Anteriormente ya os envie un post en el tema de otro forero (lo siento, no era mi intencion infringir ninguna norma)
el tema es el siguiente:
Primero me aparecio ese falso protector de virus que tras seguir vuestras indicaciones con Elistara etc, aparentemente desaparecio.
Ingenuo de mi !!.
El problema es que al menos ese falso antivirus que no te permitia moverte de la misma pantalla no esta presente de forma constante. aparece pero como ventana de tanto en tanto. El problema ahora es que al navegar, en el google me dirige ampaginas como morgan etc, y me va extremadamente lento.
He lanzado el elistara en modo seguro tres veces, la primera encontro ficheros infectados, pero las otras dos nada de nada.
Os posteo a continuacion el primer informe de elistara:
(24-3-2010 18:32:58 (GMT))
EliStartPage v20.60 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 24 de Marzo del 2010)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
C:\Program Files\shARES\tbshA1.dll.VIR --> Eliminado.
C:\Program Files\Shareware.Pro\tbShar.dll.VIR --> Eliminado.
Eliminados Ficheros Temporales del IE
(24-3-2010 19:18:43 (GMT))
EliStartPage v20.60 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 24 de Marzo del 2010)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Program Files\Peer2Peer\TBPEER.DLL --> Eliminado, TBConduit(tb)
C:\Program Files\shARES\TBSHA0.DLL --> Eliminado, TBConduit(tb)
C:\Program Files\shARES\TBSHAR.DLL --> Eliminado, TBConduit(tb)
C:\Users\Maria\AppData\Local\Temp\Low\BLOMIY.EXE --> Eliminado, AntivirusSystemPRO
Nº Total de Directorios: 30614
Nº Total de Ficheros: 179369
Nº de Ficheros Analizados: 39318
Nº de Ficheros Infectados: 4
Nº de Ficheros Limpiados: 4
(24-3-2010 19:20:53 (GMT))
EliStartPage v20.60 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 24 de Marzo del 2010)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
C:\USERS\JORDI\APPDATA\LOCAL\KGOYWYS_NAVPS.DAT --> Eliminado
C:\USERS\JORDI\APPDATA\LOCAL\KGOYWYS_NAV.DAT --> Eliminado
C:\USERS\JORDI\APPDATA\LOCAL\KGOYWYS.DAT --> Eliminado
C:\PROGRAM FILES\PEER2PEER\TBPEE1.DLL --> TBConduit(tb) Acceso Denegado.
C:\PROGRAM FILES\SHARES\TBSHA1.DLL --> TBConduit(tb) Renombrado a .VIR
C:\PROGRAM FILES\SHAREWARE.PRO\TBSHAR.DLL --> TBConduit(tb) Renombrado a .VIR
Entrada Eliminada [HKCU\...\Run] "KGOYWYS"=""c:\users\jordi\appdata\local\kgoywys.exe" kgoywys"
Eliminada Class, "{1B05FC31-35FB-4D12-86B9-D88A52736349}" -> C:\Program Files\Peer2Peer\tbPee1.dll
Eliminada Class, "{9C905B42-976E-43C1-BC30-FC5937017909}" -> C:\Program Files\shARES\tbshA1.dll
Eliminada Class, "{D82B1EC9-0D76-4F88-9FE6-4E92D2A8EA93}" -> C:\Program Files\Shareware.Pro\tbShar.dll
No ha sido posible abrir IERESET.INF
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Reinicie para Completar la Limpieza.
(24-3-2010 19:39:25 (GMT))
EliStartPage v20.60 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 24 de Marzo del 2010)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
No ha sido posible abrir IERESET.INF
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(24-3-2010 19:42:44 (GMT))
EliStartPage v20.60 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 24 de Marzo del 2010)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Y ahora a continuacion el de hace unos minutos..
(30-3-2010 20:12:48 (GMT))
EliStartPage v20.60 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 24 de Marzo del 2010)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 30729
Nº Total de Ficheros: 178559
Nº de Ficheros Analizados: 39143
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
..
Tambien el Sproces de hace unos minutos
(30-3-2010 20:23:31 GMT)
SProces v4.4 (c)2010 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows Vista (TM) Home Premium (v6.0.6001)
Parche MS08-067 (Servicio Servidor) NO Instalado.
