HOla!
Os explico:
Al encender uno de mis ordenadores, sale la conexión a internet pero no puedo conectarme, me dice que no ha sido posible conectar. Al intentarlo con otros ordenadores, no hay problema, pero a la que enciendo el infectado, ya nadie se puede conectar. Soy novatillo, y entiendo que este virus, lo que hace es utilizar mi pc (supongo que para spam) y ocupa todo mi ancho de banda). En Movistar me han dicho que tengo un tráfico brutal cuando está el pc infectado encendido, tanto de subida como de bajada, a pesar de no estar descargando ni enviando nada.
He pasado Avast, Kaspersky, McAfee, y nada......
Como curiosidad, deciros que iphone, blackberry, etc... se conectan SIEMPRE sin problemas....
SOCORRO!!!!!!!!!!!!!!!!!!!!!!!!
Gracias!
Un virus me colapsa el WIFI y no puedo conectar!
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Un virus me colapsa el WIFI y no puedo conectar!
Posiblemente tengas algun malware enviando mails masivos, o un spammer en la sombra haciendo remotamente lo mismo.
Mira si detectas algo con el ELISTARA:
y si no detectara malwares ni pidiera envio de sospechosos, lanzar el SPROCES y pulsar en SALIR, tras lo cual generará informe en c:\sproclog.txt, que nos pueden enviar para analizar:
saludos
ms, 2-10-2012
Mira si detectas algo con el ELISTARA:
[quote="para DESCARGAR el ELISTARA, msc"]http://www.zonavirus.com/descargas/elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso[/quote]
y si no detectara malwares ni pidiera envio de sospechosos, lanzar el SPROCES y pulsar en SALIR, tras lo cual generará informe en c:\sproclog.txt, que nos pueden enviar para analizar:
[quote="para DESCARGAR el SPROCES, msc"]http://www.zonavirus.com/descargas/sproces.asp [/quote]
saludos
ms, 2-10-2012
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Un virus me colapsa el WIFI y no puedo conectar!
Hola!
HE pasado ELISTARA y nada... DEtecta un par de cosas que ha eliminado pero el problema persiste; os pego el infosat.txt y el sproces:
(3-10-2012 23:25:37 (GMT))
EliStartPage v26.25 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2012)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium
Usuario: Casi Ortega
ID de Usuario: S-1-5-21-1713870264-2544328187-3552938290-1000
Lista de Acciones (por Acción Directa):
Key Eliminada [URLSearchHook (HKUS) "{00000000-6E41-4FD3-8538-502F5495E5FC}"] -> C:\PROGRAM FILES (X86)\ASK.COM\GENERICASKTOOLBAR.DLL
Key Eliminada [URLSearchHook (HKUS) "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"] -> C:\PROGRAM FILES (X86)\MYBABYLON_ENGLISH\TBMYBA.DLL
Key Eliminada [URLSearchHook (HKUS) "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"] -> C:\PROGRAM FILES (X86)\FREECORDER\TBFREE.DLL
Key Eliminada [URLSearchHook (HKLM) "{0974848a-b5bc-49f2-9778-307742b4a55d}"] -> C:\PROGRAM FILES (X86)\SOFTONIC.COM4\TBSOFT.DLL
Key Eliminada [URLSearchHook (HKLM) "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"] -> C:\PROGRAM FILES (X86)\FREECORDER\TBFREE.DLL
C:\PROGRAM FILES (X86)\ASK.COM\GENERICASKTOOLBAR.DLL --> Eliminado ASKToolbar(bho/tb)
C:\PROGRAM FILES (X86)\MYBABYLON_ENGLISH\TBMYBA.DLL --> Eliminado TBConduit(tb)
C:\PROGRAM FILES (X86)\FREECORDER\TBFREE.DLL --> Eliminado TBConduit(tb)
C:\PROGRAM FILES (X86)\SOFTONIC.COM4\TBSOFT.DLL --> Eliminado TBConduit(tb)
Entrada Eliminada [HKLM\...\Run] "SearchSettings"=""C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe""
Eliminada Class, "{00000000-6E41-4FD3-8538-502F5495E5FC}" -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
Eliminada Class, "{D4027C7F-154A-4066-A1AD-4243D8127440}" -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
Eliminada Class, "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}" -> C:\Program Files (x86)\myBabylon_English\tbmyBa.dll
Eliminada Class, "{1392b8d2-5c05-419f-a8f6-b9f15a596612}" -> C:\Program Files (x86)\Freecorder\tbFree.dll
Eliminada Class, "{0974848a-b5bc-49f2-9778-307742b4a55d}" -> C:\Program Files (x86)\softonic.com4\tbsoft.dll
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Error de Acceso de Escritura al MBR.
