Espero que pueden darme una mano. Muchas gracias!
Virus en mis navegadores de internet
Virus en mis navegadores de internet
Hola gente, tengo el siguiente problema, hace poco en la facu me pidieron que descargue un compilador gratuito que se llama pascal, y al descargarlo se instaló automáticamente en mi computadora una barra de herramientas llamada babylon que no sé cómo sacar. Además, ahora cada vez que quiero abrir por ejemplo un resultado de google [u]se me abren páginas con contenido pornográfico y no sé cómo solucionarlo. [/u]
Espero que pueden darme una mano. Muchas gracias!
Espero que pueden darme una mano. Muchas gracias!
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Virus en mis navegadores de internet
Probar el ELISTARA y postearnos el informe resultante:
Y si en el informe no se detectara nada ni pidiera muestra para analizar, proceder
con el SPROCES :
lo analizaremos e informaremos al respecto.
saludos
ms, 20-3-2012
[quote="para DESCARGAR el ELISTARA, msc"]http://www.zonavirus.com/descargas/descargar-elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el
resultado
del proceso[/quote]
Y si en el informe no se detectara nada ni pidiera muestra para analizar, proceder
con el SPROCES :
[quote="msc"][b]SPROCES.EXE(herramienta de investigación) [/b] http://www.zonavirus.com/descargas/descargar-sproces.asp
Y tras pulsar en SALIR, postearnos el contenido del C:\SPROCLOG.TXT[/quote]
lo analizaremos e informaremos al respecto.
saludos
ms, 20-3-2012
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Virus en mis navegadores de internet
Los informes son los siguientes:
[b]INFOSAT[/b]
(20-12-2011 14:23:46 (GMT))
EliStartPage v24.48 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 19 de Diciembre del 2011)
--------------------------------------------------
Usuario: federico
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1003
Lista de Acciones (por Acción Directa):
Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB36551$"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(20-12-2011 14:24:05 (GMT))
EliStartPage v24.48 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 19 de Diciembre del 2011)
--------------------------------------------------
Usuario: Franco
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1006
Lista de Acciones (por Acción Directa):
Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB36551$"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(20-12-2011 14:36:32 (GMT))
EliStartPage v24.48 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 19 de Diciembre del 2011)
--------------------------------------------------
Usuario: Franco
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1006
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 19865
Nº Total de Ficheros: 142810
Nº de Ficheros Analizados: 29023
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(20-12-2011 14:37:33 (GMT))
EliStartPage v24.48 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 19 de Diciembre del 2011)
(31-12-2011 21:06:44 (GMT))
EliSirefef v1.29 (c)2011 S.G.H. / Satinfo S.L.
----------------------------------------
Lista de Acciones (por Acción Directa):
Detectado Sirefef(RootKit)
Reinicie el Sistema para Completar la Limpieza.
(31-12-2011 21:17:53 (GMT))
EliSirefef v1.29 (c)2011 S.G.H. / Satinfo S.L.
----------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys --> Eliminado Sirefef.C(sys)
Nº Total de Directorios: 19890
Nº Total de Ficheros: 137267
Nº de Ficheros Analizados: 1758
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
(20-3-2012 21:41:53 (GMT))
EliStartPage v25.13 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 20 de Marzo del 2012)
--------------------------------------------------
Usuario: federico
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1003
Lista de Acciones (por Acción Directa):
Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB36551$"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(20-3-2012 21:42:37 (GMT))
EliStartPage v25.13 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 20 de Marzo del 2012)
--------------------------------------------------
Usuario: Franco
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1006
Lista de Acciones (por Acción Directa):
Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB36551$"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(20-3-2012 21:52:03 (GMT))
EliStartPage v25.13 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 20 de Marzo del 2012)
--------------------------------------------------
Usuario: Franco
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1006
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 23412
Nº Total de Ficheros: 156410
Nº de Ficheros Analizados: 29485
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
[b]SPROCLOG[/b]
(20-3-2012 21:54:14 GMT)
SProces v6.1 (c)2012 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Home Premium (v6.1)
Internet Explorer: (v9.0.8112.16421) 0
Equipo: FEDE
Usuario: Franco
Sesión de Usuario: federico
59 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL.1\MSSQL\BINN\SQLSERVR.EXE
C:\PROGRAM FILES\MICROSOFT SQL SERVER\90\SHARED\SQLWRITER.EXE
C:\WINDOWS\SYSTEM32\TODDSRV.EXE
C:\PROGRAM FILES\TOSHIBA\POWER SAVER\TOSCOSRV.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\LSI SOFTMODEM\AGRSMSVC.EXE
C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\CFIWMXSVCS.EXE
C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\CFSVCS.EXE
C:\PROGRAM FILES\TOSHIBA\RSELECT\RSELSVC.EXE
C:\PROGRAM FILES\TOSHIBA\TOSHIBA HDD SSD ALERT\TOSSMARTSRV.EXE
C:\PROGRAM FILES\TOSHIBA\TOSHIBA SERVICE STATION\TMACHINFO.EXE
C:\WINDOWS\SYSTEM32\\\.\GLOBALROOT\SYSTEMROOT\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\WINDOWS\SYSTEM32\IGFXSRVC.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RTHDVCPL.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\PROGRAM FILES\TOSHIBA\UTILITIES\KENOTIFY.EXE
C:\PROGRAM FILES\TOSHIBA\POWER SAVER\TPWRMAIN.EXE
C:\PROGRAM FILES\TOSHIBA\SMOOTHVIEW\SMOOTHVIEW.EXE
C:\PROGRAM FILES\TOSHIBA\FLASHCARDS\TCRDMAIN.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\ARES\ARES.EXE
C:\PROGRAM FILES\TOSHIBA\TOSHIBA HDD SSD ALERT\TOSSENOTIFY.EXE
C:\WINDOWS\SYSTEM32\IGFXEXT.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\NDSTRAY.EXE
C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\CFSWMGR.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\USERS\FRANCO\DESKTOP\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'federico')
R0 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKCU\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO (User 'federico')
O4 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'federico')
O4 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User 'federico')
O4 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\..\RunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin (User 'federico')
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [ReEXEc] C:\Users\Franco\Desktop\EliStarA.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 (User 'federico')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html (User 'federico')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Franco\Desktop\PartyPoker.lnk (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_29) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} (Java Plug-in 1.6.0_29) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_29) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
Carpeta: "C:\WINDOWS\$NtUninstallKB36551$" con atributo "Junction Point" (Posible Sirefef)
WinSys\Drivers\adp94xx.sys (de 422976 bytes) ()
WinSys\Drivers\bxvbdx.sys (de 430080 bytes) ()
WinSys\Drivers\dxgkrnl.sys (de 728448 bytes) ()
WinSys\Drivers\elxstor.sys (de 453712 bytes) ()
WinSys\Drivers\http.sys (de 513536 bytes) ()
WinSys\Drivers\ndis.sys (de 712576 bytes) ()
WinSys\Drivers\PEAuth.sys (de 586752 bytes) ()
WinSys\Drivers\rtl8192se.sys (de 859136 bytes) ()
WinSys\Drivers\spsys.sys (de 405504 bytes) ()
WinSys\Drivers\Wdf01000.sys (de 445008 bytes) ()
