problema con siref

Reglas del Foro
Normas Basicas | Los Titulos, dicen mucho | No postear en paralelo | Continua en tu tema | Cierra tu tema, antes de abrir otro | No escribas en temas antiguos
Enlaces a web/mail/blog/Msn NO estan permitidos | Mensajes Privados | Informes de resultados | Antivirus Online
Responder
sandino
Mensajes: 8
Registrado: 25 Mar 2012, 23:12

problema con siref

Mensaje por sandino » 26 Mar 2012, 00:03

hola, este es mi primer post y agradeceria cualquier ayuda

al correr el elistart page me aparece posible siref , luego escanee con elisiref , pero no se si realmente lo elimino porque durante la ejecucuion el programa no pudo ingresar a varias carpetas aparecia acceso denegado



de antemano gracias



les dejo mi hijackthis



Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 03:51:34 p.m., on 25/03/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal



Running processes:

C:\Windows\system32\taskhost.exe

C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\USB Disk Security\USBGuard.exe

C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\system32\DllHost.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe

O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{85107ADD-2946-41D4-A887-BBF1ECAC6169}: NameServer = 190.212.82.12,200.62.64.1

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\Skype4COM.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll

O22 - SharedTaskScheduler: Theme Resource Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files\Theme Resource Changer\ThemeResourceChanger.dll

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

O22 - SharedTaskScheduler: Ave's FolderBg - {73526E5A-FD53-4BE7-B5E2-D3C89D7413DC} - C:\Windows\W7FBC\dll.dll

O23 - Service: Appn (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira Programador (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Atirage3 (aracpi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: UlSata (bdfsfltr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Was (cicsclient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Ibmsmbus (db2licd) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Sp_rssrv (digitizer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Lvsrvlauncher (eectrl) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: Se58unic (EMCFILT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Memctl (F700iat) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: P2k (freebsd) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Mgactrl (ftdisk) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Vmauthdservice (IOSLINK) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Vxd (iPassPeriodicUpdateService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Adminserver (lpx) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: NVTCP (mlkkbdntdriver) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: BRGSp50 (navapel) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Fshttps (oracle%oracle_home_service%clientcache80) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: GTPTSER (papyjoy) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Vnxservice (pccsmcfd) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Venturi2 (pcidrv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Websensepolicyserver (pelusblf) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Wltwo51b (PolarUSB) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Owstimer (ptserial) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Stunnel (qfcoresvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ql10wnt (screadspool) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Se58mdfl (slee_81_service) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ups (smservauth) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ultra (STV680m) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Lsdiorw (telnet) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Dmprimer (trufos) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Instalador de módulos de Windows (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

O23 - Service: NWDNS (tvs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Amusbprt (usbser) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: NETw5x32 (vmkbd2) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Prfldsvc (W700mgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Https-admserv61 (XUIF) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

O23 - Service: Passthru (z525mdm) - Unknown owner - C:\Windows\system32\svchost.exe



--

End of file - 25220 bytes





resultados de elisiref



(25-3-2012 17:14:44 (GMT))

EliStartPage v25.16 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

--------------------------------------------------

Usuario: Usuario

ID de Usuario: S-1-5-21-1291095595-1391679418-3156066534-1000



Lista de Acciones (por Acción Directa):

Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB64005$"

Key Eliminada [URLSearchHook (HKUS) "{00000000-6E41-4FD3-8538-502F5495E5FC}"] -> C:\PROGRAM FILES\ASK.COM\GENERICASKTOOLBAR.DLL

C:\WINDOWS\SYSTEM32\EXPLORER.EXE --> Eliminado Malware.Explorer

C:\PROGRAM FILES\ASK.COM\GENERICASKTOOLBAR.DLL --> Eliminado ASKToolbar(bho/tb)

D:\DESKTOP.INI --> Eliminado (Fichero Complementario).

