Instale el programa daemontools y luego no lo podia desinstalar, gracias auna aplicacion que borra los archivos bloqueados, llamado fileassassin pude borrarlo por completo del ordenador, pero hay veces que cuando borro archivos o carpetas con el programa O&O SafeErase, me da error en algunas carpetas con este nombre "zzzzzzzzzzzz.zzz" y eran referentes a este programa... Me he instalada en versión de prueba el Panda GP 2010 y tambien tengo instalados el Spybot&Search and destroy y el ad-ware, y ninguno me consigue quitar este ¿virus?
Alguna solución?
Gracias de antemano
sobre zzzzzzzzzzzz.zzz
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: sobre zzzzzzzzzzzz.zzz
Las aplicaciones de windows no deben solo borrar fichero para desinstalarlas, sino restaurar o eliminar las claves que hubieran modificado dicha instalacion.
Ello se consigue desde Panel de Control -> Agregar o quitar programas, quitando el que se desee.
Habiendo borrado los ficheors sin tocar claves puede ser la causa que indica.
Y meter mano al registro es delicado... Si acaso, posteenos el informe generado por el SPROCES a ver si aparece alguna relacionada y podemos obrar en consecuencia
lo analizaremos e informaremos al respecto.
saludos
ms, 26-11-2009
Ello se consigue desde Panel de Control -> Agregar o quitar programas, quitando el que se desee.
Habiendo borrado los ficheors sin tocar claves puede ser la causa que indica.
Y meter mano al registro es delicado... Si acaso, posteenos el informe generado por el SPROCES a ver si aparece alguna relacionada y podemos obrar en consecuencia
[quote="msc"][b]SPROCES.EXE(herramienta de investigación) [/b] http://www.zonavirus.com/descargas/sproces.asp
Y tras pulsar en SALIR, posteanos el contenido del C:\SPROCLOG.TXT[/quote]
lo analizaremos e informaremos al respecto.
saludos
ms, 26-11-2009
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: sobre zzzzzzzzzzzz.zzz
se me ha olvidado deciros que uso windows 7
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: sobre zzzzzzzzzzzz.zzz
Ningun problema, maximo lanza las utilidades pulsando [b]boton derecho[/b] [b]Ejecutar como Administrador[/b]
saludos
ms, 26-11-2009
saludos
ms, 26-11-2009
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: sobre zzzzzzzzzzzz.zzz
Os adjunto el archivo txt que me ha generado...
- Adjuntos
-
- SProcLog.txt
- (511.04 KiB) Descargado 44 veces
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: sobre zzzzzzzzzzzz.zzz
Sacando las lineas superfluasgeneradas por el SPyBot, el informe queda:
(26-11-2009 10:36:17 GMT)
SProces v4.3 (c)2009 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Ultimate (v6.1.NULL2)
Internet Explorer: (v8.0.7600.16385) 0
Procesos Activos:
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\ADVANCED WHEEL MOUSE\WH_EXEC.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JUSCHED.EXE
C:\ARCHIVOS DE PROGRAMA\ADOBE\ACROBAT 9.0\ACROBAT\ACROTRAY.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RTHDVCPL.EXE
C:\WINDOWS\SYSTEM32\OODTRAY.EXE
C:\WINDOWS\FIXCAMERA.EXE
C:\WINDOWS\TSNP2STD.EXE
C:\WINDOWS\VSNP2STD.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE
C:\ARCHIVOS DE PROGRAMA\LOGITECH\SETPOINT\SETPOINT.EXE
C:\PROGRAM FILES\COMMON FILES\LOGISHRD\KHAL2\KHALMNPR.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JAVAW.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\PAVBCKPT.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\APVXDWIN.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WEBPROXY.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AAWTRAY.EXE
C:\PROGRAM FILES\OO SOFTWARE\SAFEERASE\OORUNDLL.EXE
C:\PROGRAM FILES\VEIGN\NOTE-IT\NOTE-IT.EXE
C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
D:\PROGRAMAS W7\SPROCES 4.3\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=3082&id=64855&mkt=es-es&bk=69047733
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
F2 - REG:system.ini: Shell=explorer.exe
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
O1 - Hosts: 127.0.0.1www.007guard.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - (no file)
O2 - BHO: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - (no file)
O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\ADVANC~1\wh_exec.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Archivos de programa\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: []
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Archivos de programa\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe"
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - Global Startup: Logitech SetPoint.lnk
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\Archivos de programa\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\NLAAPI.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\NAPINSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
O13 - Gopher Prefix: NULL2
O16 - DPF: {3A226D85-574D-4272-B73C-DBCAECF709B3} (TNSClickerb.Clicker) -http://www.mizonadeconsumo.com/TNSClickrb.CAB