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: SNP2UVC (aic78u2) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\REVO.dll
O23 - Service: RIOUNIV (BCMTPM) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\L8042Kbd.dll
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: Networkx (citrixxteserver) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\aclient.dll
O23 - Service: DFUBTUSB (cmudau) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\ultra66.dll
O23 - Service: Nwrdr (comhost) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\AIRPLUS.dll
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Smwdm (DeviceScanner) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\usr11g.dll
O23 - Service: Digirefresh (dntus26) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\zpsc.dll
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Belgium_id_card_service (gbpoll) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\VHidMinidrv.dll
O23 - Service: Servicio de actualización de Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Zumbus (hcwPVRP2) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\V0070VID.dll
O23 - Service: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\lltdio.sys
O23 - Service: @%systemroot%\system32\drivers\luafv.sys,-100 (luafv) - Unknown owner - C:\WINDOWS\system32\drivers\luafv.sys
O23 - Service: Pimsgss (lvupdtio) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\WmiAcpi.dll
O23 - Service: Sbiesvc (mfesmfk) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\KMW_KBD.dll
O23 - Service: Avcgbdr (MSICPL) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\s116mdfl.dll
O23 - Service: Parvdm - Unknown owner - C:\WINDOWS\system32\DRIVERS\parvdm.sys
O23 - Service: S7oppilx (Pcatip) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\ovepstatusengine.dll
O23 - Service: PEAUTH - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\peauth.sys
O23 - Service: SE2Emgmt (pnrouter) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\k750obex.dll
O23 - Service: Usbvm321 (prepdrvr) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\tversitymediaserver.dll
O23 - Service: Pnarp (rp32service) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\vaiomediaplatform-integratedserver-http.dll
O23 - Service: TOSHIBA Modem region select service (RSELSVC) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe
O23 - Service: Link-Layer Topology Discovery Responder (rspndr) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rspndr.sys
O23 - Service: Tb2launch (scarddrv) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\pcampr5.dll
O23 - Service: 3compxe (sfrem01) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\om518p.dll
O23 - Service: USBVCD (SlNtHal) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\MTsensor.dll
O23 - Service: TCP/IP Registry Compatibility (tcpipreg) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tcpipreg.sys
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: MR97310_USB_DUAL_CAMERA (venturi2) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\apfiltrservice.dll
O23 - Service: Ati (W8335XP) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\btwavdt.dll
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Controladora de host compatible con OHCI 1394 (1394ohci) - Unknown owner - C:\WINDOWS\system32\drivers\1394ohci.sys
O23 - Service: Controlador de medidor de energía ACPI (AcpiPmi) - Unknown owner - C:\WINDOWS\system32\drivers\acpipmi.sys
O23 - Service: adp94xx - Unknown owner - C:\WINDOWS\system32\DRIVERS\adp94xx.sys
O23 - Service: adpahci - Unknown owner - C:\WINDOWS\system32\DRIVERS\adpahci.sys
O23 - Service: adpu320 - Unknown owner - C:\WINDOWS\system32\DRIVERS\adpu320.sys
O23 - Service: TOSHIBA V.92 Software Modem (AgereSoftModem) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\AGRSM.sys
O23 - Service: Filtro de bus Intel AGP (agp440) - Unknown owner - C:\WINDOWS\system32\drivers\agp440.sys
O23 - Service: aic78xx - Unknown owner - C:\WINDOWS\system32\DRIVERS\djsvs.sys
O23 - Service: aliide - Unknown owner - C:\WINDOWS\system32\drivers\aliide.sys
O23 - Service: Controlador de filtro de bus AMD AGP (amdagp) - Unknown owner - C:\WINDOWS\system32\drivers\amdagp.sys
O23 - Service: amdide - Unknown owner - C:\WINDOWS\system32\drivers\amdide.sys
O23 - Service: AMD K8 Processor Driver (AmdK8) - Unknown owner - C:\WINDOWS\system32\DRIVERS\amdk8.sys
O23 - Service: AMD Processor Driver (AmdPPM) - Unknown owner - C:\WINDOWS\system32\DRIVERS\amdppm.sys
O23 - Service: amdsata - Unknown owner - C:\WINDOWS\system32\drivers\amdsata.sys
O23 - Service: amdsbs - Unknown owner - C:\WINDOWS\system32\DRIVERS\amdsbs.sys
O23 - Service: @%systemroot%\system32\appidsvc.dll,-102 (AppID) - Unknown owner - C:\WINDOWS\system32\drivers\appid.sys
O23 - Service: arc - Unknown owner - C:\WINDOWS\system32\DRIVERS\arc.sys
O23 - Service: arcsas - Unknown owner - C:\WINDOWS\system32\DRIVERS\arcsas.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32000 (AsyncMac) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\asyncmac.sys
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Unknown owner - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys
*O23 - Service: @%systemroot%\system32\browser.dll,-102 (bowser) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\bowser.sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Unknown owner - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Unknown owner - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Unknown owner - C:\WINDOWS\System32\Drivers\Brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Unknown owner - C:\WINDOWS\System32\Drivers\BrSerWdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Unknown owner - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Unknown owner - C:\WINDOWS\System32\Drivers\BrUsbSer.sys
O23 - Service: Bluetooth Serial Communications Driver (BTHMODEM) - Unknown owner - C:\WINDOWS\system32\DRIVERS\bthmodem.sys
O23 - Service: Consumer IR Devices (circlass) - Unknown owner - C:\WINDOWS\system32\DRIVERS\circlass.sys
O23 - Service: Microsoft ACPI Control Method Battery Driver (CmBatt) - Unknown owner - C:\WINDOWS\system32\DRIVERS\CmBatt.sys
O23 - Service: cmdide - Unknown owner - C:\WINDOWS\system32\drivers\cmdide.sys
O23 - Service: Controlador de enumerador de bus compuesto (CompositeBus) - Unknown owner - C:\WINDOWS\system32\drivers\CompositeBus.sys
O23 - Service: Microsoft Trusted Audio Drivers (drmkaud) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys
O23 - Service: LDDM Graphics Subsystem (DXGKrnl) - Unknown owner - C:\WINDOWS\System32\drivers\dxgkrnl.sys
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Unknown owner - C:\WINDOWS\system32\DRIVERS\evbdx.sys
O23 - Service: elxstor - Unknown owner - C:\WINDOWS\system32\DRIVERS\elxstor.sys
O23 - Service: Controlador de dispositivo con error de hardware de Microsoft (ErrDev) - Unknown owner - C:\WINDOWS\system32\drivers\errdev.sys
O23 - Service: Floppy Disk Controller Driver (fdc) - Unknown owner - C:\WINDOWS\system32\DRIVERS\fdc.sys
O23 - Service: @%SystemRoot%\system32\drivers\filetrace.sys,-10001 (Filetrace) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\filetrace.sys
O23 - Service: Floppy Disk Driver (flpydisk) - Unknown owner - C:\WINDOWS\system32\DRIVERS\flpydisk.sys
O23 - Service: @%SystemRoot%\system32\drivers\fsdepends.sys,-10001 (FsDepends) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\FsDepends.sys
O23 - Service: Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms (gagp30kx) - Unknown owner - C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hamachi Network Interface (hamachi) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\hamachi.sys
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Unknown owner - C:\WINDOWS\system32\drivers\hcw85cir.sys
O23 - Service: Controlador de la función Microsoft 1.1 UAA para el servicio High Definition Audio (HdAudAddService) - Unknown owner - C:\WINDOWS\system32\drivers\HdAudio.sys
O23 - Service: Controlador de bus Microsoft UAA para High Definition Audio (HDAudBus) - Unknown owner - C:\WINDOWS\system32\drivers\HDAudBus.sys