(4-10-2012 01:41:01 (GMT))
EliStartPage v26.25 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2012)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium
Usuario: Casi Ortega
ID de Usuario: S-1-5-21-1713870264-2544328187-3552938290-1000
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Program Files (x86)\ConduitEngine\CONDUITENGINE.DLL --> Eliminado, TBConduit(tb)
C:\SwSetup\Drivers\Audio\WDM\ALCMTR.EXE --> Eliminado, SpyRealtek
Nº Total de Directorios: 45531
Nº Total de Ficheros: 347816
Nº de Ficheros Analizados: 88916
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2
(4-10-2012 07:16:53 GMT)
SProces v6.6 (c)2012 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Home Premium (v6.1.7600)
Internet Explorer: (v9.0.8112.16421) 0
Equipo: CASIORTEGA-PC
Usuario: Casi Ortega
Sesión de Usuario: Casi Ortega
94 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTSVC.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\AERTSR64.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\APPLEMOBILEDEVICESERVICE.EXE
C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 2013\AVP.EXE
C:\WINDOWS\SYSTEM32\MDNSRESPONDER.EXE
C:\PROGRAMDATA\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\WINDOWS\SYSWOW64\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\ENGINESERVER.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES (X86)\UNIBLUE\REGISTRYBOOSTER\RBMONITOR.EXE
C:\PROGRAM FILES (X86)\MCAFEE\COMMON FRAMEWORK\FRAMEWORKSERVICE.EXE
C:\WINDOWS\SYSTEM32\SYNTPENH.EXE
C:\WINDOWS\SYSTEM32\RTKNGUI64.EXE
C:\WINDOWS\SYSTEM32\RTVOSD64.EXE
C:\WINDOWS\SYSTEM32\JUSCHED.EXE
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\LIGHTSCRIBE\LIGHTSCRIBECONTROLPANEL.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP ADVISOR\HPADVISOR.EXE
C:\PROGRAM FILES (X86)\ARES\ARES.EXE
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE14\MSOSYNC.EXE
C:\WINDOWS\SYSTEM32\SCANTOPCACTIVATIONAPP.EXE
C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\VSTSKMGR.EXE
C:\PROGRAM FILES (X86)\MCAFEE SECURITY SCAN\3.0.229\SSSCHEDULER.EXE
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE14\GROOVE.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP QUICK LAUNCH BUTTONS\QLBCTRL.EXE
C:\WINDOWS\SYSTEM32\HPWAMAIN.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\RESEARCH IN MOTION\AUTO UPDATE\RIMAUTOUPDATE.EXE
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE14\ONENOTEM.EXE
C:\PROGRAM FILES (X86)\SWEETIM\MESSENGER\SWEETIM.EXE
C:\PROGRAM FILES (X86)\MCAFEE\COMMON FRAMEWORK\NAPRDMGR.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\PROGRAM FILES (X86)\FREECORDER\FLVSRVC.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\PROGRAM FILES (X86)\ASK.COM\UPDATER\UPDATER.EXE
C:\PROGRAM FILES (X86)\IMINENT\IMBOOSTER\IMBOOSTER.EXE
C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
C:\WINDOWS\SYSTEM32\SOLIDCONVERTERPDFSERVICEX64.EXE
C:\PROGRAM FILES (X86)\ITUNES\ITUNESHELPER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE
C:\PROGRAM FILES (X86)\MCAFEE\COMMON FRAMEWORK\UDATERUI.EXE
C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\SHSTAT.EXE
C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 2013\AVP.EXE
C:\WINDOWS\SYSTEM32\MCSHIELD.EXE
C:\WINDOWS\SYSTEM32\MFEANN.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\WINDOWS\SYSTEM32\PRESENTATIONFONTCACHE.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPQWMIEX.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\IPODSERVICE.EXE
C:\WINDOWS\SYSTEM32\WUDFHOST.EXE
C:\WINDOWS\SYSTEM32\SYNTPHELPER.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP QUICK LAUNCH BUTTONS\COM4QLBEX.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPQTOASTER.EXE
C:\WINDOWS\SYSTEM32\HPHC_SERVICE.EXE
C:\WINDOWS\SYSTEM32\SPPSVC.EXE
C:\WINDOWS\SYSTEM32\OSPPSVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\WINDOWS\SYSTEM32\WMPNETWK.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
G:\SPROCES\SPROCES.EXE
C:\WINDOWS\SYSTEM32\HPNETWORKCOMMUNICATOR.EXE
C:\WINDOWS\SYSTEM32\HPNETWORKCOMMUNICATOR.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: MovaviEN Toolbar - {b0d3574e-b41f-4fe9-b976-1e8e303095b9} - C:\Program Files (x86)\MovaviEN\prxtbMov0.dll (HKLM)
R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\prxtb4sha.dll (HKLM)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: MovaviEN Toolbar - {b0d3574e-b41f-4fe9-b976-1e8e303095b9} - C:\Program Files (x86)\MovaviEN\prxtbMov0.dll
R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\prxtb4sha.dll
O2 - BHO: 4shared.com - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\prxtb4sha.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (file missing)