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_15) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol hijack: about - (no CLSID) - (no file)
O18 - Protocol hijack: dvd - (no CLSID) - (no file)
O18 - Protocol hijack: its - (no CLSID) - (no file)
O18 - Protocol hijack: mhtml - (no CLSID) - (no file)
O18 - Protocol hijack: ms-its - (no CLSID) - (no file)
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol hijack: tv - (no CLSID) - (no file)
O18 - Protocol hijack: vbscript - (no CLSID) - (no file)
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: AVLDR - AVLDR.DLL
O20 - Winlogon Notify: LBTWLGN - C:\PROGRAM FILES\COMMON FILES\LOGISHRD\BLUETOOTH\LBTWLGN.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
Clave "HKLM\...\Image File Execution Options\IEInstal.exe"
"Debugger"="NULL1"
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: AmFSM - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\amm8660.sys
O23 - Service: App Filter Plugin (APPFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\APPFLT.SYS
O23 - Service: Panda Anti-Dialer (ComFiltr) - Unknown owner - C:\Windows\system32\DRIVERS\COMFiltr.sys
O23 - Service: DSA Filter Plugin (DSAFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\DSAFLT.SYS
O23 - Service: NetMon Filter Plugin (FNETMON) - Panda Security, S.L. - C:\Windows\system32\Drivers\fnetmon.SYS
O23 - Service: Panda Goodware Cache Manager (Gwmsrv) - Unknown owner - C:\Windows\system32\svchost -k Panda (file missing)
O23 - Service: Ids Filter Plugin (IDSFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\IDSFLT.SYS
**O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Panda Net Driver [TDI Layer] (NETFLTDI) - Panda Security, S.L. - C:\Windows\system32\Drivers\NETFLTDI.SYS
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
O23 - Service: Panda Process Protection Driver (PavProc) - Panda Security, S.L. - C:\Windows\system32\DRIVERS\PavProc.sys
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe
*O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe
O23 - Service: Wifi Monitor Filter Plugin (WNMFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\WNMFLT.SYS
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\DRIVERS\aliide.sys
O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\DRIVERS\amdsata.sys
O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys
O23 - Service: ATI Function Driver for High Definition Audio Service (AtiHdmiService) - ATI Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\AtiHdmi.sys
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys
O23 - Service: Antivirus Filter Driver (AvFlt) - Unknown owner - C:\WINDOWS\system32\drivers\av5flt.sys (file missing)
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\DRIVERS\cmdide.sys
O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys
O23 - Service: Lavalys EVEREST Kernel Driver (EverestDriver) - Unknown owner - C:\Archivos de programa\EVEREST Home Edition\kerneld.wnt (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys
O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\DRIVERS\HpSAMD.sys
O23 - Service: iaStorV - Intel Corporation - C:\WINDOWS\system32\DRIVERS\iaStorV.sys
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys
O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys
O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys
O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys
O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys
O23 - Service: ATK0110 ACPI UTILITY (MTsensor) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ASACPI.sys
O23 - Service: PANDA NDIS IM Filter Miniport v1.6.0.39 (NETIMFLT01060039) - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\neti1639.sys
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys
O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvraid.sys
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvstor.sys
O23 - Service: OPTO ELECTRONICS optousb (optousb) - OPTO ELECTRONICS CO.,LTD. - C:\WINDOWS\SYSTEM32\DRIVERS\optousb.sys
O23 - Service: OPTO ELECTRONICS optovcm (optovcm) - OPTO ELECTRONICS CO.,LTD. - C:\WINDOWS\SYSTEM32\DRIVERS\optovcm.sys
O23 - Service: PavSRK.sys - Unknown owner - C:\Windows\system32\PavSRK.sys (file missing)
O23 - Service: PavTPK.sys - Unknown owner - C:\Windows\system32\PavTPK.sys (file missing)
O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys
O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys
O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys
O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\Rt86win7.sys
O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys
O23 - Service: USB2.0 PC Camera (SNP2STD) (SNP2STD) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2sxp.sys
O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\DRIVERS\viaide.sys
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys
O23 - Service: WheelMouse USB Lower Filter Driver (whfltr2k) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\whfltr2k.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
84 Servicios.
24 de Carga Automatica.