O23 - Service: HID UPS Battery Driver (HidBatt) - Unknown owner - C:\WINDOWS\system32\DRIVERS\HidBatt.sys
O23 - Service: Microsoft Bluetooth HID Miniport (HidBth) - Unknown owner - C:\WINDOWS\system32\DRIVERS\hidbth.sys
O23 - Service: Microsoft Infrared HID Driver (HidIr) - Unknown owner - C:\WINDOWS\system32\DRIVERS\hidir.sys
O23 - Service: Controlador de clases HID de Microsoft (HidUsb) - Unknown owner - C:\WINDOWS\system32\drivers\hidusb.sys
O23 - Service: HpSAMD - Unknown owner - C:\WINDOWS\system32\drivers\HpSAMD.sys
O23 - Service: @%SystemRoot%\system32\drivers\http.sys,-1 (HTTP) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\HTTP.sys
O23 - Service: Teclado i8042 y controlador de puerto de mouse PS/2 (i8042prt) - Unknown owner - C:\WINDOWS\system32\drivers\i8042prt.sys
O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Unknown owner - C:\WINDOWS\system32\drivers\iaStorV.sys
O23 - Service: igfx - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd32.sys
O23 - Service: iirsp - Unknown owner - C:\WINDOWS\system32\DRIVERS\iirsp.sys
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys
O23 - Service: Intel(R) High Definition Audio HDMI (IntcHdmiAddService) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\IntcHdmi.sys
O23 - Service: intelide - Unknown owner - C:\WINDOWS\system32\drivers\intelide.sys
O23 - Service: Intel Processor Driver (intelppm) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ipfltdrv.sys
O23 - Service: IPMIDRV - Unknown owner - C:\WINDOWS\system32\drivers\IPMIDrv.sys
*O23 - Service: IP Network Address Translator (IPNAT) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\ipnat.sys
O23 - Service: @%SystemRoot%\system32\drivers\irenum.sys,-100 (IRENUM) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\irenum.sys
O23 - Service: isapnp - Unknown owner - C:\WINDOWS\system32\drivers\isapnp.sys
O23 - Service: Controlador iScsiPort (iScsiPrt) - Unknown owner - C:\WINDOWS\system32\drivers\msiscsi.sys
O23 - Service: Controlador de clase de teclado (kbdclass) - Unknown owner - C:\WINDOWS\system32\drivers\kbdclass.sys
O23 - Service: Controlador HID de teclado (kbdhid) - Unknown owner - C:\WINDOWS\system32\drivers\kbdhid.sys
O23 - Service: LSI_FC - Unknown owner - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys
O23 - Service: LSI_SAS - Unknown owner - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys
O23 - Service: LSI_SAS2 - Unknown owner - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys
O23 - Service: LSI_SCSI - Unknown owner - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys
O23 - Service: megasas - Unknown owner - C:\WINDOWS\system32\DRIVERS\megasas.sys
O23 - Service: MegaSR - Unknown owner - C:\WINDOWS\system32\DRIVERS\MegaSR.sys
O23 - Service: Modem - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\modem.sys
O23 - Service: Microsoft Monitor Class Function Driver Service (monitor) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\monitor.sys
O23 - Service: Controlador de clase de mouse (mouclass) - Unknown owner - C:\WINDOWS\system32\drivers\mouclass.sys
O23 - Service: Controlador HID de mouse (mouhid) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys
O23 - Service: Controlador de bus de múltiples rutas de Microsoft (mpio) - Unknown owner - C:\WINDOWS\system32\drivers\mpio.sys
*O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23092 (mpsdrv) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mpsdrv.sys
O23 - Service: @%systemroot%\system32\webclnt.dll,-104 (MRxDAV) - Unknown owner - C:\WINDOWS\system32\drivers\mrxdav.sys
*O23 - Service: @%systemroot%\system32\wkssvc.dll,-1002 (mrxsmb) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys
*O23 - Service: @%systemroot%\system32\wkssvc.dll,-1004 (mrxsmb10) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb10.sys
*O23 - Service: @%systemroot%\system32\wkssvc.dll,-1006 (mrxsmb20) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb20.sys
O23 - Service: Módulo específico de dispositivo de múltiples rutas de Microsoft (msdsm) - Unknown owner - C:\WINDOWS\system32\drivers\msdsm.sys
O23 - Service: @%SystemRoot%\system32\drivers\mshidkmdf.sys,-100 (mshidkmdf) - Unknown owner - C:\WINDOWS\System32\drivers\mshidkmdf.sys
O23 - Service: Microsoft Streaming Service Proxy (MSKSSRV) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSKSSRV.sys
O23 - Service: Microsoft Streaming Clock Proxy (MSPCLOCK) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPCLOCK.sys
O23 - Service: Microsoft Streaming Quality Manager Proxy (MSPQM) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPQM.sys
O23 - Service: Microsoft Streaming Tee/Sink-to-Sink Converter (MSTEE) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSTEE.sys
O23 - Service: Microsoft Input Configuration Driver (MTConfig) - Unknown owner - C:\WINDOWS\system32\DRIVERS\MTConfig.sys
*O23 - Service: NativeWiFi Filter (NativeWifiP) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwifi.sys
*O23 - Service: NDIS Capture LightWeight Filter (NdisCap) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ndiscap.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ndistapi.sys
*O23 - Service: NDIS Usermode I/O Protocol (Ndisuio) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ndiswan.sys
O23 - Service: nfrd960 - Unknown owner - C:\WINDOWS\system32\DRIVERS\nfrd960.sys
O23 - Service: nvraid - Unknown owner - C:\WINDOWS\system32\drivers\nvraid.sys
O23 - Service: nvstor - Unknown owner - C:\WINDOWS\system32\drivers\nvstor.sys
O23 - Service: Filtro de bus NVIDIA nForce AGP (nv_agp) - Unknown owner - C:\WINDOWS\system32\drivers\nv_agp.sys
O23 - Service: Controladora de host compatible con OHCI 1394 (heredada) (ohci1394) - Unknown owner - C:\WINDOWS\system32\drivers\ohci1394.sys
O23 - Service: Parallel port driver (Parport) - Unknown owner - C:\WINDOWS\system32\DRIVERS\parport.sys
O23 - Service: pcmcia - Unknown owner - C:\WINDOWS\system32\DRIVERS\pcmcia.sys
O23 - Service: Pangu effect driver (PGEffect) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\pgeffect.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32006 (PptpMiniport) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\raspptp.sys
O23 - Service: Processor Driver (Processor) - Unknown owner - C:\WINDOWS\system32\DRIVERS\processr.sys
O23 - Service: ql2300 - Unknown owner - C:\WINDOWS\system32\DRIVERS\ql2300.sys
O23 - Service: ql40xx - Unknown owner - C:\WINDOWS\system32\DRIVERS\ql40xx.sys
O23 - Service: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1 (QWAVEdrv) - Unknown owner - C:\WINDOWS\system32\drivers\qwavedrv.sys
O23 - Service: Remote Access Auto Connection Driver (RasAcd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rasacd.sys
O23 - Service: WAN Miniport (IKEv2) (RasAgileVpn) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\AgileVpn.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32005 (Rasl2tp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rasl2tp.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\raspppoe.sys
O23 - Service: @%systemroot%\system32\sstpsvc.dll,-202 (RasSstp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rassstp.sys
O23 - Service: Remote Desktop Device Redirector Bus Driver (rdpbus) - Unknown owner - C:\WINDOWS\system32\DRIVERS\rdpbus.sys
O23 - Service: RtsUStor.Sys Realtek USB Card Reader (RSUSBSTOR) - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\RtsUStor.sys (file missing)
O23 - Service: Realtek 8167 NT Driver (RTL8167) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\Rt86win7.sys
O23 - Service: Realtek Wireless LAN 802.11n PCI-E NIC NT Driver (rtl8192se) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rtl8192se.sys
O23 - Service: Realtek IR Driver (RtsUIR) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\Rts516xIR.sys (file missing)
O23 - Service: Controlador de bus de transporte/protocolo SBP-2 (sbp2port) - Unknown owner - C:\WINDOWS\system32\drivers\sbp2port.sys
O23 - Service: @%SystemRoot%\System32\drivers\scfilter.sys,-11 (scfilter) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\scfilter.sys
