Micro Devices, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmpag.sys (file missing)

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys (file missing)

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys (file missing)

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys (file missing)

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys (file missing)

O23 - Service: Atheros Extensible Wireless LAN device driver (athr) - Atheros Communications, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\athrx.sys (file missing)

O23 - Service: ATI Function Driver for High Definition Audio Service (AtiHdmiService) - ATI Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\AtiHdmi.sys (file missing)

O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbda.sys (file missing)

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys (file missing)

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys (file missing)

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys (file missing)

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys (file missing)

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys (file missing)

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys (file missing)

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys (file missing)

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (file missing)

O23 - Service: Conexant UAA Function Driver for High Definition Audio Service (CnxtHdAudService) - Conexant Systems Inc. - C:\WINDOWS\SYSTEM32\drivers\CHDRT64.sys (file missing)

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbda.sys (file missing)

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys (file missing)

O23 - Service: esgiguard - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (file missing)

O23 - Service: ELAN PS/2 Port Input Device (ETD) - ELAN Microelectronic Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\ETD.sys (file missing)

O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (file missing)

O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys (file missing)

O23 - Service: Intel(R) Management Engine Interface (HECIx64) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\HECIx64.sys (file missing)

O23 - Service: Hitman Pro 3.5 Support Driver (hitmanpro35) - Unknown owner - C:\Windows\system32\drivers\hitmanpro36.sys (file missing)

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys (file missing)

O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys (file missing)

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys (file missing)

O23 - Service: Impcd - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\Impcd.sys (file missing)

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: JMCR - JMicron Technology Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\jmcr.sys (file missing)

O23 - Service: JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits) (JME) - JMicron Technology Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\JME.sys (file missing)

O23 - Service: Keyboard Filter (kbfiltr) - - C:\WINDOWS\SYSTEM32\DRIVERS\kbfiltr.sys (file missing)

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys (file missing)

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys (file missing)

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys (file missing)

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys (file missing)

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys (file missing)

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys (file missing)

O23 - Service: ATK0100 ACPI UTILITY (MTsensor) - ASUS - C:\WINDOWS\SYSTEM32\DRIVERS\ATK64AMD.sys (file missing)

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys (file missing)

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (file missing)

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (file missing)

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys (file missing)

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys (file missing)

O23 - Service: Serial - Brother Industries Ltd. - C:\WINDOWS\system32\DRIVERS\serial.sys (file missing)

O23 - Service: SiS191/SiS190 Ethernet Device NDIS 6.0 Driver (SiSGbeLH) - Silicon Integrated Systems Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\SiSG664.sys (file missing)

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys (file missing)

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys (file missing)

O23 - Service: USB2.0 PC Camera (SNP2UVC) (SNP2UVC) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2uvc.sys (file missing)

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys (file missing)

O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (file missing)

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys (file missing)

Listado de Servicios (Deshabilitados):

--------------------------------------

82 Servicios.

21 de Carga Automatica.

61 de Carga Manual.

0 Deshabilitados.

Mensaje por **msc hotline sat** » 11 Mar 2012, 17:22

Pues mira de conseguir los otros dos ficheros con el ELIMOVER, si existen:

ELIMOVER

http://www.zonavirus.com/descargas/descargar-elimover.asp

entrando una a una cada ruta/nombre:

C:\WINDOWS\SYSTEM32\ASUSWSSERVICE.EXE

C:\WINDOWS\SYSTEM32\SRSPREMIUMPANEL_64.EXE

Tenerlos los tienes, porque están en uso...

Por si acaso fueran rootkits que se ocultaran, prueba la búsqueda arrancando en MODO SEGURO

Y si los encuentras, nos los envias todos conforme indicado.

saludos

ms, 11-3-2012

PD.

Y estos otros dos que vemos en el nuevo log, envianoslos tambien:

C:\PROGRAM FILES (X86)\OFFERBOX\OFFERBOX.EXE

C:\PROGRAM FILES (X86)\OFFERBOX\OFFERBOXHTTPPROXY.EXE

ms.

jennifu · Mensaje por **jennifu** » 11 Mar 2012, 19:29

El ELIMOVER tampoco los encuentra, me dice que "No existe el fichero".

Después, como indicas, reinicié en MODO SEGURO, y tampoco los encuentra.

Como el programa que encontró dichos ficheros era el SProces, pensé en ejecutarlo por si acaso (yo no entiendo de estas cosas, por supuesto, :| ) ya no estuvieran, y me salió este log (estando en modo seguro):

(11-3-2012 18:08:25 GMT)

SProces v6.1 (c)2012 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Home Premium (v6.1.7601)

Internet Explorer: (v9.0.8112.16421) 0

Equipo: SONNYTAN-PC

Usuario: sonny tan

Sesión de Usuario: sonny tan

21 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\EXPLORER.EXE

C:\WINDOWS\SYSTEM32\CTFMON.EXE

C:\PROGRAM FILES (X86)\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\PROGRAM FILES (X86)\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\USERS\SONNY TAN\DOWNLOADS\SPROCES\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)

R3 - URLSearchHook: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll (HKLM)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll

R3 - URLSearchHook: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: shARES - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O3 - Toolbar: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files (x86)\shARES\prxtbshA0.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe

O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S583D.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"

O4 - HKLM\..\Run: [ClamWin] "C:\Program Files (x86)\ClamWin\bin\ClamTray.exe" --logon

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [offerbox] C:\Program Files (x86)\OfferBox\OfferBox.exe

O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: FancyStart daemon.lnk = C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d

O4 - Global Startup: SRS Premium Sound.lnk = C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_30) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

Información Adicional:

----------------------

Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: AFBAgent - ASUSTeK Computer Inc. - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bing Bar Update Service (BBSvc) - Microsoft Corporation. - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: Belgium_id_card_service (SaiNtHid) - Unknown owner - C:\WINDOWS\SYSTEM32\\\.\globalroot\SystemRoot\system32\svchost.exe (file missing)

O23 - Service: Vwlogger (scanexplicit) - Unknown owner - C:\WINDOWS\SYSTEM32\\\.\globalroot\SystemRoot\system32\svchost.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Turbo Boost UI Monitor driver (TurboB) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\TurboB.sys (file missing)

O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles(x86)%\Windows Defender\mpsvc.dll (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys (file missing)

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys (file missing)

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys (file missing)

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (file missing)

O23 - Service: amdkmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atipmdag.sys (file missing)

O23 - Service: amdkmdap - Advanced Micro Devices, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmpag.sys (file missing)

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys (file missing)

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys (file missing)

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys (file missing)

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys (file missing)

O23 - Service: Atheros Extensible Wireless LAN device driver (athr) - Atheros Communications, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\athrx.sys (file missing)

O23 - Service: ATI Function Driver for High Definition Audio Service (AtiHdmiService) - ATI Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\AtiHdmi.sys (file missing)

O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys (file missing)

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbda.sys (file missing)

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys (file missing)

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys (file missing)

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys (file missing)

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys (file missing)

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys (file missing)

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys (file missing)

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys (file missing)

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (file missing)

O23 - Service: Conexant UAA Function Driver for High Definition Audio Service (CnxtHdAudService) - Conexant Systems Inc. - C:\WINDOWS\SYSTEM32\drivers\CHDRT64.sys (file missing)

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbda.sys (file missing)

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys (file missing)

O23 - Service: esgiguard - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (file missing)

O23 - Service: ELAN PS/2 Port Input Device (ETD) - ELAN Microelectronic Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\ETD.sys (file missing)

O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (file missing)

O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys (file missing)

O23 - Service: Intel(R) Management Engine Interface (HECIx64) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\HECIx64.sys (file missing)

O23 - Service: Hitman Pro 3.5 Support Driver (hitmanpro35) - Unknown owner - C:\Windows\system32\drivers\hitmanpro36.sys (file missing)

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys (file missing)

O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys (file missing)

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys (file missing)

O23 - Service: Impcd - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\Impcd.sys (file missing)

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: JMCR - JMicron Technology Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\jmcr.sys (file missing)

O23 - Service: JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits) (JME) - JMicron Technology Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\JME.sys (file missing)

O23 - Service: Keyboard Filter (kbfiltr) - - C:\WINDOWS\SYSTEM32\DRIVERS\kbfiltr.sys (file missing)

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys (file missing)

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys (file missing)

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys (file missing)

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys (file missing)

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys (file missing)

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys (file missing)

O23 - Service: ATK0100 ACPI UTILITY (MTsensor) - ASUS - C:\WINDOWS\SYSTEM32\DRIVERS\ATK64AMD.sys (file missing)

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys (file missing)

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (file missing)

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (file missing)

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys (file missing)

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys (file missing)

O23 - Service: SiS191/SiS190 Ethernet Device NDIS 6.0 Driver (SiSGbeLH) - Silicon Integrated Systems Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\SiSG664.sys (file missing)

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys (file missing)

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys (file missing)

O23 - Service: USB2.0 PC Camera (SNP2UVC) (SNP2UVC) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2uvc.sys (file missing)

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys (file missing)

O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (file missing)

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys (file missing)

Listado de Servicios (Deshabilitados):

--------------------------------------

81 Servicios.

21 de Carga Automatica.

60 de Carga Manual.

0 Deshabilitados.

Si lo he mirado bien, no los encuentro tampoco en este log, ¿es posible que se hayan borrado, quizás? :?

En cuanto a los otros dos ficheros que me pedís, ya os los he enviado.

Perdona la brasa que te estoy dando con esto. :roll:

Mensaje por **msc hotline sat** » 12 Mar 2012, 07:20

Pues hoy analizaremos los ficheros que han llegado este fin de semana, y tras analizar los tuyos, te informaremos del resultado.

saludos

ms, 12-3-2012

Mensaje por **msc hotline sat** » 12 Mar 2012, 09:25

Informe de los ficheros que nos ha enviado para analizar:

SHA256: 65d7fb958d1f8e36dc4ee70d8aa270980094a5fb0f358d560ca480c482efd2e7

SHA1: 5bca0ede8346607d6362c5886f3b72e0929548b9

MD5: 8ac88dcac5fe730b128beab8d6873a8f

Tamaño: 4.7 MB ( 4880232 bytes )

Nombre: OfferBox.exe

Tipo: Win32 EXE

Detecciones: 0 / 43

Fecha de análisis: 2012-03-12 08:14:11 UTC ( hace 0 minutos )

publisher................: Aedge Performance BCN SL

product..................: OfferBox

internal name............: OfferBox

copyright................: Copyright (c) 2009

original name............:

signing date.............: 6:39 PM 3/5/2012

comments.................:

file version.............: 5, 5, 5480, 411

signers..................: Aedge Performance BCN, S.L.U.