Eliminada Class, "{00000000-6E41-4FD3-8538-502F5495E5FC}" -> C:\Program Files\Ask.com\GenericAskToolbar.dll

Eliminada Class, "{D4027C7F-154A-4066-A1AD-4243D8127440}" -> C:\Program Files\Ask.com\GenericAskToolbar.dll

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(25-3-2012 17:24:22 (GMT))

EliStartPage v25.16 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

--------------------------------------------------

Usuario: LIA

ID de Usuario: S-1-5-21-1291095595-1391679418-3156066534-1003



Lista de Acciones (por Acción Directa):

Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB64005$"

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(25-3-2012 17:25:26 (GMT))

EliStartPage v25.16 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

--------------------------------------------------

Usuario: UpdatusUser

ID de Usuario: S-1-5-21-1291095595-1391679418-3156066534-1006



Lista de Acciones (por Acción Directa):

Acceso Denegado al Usuario.



(25-3-2012 17:26:38 (GMT))

EliStartPage v25.16 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

--------------------------------------------------

Usuario: Invitado

ID de Usuario: S-1-5-21-1291095595-1391679418-3156066534-501



Lista de Acciones (por Acción Directa):

Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB64005$"

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(25-3-2012 17:34:07 (GMT))

EliStartPage v25.16 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

--------------------------------------------------

Usuario: Invitado

ID de Usuario: S-1-5-21-1291095595-1391679418-3156066534-501



Lista de Acciones (por Exploración):

Explorando "C:\"

C:\Muestras\GENERICASKTOOLBAR.DLL.MUESTRA ELISTARTPAGE V23.70 --> Eliminado, ASKToolbar(bho/tb)



Nº Total de Directorios: 30581

Nº Total de Ficheros: 167790

Nº de Ficheros Analizados: 31108

Nº de Ficheros Infectados: 1

Nº de Ficheros Limpiados: 1



(25-3-2012 18:00:10 (GMT))

EliSirefef v1.78 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

----------------------------------------

Lista de Acciones (por Acción Directa):

Eliminada Carpeta: C:\WINDOWS\$NtUninstallKB64005$



(25-3-2012 18:07:20 (GMT))

EliSirefef v1.78 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

----------------------------------------

Lista de Acciones (por Exploración):

Explorando "C:\"

C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys --> Eliminado Sirefef.X(sys)



Nº Total de Directorios: 30532

Nº Total de Ficheros: 166113

Nº de Ficheros Analizados: 17122

Nº de Ficheros Infectados: 1

Nº de Ficheros Limpiados: 1
Arriba
Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:
Contactar msc hotline sat

Re: problema con siref

Mensaje por msc hotline sat » 26 Mar 2012, 09:11

El Sirefef ha sido eliminado:



EliSirefef v1.78 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

----------------------------------------

Lista de Acciones (por Acción Directa):

Eliminada Carpeta: C:\WINDOWS\$NtUninstallKB64005$



(25-3-2012 18:07:20 (GMT))

EliSirefef v1.78 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 23 de Marzo del 2012)

----------------------------------------

Lista de Acciones (por Exploración):

Explorando "C:\"

C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys --> Eliminado Sirefef.X(sys)





EL que haya otras carpetas con acceso denegado, es normal en windows, son del mismo sistema.



Y del log del HJT vemos estos ficheros sospechosos, envienoslos para analizar:





C:\Program Files\Ask.com\Updater\Updater.exe



C:\Windows\W7FBC\dll.dll





y recuerde que aconsejamos usar el SPROCES en lugar del HJT, por ser mucho mas exhaustivo y llegar con él donde no llega el HJT, por ejemplo a la detección del SIREFEF, lo cual no es posible con el HJT .



Para el envio de muestras:




[quote]


ENVIO DE MUESTRAS:



https://foros.zonavirus.com/viewtopic.php?f=5&t=14253



Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos


[/quote]



saludos



ms, 26-3-2012





Nota: Y posiblemente windows no haya restaurado el tdx.sys que uso el SIREFEF y se eliminó en consecuencia.