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files (x86)\FlashCapture\fcbho.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\IMBooster4Web\Iminent.WebBooster.dll
O2 - BHO: MovaviEN - {b0d3574e-b41f-4fe9-b976-1e8e303095b9} - C:\Program Files (x86)\MovaviEN\prxtbMov0.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (file missing)
O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files (x86)\Save Flash\SaveFlash.dll
O3 - Toolbar: MovaviEN Toolbar - {b0d3574e-b41f-4fe9-b976-1e8e303095b9} - C:\Program Files (x86)\MovaviEN\prxtbMov0.dll
O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\prxtb4sha.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN17F083XQ05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [IMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe /warmup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE /TrayOnly
O4 - Startup: Recorte de pantalla y Selector de OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr
O4 - Startup: Supervisar alertas de tinta - HP Photosmart 5510 series (Red).lnk = C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN17F083XQ05NR;CONNECTION=NW;MONITOR=1;
O4 - Global Startup: Desktop Manager.lnk = C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.229\SSScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE -b -l
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files (x86)\FlashCapture\fciext.dll/FCIEXT.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: &Teclado virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - res://C:\Program Files (x86)\FlashCapture\fciext.dll/FCIEXT.htm (file missing)
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Compro&bar direcciones URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm (file missing)
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) -http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) -http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -https://sudespacho.webex.com/client/T27LB/nbr/ieatgpc1.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\SysWow64\webcheck.dll
O22 - ShellExecuteHooks: EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
Información Adicional:
----------------------
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswMonFlt - AVAST Software - C:\Windows\system32\drivers\aswMonFlt.sys (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servicio Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - EasyBits Sofware AS - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\Windows\System32\ezsvc7.dll
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
*O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
O23 - Service: Servicio de registro de McAfee (McAfeeFramework) - McAfee, Inc. - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Systems Soft Modem (AgereSoftModem) - LSI Corp - C:\WINDOWS\SYSTEM32\DRIVERS\agrsm64.sys (file missing)
O23 - Service: Applian Network Service (appliand) - Applian Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\appliand.sys (file missing)
O23 - Service: appliandMP - Applian Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\appliand.sys (file missing)
O23 - Service: Atheros Extensible Wireless LAN device driver (athr) - Atheros Communications, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\athrx.sys (file missing)
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbda.sys (file missing)
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys (file missing)
O23 - Service: Controlador de filtro inferior de almacenamiento USB Brother (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys (file missing)
O23 - Service: Controlador de filtro superior de almacenamiento USB Brother (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys (file missing)
O23 - Service: Controlador de interfaz de puerto serie Brother MFC (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys (file missing)
O23 - Service: Controlador serie WDM de Brother (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys (file missing)
O23 - Service: Módem Brother MFC USB sólo Fax (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys (file missing)
O23 - Service: Controlador WDM de serie USB Brother MFC (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys (file missing)
O23 - Service: catchme - Unknown owner - C:\ComboFix\catchme.sys (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbda.sys (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (file missing)
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys (file missing)
O23 - Service: Intel(R) Management Engine Interface (HECIx64) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\HECIx64.sys (file missing)