VeriSign Class 3 Code Signing 2010 CA

VeriSign Class 3 Public Primary Certification Authority - G5

description..............: OfferBox

___________

SHA256: 913448c943c9e892a629b47c95ca6657be10256123988e7ef64eff3f350bb6ae

SHA1: 2e0ea86d056c08cb9466a04b51b1baec04d86650

MD5: 7dc9799b627ad83caf81732d5d7e7c76

Tamaño: 173.4 KB ( 177512 bytes )

Nombre: OfferBoxHTTPProxy.exe

Tipo: Win32 EXE

Detecciones: 0 / 43

Fecha de análisis: 2012-03-12 08:20:43 UTC ( hace 0 minutos )

publisher................: Aedge Performance BCN SL

product..................: OfferBoxHTTPProxy

internal name............: OfferBoxHTTPProxy

copyright................: Copyright (c) 2011

signing date.............: 6:39 PM 3/5/2012

original name............:

comments.................:

file version.............: 5, 5, 5480, 411

signers..................: Aedge Performance BCN, S.L.U.

VeriSign Class 3 Code Signing 2010 CA

VeriSign Class 3 Public Primary Certification Authority - G5

description..............: OfferBoxHTTPProxy

No se conocen rutinas viricas en dichos ficheros

Pudiera ser un ROOTKit que no se viera normalmente, prueben utilidades al respecto como :

TDSSKILLER

[url=http://support.kaspersky.com/downloads/utils/tdsskiller.exe]TDSSKILLER[/url]

y salva el informe resultante y nos lo postea, asi como los progresos al respecto, gracias

saludos

ms, 12-3-2012

PD. Y sobre un último fichero recibido posteriormente, mas de lo msimo:

Ultimo fichero recibido de este Tema:

SHA256: 559048c0a15bba83367d0f2969f48042fb1d11c9862a0ba4df69fb15decb8761

SHA1: fe15c35b11de9858a6a23d3a12d237b19c7029b4

MD5: 2d00d3dadc1d3326ba788eb071f2726e

Tamaño: 370.6 KB ( 379520 bytes )

Nombre: FBAgent.exe

Tipo: unknown

Detecciones: 0 / 43

Fecha de análisis: 2012-03-12 08:49:27 UTC ( hace 1 minuto )

publisher................: ASUSTeK Computer Inc.

product..................: AFBAgent

internal name............: FBAgent.exe

copyright................: (C) 2008 ASUSTeK Computer Inc. All rights reserved.

original name............: FBAgent.exe

signing date.............: 9:15 AM 12/7/2009

signers..................: ASUSTeK Computer Inc.

VeriSign Class 3 Code Signing 2009-2 CA

Class 3 Public Primary Certification Authority

file version.............: 1, 0, 5, 4

description..............: ASUS FastBoot

Nada detectado al respecto. ms.

jennifu · Mensaje por **jennifu** » 12 Mar 2012, 12:42

El report del TDSSKILLER tampoco detecta nada:

11:53:16.0100 5000 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43

11:53:16.0276 5000 ============================================================

11:53:16.0276 5000 Current date / time: 2012/03/12 11:53:16.0276

11:53:16.0276 5000 SystemInfo:

11:53:16.0276 5000

11:53:16.0276 5000 OS Version: 6.1.7601 ServicePack: 1.0

11:53:16.0276 5000 Product type: Workstation

11:53:16.0276 5000 ComputerName: SONNYTAN-PC

11:53:16.0276 5000 UserName: sonny tan

11:53:16.0276 5000 Windows directory: C:\Windows

11:53:16.0276 5000 System windows directory: C:\Windows

11:53:16.0276 5000 Running under WOW64

11:53:16.0276 5000 Processor architecture: Intel x64

11:53:16.0276 5000 Number of processors: 4

11:53:16.0276 5000 Page size: 0x1000

11:53:16.0276 5000 Boot type: Normal boot

11:53:16.0276 5000 ============================================================

11:53:16.0737 5000 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:53:16.0742 5000 \Device\Harddisk0\DR0:

11:53:16.0742 5000 MBR used

11:53:16.0742 5000 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0x236E2800

11:53:16.0769 5000 Initialize success

11:53:16.0769 5000 ============================================================

11:53:22.0260 2524 ============================================================

11:53:22.0260 2524 Scan started

11:53:22.0260 2524 Mode: Manual;