60 de Carga Manual.
0 Deshabilitados.
procedemos a analizarlo
(26-11-2009 10:36:17 GMT)
SProces v4.3 (c)2009 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Ultimate (v6.1.NULL2)
Internet Explorer: (v8.0.7600.16385) 0
Procesos Activos:
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\ADVANCED WHEEL MOUSE\WH_EXEC.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JUSCHED.EXE
C:\ARCHIVOS DE PROGRAMA\ADOBE\ACROBAT 9.0\ACROBAT\ACROTRAY.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RTHDVCPL.EXE
C:\WINDOWS\SYSTEM32\OODTRAY.EXE
C:\WINDOWS\FIXCAMERA.EXE
C:\WINDOWS\TSNP2STD.EXE
C:\WINDOWS\VSNP2STD.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE
C:\ARCHIVOS DE PROGRAMA\LOGITECH\SETPOINT\SETPOINT.EXE
C:\PROGRAM FILES\COMMON FILES\LOGISHRD\KHAL2\KHALMNPR.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JAVAW.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\PAVBCKPT.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\APVXDWIN.EXE
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WEBPROXY.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AAWTRAY.EXE
C:\PROGRAM FILES\OO SOFTWARE\SAFEERASE\OORUNDLL.EXE
C:\PROGRAM FILES\VEIGN\NOTE-IT\NOTE-IT.EXE
C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
D:\PROGRAMAS W7\SPROCES 4.3\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
F2 - REG:system.ini: Shell=explorer.exe
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - (no file)
O2 - BHO: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - (no file)
O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\ADVANC~1\wh_exec.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Archivos de programa\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: []
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Archivos de programa\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe"
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - Global Startup: Logitech SetPoint.lnk
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\Archivos de programa\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\NLAAPI.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\NAPINSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
O13 - Gopher Prefix: NULL2
O16 - DPF: {3A226D85-574D-4272-B73C-DBCAECF709B3} (TNSClickerb.Clicker) -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_15) -
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
O18 - Protocol hijack: about - (no CLSID) - (no file)
O18 - Protocol hijack: dvd - (no CLSID) - (no file)
O18 - Protocol hijack: its - (no CLSID) - (no file)
O18 - Protocol hijack: mhtml - (no CLSID) - (no file)
O18 - Protocol hijack: ms-its - (no CLSID) - (no file)
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol hijack: tv - (no CLSID) - (no file)
O18 - Protocol hijack: vbscript - (no CLSID) - (no file)
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: AVLDR - AVLDR.DLL
O20 - Winlogon Notify: LBTWLGN - C:\PROGRAM FILES\COMMON FILES\LOGISHRD\BLUETOOTH\LBTWLGN.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
Clave "HKLM\...\Image File Execution Options\IEInstal.exe"
"Debugger"="NULL1"
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: AmFSM - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\amm8660.sys
O23 - Service: App Filter Plugin (APPFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\APPFLT.SYS
O23 - Service: Panda Anti-Dialer (ComFiltr) - Unknown owner - C:\Windows\system32\DRIVERS\COMFiltr.sys
O23 - Service: DSA Filter Plugin (DSAFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\DSAFLT.SYS
O23 - Service: NetMon Filter Plugin (FNETMON) - Panda Security, S.L. - C:\Windows\system32\Drivers\fnetmon.SYS
O23 - Service: Panda Goodware Cache Manager (Gwmsrv) - Unknown owner - C:\Windows\system32\svchost -k Panda (file missing)
O23 - Service: Ids Filter Plugin (IDSFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\IDSFLT.SYS
**O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Panda Net Driver [TDI Layer] (NETFLTDI) - Panda Security, S.L. - C:\Windows\system32\Drivers\NETFLTDI.SYS
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
O23 - Service: Panda Process Protection Driver (PavProc) - Panda Security, S.L. - C:\Windows\system32\DRIVERS\PavProc.sys
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe
*O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe
O23 - Service: Wifi Monitor Filter Plugin (WNMFLT) - Panda Security, S.L. - C:\Windows\system32\Drivers\WNMFLT.SYS
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\DRIVERS\aliide.sys
O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\DRIVERS\amdsata.sys
