Volver al Foro de Microsoft Windows

Trojan-Downloader.Bagle

  • kolicha
  • Newbie
  • Newbie
  • Avatar de Usuario
  • Registrado: May 18, 2009
  • Mensajes: 7
  • Status: Offline

Nota Mayo 23rd, 2009, 4:23 am

Hola, yo otra vez. La tarjeta de gráficos fue en mi computadora portátil vieja me obliga a obtener una nueva :( . Compró un HP y estado tratando de eliminar toda la basura que ponen allí. De todos modos, hasta el punto.

Normalmente yo sólo uso AVG por su cuenta, usted debe utilizar sólo 1 anti-virus para evitar que en conflicto correcta? Hago entonces han imunisation uso de Spybot-I y único escáner y Adaware-escáner de uso. Sin embargo, Ive ha pedido a ejecutar 3 series de las exploraciones para mi banca por Internet:

http://www.kaspersky.com/virusscanner
http://support.f-secure.com/enu/home/ols.shtml
http://www.paretologic.com/

Ive que funciona un montón de virus de diferentes exploraciones últimamente, todos (incluidos los de AVG, Adaware y Spybot) son bastante limpio, excepto el último eslabón (paretologic), que identificó un troyano (Trojan.Agent-66914). He cargado el archivo a VirusTotal y tiene el texto siguiente:

http://www.virustotal.com/analisis/7ae9 ... 1243068123

A medida que la herramienta utilizada i wouldnt let me delete it pasé por el virus de la lista total a tratar de encontrar un programa para deinfect mí. Traté bitdefenders escáner en línea (que nunca recibió el correo electrónico para el libre), pero no pudo desinfectar sólo eliminar. Entonces intenté descargar PC Tools Antivirus y escaneado en el directorio que fue en: System32/drivers / y puesto en cuarentena, de nuevo no hay opción para desinfectar simplemente borrar :( . Equipo no parecen haber roto de manera que el archivo no puede ser demasiado importante.

Yo no sé nada acerca de los virus y troyanos, puedo escribir los programas de ser un desarrollador de software en prácticas, pero eso no significa que yo sé nada ;) . Aunque me gustaría ir a la carera de la seguridad informática, pero queda un largo camino para llegar todavía. Así que utilizando poco peligroso de los conocimientos que han corrí regedit y buscó el nombre de archivo: UTIZMTA0 y encontró:

HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Enum \ Root \ LEGACY_UTIZMTA0 con las carpetas y las cosas en él. Las únicas cosas que tengan sentido para mí son:

0000/DeviceDesc REG_SZ AVZ Driver Kernal y
0000/Service REG_SZ utizmta0

Nunca he tenido ninguna experiencia con el registory, yo no sé lo que soy hacerlo, lo he dejado estar.

Im se preocupó sólo de eliminar el archivo no eliminará de forma definitiva y que podría haber otros ejemplares aquí. Cosas que se trata de un nuevo ordenador portátil sin embargo? A menos que ha venido de Ive algo instalado en mi máquina vieja?

Ah, y en la búsqueda de i AVZ Driver Kernal encontrado esto:
http://www.threatexpert.com/report.aspx ... 912de7f3f1

Secuestrar este registro de la siguiente manera:

Código: [ Select ]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:51, on 23/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
 