O23 - Service: HpqKbFilter Driver (HpqKbFiltr) - Hewlett-Packard Development Company, L.P. - C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd64.sys (file missing)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHD64.sys (file missing)
O23 - Service: Sonido Intel(R) para pantallas (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\IntcDAud.sys (file missing)
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kaspersky Lab KLKBDFLT (klkbdflt) - Kaspersky Lab - C:\WINDOWS\SYSTEM32\DRIVERS\klkbdflt.sys (file missing)
O23 - Service: Kaspersky Lab KLMOUFLT (klmouflt) - Kaspersky Lab - C:\WINDOWS\SYSTEM32\DRIVERS\klmouflt.sys (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.229\McCHSvc.exe
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
O23 - Service: McAfee Inc. mferkdet (mferkdet) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mferkdet.sys (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Apple Mobile Device Ethernet Service (Netaapl) - Apple Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\netaapl64.sys (file missing)
O23 - Service: Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit (netw5v64) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\netw5v64.sys (file missing)
O23 - Service: Smartphone BlackBerry (RimUsb) - Research In Motion Limited - C:\WINDOWS\SYSTEM32\Drivers\RimUsb_AMD64.sys (file missing)
O23 - Service: RIM Virtual Serial Port v2 (RimVSerPort) - Research in Motion Ltd - C:\WINDOWS\SYSTEM32\DRIVERS\RimSerial_AMD64.sys (file missing)
O23 - Service: RtsUStor.Sys Realtek USB Card Reader (RSUSBSTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\Drivers\RtsUStor.sys
O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek - C:\WINDOWS\SYSTEM32\DRIVERS\Rt64win7.sys (file missing)
O23 - Service: SrvHsfHDA - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTAZL6.SYS (file missing)
O23 - Service: SrvHsfV92 - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTDPV6.SYS (file missing)
O23 - Service: SrvHsfWinac - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTCNXT6.SYS (file missing)
O23 - Service: Synaptics TouchPad Driver (SynTP) - Synaptics Incorporated - C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys (file missing)
O23 - Service: Apple Mobile USB Driver (USBAAPL64) - Apple, Inc. - C:\WINDOWS\SYSTEM32\Drivers\usbaapl64.sys (file missing)
O23 - Service: NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller (yukonw7) - Marvell - C:\WINDOWS\SYSTEM32\DRIVERS\yk62x64.sys (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
70 Servicios.
23 de Carga Automatica.
47 de Carga Manual.
0 Deshabilitados.
HE pasado ELISTARA y nada... DEtecta un par de cosas que ha eliminado pero el problema persiste; os pego el infosat.txt y el sproces:
(3-10-2012 23:25:37 (GMT))
EliStartPage v26.25 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2012)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium
Usuario: Casi Ortega
ID de Usuario: S-1-5-21-1713870264-2544328187-3552938290-1000
Lista de Acciones (por Acción Directa):
Key Eliminada [URLSearchHook (HKUS) "{00000000-6E41-4FD3-8538-502F5495E5FC}"] -> C:\PROGRAM FILES (X86)\ASK.COM\GENERICASKTOOLBAR.DLL
Key Eliminada [URLSearchHook (HKUS) "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"] -> C:\PROGRAM FILES (X86)\MYBABYLON_ENGLISH\TBMYBA.DLL
Key Eliminada [URLSearchHook (HKUS) "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"] -> C:\PROGRAM FILES (X86)\FREECORDER\TBFREE.DLL
Key Eliminada [URLSearchHook (HKLM) "{0974848a-b5bc-49f2-9778-307742b4a55d}"] -> C:\PROGRAM FILES (X86)\SOFTONIC.COM4\TBSOFT.DLL
Key Eliminada [URLSearchHook (HKLM) "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"] -> C:\PROGRAM FILES (X86)\FREECORDER\TBFREE.DLL
C:\PROGRAM FILES (X86)\ASK.COM\GENERICASKTOOLBAR.DLL --> Eliminado ASKToolbar(bho/tb)
C:\PROGRAM FILES (X86)\MYBABYLON_ENGLISH\TBMYBA.DLL --> Eliminado TBConduit(tb)
C:\PROGRAM FILES (X86)\FREECORDER\TBFREE.DLL --> Eliminado TBConduit(tb)
C:\PROGRAM FILES (X86)\SOFTONIC.COM4\TBSOFT.DLL --> Eliminado TBConduit(tb)
Entrada Eliminada [HKLM\...\Run] "SearchSettings"=""C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe""
Eliminada Class, "{00000000-6E41-4FD3-8538-502F5495E5FC}" -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
Eliminada Class, "{D4027C7F-154A-4066-A1AD-4243D8127440}" -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
Eliminada Class, "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}" -> C:\Program Files (x86)\myBabylon_English\tbmyBa.dll
Eliminada Class, "{1392b8d2-5c05-419f-a8f6-b9f15a596612}" -> C:\Program Files (x86)\Freecorder\tbFree.dll
Eliminada Class, "{0974848a-b5bc-49f2-9778-307742b4a55d}" -> C:\Program Files (x86)\softonic.com4\tbsoft.dll
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Error de Acceso de Escritura al MBR.