O23 - Service: Serenum Filter Driver (Serenum) - Unknown owner - C:\WINDOWS\system32\DRIVERS\serenum.sys
O23 - Service: Serial Port Driver (Serial) - Unknown owner - C:\WINDOWS\system32\DRIVERS\serial.sys
**O23 - Service: Serial Mouse Driver (sermouse) - Unknown owner - C:\WINDOWS\system32\DRIVERS\sermouse.sys
O23 - Service: Controlador de clase de almacenamiento SFF (sffdisk) - Unknown owner - C:\WINDOWS\system32\drivers\sffdisk.sys
O23 - Service: Controlador de protocolo de almacenamiento SFF para MMC (sffp_mmc) - Unknown owner - C:\WINDOWS\system32\drivers\sffp_mmc.sys
O23 - Service: Controlador de protocolo de almacenamiento SFF para SDBus (sffp_sd) - Unknown owner - C:\WINDOWS\system32\drivers\sffp_sd.sys
O23 - Service: High-Capacity Floppy Disk Drive (sfloppy) - Unknown owner - C:\WINDOWS\system32\DRIVERS\sfloppy.sys
O23 - Service: Filtro de bus SIS AGP (sisagp) - Unknown owner - C:\WINDOWS\system32\drivers\sisagp.sys
O23 - Service: SiSRaid2 - Unknown owner - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys
O23 - Service: SiSRaid4 - Unknown owner - C:\WINDOWS\system32\DRIVERS\sisraid4.sys
O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\smb.sys
O23 - Service: @%systemroot%\system32\srvsvc.dll,-102 (srv) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\srv.sys
O23 - Service: @%systemroot%\system32\srvsvc.dll,-104 (srv2) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\srv2.sys
O23 - Service: srvnet - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\srvnet.sys
O23 - Service: stexstor - Unknown owner - C:\WINDOWS\system32\DRIVERS\stexstor.sys
O23 - Service: Controlador del bus de software (swenum) - Unknown owner - C:\WINDOWS\system32\drivers\swenum.sys
O23 - Service: Synaptics TouchPad Driver (SynTP) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys
O23 - Service: Microsoft IPv6 Protocol Driver (TCPIP6) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys
O23 - Service: TOSHIBA Writing Engine Filter Driver (tdcmdpst) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\tdcmdpst.sys
O23 - Service: TDPIPE - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tdpipe.sys
O23 - Service: TDTCP - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tdtcp.sys
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101 (tssecsrv) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\tssecsrv.sys
O23 - Service: @%SystemRoot%\system32\drivers\tsusbflt.sys,-1 (TsUsbFlt) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tsusbflt.sys
O23 - Service: Controlador de adaptador de minipuerto de túnel de Microsoft (tunnel) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\tunnel.sys
O23 - Service: Microsoft AGPv3.5 Filter (uagp35) - Unknown owner - C:\WINDOWS\system32\DRIVERS\uagp35.sys
O23 - Service: Filtro de bus Uli AGP (uliagpkx) - Unknown owner - C:\WINDOWS\system32\drivers\uliagpkx.sys
O23 - Service: Controlador de enumerador de UMBus (umbus) - Unknown owner - C:\WINDOWS\system32\drivers\umbus.sys
O23 - Service: Microsoft UMPass Driver (UmPass) - Unknown owner - C:\WINDOWS\system32\DRIVERS\umpass.sys
O23 - Service: Controlador primario genérico USB de Microsoft (usbccgp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
O23 - Service: Realtek Smartcard Reader Driver (USBCCID) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\RtsUCcid.sys (file missing)
O23 - Service: Receptor de infrarrojos de eHome (USBCIR) (usbcir) - Unknown owner - C:\WINDOWS\system32\drivers\usbcir.sys
O23 - Service: Controlador de minipuerto de la controladora mejorada USB 2.0 de Microsoft (usbehci) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\usbehci.sys
O23 - Service: Controlador de concentrador estándar USB de Microsoft (usbhub) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\usbhub.sys
O23 - Service: Controlador de minipuerto de la controladora de host abierto USB de Microsoft (usbohci) - Unknown owner - C:\WINDOWS\system32\drivers\usbohci.sys
O23 - Service: Microsoft USB PRINTER Class (usbprint) - Unknown owner - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O23 - Service: Controlador de dispositivo de almacenamiento USB (USBSTOR) - Unknown owner - C:\WINDOWS\system32\drivers\USBSTOR.SYS
O23 - Service: Controlador de minipuerto de la controladora de host universal USB de Microsoft (usbuhci) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\usbuhci.sys
O23 - Service: Dispositivo de vídeo USB (WDM) (usbvideo) - Unknown owner - C:\WINDOWS\System32\Drivers\usbvideo.sys
**O23 - Service: vga - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vgapnp.sys
O23 - Service: vhdmp - Unknown owner - C:\WINDOWS\system32\drivers\vhdmp.sys
O23 - Service: Filtro de bus VIA AGP (viaagp) - Unknown owner - C:\WINDOWS\system32\drivers\viaagp.sys
O23 - Service: VIA C7 Processor Driver (ViaC7) - Unknown owner - C:\WINDOWS\system32\DRIVERS\viac7.sys
O23 - Service: viaide - Unknown owner - C:\WINDOWS\system32\drivers\viaide.sys
O23 - Service: vsmraid - Unknown owner - C:\WINDOWS\system32\DRIVERS\vsmraid.sys
O23 - Service: Virtual WiFi Bus Driver (vwifibus) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vwifibus.sys
O23 - Service: Wacom Serial Pen HID Driver (WacomPen) - Unknown owner - C:\WINDOWS\system32\DRIVERS\wacompen.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32011 (WANARP) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\wanarp.sys
O23 - Service: Wd - Unknown owner - C:\WINDOWS\system32\DRIVERS\wd.sys
O23 - Service: WIMMount - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\wimmount.sys
O23 - Service: WinUsb - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\WinUsb.sys
O23 - Service: Microsoft Windows Management Interface for ACPI (WmiAcpi) - Unknown owner - C:\WINDOWS\system32\drivers\wmiacpi.sys
**O23 - Service: User Mode Driver Frameworks Platform Driver (WudfPf) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\WudfPf.sys
**O23 - Service: WUDFRd - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\WUDFRd.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: avgntflt - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys (file missing)
O23 - Service: CD/DVD File System Reader (cdfs) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\cdfs.sys
O23 - Service: Crcdisk Filter Driver (crcdisk) - Unknown owner - C:\WINDOWS\system32\DRIVERS\crcdisk.sys
O23 - Service: udfs - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\udfs.sys
O23 - Service: @%systemroot%\System32\drivers\ws2ifsl.sys,-1000 (ws2ifsl) - Unknown owner - C:\WINDOWS\system32\drivers\ws2ifsl.sys
219 Servicios.
36 de Carga Automatica.
178 de Carga Manual.
5 Deshabilitados.
(20-12-2011 14:23:46 (GMT))
EliStartPage v24.48 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 19 de Diciembre del 2011)
--------------------------------------------------
Usuario: federico
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1003
Lista de Acciones (por Acción Directa):
Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB36551$"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(20-12-2011 14:24:05 (GMT))
EliStartPage v24.48 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 19 de Diciembre del 2011)
--------------------------------------------------
Usuario: Franco
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1006
Lista de Acciones (por Acción Directa):
Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB36551$"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(20-12-2011 14:36:32 (GMT))
EliStartPage v24.48 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 19 de Diciembre del 2011)
--------------------------------------------------
Usuario: Franco
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1006
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 19865
Nº Total de Ficheros: 142810
Nº de Ficheros Analizados: 29023
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(20-12-2011 14:37:33 (GMT))
EliStartPage v24.48 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 19 de Diciembre del 2011)
(31-12-2011 21:06:44 (GMT))
EliSirefef v1.29 (c)2011 S.G.H. / Satinfo S.L.