11:53:22.0260 2524 ============================================================

11:53:22.0846 2524 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

11:53:22.0850 2524 1394ohci - ok

11:53:22.0899 2524 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

11:53:22.0904 2524 ACPI - ok

11:53:22.0956 2524 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

11:53:22.0958 2524 AcpiPmi - ok

11:53:23.0032 2524 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

11:53:23.0040 2524 adp94xx - ok

11:53:23.0094 2524 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

11:53:23.0099 2524 adpahci - ok

11:53:23.0141 2524 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

11:53:23.0145 2524 adpu320 - ok

11:53:23.0235 2524 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

11:53:23.0242 2524 AFD - ok

11:53:23.0292 2524 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

11:53:23.0294 2524 agp440 - ok

11:53:23.0355 2524 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

11:53:23.0357 2524 aliide - ok

11:53:23.0404 2524 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

11:53:23.0406 2524 amdide - ok

11:53:23.0480 2524 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

11:53:23.0482 2524 AmdK8 - ok

11:53:23.0678 2524 amdkmdag (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atipmdag.sys

11:53:24.0070 2524 amdkmdag - ok

11:53:24.0154 2524 amdkmdap (414e0788920a8c856032be2cbf29f984) C:\Windows\system32\DRIVERS\atikmpag.sys

11:53:24.0155 2524 amdkmdap - ok

11:53:24.0208 2524 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

11:53:24.0211 2524 AmdPPM - ok

11:53:24.0271 2524 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

11:53:24.0274 2524 amdsata - ok

11:53:24.0327 2524 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

11:53:24.0331 2524 amdsbs - ok

11:53:24.0366 2524 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

11:53:24.0366 2524 amdxata - ok

11:53:24.0424 2524 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

11:53:24.0426 2524 AppID - ok

11:53:24.0549 2524 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

11:53:24.0551 2524 arc - ok

11:53:24.0601 2524 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

11:53:24.0603 2524 arcsas - ok

11:53:24.0693 2524 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

11:53:24.0694 2524 ASMMAP64 - ok

11:53:24.0783 2524 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

11:53:24.0785 2524 AsyncMac - ok

11:53:24.0833 2524 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

11:53:24.0833 2524 atapi - ok

11:53:24.0898 2524 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

11:53:24.0932 2524 athr - ok

11:53:25.0017 2524 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys

11:53:25.0018 2524 AtiHdmiService - ok

11:53:25.0193 2524 atikmdag (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atikmdag.sys

11:53:25.0337 2524 atikmdag - ok

11:53:25.0446 2524 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

11:53:25.0453 2524 b06bdrv - ok

11:53:25.0523 2524 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

11:53:25.0528 2524 b57nd60a - ok

11:53:25.0707 2524 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

11:53:25.0708 2524 Beep - ok

11:53:25.0765 2524 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

11:53:25.0767 2524 blbdrive - ok

11:53:25.0860 2524 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

11:53:25.0862 2524 bowser - ok

11:53:25.0923 2524 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

11:53:25.0924 2524 BrFiltLo - ok

11:53:25.0957 2524 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

11:53:25.0958 2524 BrFiltUp - ok

11:53:26.0016 2524 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

11:53:26.0018 2524 BridgeMP - ok

11:53:26.0069 2524 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

11:53:26.0074 2524 Brserid - ok

11:53:26.0115 2524 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

11:53:26.0117 2524 BrSerWdm - ok

11:53:26.0166 2524 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

11:53:26.0168 2524 BrUsbMdm - ok

11:53:26.0206 2524 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

11:53:26.0208 2524 BrUsbSer - ok

11:53:26.0252 2524 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

11:53:26.0254 2524 BTHMODEM - ok

11:53:26.0326 2524 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

11:53:26.0328 2524 cdfs - ok

11:53:26.0414 2524 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

11:53:26.0417 2524 cdrom - ok

11:53:26.0538 2524 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

11:53:26.0541 2524 circlass - ok

11:53:26.0594 2524 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

11:53:26.0600 2524 CLFS - ok

11:53:26.0686 2524 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

11:53:26.0687 2524 CmBatt - ok

11:53:26.0726 2524 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

11:53:26.0727 2524 cmdide - ok

11:53:26.0785 2524 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

11:53:26.0792 2524 CNG - ok

11:53:26.0853 2524 CnxtHdAudService (f7ca3accf5aa0e2182546c5be42b2e96) C:\Windows\system32\drivers\CHDRT64.sys

11:53:26.0863 2524 CnxtHdAudService - ok

11:53:26.0902 2524 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

11:53:26.0902 2524 Compbatt - ok

11:53:26.0964 2524 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

11:53:26.0967 2524 CompositeBus - ok

11:53:27.0031 2524 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

11:53:27.0033 2524 crcdisk - ok

11:53:27.0143 2524 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

11:53:27.0146 2524 DfsC - ok

11:53:27.0216 2524 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

11:53:27.0217 2524 discache - ok

11:53:27.0273 2524 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

11:53:27.0275 2524 Disk - ok

11:53:27.0389 2524 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

11:53:27.0390 2524 drmkaud - ok

11:53:27.0468 2524 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

11:53:27.0473 2524 DXGKrnl - ok

11:53:27.0591 2524 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

11:53:27.0658 2524 ebdrv - ok

11:53:27.0761 2524 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

11:53:27.0769 2524 elxstor - ok

11:53:27.0830 2524 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

11:53:27.0831 2524 ErrDev - ok

11:53:27.0932 2524 esgiguard - ok

11:53:28.0042 2524 ETD (06c94be9d9e1e6411429433a64a76936) C:\Windows\system32\DRIVERS\ETD.sys