--
End of file - 8128 bytes
 
  1. Logfile of Trend Micro HijackThis v2.0.2
  2. Scan saved at 12:13:51, on 23/05/2009
  3. Platform: Windows Vista SP1 (WinNT 6.00.1905)
  4. MSIE: Internet Explorer v7.00 (7.00.6001.18226)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\Windows\system32\Dwm.exe
  9. C:\Windows\system32\taskeng.exe
  10. C:\Windows\Explorer.EXE
  11. C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  12. C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  13. C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
  14. C:\Program Files\Java\jre6\bin\jusched.exe
  15. C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
  16. C:\Program Files\AVG\AVG8\avgtray.exe
  17. C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
  18. C:\Windows\ehome\ehtray.exe
  19. C:\Program Files\Skype\Phone\Skype.exe
  20. C:\Windows\ehome\ehmsas.exe
  21. C:\Program Files\Windows Live\Messenger\msnmsgr.exe
  22. C:\Program Files\Skype\Plugin Manager\skypePM.exe
  23. C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  24. C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  25. C:\Program Files\Mozilla Firefox\firefox.exe
  26. C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  27.  
  28. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
  29. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  30. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
  31. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  32. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  33. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  34. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  35. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  36. O1 - Hosts: ::1 localhost
  37. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  38. O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
  39. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
  40. O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  41. O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  42. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  43. O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  44. O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  45. O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  46. O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
  47. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
  48. O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
  49. O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
  50. O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
  51. O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  52. O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
  53. O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
  54. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  55. O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  56. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  57. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
  58. O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
  59. O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
  60. O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  61. O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  62. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
  63. O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
  64. O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
  65. O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
  66. O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
  67. O13 - Gopher Prefix:
  68. O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
  69. O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
  70. O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
  71. O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  72. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
  73. O20 - AppInit_DLLs: avgrsstx.dll
  74. O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
  75. O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  76. O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
  77. O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
  78. O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
  79. O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
  80. O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
  81. O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
  82. O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
  83. O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
  84. O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
  85. O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine.0.0.125\ccSvcHst.exe (file missing)
  86. O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
  87. O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
  88. O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
  89. O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
  90. O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
  91. O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
  92.  
  93. --
  94. End of file - 8128 bytes
  95.  


Si usted puede ver cualquier otra basura que se puede salir, hágamelo saber gif "alt =":)" title =" Smile "> . Lo siento, este es un puesto de largo y un poco de un desastre. Estaba tratando de articular todo lo que sabe sobre el problema. Algo tiene que ayudar ¿no?

Gracias por su tiempo su apreciada. :)
  • Anonymous
  • Bot
  • No Avatar
  • Registrado: 25 Feb 2008
  • Mensajes: ?
  • Loc: Ozzuland
  • Status: Online

Nota Mayo 23rd, 2009, 4:23 am

  • Don2007
  • Web Master
  • Web Master
  • No Avatar
  • Registrado: Nov 21, 2006
  • Mensajes: 4924
  • Loc: NY
  • Status: Offline

Nota Mayo 23rd, 2009, 3:35 pm

O2 - BHO: (no nombre) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)

#O9 - Extra botón: (sin nombre) - (85d1f590-48F4-11d9-9669-0800200c9a66) - C: \ Windows \ bdoscandel.exe

#O9 - Extra "Herramientas" menuitem: desinstalar BitDefender Online Scanner v8 - (85d1f590-48F4-11d9-9669-0800200c9a66) - C: \ Windows \ bdoscandel.exe

#O10 - Desconocido archivo en Winsock LSP: c: \ windows \ system32 \ inethttpfilter. dll
#O10 - Desconocido archivo en Winsock LSP: c: \ windows \ system32 \ inethttpfilter.dll
#O10 - Desconocido archivo en Winsock LSP: c: \ windows \ system32 \ inethttpfilter.dll
#O10 - Desconocido archivo en Winsock LSP: c: \ windows \ system32 \ inethttpfilter.dll
How do you know when a politician is lying? His mouth is moving.
  • kolicha
  • Newbie
  • Newbie
  • Avatar de Usuario
  • Registrado: May 18, 2009
  • Mensajes: 7
  • Status: Offline

Nota Mayo 23rd, 2009, 11:34 pm

Gracias :) . #010 no estaba en volver a buscar a fijos pero los otros 3.