(4-10-2012 01:41:01 (GMT))
EliStartPage v26.25 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2012)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium
Usuario: Casi Ortega
ID de Usuario: S-1-5-21-1713870264-2544328187-3552938290-1000
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Program Files (x86)\ConduitEngine\CONDUITENGINE.DLL --> Eliminado, TBConduit(tb)
C:\SwSetup\Drivers\Audio\WDM\ALCMTR.EXE --> Eliminado, SpyRealtek
Nº Total de Directorios: 45531
Nº Total de Ficheros: 347816
Nº de Ficheros Analizados: 88916
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2
(4-10-2012 07:16:53 GMT)
SProces v6.6 (c)2012 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Home Premium (v6.1.7600)
Internet Explorer: (v9.0.8112.16421) 0
Equipo: CASIORTEGA-PC
Usuario: Casi Ortega
Sesión de Usuario: Casi Ortega
94 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTSVC.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\AERTSR64.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\APPLEMOBILEDEVICESERVICE.EXE
C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 2013\AVP.EXE
C:\WINDOWS\SYSTEM32\MDNSRESPONDER.EXE
C:\PROGRAMDATA\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\WINDOWS\SYSWOW64\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\ENGINESERVER.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES (X86)\UNIBLUE\REGISTRYBOOSTER\RBMONITOR.EXE
C:\PROGRAM FILES (X86)\MCAFEE\COMMON FRAMEWORK\FRAMEWORKSERVICE.EXE
C:\WINDOWS\SYSTEM32\SYNTPENH.EXE
C:\WINDOWS\SYSTEM32\RTKNGUI64.EXE
C:\WINDOWS\SYSTEM32\RTVOSD64.EXE
C:\WINDOWS\SYSTEM32\JUSCHED.EXE
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\LIGHTSCRIBE\LIGHTSCRIBECONTROLPANEL.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP ADVISOR\HPADVISOR.EXE
C:\PROGRAM FILES (X86)\ARES\ARES.EXE
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE14\MSOSYNC.EXE
C:\WINDOWS\SYSTEM32\SCANTOPCACTIVATIONAPP.EXE
C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\VSTSKMGR.EXE
C:\PROGRAM FILES (X86)\MCAFEE SECURITY SCAN\3.0.229\SSSCHEDULER.EXE
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE14\GROOVE.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP QUICK LAUNCH BUTTONS\QLBCTRL.EXE
C:\WINDOWS\SYSTEM32\HPWAMAIN.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\RESEARCH IN MOTION\AUTO UPDATE\RIMAUTOUPDATE.EXE
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE14\ONENOTEM.EXE
C:\PROGRAM FILES (X86)\SWEETIM\MESSENGER\SWEETIM.EXE
C:\PROGRAM FILES (X86)\MCAFEE\COMMON FRAMEWORK\NAPRDMGR.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\PROGRAM FILES (X86)\FREECORDER\FLVSRVC.EXE
C:\WINDOWS\SYSTEM32\MFEVTPS.EXE
C:\PROGRAM FILES (X86)\ASK.COM\UPDATER\UPDATER.EXE
C:\PROGRAM FILES (X86)\IMINENT\IMBOOSTER\IMBOOSTER.EXE
C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
C:\WINDOWS\SYSTEM32\SOLIDCONVERTERPDFSERVICEX64.EXE
C:\PROGRAM FILES (X86)\ITUNES\ITUNESHELPER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE
C:\PROGRAM FILES (X86)\MCAFEE\COMMON FRAMEWORK\UDATERUI.EXE
C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\SHSTAT.EXE
C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 2013\AVP.EXE
C:\WINDOWS\SYSTEM32\MCSHIELD.EXE
C:\WINDOWS\SYSTEM32\MFEANN.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\WINDOWS\SYSTEM32\PRESENTATIONFONTCACHE.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPQWMIEX.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\IPODSERVICE.EXE
C:\WINDOWS\SYSTEM32\WUDFHOST.EXE
C:\WINDOWS\SYSTEM32\SYNTPHELPER.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP QUICK LAUNCH BUTTONS\COM4QLBEX.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPQTOASTER.EXE
C:\WINDOWS\SYSTEM32\HPHC_SERVICE.EXE
C:\WINDOWS\SYSTEM32\SPPSVC.EXE
C:\WINDOWS\SYSTEM32\OSPPSVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\WINDOWS\SYSTEM32\WMPNETWK.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
G:\SPROCES\SPROCES.EXE
C:\WINDOWS\SYSTEM32\HPNETWORKCOMMUNICATOR.EXE
C:\WINDOWS\SYSTEM32\HPNETWORKCOMMUNICATOR.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: MovaviEN Toolbar - {b0d3574e-b41f-4fe9-b976-1e8e303095b9} - C:\Program Files (x86)\MovaviEN\prxtbMov0.dll (HKLM)
R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\prxtb4sha.dll (HKLM)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: MovaviEN Toolbar - {b0d3574e-b41f-4fe9-b976-1e8e303095b9} - C:\Program Files (x86)\MovaviEN\prxtbMov0.dll
R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\prxtb4sha.dll
O2 - BHO: 4shared.com - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\prxtb4sha.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (file missing)