Mire si existe dicho fichero (y que no sea de cero bytes) en C:\windows\system32\drivers\ , y sino, copie en dicha carpeta el de otro ordenbador con igual sistema operativo, como decimos para algunos drivers (puede ser cualquiera) en:



http://www.zonavirus.com/noticias/2012/drivers-usados-por-el-sirefef-y-sus-consecuencias.asp



ms.
Arriba
sandino
Mensajes: 8
Registrado: 25 Mar 2012, 23:12

Re: problema con siref

Mensaje por sandino » 27 Mar 2012, 05:08

bueno gracias por tu respuesta,



No se soy muy habil con lo de la compu y no se como se hace para enviar las muestras que me pides si porfavor me indicaras como hacerlo con mucho gusto lo haria, otra pregunta este bicho dañaria algun registro de la compu ya que no puedo activar mi firewall me sale error 0x80070424



segui tu consejo y use el proces aca te dejo el log



(27-3-2012 02:48:17 GMT)

SProces v6.1 (c)2012 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Ultimate (v6.1)

Internet Explorer: (v8.0.7601.17514) 0

Equipo: MARVIN

Usuario: Usuario

Sesión de Usuario: Usuario



55 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\NVVSVC.EXE

C:\PROGRAM FILES\NVIDIA CORPORATION\3D VISION\NVSCPAPISVR.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE

C:\WINDOWS\SYSTEM32\NVVSVC.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\SCHED.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\AVGUARD.EXE

C:\PROGRAM FILES\IVT CORPORATION\BLUESOLEIL\BTNTSERVICE.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\PNKBSTRA.EXE

C:\PROGRAM FILES\IVT CORPORATION\BLUESOLEIL\STARTSKYSOLSVC.EXE

C:\PROGRAM FILES\ALCOHOL SOFT\ALCOHOL 120\STARWIND\STARWINDSERVICEAE.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\TUNEUP UTILITIES 2011\TUNEUPUTILITIESSERVICE32.EXE

C:\PROGRAM FILES\YAHOO!\SOFTWAREUPDATE\YAHOOAUSERVICE.EXE

C:\PROGRAM FILES\COMMON FILES\PURE NETWORKS SHARED\PLATFORM\NMSRVC.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\PROGRAM FILES\TUNEUP UTILITIES 2011\TUNEUPUTILITIESAPP32.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\AVSHADOW.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\WINDOWS\SYSTEM32\WUDFHOST.EXE

C:\PROGRAM FILES\USB DISK SECURITY\USBGUARD.EXE

C:\PROGRAM FILES\VIA\VIAUDIOI\VDECK\VDECK.EXE

C:\PROGRAM FILES\VIMICRO CORPORATION\VMUVC\VMONITOR.EXE

C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\AVGNT.EXE

C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE

C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE

C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVTRAY.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\NVIDIA CORPORATION\NVIDIA UPDATUS\DAEMONU.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE

C:\PROGRAM FILES\ASK.COM\UPDATER\UPDATER.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

D:\USUARIO\DESKTOP\HIJACKTHIS\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R3 - URLSearchHook: (no name) - {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-21-1291095595-1391679418-3156066534-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1291095595-1391679418-3156066534-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')

O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe

O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_26) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} (Java Plug-in 1.6.0_26) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_26) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{85107ADD-2946-41D4-A887-BBF1ECAC6169}: NameServer = 190.212.82.12,200.62.64.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\Skype4COM.dll

O20 - Winlogon Notify: MCPCLIENT - C:\PROGRA~1\COMMON~1\STARDOCK\MCPSTUB.DLL

O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~1\COMMON~1\stardock\MCPCore.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %SystemRoot%\system32\stobject.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\shell32.dll

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll

O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll

O22 - SharedTaskScheduler: Theme Resource Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files\Theme Resource Changer\ThemeResourceChanger.dll

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - %SystemRoot%\System32\DreamScene.dll

O22 - SharedTaskScheduler: Ave's FolderBg - {73526E5A-FD53-4BE7-B5E2-D3C89D7413DC} - C:\Windows\W7FBC\dll.dll

O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL



Información Adicional:

----------------------

WinSys\Drivers\adp94xx.sys (de 422976 bytes) () Adaptec, Inc.