Código: [ Select ]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:31:05, on 24/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

--
End of file - 7555 bytes
  1. Logfile of Trend Micro HijackThis v2.0.2
  2. Scan saved at 07:31:05, on 24/05/2009
  3. Platform: Windows Vista SP1 (WinNT 6.00.1905)
  4. MSIE: Internet Explorer v8.00 (8.00.6001.18702)
  5. Boot mode: Normal
  7. Running processes:
  8. C:\Windows\system32\Dwm.exe
  9. C:\Windows\system32\taskeng.exe
  10. C:\Windows\Explorer.EXE
  11. C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  12. C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
  13. C:\Program Files\Java\jre6\bin\jusched.exe
  14. C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
  15. C:\Program Files\AVG\AVG8\avgtray.exe
  16. C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
  17. C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  18. C:\Windows\ehome\ehtray.exe
  19. C:\Program Files\Skype\Phone\Skype.exe
  20. C:\Program Files\Windows Live\Messenger\msnmsgr.exe
  21. C:\Windows\ehome\ehmsas.exe
  22. C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  23. C:\Program Files\Skype\Plugin Manager\skypePM.exe
  24. C:\Program Files\Mozilla Firefox\firefox.exe
  25. C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  26. C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  27. C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe
  29. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
  30. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  31. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
  32. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  33. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  34. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  35. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  36. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  37. O1 - Hosts: ::1 localhost
  38. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  39. O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
  40. O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  41. O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  42. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  43. O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  44. O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  45. O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  46. O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
  47. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
  48. O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
  49. O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
  50. O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
  51. O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  52. O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  53. O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
  54. O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
  55. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  56. O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  57. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  58. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
  59. O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
  60. O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
  61. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
  62. O13 - Gopher Prefix:
  63. O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
  64. O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
  65. O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
  66. O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
  67. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
  68. O20 - AppInit_DLLs: avgrsstx.dll
  69. O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe
  70. O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  71. O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
  72. O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
  73. O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
  74. O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
  75. O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
  76. O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
  77. O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
  78. O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
  79. O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
  80. O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine.0.0.125\ccSvcHst.exe (file missing)
  81. O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
  82. O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
  83. O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe
  84. O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
  85. O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
  87. --
  88. End of file - 7555 bytes
  • Don2007
  • Web Master
  • Web Master
  • No Avatar
  • Registrado: Nov 21, 2006
  • Mensajes: 4924
  • Loc: NY
  • Status: Offline

Nota Mayo 24th, 2009, 4:49 am

Descargar, actualizar y ejecutar la lucha contra el malware de malwarebytes.org para asegurarse de su limpieza.
How do you know when a politician is lying? His mouth is moving.
  • kolicha
  • Newbie
  • Newbie
  • Avatar de Usuario
  • Registrado: May 18, 2009
  • Mensajes: 7
  • Status: Offline

Nota Mayo 24th, 2009, 9:24 am

Salió limpio. Im que supongo bien conocida de cualquier amenaza.

Gracias por su ayuda y tiempo. Apreciado :D
  • Don2007
  • Web Master
  • Web Master
  • No Avatar
  • Registrado: Nov 21, 2006
  • Mensajes: 4924
  • Loc: NY
  • Status: Offline

Nota Mayo 24th, 2009, 3:49 pm

Me alegra escucharlo.
How do you know when a politician is lying? His mouth is moving.
  • kolicha
  • Newbie
  • Newbie
  • Avatar de Usuario
  • Registrado: May 18, 2009
  • Mensajes: 7
  • Status: Offline

Nota Mayo 25th, 2009, 2:41 am

Ah una cosa más. ¿Qué debo hacer con respecto a la entrada del Registro:

HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Enum \ Root \ LEGACY_UTIZMTA0

Dejar ser?

Página 1 de 1

Publicar Información

  • Total de mensajes en este tema: 7 mensajes
  • Usuarios navegando por este Foro: No hay usuarios registrados visitando el Foro y 225 invitados
  • No puede abrir nuevos temas en este Foro
  • No puede responder a temas en este Foro
  • No puede editar sus mensajes en este Foro
  • No puede borrar sus mensajes en este Foro
  • No puede enviar adjuntos en este Foro
 
 

© 2011 Unmelted, LLC. Ozzu® es una marca registrada de Unmelted, LLC