11:53:28.0046 2524 ETD - ok

11:53:28.0119 2524 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

11:53:28.0123 2524 exfat - ok

11:53:28.0169 2524 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

11:53:28.0173 2524 fastfat - ok

11:53:28.0231 2524 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

11:53:28.0233 2524 fdc - ok

11:53:28.0273 2524 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

11:53:28.0276 2524 FileInfo - ok

11:53:28.0307 2524 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

11:53:28.0309 2524 Filetrace - ok

11:53:28.0360 2524 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

11:53:28.0362 2524 flpydisk - ok

11:53:28.0421 2524 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

11:53:28.0426 2524 FltMgr - ok

11:53:28.0481 2524 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

11:53:28.0483 2524 FsDepends - ok

11:53:28.0545 2524 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys

11:53:28.0548 2524 fssfltr - ok

11:53:28.0588 2524 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

11:53:28.0588 2524 Fs_Rec - ok

11:53:28.0649 2524 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

11:53:28.0653 2524 fvevol - ok

11:53:28.0696 2524 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

11:53:28.0698 2524 gagp30kx - ok

11:53:28.0748 2524 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

11:53:28.0749 2524 GEARAspiWDM - ok

11:53:28.0827 2524 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

11:53:28.0829 2524 hcw85cir - ok

11:53:28.0912 2524 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

11:53:28.0918 2524 HdAudAddService - ok

11:53:28.0979 2524 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

11:53:28.0981 2524 HDAudBus - ok

11:53:29.0037 2524 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

11:53:29.0038 2524 HECIx64 - ok

11:53:29.0080 2524 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

11:53:29.0082 2524 HidBatt - ok

11:53:29.0117 2524 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

11:53:29.0120 2524 HidBth - ok

11:53:29.0156 2524 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

11:53:29.0158 2524 HidIr - ok

11:53:29.0229 2524 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

11:53:29.0230 2524 HidUsb - ok

11:53:29.0275 2524 hitmanpro35 (8ab06ddaf6fe854db1e28f7c0ab1fce3) C:\Windows\system32\drivers\hitmanpro36.sys

11:53:29.0277 2524 hitmanpro35 - ok

11:53:29.0332 2524 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

11:53:29.0335 2524 HpSAMD - ok

11:53:29.0400 2524 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

11:53:29.0409 2524 HTTP - ok

11:53:29.0448 2524 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

11:53:29.0449 2524 hwpolicy - ok

11:53:29.0513 2524 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

11:53:29.0515 2524 i8042prt - ok

11:53:29.0577 2524 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys

11:53:29.0580 2524 iaStor - ok

11:53:29.0652 2524 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

11:53:29.0658 2524 iaStorV - ok

11:53:29.0723 2524 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

11:53:29.0725 2524 iirsp - ok

11:53:29.0764 2524 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys

11:53:29.0767 2524 Impcd - ok

11:53:29.0815 2524 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

11:53:29.0818 2524 intelide - ok

11:53:29.0869 2524 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

11:53:29.0869 2524 intelppm - ok

11:53:29.0920 2524 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:53:29.0923 2524 IpFilterDriver - ok

11:53:30.0010 2524 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

11:53:30.0012 2524 IPMIDRV - ok

11:53:30.0089 2524 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

11:53:30.0092 2524 IPNAT - ok

11:53:30.0223 2524 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

11:53:30.0225 2524 IRENUM - ok

11:53:30.0275 2524 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

11:53:30.0277 2524 isapnp - ok

11:53:30.0344 2524 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

11:53:30.0349 2524 iScsiPrt - ok

11:53:30.0433 2524 JMCR (db917b998cbc15a153c00dd6efc34c13) C:\Windows\system32\DRIVERS\jmcr.sys

11:53:30.0434 2524 JMCR - ok

11:53:30.0496 2524 JME (ab42aef22595a46941bff76c210c942b) C:\Windows\system32\DRIVERS\JME.sys