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files (x86)\FlashCapture\fcbho.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\IMBooster4Web\Iminent.WebBooster.dll
O2 - BHO: MovaviEN - {b0d3574e-b41f-4fe9-b976-1e8e303095b9} - C:\Program Files (x86)\MovaviEN\prxtbMov0.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (file missing)
O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files (x86)\Save Flash\SaveFlash.dll
O3 - Toolbar: MovaviEN Toolbar - {b0d3574e-b41f-4fe9-b976-1e8e303095b9} - C:\Program Files (x86)\MovaviEN\prxtbMov0.dll
O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\prxtb4sha.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN17F083XQ05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [IMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe /warmup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE /TrayOnly
O4 - Startup: Recorte de pantalla y Selector de OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr
O4 - Startup: Supervisar alertas de tinta - HP Photosmart 5510 series (Red).lnk = C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN17F083XQ05NR;CONNECTION=NW;MONITOR=1;
O4 - Global Startup: Desktop Manager.lnk = C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.229\SSScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE -b -l
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files (x86)\FlashCapture\fciext.dll/FCIEXT.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: &Teclado virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - res://C:\Program Files (x86)\FlashCapture\fciext.dll/FCIEXT.htm (file missing)
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Compro&bar direcciones URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm (file missing)
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES (X86)\BONJOUR\MDNSNSP.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) -
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) -
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\SysWow64\webcheck.dll
O22 - ShellExecuteHooks: EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
O22 - ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
Información Adicional:
----------------------
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswMonFlt - AVAST Software - C:\Windows\system32\drivers\aswMonFlt.sys (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servicio Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - EasyBits Sofware AS - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\Windows\System32\ezsvc7.dll
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
*O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
O23 - Service: Servicio de registro de McAfee (McAfeeFramework) - McAfee, Inc. - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
**O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - %SystemRoot%\System32\svchost.exe -k secsvcs - %ProgramFiles%\Windows Defender\mpsvc.dll (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Systems Soft Modem (AgereSoftModem) - LSI Corp - C:\WINDOWS\SYSTEM32\DRIVERS\agrsm64.sys (file missing)
O23 - Service: Applian Network Service (appliand) - Applian Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\appliand.sys (file missing)
O23 - Service: appliandMP - Applian Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\appliand.sys (file missing)
O23 - Service: Atheros Extensible Wireless LAN device driver (athr) - Atheros Communications, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\athrx.sys (file missing)
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbda.sys (file missing)
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys (file missing)
O23 - Service: Controlador de filtro inferior de almacenamiento USB Brother (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys (file missing)
O23 - Service: Controlador de filtro superior de almacenamiento USB Brother (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys (file missing)
O23 - Service: Controlador de interfaz de puerto serie Brother MFC (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys (file missing)
O23 - Service: Controlador serie WDM de Brother (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys (file missing)
O23 - Service: Módem Brother MFC USB sólo Fax (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys (file missing)
O23 - Service: Controlador WDM de serie USB Brother MFC (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys (file missing)
O23 - Service: catchme - Unknown owner - C:\ComboFix\catchme.sys (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbda.sys (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (file missing)