O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys
O23 - Service: ATI Function Driver for High Definition Audio Service (AtiHdmiService) - ATI Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\AtiHdmi.sys
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys
O23 - Service: Antivirus Filter Driver (AvFlt) - Unknown owner - C:\WINDOWS\system32\drivers\av5flt.sys (file missing)
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\DRIVERS\cmdide.sys
O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys
O23 - Service: Lavalys EVEREST Kernel Driver (EverestDriver) - Unknown owner - C:\Archivos de programa\EVEREST Home Edition\kerneld.wnt (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys
O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\DRIVERS\HpSAMD.sys
O23 - Service: iaStorV - Intel Corporation - C:\WINDOWS\system32\DRIVERS\iaStorV.sys
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys
O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys
O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys
O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys
O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys
O23 - Service: ATK0110 ACPI UTILITY (MTsensor) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ASACPI.sys
O23 - Service: PANDA NDIS IM Filter Miniport v1.6.0.39 (NETIMFLT01060039) - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\neti1639.sys
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys
O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvraid.sys
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvstor.sys
O23 - Service: OPTO ELECTRONICS optousb (optousb) - OPTO ELECTRONICS CO.,LTD. - C:\WINDOWS\SYSTEM32\DRIVERS\optousb.sys
O23 - Service: OPTO ELECTRONICS optovcm (optovcm) - OPTO ELECTRONICS CO.,LTD. - C:\WINDOWS\SYSTEM32\DRIVERS\optovcm.sys
O23 - Service: PavSRK.sys - Unknown owner - C:\Windows\system32\PavSRK.sys (file missing)
O23 - Service: PavTPK.sys - Unknown owner - C:\Windows\system32\PavTPK.sys (file missing)
O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys
O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys
O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys
O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\Rt86win7.sys
O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys
O23 - Service: USB2.0 PC Camera (SNP2STD) (SNP2STD) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snp2sxp.sys
O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\DRIVERS\viaide.sys
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys
O23 - Service: WheelMouse USB Lower Filter Driver (whfltr2k) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\whfltr2k.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
84 Servicios.
24 de Carga Automatica.
60 de Carga Manual.
0 Deshabilitados.
procedemos a analizarlo
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: sobre zzzzzzzzzzzz.zzz
Envienos este sospechoso para analizar:
C:\PROGRAM FILES\VEIGN\NOTE-IT\NOTE-IT.EXE
y elimine estas claves:
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
[b]¿Como enviar las muestras a zonavirus? - Para ello recordar[/b]
https://foros.zonavirus.com/viewtopic.php?f=5&t=14253
Tras recibir el/los fichero/s, lo/s analizaremos e implementaremos su control y eliminacion, si procede, en nuestras utilidades, de lo cual informaremos
No vemos nada mas posiblenebte malicioso
saludos
ms, 26-11-2009
C:\PROGRAM FILES\VEIGN\NOTE-IT\NOTE-IT.EXE
y elimine estas claves:
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Tras recibir el/los fichero/s, lo/s analizaremos e implementaremos su control y eliminacion, si procede, en nuestras utilidades, de lo cual informaremos
No vemos nada mas posiblenebte malicioso
saludos
ms, 26-11-2009
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: sobre zzzzzzzzzzzz.zzz
No me deja adjuntaros el programa, y tampoco me deja comprimirlo en winrar...
Re: sobre zzzzzzzzzzzz.zzz
he procedido a desinstalar el programa... si dentro de unos dias sigo con el problema, ya volvere a ponerme en contacto con vosotros.
Ya he borrado lo que me habeis dicho del regedit
Gracias
Ya he borrado lo que me habeis dicho del regedit
Gracias
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: sobre zzzzzzzzzzzz.zzz
Pues dejamos abierto el Tema a la espera de noticias.
En undos dias, tanto en un sentido como en otro, informenos al respecto, gracias
saludos
ms, 26-11-2009
En undos dias, tanto en un sentido como en otro, informenos al respecto, gracias
saludos
ms, 26-11-2009
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online