11:53:30.0497 2524 JME - ok

11:53:30.0534 2524 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

11:53:30.0535 2524 kbdclass - ok

11:53:30.0599 2524 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

11:53:30.0601 2524 kbdhid - ok

11:53:30.0658 2524 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

11:53:30.0658 2524 kbfiltr - ok

11:53:30.0710 2524 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

11:53:30.0712 2524 KSecDD - ok

11:53:30.0759 2524 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

11:53:30.0762 2524 KSecPkg - ok

11:53:30.0800 2524 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

11:53:30.0802 2524 ksthunk - ok

11:53:30.0913 2524 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

11:53:30.0915 2524 lltdio - ok

11:53:31.0049 2524 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

11:53:31.0051 2524 LSI_FC - ok

11:53:31.0097 2524 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

11:53:31.0100 2524 LSI_SAS - ok

11:53:31.0132 2524 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

11:53:31.0135 2524 LSI_SAS2 - ok

11:53:31.0176 2524 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

11:53:31.0179 2524 LSI_SCSI - ok

11:53:31.0228 2524 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

11:53:31.0231 2524 luafv - ok

11:53:31.0292 2524 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys

11:53:31.0293 2524 lullaby - ok

11:53:31.0335 2524 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

11:53:31.0337 2524 megasas - ok

11:53:31.0388 2524 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

11:53:31.0393 2524 MegaSR - ok

11:53:31.0444 2524 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

11:53:31.0446 2524 Modem - ok

11:53:31.0481 2524 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

11:53:31.0482 2524 monitor - ok

11:53:31.0541 2524 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

11:53:31.0541 2524 mouclass - ok

11:53:31.0593 2524 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

11:53:31.0595 2524 mouhid - ok

11:53:31.0637 2524 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

11:53:31.0639 2524 mountmgr - ok

11:53:31.0692 2524 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

11:53:31.0695 2524 mpio - ok

11:53:31.0738 2524 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

11:53:31.0740 2524 mpsdrv - ok

11:53:31.0788 2524 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

11:53:31.0791 2524 MRxDAV - ok

11:53:31.0841 2524 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

11:53:31.0845 2524 mrxsmb - ok

11:53:31.0893 2524 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:53:31.0898 2524 mrxsmb10 - ok

11:53:31.0940 2524 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:53:31.0942 2524 mrxsmb20 - ok