----------------------------------------
Lista de Acciones (por Acción Directa):
Detectado Sirefef(RootKit)
Reinicie el Sistema para Completar la Limpieza.
(31-12-2011 21:17:53 (GMT))
EliSirefef v1.29 (c)2011 S.G.H. / Satinfo S.L.
----------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys --> Eliminado Sirefef.C(sys)
Nº Total de Directorios: 19890
Nº Total de Ficheros: 137267
Nº de Ficheros Analizados: 1758
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
(20-3-2012 21:41:53 (GMT))
EliStartPage v25.13 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 20 de Marzo del 2012)
--------------------------------------------------
Usuario: federico
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1003
Lista de Acciones (por Acción Directa):
Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB36551$"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(20-3-2012 21:42:37 (GMT))
EliStartPage v25.13 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 20 de Marzo del 2012)
--------------------------------------------------
Usuario: Franco
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1006
Lista de Acciones (por Acción Directa):
Detectada Carpeta Posible Sirefef: "C:\WINDOWS\$NtUninstallKB36551$"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(20-3-2012 21:52:03 (GMT))
EliStartPage v25.13 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 20 de Marzo del 2012)
--------------------------------------------------
Usuario: Franco
ID de Usuario: S-1-5-21-2158142030-3450292097-636811717-1006
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 23412
Nº Total de Ficheros: 156410
Nº de Ficheros Analizados: 29485
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(20-3-2012 21:54:14 GMT)
SProces v6.1 (c)2012 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Home Premium (v6.1)
Internet Explorer: (v9.0.8112.16421) 0
Equipo: FEDE
Usuario: Franco
Sesión de Usuario: federico
59 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL.1\MSSQL\BINN\SQLSERVR.EXE
C:\PROGRAM FILES\MICROSOFT SQL SERVER\90\SHARED\SQLWRITER.EXE
C:\WINDOWS\SYSTEM32\TODDSRV.EXE
C:\PROGRAM FILES\TOSHIBA\POWER SAVER\TOSCOSRV.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\LSI SOFTMODEM\AGRSMSVC.EXE
C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\CFIWMXSVCS.EXE
C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\CFSVCS.EXE
C:\PROGRAM FILES\TOSHIBA\RSELECT\RSELSVC.EXE
C:\PROGRAM FILES\TOSHIBA\TOSHIBA HDD SSD ALERT\TOSSMARTSRV.EXE
C:\PROGRAM FILES\TOSHIBA\TOSHIBA SERVICE STATION\TMACHINFO.EXE
C:\WINDOWS\SYSTEM32\\\.\GLOBALROOT\SYSTEMROOT\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\WINDOWS\SYSTEM32\IGFXSRVC.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RTHDVCPL.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\PROGRAM FILES\TOSHIBA\UTILITIES\KENOTIFY.EXE
C:\PROGRAM FILES\TOSHIBA\POWER SAVER\TPWRMAIN.EXE
C:\PROGRAM FILES\TOSHIBA\SMOOTHVIEW\SMOOTHVIEW.EXE
C:\PROGRAM FILES\TOSHIBA\FLASHCARDS\TCRDMAIN.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\ARES\ARES.EXE
C:\PROGRAM FILES\TOSHIBA\TOSHIBA HDD SSD ALERT\TOSSENOTIFY.EXE
C:\WINDOWS\SYSTEM32\IGFXEXT.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\NDSTRAY.EXE
C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\CFSWMGR.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\USERS\FRANCO\DESKTOP\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'federico')
R0 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\Software\Microsoft\Internet Explorer\Main,Search Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKCU\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO (User 'federico')
O4 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'federico')
O4 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User 'federico')
O4 - HKUS\S-1-5-21-2158142030-3450292097-636811717-1003\..\RunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin (User 'federico')
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [ReEXEc] C:\Users\Franco\Desktop\EliStarA.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 (User 'federico')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html (User 'federico')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Franco\Desktop\PartyPoker.lnk (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_29) -
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} (Java Plug-in 1.6.0_29) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_29) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
Información Adicional:
----------------------
Carpeta: "C:\WINDOWS\$NtUninstallKB36551$" con atributo "Junction Point" (Posible Sirefef)
WinSys\Drivers\adp94xx.sys (de 422976 bytes) ()
WinSys\Drivers\bxvbdx.sys (de 430080 bytes) ()
WinSys\Drivers\dxgkrnl.sys (de 728448 bytes) ()
WinSys\Drivers\elxstor.sys (de 453712 bytes) ()
WinSys\Drivers\http.sys (de 513536 bytes) ()
WinSys\Drivers\ndis.sys (de 712576 bytes) ()
WinSys\Drivers\PEAuth.sys (de 586752 bytes) ()
WinSys\Drivers\rtl8192se.sys (de 859136 bytes) ()
WinSys\Drivers\spsys.sys (de 405504 bytes) ()
WinSys\Drivers\Wdf01000.sys (de 445008 bytes) ()
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: SNP2UVC (aic78u2) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\REVO.dll
O23 - Service: RIOUNIV (BCMTPM) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\L8042Kbd.dll
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: Networkx (citrixxteserver) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\aclient.dll
O23 - Service: DFUBTUSB (cmudau) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\ultra66.dll
O23 - Service: Nwrdr (comhost) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\AIRPLUS.dll
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Smwdm (DeviceScanner) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\usr11g.dll
O23 - Service: Digirefresh (dntus26) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\zpsc.dll
**O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted - C:\WINDOWS\SYSTEM32\NULL1 (file missing)
O23 - Service: Belgium_id_card_service (gbpoll) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\VHidMinidrv.dll
O23 - Service: Servicio de actualización de Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Zumbus (hcwPVRP2) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\V0070VID.dll
O23 - Service: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\lltdio.sys
O23 - Service: @%systemroot%\system32\drivers\luafv.sys,-100 (luafv) - Unknown owner - C:\WINDOWS\system32\drivers\luafv.sys
O23 - Service: Pimsgss (lvupdtio) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\WmiAcpi.dll
O23 - Service: Sbiesvc (mfesmfk) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\KMW_KBD.dll
O23 - Service: Avcgbdr (MSICPL) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\s116mdfl.dll
O23 - Service: Parvdm - Unknown owner - C:\WINDOWS\system32\DRIVERS\parvdm.sys
O23 - Service: S7oppilx (Pcatip) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\ovepstatusengine.dll
O23 - Service: PEAUTH - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\peauth.sys
O23 - Service: SE2Emgmt (pnrouter) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\k750obex.dll
O23 - Service: Usbvm321 (prepdrvr) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\tversitymediaserver.dll
O23 - Service: Pnarp (rp32service) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\vaiomediaplatform-integratedserver-http.dll
O23 - Service: TOSHIBA Modem region select service (RSELSVC) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe
O23 - Service: Link-Layer Topology Discovery Responder (rspndr) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rspndr.sys
O23 - Service: Tb2launch (scarddrv) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\pcampr5.dll
O23 - Service: 3compxe (sfrem01) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\om518p.dll
O23 - Service: USBVCD (SlNtHal) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\MTsensor.dll
O23 - Service: TCP/IP Registry Compatibility (tcpipreg) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tcpipreg.sys
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: MR97310_USB_DUAL_CAMERA (venturi2) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\apfiltrservice.dll
O23 - Service: Ati (W8335XP) - Iomega - %SystemRoot%\system32\svchost.exe -k netsvcs - C:\WINDOWS\system32\btwavdt.dll
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Controladora de host compatible con OHCI 1394 (1394ohci) - Unknown owner - C:\WINDOWS\system32\drivers\1394ohci.sys
O23 - Service: Controlador de medidor de energía ACPI (AcpiPmi) - Unknown owner - C:\WINDOWS\system32\drivers\acpipmi.sys
O23 - Service: adp94xx - Unknown owner - C:\WINDOWS\system32\DRIVERS\adp94xx.sys
O23 - Service: adpahci - Unknown owner - C:\WINDOWS\system32\DRIVERS\adpahci.sys
O23 - Service: adpu320 - Unknown owner - C:\WINDOWS\system32\DRIVERS\adpu320.sys
O23 - Service: TOSHIBA V.92 Software Modem (AgereSoftModem) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\AGRSM.sys
O23 - Service: Filtro de bus Intel AGP (agp440) - Unknown owner - C:\WINDOWS\system32\drivers\agp440.sys
O23 - Service: aic78xx - Unknown owner - C:\WINDOWS\system32\DRIVERS\djsvs.sys
O23 - Service: aliide - Unknown owner - C:\WINDOWS\system32\drivers\aliide.sys
O23 - Service: Controlador de filtro de bus AMD AGP (amdagp) - Unknown owner - C:\WINDOWS\system32\drivers\amdagp.sys
O23 - Service: amdide - Unknown owner - C:\WINDOWS\system32\drivers\amdide.sys
O23 - Service: AMD K8 Processor Driver (AmdK8) - Unknown owner - C:\WINDOWS\system32\DRIVERS\amdk8.sys
O23 - Service: AMD Processor Driver (AmdPPM) - Unknown owner - C:\WINDOWS\system32\DRIVERS\amdppm.sys
O23 - Service: amdsata - Unknown owner - C:\WINDOWS\system32\drivers\amdsata.sys
O23 - Service: amdsbs - Unknown owner - C:\WINDOWS\system32\DRIVERS\amdsbs.sys
O23 - Service: @%systemroot%\system32\appidsvc.dll,-102 (AppID) - Unknown owner - C:\WINDOWS\system32\drivers\appid.sys
O23 - Service: arc - Unknown owner - C:\WINDOWS\system32\DRIVERS\arc.sys
O23 - Service: arcsas - Unknown owner - C:\WINDOWS\system32\DRIVERS\arcsas.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32000 (AsyncMac) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\asyncmac.sys
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Unknown owner - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys
*O23 - Service: @%systemroot%\system32\browser.dll,-102 (bowser) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\bowser.sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Unknown owner - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Unknown owner - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Unknown owner - C:\WINDOWS\System32\Drivers\Brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - Unknown owner - C:\WINDOWS\System32\Drivers\BrSerWdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Unknown owner - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Unknown owner - C:\WINDOWS\System32\Drivers\BrUsbSer.sys
O23 - Service: Bluetooth Serial Communications Driver (BTHMODEM) - Unknown owner - C:\WINDOWS\system32\DRIVERS\bthmodem.sys
O23 - Service: Consumer IR Devices (circlass) - Unknown owner - C:\WINDOWS\system32\DRIVERS\circlass.sys
O23 - Service: Microsoft ACPI Control Method Battery Driver (CmBatt) - Unknown owner - C:\WINDOWS\system32\DRIVERS\CmBatt.sys
O23 - Service: cmdide - Unknown owner - C:\WINDOWS\system32\drivers\cmdide.sys
O23 - Service: Controlador de enumerador de bus compuesto (CompositeBus) - Unknown owner - C:\WINDOWS\system32\drivers\CompositeBus.sys
O23 - Service: Microsoft Trusted Audio Drivers (drmkaud) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys
O23 - Service: LDDM Graphics Subsystem (DXGKrnl) - Unknown owner - C:\WINDOWS\System32\drivers\dxgkrnl.sys
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Unknown owner - C:\WINDOWS\system32\DRIVERS\evbdx.sys
O23 - Service: elxstor - Unknown owner - C:\WINDOWS\system32\DRIVERS\elxstor.sys
O23 - Service: Controlador de dispositivo con error de hardware de Microsoft (ErrDev) - Unknown owner - C:\WINDOWS\system32\drivers\errdev.sys
O23 - Service: Floppy Disk Controller Driver (fdc) - Unknown owner - C:\WINDOWS\system32\DRIVERS\fdc.sys
O23 - Service: @%SystemRoot%\system32\drivers\filetrace.sys,-10001 (Filetrace) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\filetrace.sys
O23 - Service: Floppy Disk Driver (flpydisk) - Unknown owner - C:\WINDOWS\system32\DRIVERS\flpydisk.sys
O23 - Service: @%SystemRoot%\system32\drivers\fsdepends.sys,-10001 (FsDepends) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\FsDepends.sys
O23 - Service: Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms (gagp30kx) - Unknown owner - C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hamachi Network Interface (hamachi) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\hamachi.sys
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Unknown owner - C:\WINDOWS\system32\drivers\hcw85cir.sys
O23 - Service: Controlador de la función Microsoft 1.1 UAA para el servicio High Definition Audio (HdAudAddService) - Unknown owner - C:\WINDOWS\system32\drivers\HdAudio.sys
O23 - Service: Controlador de bus Microsoft UAA para High Definition Audio (HDAudBus) - Unknown owner - C:\WINDOWS\system32\drivers\HDAudBus.sys
O23 - Service: HID UPS Battery Driver (HidBatt) - Unknown owner - C:\WINDOWS\system32\DRIVERS\HidBatt.sys
O23 - Service: Microsoft Bluetooth HID Miniport (HidBth) - Unknown owner - C:\WINDOWS\system32\DRIVERS\hidbth.sys
O23 - Service: Microsoft Infrared HID Driver (HidIr) - Unknown owner - C:\WINDOWS\system32\DRIVERS\hidir.sys
O23 - Service: Controlador de clases HID de Microsoft (HidUsb) - Unknown owner - C:\WINDOWS\system32\drivers\hidusb.sys
O23 - Service: HpSAMD - Unknown owner - C:\WINDOWS\system32\drivers\HpSAMD.sys
O23 - Service: @%SystemRoot%\system32\drivers\http.sys,-1 (HTTP) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\HTTP.sys
O23 - Service: Teclado i8042 y controlador de puerto de mouse PS/2 (i8042prt) - Unknown owner - C:\WINDOWS\system32\drivers\i8042prt.sys
O23 - Service: Controladora RAID de Intel para Windows 7 (iaStorV) - Unknown owner - C:\WINDOWS\system32\drivers\iaStorV.sys
O23 - Service: igfx - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd32.sys
O23 - Service: iirsp - Unknown owner - C:\WINDOWS\system32\DRIVERS\iirsp.sys
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\RTKVHDA.sys
O23 - Service: Intel(R) High Definition Audio HDMI (IntcHdmiAddService) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\IntcHdmi.sys
O23 - Service: intelide - Unknown owner - C:\WINDOWS\system32\drivers\intelide.sys
O23 - Service: Intel Processor Driver (intelppm) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ipfltdrv.sys
O23 - Service: IPMIDRV - Unknown owner - C:\WINDOWS\system32\drivers\IPMIDrv.sys
*O23 - Service: IP Network Address Translator (IPNAT) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\ipnat.sys