WinSys\Drivers\bxvbdx.sys (de 430080 bytes) () Broadcom Corporation

WinSys\Drivers\dxgkrnl.sys (de 728448 bytes) () Microsoft Corporation

WinSys\Drivers\elxstor.sys (de 453712 bytes) () Emulex

WinSys\Drivers\http.sys (de 513536 bytes) () Microsoft Corporation

WinSys\Drivers\ndis.sys (de 712576 bytes) () Microsoft Corporation

WinSys\Drivers\PEAuth.sys (de 586752 bytes) () Microsoft Corporation

WinSys\Drivers\spsys.sys (de 405504 bytes) () Microsoft Corporation

WinSys\Drivers\sptd.sys (de 697328 bytes) ()

WinSys\Drivers\vvftUVC.sys (de 476160 bytes) () Vimicro Corporation

WinSys\Drivers\Wdf01000.sys (de 445008 bytes) () Microsoft Corporation



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: Appn (AdobeActiveFileMonitor6.0) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Avira Programador (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Atirage3 (aracpi) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: avgntflt - Avira GmbH - C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys

O23 - Service: UlSata (bdfsfltr) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: Was (cicsclient) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\SNP2UVC.dll (file missing)

O23 - Service: Ibmsmbus (db2licd) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Sp_rssrv (digitizer) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Lvsrvlauncher (eectrl) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Se58unic (EMCFILT) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Memctl (F700iat) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: P2k (freebsd) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\avidstartup.dll (file missing)

O23 - Service: Mgactrl (ftdisk) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\SrvcSSIOMngr.dll (file missing)

O23 - Service: Vmauthdservice (IOSLINK) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\ashampoodefragservice.dll (file missing)

O23 - Service: Vxd (iPassPeriodicUpdateService) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Adminserver (lpx) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: NVTCP (mlkkbdntdriver) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: BRGSp50 (navapel) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Fshttps (oracle%oracle_home_service%clientcache80) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: GTPTSER (papyjoy) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Vnxservice (pccsmcfd) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Venturi2 (pcidrv) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\mail2ec.dll (file missing)

O23 - Service: Websensepolicyserver (pelusblf) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\SE2Dmdm.dll (file missing)

O23 - Service: Pure Networks Device Discovery Driver (pnarp) - Cisco Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\pnarp.sys

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Wltwo51b (PolarUSB) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\XilinxPC4Driver.dll (file missing)

O23 - Service: Owstimer (ptserial) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\PGPwded.dll (file missing)

O23 - Service: Pure Networks Wireless Driver (purendis) - Cisco Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\purendis.sys

O23 - Service: Stunnel (qfcoresvc) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Ql10wnt (screadspool) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Se58mdfl (slee_81_service) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\winmtsrv.dll (file missing)

O23 - Service: Ups (smservauth) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Ultra (STV680m) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\hpconfig.dll (file missing)

O23 - Service: Lsdiorw (telnet) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Dmprimer (trufos) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\s117mdm.dll (file missing)

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

O23 - Service: NWDNS (tvs) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Amusbprt (usbser) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\CoachUsb.dll (file missing)

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - TuneUp Software - %SystemRoot%\System32\svchost.exe -k netsvcs - C:\WINDOWS\System32\uxtuneup.dll

O23 - Service: NETw5x32 (vmkbd2) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Prfldsvc (W700mgmt) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\BASFND.dll (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Https-admserv61 (XUIF) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

O23 - Service: Passthru (z525mdm) - Unknown owner - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\SYSTEM32\NULL1 (file missing)



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys

O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys

O23 - Service: AsrCDDrv - Unknown owner - C:\Windows\system32\Drivers\AsrCDDrv.sys (file missing)

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys

O23 - Service: Bluetooth Audio Service (BlueletAudio) - IVT Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\blueletaudio.sys

O23 - Service: Bluetooth SCO Audio Service (BlueletSCOAudio) - IVT Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\BlueletSCOAudio.sys