11:53:31.0988 2524 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

11:53:31.0989 2524 msahci - ok

11:53:32.0040 2524 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

11:53:32.0043 2524 msdsm - ok

11:53:32.0109 2524 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

11:53:32.0110 2524 Msfs - ok

11:53:32.0149 2524 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

11:53:32.0151 2524 mshidkmdf - ok

11:53:32.0197 2524 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

11:53:32.0197 2524 msisadrv - ok

11:53:32.0240 2524 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

11:53:32.0242 2524 MSKSSRV - ok

11:53:32.0275 2524 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

11:53:32.0277 2524 MSPCLOCK - ok

11:53:32.0306 2524 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

11:53:32.0308 2524 MSPQM - ok

11:53:32.0367 2524 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

11:53:32.0372 2524 MsRPC - ok

11:53:32.0421 2524 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

11:53:32.0422 2524 mssmbios - ok

11:53:32.0459 2524 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

11:53:32.0460 2524 MSTEE - ok

11:53:32.0500 2524 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

11:53:32.0502 2524 MTConfig - ok

11:53:32.0548 2524 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys

11:53:32.0548 2524 MTsensor - ok

11:53:32.0589 2524 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

11:53:32.0590 2524 Mup - ok

11:53:32.0637 2524 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

11:53:32.0642 2524 NativeWifiP - ok

11:53:32.0709 2524 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

11:53:32.0731 2524 NDIS - ok

11:53:32.0780 2524 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

11:53:32.0782 2524 NdisCap - ok

11:53:32.0824 2524 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

11:53:32.0826 2524 NdisTapi - ok

11:53:32.0869 2524 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

11:53:32.0871 2524 Ndisuio - ok

11:53:32.0924 2524 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

11:53:32.0928 2524 NdisWan - ok

11:53:32.0967 2524 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

11:53:32.0969 2524 NDProxy - ok

11:53:33.0023 2524 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

11:53:33.0025 2524 NetBIOS - ok

11:53:33.0069 2524 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

11:53:33.0073 2524 NetBT - ok

11:53:33.0136 2524 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

11:53:33.0138 2524 nfrd960 - ok

11:53:33.0181 2524 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

11:53:33.0183 2524 Npfs - ok

11:53:33.0209 2524 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

11:53:33.0210 2524 nsiproxy - ok

11:53:33.0283 2524 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

11:53:33.0317 2524 Ntfs - ok

11:53:33.0369 2524 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

11:53:33.0371 2524 Null - ok

11:53:33.0418 2524 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

11:53:33.0421 2524 nvraid - ok

11:53:33.0461 2524 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

11:53:33.0464 2524 nvstor - ok

11:53:33.0512 2524 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

11:53:33.0515 2524 nv_agp - ok

11:53:33.0557 2524 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

11:53:33.0559 2524 ohci1394 - ok

11:53:33.0614 2524 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

11:53:33.0616 2524 Parport - ok

11:53:33.0669 2524 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

11:53:33.0671 2524 partmgr - ok

11:53:33.0718 2524 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

11:53:33.0722 2524 pci - ok

11:53:33.0754 2524 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

11:53:33.0755 2524 pciide - ok

11:53:33.0799 2524 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

11:53:33.0804 2524 pcmcia - ok

11:53:33.0835 2524 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

11:53:33.0835 2524 pcw - ok

11:53:33.0880 2524 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

11:53:33.0889 2524 PEAUTH - ok

11:53:33.0958 2524 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

11:53:33.0961 2524 PptpMiniport - ok

11:53:33.0992 2524 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

11:53:33.0994 2524 Processor - ok

11:53:34.0070 2524 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

11:53:34.0073 2524 Psched - ok

11:53:34.0132 2524 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

11:53:34.0166 2524 ql2300 - ok

11:53:34.0205 2524 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

11:53:34.0208 2524 ql40xx - ok

11:53:34.0247 2524 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

11:53:34.0249 2524 QWAVEdrv - ok

11:53:34.0282 2524 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

11:53:34.0284 2524 RasAcd - ok

11:53:34.0345 2524 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

11:53:34.0347 2524 RasAgileVpn - ok

11:53:34.0387 2524 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

11:53:34.0389 2524 Rasl2tp - ok

11:53:34.0435 2524 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

11:53:34.0438 2524 RasPppoe - ok

11:53:34.0466 2524 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

11:53:34.0469 2524 RasSstp - ok

11:53:34.0518 2524 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

11:53:34.0523 2524 rdbss - ok

11:53:34.0558 2524 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

11:53:34.0560 2524 rdpbus - ok

11:53:34.0592 2524 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

11:53:34.0593 2524 RDPCDD - ok

11:53:34.0631 2524 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

11:53:34.0631 2524 RDPENCDD - ok

11:53:34.0663 2524 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

11:53:34.0664 2524 RDPREFMP - ok

11:53:34.0724 2524 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

11:53:34.0728 2524 RDPWD - ok

11:53:34.0800 2524 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

11:53:34.0804 2524 rdyboost - ok

11:53:34.0916 2524 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

11:53:34.0918 2524 rspndr - ok

11:53:34.0977 2524 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

11:53:34.0980 2524 sbp2port - ok

11:53:35.0077 2524 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

11:53:35.0079 2524 scfilter - ok

11:53:35.0150 2524 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

11:53:35.0153 2524 sdbus - ok

11:53:35.0205 2524 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

11:53:35.0207 2524 secdrv - ok

11:53:35.0263 2524 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

11:53:35.0265 2524 Serenum - ok

11:53:35.0304 2524 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

11:53:35.0307 2524 Serial - ok

11:53:35.0355 2524 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

11:53:35.0356 2524 sermouse - ok

11:53:35.0418 2524 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

11:53:35.0420 2524 sffdisk - ok

11:53:35.0458 2524 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

11:53:35.0460 2524 sffp_mmc - ok

11:53:35.0491 2524 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

11:53:35.0493 2524 sffp_sd - ok

11:53:35.0539 2524 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

11:53:35.0541 2524 sfloppy - ok

11:53:35.0599 2524 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

11:53:35.0601 2524 SiSGbeLH - ok

11:53:35.0634 2524 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

11:53:35.0636 2524 SiSRaid2 - ok

11:53:35.0679 2524 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

11:53:35.0682 2524 SiSRaid4 - ok

11:53:35.0733 2524 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

11:53:35.0735 2524 Smb - ok

11:53:35.0820 2524 SNP2UVC (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys

11:53:35.0865 2524 SNP2UVC - ok

11:53:35.0902 2524 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

11:53:35.0903 2524 spldr - ok

11:53:35.0960 2524 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

11:53:35.0967 2524 srv - ok

11:53:36.0022 2524 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

11:53:36.0028 2524 srv2 - ok

11:53:36.0063 2524 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

11:53:36.0067 2524 srvnet - ok

11:53:36.0128 2524 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

11:53:36.0130 2524 stexstor - ok

11:53:36.0181 2524 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

11:53:36.0182 2524 swenum - ok

11:53:36.0278 2524 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

11:53:36.0323 2524 Tcpip - ok

11:53:36.0399 2524 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

11:53:36.0408 2524 TCPIP6 - ok

11:53:36.0460 2524 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

11:53:36.0462 2524 tcpipreg - ok

11:53:36.0506 2524 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

11:53:36.0507 2524 TDPIPE - ok

11:53:36.0548 2524 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

11:53:36.0550 2524 TDTCP - ok

11:53:36.0612 2524 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

11:53:36.0615 2524 tdx - ok

11:53:36.0650 2524 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

11:53:36.0650 2524 TermDD - ok

11:53:36.0780 2524 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

11:53:36.0782 2524 tssecsrv - ok

11:53:36.0865 2524 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

11:53:36.0867 2524 TsUsbFlt - ok

11:53:36.0938 2524 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

11:53:36.0941 2524 tunnel - ok

11:53:36.0999 2524 TurboB (c45a3e051c65106a28982caed125f855) C:\Windows\system32\DRIVERS\TurboB.sys

11:53:36.0999 2524 TurboB - ok

11:53:37.0064 2524 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

11:53:37.0066 2524 uagp35 - ok

11:53:37.0117 2524 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

11:53:37.0122 2524 udfs - ok

11:53:37.0174 2524 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

11:53:37.0176 2524 uliagpkx - ok

11:53:37.0240 2524 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

11:53:37.0242 2524 umbus - ok

11:53:37.0278 2524 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

11:53:37.0280 2524 UmPass - ok

11:53:37.0313 2524 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

11:53:37.0315 2524 usbccgp - ok

11:53:37.0364 2524 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

11:53:37.0366 2524 usbcir - ok

11:53:37.0418 2524 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

11:53:37.0420 2524 usbehci - ok

11:53:37.0459 2524 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

11:53:37.0465 2524 usbhub - ok

11:53:37.0491 2524 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

11:53:37.0493 2524 usbohci - ok

11:53:37.0553 2524 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

11:53:37.0579 2524 usbprint - ok

11:53:37.0621 2524 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

11:53:37.0624 2524 usbscan - ok

11:53:37.0671 2524 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:53:37.0674 2524 USBSTOR - ok