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys (file missing)
O23 - Service: Intel(R) Management Engine Interface (HECIx64) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\HECIx64.sys (file missing)
O23 - Service: HpqKbFilter Driver (HpqKbFiltr) - Hewlett-Packard Development Company, L.P. - C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd64.sys (file missing)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHD64.sys (file missing)
O23 - Service: Sonido Intel(R) para pantallas (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\IntcDAud.sys (file missing)
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kaspersky Lab KLKBDFLT (klkbdflt) - Kaspersky Lab - C:\WINDOWS\SYSTEM32\DRIVERS\klkbdflt.sys (file missing)
O23 - Service: Kaspersky Lab KLMOUFLT (klmouflt) - Kaspersky Lab - C:\WINDOWS\SYSTEM32\DRIVERS\klmouflt.sys (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.229\McCHSvc.exe
O23 - Service: McAfee Inc. mfeapfk (mfeapfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeapfk.sys (file missing)
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys (file missing)
O23 - Service: McAfee Inc. mferkdet (mferkdet) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mferkdet.sys (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Apple Mobile Device Ethernet Service (Netaapl) - Apple Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\netaapl64.sys (file missing)
O23 - Service: Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit (netw5v64) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\netw5v64.sys (file missing)
O23 - Service: Smartphone BlackBerry (RimUsb) - Research In Motion Limited - C:\WINDOWS\SYSTEM32\Drivers\RimUsb_AMD64.sys (file missing)
O23 - Service: RIM Virtual Serial Port v2 (RimVSerPort) - Research in Motion Ltd - C:\WINDOWS\SYSTEM32\DRIVERS\RimSerial_AMD64.sys (file missing)
O23 - Service: RtsUStor.Sys Realtek USB Card Reader (RSUSBSTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\Drivers\RtsUStor.sys
O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek - C:\WINDOWS\SYSTEM32\DRIVERS\Rt64win7.sys (file missing)
O23 - Service: SrvHsfHDA - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTAZL6.SYS (file missing)
O23 - Service: SrvHsfV92 - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTDPV6.SYS (file missing)
O23 - Service: SrvHsfWinac - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTCNXT6.SYS (file missing)
O23 - Service: Synaptics TouchPad Driver (SynTP) - Synaptics Incorporated - C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys (file missing)
O23 - Service: Apple Mobile USB Driver (USBAAPL64) - Apple, Inc. - C:\WINDOWS\SYSTEM32\Drivers\usbaapl64.sys (file missing)
O23 - Service: NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller (yukonw7) - Marvell - C:\WINDOWS\SYSTEM32\DRIVERS\yk62x64.sys (file missing)
Listado de Servicios (Deshabilitados):
--------------------------------------
70 Servicios.
23 de Carga Automatica.
47 de Carga Manual.
0 Deshabilitados.
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Un virus me colapsa el WIFI y no puedo conectar!
Pues vemos este fichero sospechoso:
C:\WINDOWS\SYSTEM32\AERTSR64.EXE
segunhttp://spywarefiles.prevx.com/RRFJCE44791946/AERTSR64.EXE.html
y este otro vea si es voluntario:
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
sino, añadale tambien .VIR a su extension y envienoslo para analizar
y vemos claves de instalacion de tres antivirus ! :
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servicio Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
Solo debe haber un antivirus, para evitar coliisones y ralentizacion. Escoja uno y desinstale los demás...
Para enviarnos las muestras, recordar:
https://foros.zonavirus.com/viewtopic.php?f=5&t=14253
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminacion, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 3-10-2012
C:\WINDOWS\SYSTEM32\AERTSR64.EXE
segun
y este otro vea si es voluntario:
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
sino, añadale tambien .VIR a su extension y envienoslo para analizar
y vemos claves de instalacion de tres antivirus ! :
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servicio Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
Solo debe haber un antivirus, para evitar coliisones y ralentizacion. Escoja uno y desinstale los demás...
Para enviarnos las muestras, recordar:
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminacion, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 3-10-2012
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online