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys

O23 - Service: Bluetooth PAN Network Adapter (BT) - IVT Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\btnetdrv.sys

O23 - Service: Bluetooth USB For Bluetooth Service (Btcsrusb) - IVT Corporation. - C:\WINDOWS\SYSTEM32\Drivers\btcusb.sys

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys

O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys

O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd32.sys

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys

O23 - Service: NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (L1C) - Atheros Communications, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\L1C62x86.sys

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys

O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nvlddmkm.sys

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys

O23 - Service: Synth3dVsc - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\synth3dvsc.sys (file missing)

O23 - Service: @%SystemRoot%\system32\drivers\tsusbhub.sys,-1 (tsusbhub) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tsusbhub.sys (file missing)

O23 - Service: TuneUpUtilitiesDrv - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys

O23 - Service: VClone - Elaborate Bytes AG - C:\WINDOWS\SYSTEM32\DRIVERS\VClone.sys

O23 - Service: Virtual Serial port driver (VComm) - IVT Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\VComm.sys

O23 - Service: Bluetooth VComm Manager Service (VcommMgr) - IVT Corporation. - C:\WINDOWS\SYSTEM32\Drivers\VcommMgr.sys

O23 - Service: VGPU - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\rdvgkmd.sys (file missing)

O23 - Service: VIA High Definition Audio Driver Service (VIAHdAudAddService) - VIA Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\viahduaa.sys

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys

O23 - Service: Vimicro Camera Service VMUVC (VMUVC) - Vimicro Corporation - C:\WINDOWS\SYSTEM32\Drivers\VMUVC.sys

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys

O23 - Service: Vimicro Camera Filter Service VMUVC (vvftUVC) - Vimicro Corporation - C:\WINDOWS\SYSTEM32\drivers\vvftUVC.sys



Listado de Servicios (Deshabilitados):

--------------------------------------



113 Servicios.

55 de Carga Automatica.

58 de Carga Manual.

0 Deshabilitados.
Arriba
Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:
Contactar msc hotline sat

Re: problema con siref

Mensaje por msc hotline sat » 27 Mar 2012, 06:55

Para el envio de las muestras pedidas,



C:\Program Files\Ask.com\Updater\Updater.exe



C:\Windows\W7FBC\dll.dll





empaquetalas en un ZIP o RAR con password virus , y envianoslas pulsando en ENVIO DE MUESTRAS



Y para mas detalles, mira lo indicado en:



https://foros.zonavirus.com/viewtopic.php?f=5&t=14253



y paso a analizar el SPROCES:



Pues vemos otros dos sospechosos, añadalos al paquete de sospechosos que nos envia para analizar:



C:\windows\system32\shell32.dll



C:\Program Files\Theme Resource Changer\ThemeResourceChanger.dll



saludos



ms, 27-3-2012
Arriba
sandino
Mensajes: 8
Registrado: 25 Mar 2012, 23:12

Re: problema con siref

Mensaje por sandino » 31 Mar 2012, 05:27

ya envie las muestras que me pidieron, espero y me indique que ficheros debo eliminar



de antemano muchas gracias por su apoyo
Arriba
Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:
Contactar msc hotline sat

Re: problema con siref

Mensaje por msc hotline sat » 31 Mar 2012, 07:48

Pues aunque yo salgo hoy de viaje y volveré despues de Semana Santa, en SATINFO mis compañeros trabajan y el lunes, de vuelta al trabajo, analizarn las muestras y desarrollarán nuevas versiones de las utilidades para controlarlas, eliminarlas y restablecer las claves modificadas.



Como que nuestro ADMIN está avisado de ello, subirá las nuevas versiones a la web y las podreis probar normalmente.



Sugiero que en cuanto esté disponible el ELISTARA 25.22 lo descargues y lo pruebes.



Confio que ello resuelva los problemas al respecto.



saludos



ms, 31-3-2012
Arriba
Responder

Volver a “Foro Virus - Cuentanos tu problema”