11:53:37.0724 2524 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

11:53:37.0726 2524 usbuhci - ok

11:53:37.0778 2524 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

11:53:37.0782 2524 usbvideo - ok

11:53:37.0845 2524 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

11:53:37.0846 2524 vdrvroot - ok

11:53:37.0894 2524 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

11:53:37.0895 2524 vga - ok

11:53:37.0928 2524 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

11:53:37.0930 2524 VgaSave - ok

11:53:37.0982 2524 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

11:53:37.0987 2524 vhdmp - ok

11:53:38.0032 2524 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

11:53:38.0034 2524 viaide - ok

11:53:38.0061 2524 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

11:53:38.0063 2524 volmgr - ok

11:53:38.0115 2524 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

11:53:38.0121 2524 volmgrx - ok

11:53:38.0162 2524 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

11:53:38.0167 2524 volsnap - ok

11:53:38.0213 2524 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

11:53:38.0217 2524 vsmraid - ok

11:53:38.0249 2524 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

11:53:38.0251 2524 vwifibus - ok

11:53:38.0280 2524 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

11:53:38.0282 2524 vwififlt - ok

11:53:38.0324 2524 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

11:53:38.0327 2524 WacomPen - ok

11:53:38.0380 2524 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

11:53:38.0383 2524 WANARP - ok

11:53:38.0386 2524 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

11:53:38.0387 2524 Wanarpv6 - ok

11:53:38.0473 2524 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

11:53:38.0475 2524 Wd - ok

11:53:38.0519 2524 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

11:53:38.0528 2524 Wdf01000 - ok

11:53:38.0592 2524 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

11:53:38.0594 2524 WfpLwf - ok

11:53:38.0645 2524 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

11:53:38.0649 2524 WimFltr - ok

11:53:38.0682 2524 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

11:53:38.0684 2524 WIMMount - ok

11:53:38.0775 2524 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

11:53:38.0777 2524 WinUsb - ok

11:53:38.0827 2524 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

11:53:38.0829 2524 WmiAcpi - ok

11:53:38.0910 2524 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

11:53:38.0910 2524 ws2ifsl - ok

11:53:38.0979 2524 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

11:53:38.0981 2524 WudfPf - ok

11:53:39.0030 2524 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

11:53:39.0034 2524 WUDFRd - ok

11:53:39.0111 2524 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

11:53:39.0204 2524 \Device\Harddisk0\DR0 - ok

11:53:39.0214 2524 Boot (0x1200) (df39385fa99eb1c82096df3c99f36d98) \Device\Harddisk0\DR0\Partition0

11:53:39.0217 2524 \Device\Harddisk0\DR0\Partition0 - ok

11:53:39.0217 2524 ============================================================

11:53:39.0217 2524 Scan finished

11:53:39.0217 2524 ============================================================

11:53:39.0227 1244 Detected object count: 0

11:53:39.0227 1244 Actual detected object count: 0

Pero si os parece, me gustaría copiar aquí el análisis del Clamwin Antivirus de la carpeta en que encuentra troyanos, que parece ser el único que presenta problemas.

Scan Started Mon Mar 12 12:38:55 2012

-------------------------------------------------------------------------------

C:\Program Files (x86)\Common Files\Windows Live\.cache\6979caef1cb196b\Mail.msi: Removed.

C:\Program Files (x86)\Common Files\Windows Live\.cache\df7ea9e61caf770\Mail.msi: Removed.

C:\Program Files (x86)\Common Files\Windows Live\.cache\6979caef1cb196b\Mail.msi: Trojan.GenericFF-1 FOUND

C:\Program Files (x86)\Common Files\Windows Live\.cache\df7ea9e61caf770\Mail.msi: Trojan.GenericFF-1 FOUND

----------- SCAN SUMMARY -----------

Known viruses: 1157395

Engine version: 0.96

Scanned directories: 31

Scanned files: 37

Infected files: 2

Data scanned: 764.38 MB

Data read: 300.77 MB (ratio 2.54:1)

Time: 117.683 sec (1 m 57 s)

--------------------------------------

Completed

--------------------------------------

¿Es posible que sea un problema sólo del antivirus y que quizás sea mejor desinstalarlo e instalar otro?

Gracias.

Un saludo

jennifu · Mensaje por **jennifu** » 16 Mar 2012, 13:21

Estos días he estado poniendo a prueba el ordenador, y todo va estupendamente salvo por lo que ya comenté del antivirus. Así que de momento hago caso omiso hasta que me dé algún problema...

Así que si queréis, el tema se podría dar por cerrado.

Antes, daros mil gracias por vuestra inestimable ayuda. De verdad que no sé cómo agradecéroslo... ¡Sois los mejores! ¡Seguid así!

¡Un saludo!

Mensaje por **msc hotline sat** » 20 Mar 2012, 15:09

Pues efectivamente pudiera ser un falso positivo de dicho antivirus...

Si ahora todo le va bien, siga así !

Y dando por solucionado el Tema, procedemos a cerrarlo

saludos

ms, 20-3-2012

Troyano Generic FF1 redirecciona a paginas fraudulentas (SOLUCIONADO)

Troyano Generic FF1 redirecciona a paginas fraudulentas (SOLUCIONADO)

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas

Re: Troyano Generic FF1 redirecciona a paginas fraudulentas