O23 - Service: @%SystemRoot%\system32\drivers\irenum.sys,-100 (IRENUM) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\irenum.sys
O23 - Service: isapnp - Unknown owner - C:\WINDOWS\system32\drivers\isapnp.sys
O23 - Service: Controlador iScsiPort (iScsiPrt) - Unknown owner - C:\WINDOWS\system32\drivers\msiscsi.sys
O23 - Service: Controlador de clase de teclado (kbdclass) - Unknown owner - C:\WINDOWS\system32\drivers\kbdclass.sys
O23 - Service: Controlador HID de teclado (kbdhid) - Unknown owner - C:\WINDOWS\system32\drivers\kbdhid.sys
O23 - Service: LSI_FC - Unknown owner - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys
O23 - Service: LSI_SAS - Unknown owner - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys
O23 - Service: LSI_SAS2 - Unknown owner - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys
O23 - Service: LSI_SCSI - Unknown owner - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys
O23 - Service: megasas - Unknown owner - C:\WINDOWS\system32\DRIVERS\megasas.sys
O23 - Service: MegaSR - Unknown owner - C:\WINDOWS\system32\DRIVERS\MegaSR.sys
O23 - Service: Modem - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\modem.sys
O23 - Service: Microsoft Monitor Class Function Driver Service (monitor) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\monitor.sys
O23 - Service: Controlador de clase de mouse (mouclass) - Unknown owner - C:\WINDOWS\system32\drivers\mouclass.sys
O23 - Service: Controlador HID de mouse (mouhid) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys
O23 - Service: Controlador de bus de múltiples rutas de Microsoft (mpio) - Unknown owner - C:\WINDOWS\system32\drivers\mpio.sys
*O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23092 (mpsdrv) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\mpsdrv.sys
O23 - Service: @%systemroot%\system32\webclnt.dll,-104 (MRxDAV) - Unknown owner - C:\WINDOWS\system32\drivers\mrxdav.sys
*O23 - Service: @%systemroot%\system32\wkssvc.dll,-1002 (mrxsmb) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys
*O23 - Service: @%systemroot%\system32\wkssvc.dll,-1004 (mrxsmb10) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb10.sys
*O23 - Service: @%systemroot%\system32\wkssvc.dll,-1006 (mrxsmb20) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb20.sys
O23 - Service: Módulo específico de dispositivo de múltiples rutas de Microsoft (msdsm) - Unknown owner - C:\WINDOWS\system32\drivers\msdsm.sys
O23 - Service: @%SystemRoot%\system32\drivers\mshidkmdf.sys,-100 (mshidkmdf) - Unknown owner - C:\WINDOWS\System32\drivers\mshidkmdf.sys
O23 - Service: Microsoft Streaming Service Proxy (MSKSSRV) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSKSSRV.sys
O23 - Service: Microsoft Streaming Clock Proxy (MSPCLOCK) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPCLOCK.sys
O23 - Service: Microsoft Streaming Quality Manager Proxy (MSPQM) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSPQM.sys
O23 - Service: Microsoft Streaming Tee/Sink-to-Sink Converter (MSTEE) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\MSTEE.sys
O23 - Service: Microsoft Input Configuration Driver (MTConfig) - Unknown owner - C:\WINDOWS\system32\DRIVERS\MTConfig.sys
*O23 - Service: NativeWiFi Filter (NativeWifiP) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\nwifi.sys
*O23 - Service: NDIS Capture LightWeight Filter (NdisCap) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ndiscap.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ndistapi.sys
*O23 - Service: NDIS Usermode I/O Protocol (Ndisuio) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ndiswan.sys
O23 - Service: nfrd960 - Unknown owner - C:\WINDOWS\system32\DRIVERS\nfrd960.sys
O23 - Service: nvraid - Unknown owner - C:\WINDOWS\system32\drivers\nvraid.sys
O23 - Service: nvstor - Unknown owner - C:\WINDOWS\system32\drivers\nvstor.sys
O23 - Service: Filtro de bus NVIDIA nForce AGP (nv_agp) - Unknown owner - C:\WINDOWS\system32\drivers\nv_agp.sys
O23 - Service: Controladora de host compatible con OHCI 1394 (heredada) (ohci1394) - Unknown owner - C:\WINDOWS\system32\drivers\ohci1394.sys
O23 - Service: Parallel port driver (Parport) - Unknown owner - C:\WINDOWS\system32\DRIVERS\parport.sys
O23 - Service: pcmcia - Unknown owner - C:\WINDOWS\system32\DRIVERS\pcmcia.sys
O23 - Service: Pangu effect driver (PGEffect) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\pgeffect.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32006 (PptpMiniport) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\raspptp.sys
O23 - Service: Processor Driver (Processor) - Unknown owner - C:\WINDOWS\system32\DRIVERS\processr.sys
O23 - Service: ql2300 - Unknown owner - C:\WINDOWS\system32\DRIVERS\ql2300.sys
O23 - Service: ql40xx - Unknown owner - C:\WINDOWS\system32\DRIVERS\ql40xx.sys
O23 - Service: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1 (QWAVEdrv) - Unknown owner - C:\WINDOWS\system32\drivers\qwavedrv.sys
O23 - Service: Remote Access Auto Connection Driver (RasAcd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rasacd.sys
O23 - Service: WAN Miniport (IKEv2) (RasAgileVpn) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\AgileVpn.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32005 (Rasl2tp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rasl2tp.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\raspppoe.sys
O23 - Service: @%systemroot%\system32\sstpsvc.dll,-202 (RasSstp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rassstp.sys
O23 - Service: Remote Desktop Device Redirector Bus Driver (rdpbus) - Unknown owner - C:\WINDOWS\system32\DRIVERS\rdpbus.sys
O23 - Service: RtsUStor.Sys Realtek USB Card Reader (RSUSBSTOR) - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\RtsUStor.sys (file missing)
O23 - Service: Realtek 8167 NT Driver (RTL8167) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\Rt86win7.sys
O23 - Service: Realtek Wireless LAN 802.11n PCI-E NIC NT Driver (rtl8192se) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\rtl8192se.sys
O23 - Service: Realtek IR Driver (RtsUIR) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\Rts516xIR.sys (file missing)
O23 - Service: Controlador de bus de transporte/protocolo SBP-2 (sbp2port) - Unknown owner - C:\WINDOWS\system32\drivers\sbp2port.sys
O23 - Service: @%SystemRoot%\System32\drivers\scfilter.sys,-11 (scfilter) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\scfilter.sys
O23 - Service: Serenum Filter Driver (Serenum) - Unknown owner - C:\WINDOWS\system32\DRIVERS\serenum.sys
O23 - Service: Serial Port Driver (Serial) - Unknown owner - C:\WINDOWS\system32\DRIVERS\serial.sys
**O23 - Service: Serial Mouse Driver (sermouse) - Unknown owner - C:\WINDOWS\system32\DRIVERS\sermouse.sys
O23 - Service: Controlador de clase de almacenamiento SFF (sffdisk) - Unknown owner - C:\WINDOWS\system32\drivers\sffdisk.sys
O23 - Service: Controlador de protocolo de almacenamiento SFF para MMC (sffp_mmc) - Unknown owner - C:\WINDOWS\system32\drivers\sffp_mmc.sys
O23 - Service: Controlador de protocolo de almacenamiento SFF para SDBus (sffp_sd) - Unknown owner - C:\WINDOWS\system32\drivers\sffp_sd.sys
O23 - Service: High-Capacity Floppy Disk Drive (sfloppy) - Unknown owner - C:\WINDOWS\system32\DRIVERS\sfloppy.sys
O23 - Service: Filtro de bus SIS AGP (sisagp) - Unknown owner - C:\WINDOWS\system32\drivers\sisagp.sys
O23 - Service: SiSRaid2 - Unknown owner - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys
O23 - Service: SiSRaid4 - Unknown owner - C:\WINDOWS\system32\DRIVERS\sisraid4.sys
O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\smb.sys
O23 - Service: @%systemroot%\system32\srvsvc.dll,-102 (srv) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\srv.sys
O23 - Service: @%systemroot%\system32\srvsvc.dll,-104 (srv2) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\srv2.sys
O23 - Service: srvnet - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\srvnet.sys
O23 - Service: stexstor - Unknown owner - C:\WINDOWS\system32\DRIVERS\stexstor.sys
O23 - Service: Controlador del bus de software (swenum) - Unknown owner - C:\WINDOWS\system32\drivers\swenum.sys
O23 - Service: Synaptics TouchPad Driver (SynTP) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys
O23 - Service: Microsoft IPv6 Protocol Driver (TCPIP6) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys
O23 - Service: TOSHIBA Writing Engine Filter Driver (tdcmdpst) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\tdcmdpst.sys
O23 - Service: TDPIPE - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tdpipe.sys
O23 - Service: TDTCP - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tdtcp.sys
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101 (tssecsrv) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\tssecsrv.sys
O23 - Service: @%SystemRoot%\system32\drivers\tsusbflt.sys,-1 (TsUsbFlt) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\tsusbflt.sys
O23 - Service: Controlador de adaptador de minipuerto de túnel de Microsoft (tunnel) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\tunnel.sys
O23 - Service: Microsoft AGPv3.5 Filter (uagp35) - Unknown owner - C:\WINDOWS\system32\DRIVERS\uagp35.sys
O23 - Service: Filtro de bus Uli AGP (uliagpkx) - Unknown owner - C:\WINDOWS\system32\drivers\uliagpkx.sys
O23 - Service: Controlador de enumerador de UMBus (umbus) - Unknown owner - C:\WINDOWS\system32\drivers\umbus.sys
O23 - Service: Microsoft UMPass Driver (UmPass) - Unknown owner - C:\WINDOWS\system32\DRIVERS\umpass.sys
O23 - Service: Controlador primario genérico USB de Microsoft (usbccgp) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
O23 - Service: Realtek Smartcard Reader Driver (USBCCID) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\RtsUCcid.sys (file missing)
O23 - Service: Receptor de infrarrojos de eHome (USBCIR) (usbcir) - Unknown owner - C:\WINDOWS\system32\drivers\usbcir.sys
O23 - Service: Controlador de minipuerto de la controladora mejorada USB 2.0 de Microsoft (usbehci) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\usbehci.sys
O23 - Service: Controlador de concentrador estándar USB de Microsoft (usbhub) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\usbhub.sys
O23 - Service: Controlador de minipuerto de la controladora de host abierto USB de Microsoft (usbohci) - Unknown owner - C:\WINDOWS\system32\drivers\usbohci.sys
O23 - Service: Microsoft USB PRINTER Class (usbprint) - Unknown owner - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O23 - Service: Controlador de dispositivo de almacenamiento USB (USBSTOR) - Unknown owner - C:\WINDOWS\system32\drivers\USBSTOR.SYS
O23 - Service: Controlador de minipuerto de la controladora de host universal USB de Microsoft (usbuhci) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\usbuhci.sys
O23 - Service: Dispositivo de vídeo USB (WDM) (usbvideo) - Unknown owner - C:\WINDOWS\System32\Drivers\usbvideo.sys
**O23 - Service: vga - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vgapnp.sys
O23 - Service: vhdmp - Unknown owner - C:\WINDOWS\system32\drivers\vhdmp.sys
O23 - Service: Filtro de bus VIA AGP (viaagp) - Unknown owner - C:\WINDOWS\system32\drivers\viaagp.sys
O23 - Service: VIA C7 Processor Driver (ViaC7) - Unknown owner - C:\WINDOWS\system32\DRIVERS\viac7.sys
O23 - Service: viaide - Unknown owner - C:\WINDOWS\system32\drivers\viaide.sys
O23 - Service: vsmraid - Unknown owner - C:\WINDOWS\system32\DRIVERS\vsmraid.sys
O23 - Service: Virtual WiFi Bus Driver (vwifibus) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\vwifibus.sys
O23 - Service: Wacom Serial Pen HID Driver (WacomPen) - Unknown owner - C:\WINDOWS\system32\DRIVERS\wacompen.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32011 (WANARP) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\wanarp.sys
O23 - Service: Wd - Unknown owner - C:\WINDOWS\system32\DRIVERS\wd.sys
O23 - Service: WIMMount - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\wimmount.sys
O23 - Service: WinUsb - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\WinUsb.sys
O23 - Service: Microsoft Windows Management Interface for ACPI (WmiAcpi) - Unknown owner - C:\WINDOWS\system32\drivers\wmiacpi.sys
**O23 - Service: User Mode Driver Frameworks Platform Driver (WudfPf) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\WudfPf.sys
**O23 - Service: WUDFRd - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\WUDFRd.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: avgntflt - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys (file missing)
O23 - Service: CD/DVD File System Reader (cdfs) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\cdfs.sys
O23 - Service: Crcdisk Filter Driver (crcdisk) - Unknown owner - C:\WINDOWS\system32\DRIVERS\crcdisk.sys
O23 - Service: udfs - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\udfs.sys
O23 - Service: @%systemroot%\System32\drivers\ws2ifsl.sys,-1000 (ws2ifsl) - Unknown owner - C:\WINDOWS\system32\drivers\ws2ifsl.sys
219 Servicios.
36 de Carga Automatica.
178 de Carga Manual.
5 Deshabilitados.
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Virus en mis navegadores de internet
Pues tenía el SIREFEF, pero aun no se lo ha quitado totalmente de encima:
Carpeta: "C:\WINDOWS\$NtUninstallKB36551$" con atributo "Junction Point" (Posible Sirefef)
Descargue la ultima version del ELISIREF y siga sus indicaciones (quizas les pedirá reiniciar)
Luego nos postean de nuevo el infosat.txt.
Por cierto, como que vemos que esta vez el SIREFEF ha escogido esta driver tdx.sys para sus propósitos, vea si se lo ha restaurado windows, tras su eliminacion consecuente para eliminar el virus. Si en la carpets C:\windows\system32\drivers\ no estuviera o tuviera 0 bytes, copielo de la misma carpeta de otro ordenador con igual sistema operativo.
Veahttp://www.zonavirus.com/noticias/2012/drivers-usados-por-el-sirefef-y-sus-consecuencias.asp
Aparte, vemos este fichero sospechoso:
C:\WINDOWS\system32\WmiAcpi.dll
Añada .VIR a su extensión y envienoslo para analizar:
Para ello recordar[/b] :
https://foros.zonavirus.com/viewtopic.php?f=5&t=14253
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 21-3-2012
Carpeta: "C:\WINDOWS\$NtUninstallKB36551$" con atributo "Junction Point" (Posible Sirefef)
Descargue la ultima version del ELISIREF y siga sus indicaciones (quizas les pedirá reiniciar)
Luego nos postean de nuevo el infosat.txt.
Por cierto, como que vemos que esta vez el SIREFEF ha escogido esta driver tdx.sys para sus propósitos, vea si se lo ha restaurado windows, tras su eliminacion consecuente para eliminar el virus. Si en la carpets C:\windows\system32\drivers\ no estuviera o tuviera 0 bytes, copielo de la misma carpeta de otro ordenador con igual sistema operativo.
Vea
Aparte, vemos este fichero sospechoso:
C:\WINDOWS\system32\WmiAcpi.dll
Añada .VIR a su extensión y envienoslo para analizar:
Para ello recordar
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 21-3-2012
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online