Internet Explorer: (v7.0.6001.18000) 0
Procesos Activos:
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\PROGRAM FILES\SONY\VAIO POWER MANAGEMENT\SPMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES\SONY\VAIO UPDATE 4\VAIOUPDT.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNSCFG.EXE
C:\PROGRA~1\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\WINDOWS\SYSTEM32\WBEM\UNSECAPP.EXE
C:\PROGRAM FILES\SONY\ISB UTILITY\ISBMGR.EXE
C:\PROGRAM FILES\JAVA\JRE1.6.0_06\BIN\JUSCHED.EXE
C:\PROGRAM FILES\GOOGLE\GOOGLE DESKTOP SEARCH\GOOGLEDESKTOP.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
C:\PROGRAM FILES\SONY\MARKETING TOOLS\MARKETINGTOOLS.EXE
C:\PROGRAM FILES\GOOGLE\GOOGLE TALK\GOOGLETALK.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\GROOVEMONITOR.EXE
C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
C:\WINDOWS\BILL106.EXE
C:\PROGRAM FILES\SONY\NETWORK UTILITY\LANUTIL.EXE
C:\WINDOWS\EHOME\EHTRAY.EXE
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE
C:\WINDOWS\EHOME\EHMSAS.EXE
C:\PROGRAM FILES\GOOGLE\GOOGLE DESKTOP SEARCH\GOOGLEDESKTOP.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
C:\PROGRAM FILES\TELEFONICA\BIN\SPRTCMD.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\PROGRA~1\MCAFEE\VIRUSS~1\MCVSSHLD.EXE
C:\USERS\JORDI\DESKTOP\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.2.254 (0)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 95.143.192.205 u07012010u.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [userinit] C:\Users\Jordi\AppData\Roaming\sdra64.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [Telefonica] "C:\Program Files\Telefonica\bin\StartCmd.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sysfbtray] C:\Windows\bill106.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - Global Startup: MBCameraMonitor.lnk
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\NLAAPI.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\NAPINSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
O10 - Unknown file in Winsock LSP: C:\PROGRAM FILES\BONJOUR\MDNSNSP.DLL
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_06) -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.6.0_06) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_06) -
O18 - Protocol hijack: about - (no CLSID) - (no file)
O18 - Protocol hijack: dvd - (no CLSID) - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol hijack: its - (no CLSID) - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol hijack: mhtml - (no CLSID) - (no file)
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol hijack: ms-its - (no CLSID) - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol hijack: tv - (no CLSID) - (no file)
O18 - Protocol hijack: vbscript - (no CLSID) - (no file)
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - AppInit_DLLs: aFbmYAldg.dll
O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL (file missing)
O20 - Winlogon Notify: VESWINLOGON - VESWINLOGON.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll
Información Adicional:
----------------------
ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Groove GFS Stub Execution Hook - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
Clave "HKLM\...\Image File Execution Options\IEInstal.exe"
"Debugger"="NULL1"
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: McAfee Application Installer Cleanup (0317191269386440) (0317191269386440mcinstcleanup) - Unknown owner - C:\Users\Jordi\AppData\Local\Temp\031719~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Servicio Google Update (gupdate1c9906cebbf4ba0) (gupdate1c9906cebbf4ba0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
**O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: mdmxsdk - Conexant - C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys
*O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: regi - InterVideo - C:\WINDOWS\SYSTEM32\drivers\regi.sys
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: rimsptsk - REDC - C:\WINDOWS\SYSTEM32\DRIVERS\rimsptsk.sys
O23 - Service: risdptsk - REDC - C:\WINDOWS\SYSTEM32\DRIVERS\risdptsk.sys
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: SupportSoft Sprocket Service (Telefonica) (sprtsvc_Telefonica) - SupportSoft, Inc. - C:\Program Files\Telefonica\bin\sprtsvc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: webserver - Unknown owner - C:\Program Files\webserver\webserver.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudio - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\xaudio.sys
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Atheros Extensible Wireless LAN device driver (athr) - Atheros Communications, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\athr.sys
O23 - Service: atikmdag - ATI Technologies Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\atikmdag.sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltlo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\brfiltup.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brusbser.sys
O23 - Service: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\E1G60I32.sys
O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys
O23 - Service: Administrador de Google Desktop 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: HSFHWAZL - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTAZL3.SYS
O23 - Service: HSF_DPV - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSX_DPV.sys
O23 - Service: HSXHWAZL - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSXHWAZL.sys
O23 - Service: igfx - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd32.sys (file missing)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys
O23 - Service: IP in IP Tunnel Driver (IpInIp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys (file missing)
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
**O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Inc. mfeavfk (mfeavfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfeavfk.sys
O23 - Service: McAfee Inc. mfebopk (mfebopk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfebopk.sys
O23 - Service: McAfee Inc. mferkdk (mferkdk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mferkdk.sys
O23 - Service: McAfee Inc. mfesmfk (mfesmfk) - McAfee, Inc. - C:\WINDOWS\SYSTEM32\drivers\mfesmfk.sys
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec /V (file missing)
O23 - Service: Controlador del adaptador Intel(R) Wireless WiFi Link para Windows Vista de 32 bits (NETw5v32) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\NETw5v32.sys
O23 - Service: IPX Traffic Filter Driver (NwlnkFlt) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkflt.sys (file missing)
O23 - Service: IPX Traffic Forwarder Driver (NwlnkFwd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkfwd.sys (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony Firmware Extension Parser (SFEP) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SFEP.sys
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: Synaptics TouchPad Driver (SynTP) - Synaptics, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys
O23 - Service: Apple Mobile USB Driver (USBAAPL) - Apple, Inc. - C:\WINDOWS\SYSTEM32\Drivers\usbaapl.sys
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: winachsf - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\HSX_CNXT.sys
O23 - Service: NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller (yukonwlh) - Marvell - C:\WINDOWS\SYSTEM32\DRIVERS\yk60x86.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys
O23 - Service: adpu160m - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu160m.sys
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys
O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\djsvs.sys
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brserwdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\system32\drivers\brusbmdm.sys
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys
O23 - Service: HpCISSs - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\hpcisss.sys
O23 - Service: Intel RAID Controller Vista (iaStorV) - Intel Corporation - C:\WINDOWS\system32\drivers\iastorv.sys
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys
O23 - Service: ITEATAPI_Service_Install (iteatapi) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteatapi.sys
O23 - Service: ITERAID_Service_Install (iteraid) - Integrated Technology Express, Inc. - C:\WINDOWS\system32\drivers\iteraid.sys
O23 - Service: LSI_FC - LSI Logic - C:\WINDOWS\system32\drivers\lsi_fc.sys
O23 - Service: LSI_SAS - LSI Logic - C:\WINDOWS\system32\drivers\lsi_sas.sys
O23 - Service: LSI_SCSI - LSI Logic - C:\WINDOWS\system32\drivers\lsi_scsi.sys
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\megasr.sys
O23 - Service: Mraid35x - LSI Logic Corporation - C:\WINDOWS\system32\drivers\mraid35x.sys
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys
O23 - Service: N-trig HID Tablet Driver (ntrigdigi) - N-trig Innovative Technologies - C:\WINDOWS\system32\drivers\ntrigdigi.sys
O23 - Service: NVIDIA nForce RAID Driver (nvraid) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys
O23 - Service: QLogic Fibre Channel Miniport Driver (ql2300) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys
O23 - Service: QLogic iSCSI Miniport Driver (ql40xx) - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys
O23 - Service: Symc8xx - LSI Logic - C:\WINDOWS\system32\drivers\symc8xx.sys
O23 - Service: Sym_hi - LSI Logic - C:\WINDOWS\system32\drivers\sym_hi.sys
O23 - Service: Sym_u3 - LSI Logic - C:\WINDOWS\system32\drivers\sym_u3.sys
O23 - Service: Conexant Setup API (UIUSys) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\UIUSYS.SYS (file missing)
O23 - Service: uliahci - ULi Electronics Inc. - C:\WINDOWS\system32\drivers\uliahci.sys
O23 - Service: UlSata - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata.sys
O23 - Service: ulsata2 - Promise Technology, Inc. - C:\WINDOWS\system32\drivers\ulsata2.sys
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys
114 Servicios.
33 de Carga Automatica.
41 de Carga Manual.
40 Deshabilitados.
Mientras os escribia este post, varias veces me ha aparecido una ventana emergente (en el pc) sobre que tengo que actualizar el antivirus y no es de Macfee, se trata del virus protector ese, pero en ventana emergente.
En fin, que gracias mil si me podeis ayudar a limpiar el portatil de mi señora...
Saludos
msc hotline sat Virus Research Engineer 