|
|
|
|
|
Revisar log hijack this |
|
| Agradecería algún entendido en la materia me puede revisar el siguiente log pues creo que hay muchas entradas sospechosas.
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:54:04, on 18/05/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17041) Boot mode: Normal Running processes: C:\ \ Windows\ \ system32\ \ taskhost.exe C:\ \ Windows\ \ system32\ \ Dwm.exe C:\ \ Windows\ \ Explorer.EXE C:\ \ Program Files\ \ Microsoft Security Client\ \ msseces.exe C:\ \ Program Files\ \ Common Files\ \ Java\ \ Java Update\ \ jusched.exe C:\ \ Program Files\ \ Windows Sidebar\ \ sidebar.exe C:\ \ Windows\ \ System32\ \ StikyNot.exe C:\ \ Program Files\ \ TeamViewer\ \ Version9\ \ TeamViewer.exe C:\ \ Users\ \ MANEL\ \ Documents\ \ PROGRAMAS\ \ UTILIDADES\ \ TuneUpPortable 2013\ \ APP\ \ TuneUp Utilities 2013\ \ TuneUpUtilitiesApp32.exe C:\ \ Windows\ \ system32\ \ SearchFilterHost.exe C:\ \ Users\ \ MANEL\ \ Downloads\ \ HijackThis.exe R0 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Start Page = https://www.google.es/ R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,SearchAssistant = R0 - HKLM\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Search,CustomizeSearch = R1 - HKCU\ \ Software\ \ Microsoft\ \ Windows\ \ CurrentVersion\ \ Internet Settings,ProxyOverride = *.local R0 - HKCU\ \ Software\ \ Microsoft\ \ Internet Explorer\ \ Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {ac6fad42-419e-4f3a-abde-1bc6ce916b7d} - (no file) R3 - URLSearchHook: (no name) - {a5317aec-a96f-4339-9b7f-61e77ca96b81} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ \ PROGRA~1\ \ MICROS~2\ \ Office14\ \ GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\ \ Program Files\ \ Java\ \ jre7\ \ bin\ \ ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\ \ Program Files\ \ Common Files\ \ Microsoft Shared\ \ Windows Live\ \ WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ \ PROGRA~1\ \ MICROS~2\ \ Office14\ \ URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\ \ Program Files\ \ Java\ \ jre7\ \ bin\ \ jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEFavClient.dll O3 - Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file) O4 - HKLM\ \ .\ \ Run: [Adobe ARM] "C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ ARM\ \ 1.0\ \ AdobeARM.exe" O4 - HKLM\ \ .\ \ Run: [MSC] "c:\ \ Program Files\ \ Microsoft Security Client\ \ msseces.exe" -hide -runkey O4 - HKLM\ \ .\ \ Run: [SunJavaUpdateSched] "C:\ \ Program Files\ \ Common Files\ \ Java\ \ Java Update\ \ jusched.exe" O4 - HKCU\ \ .\ \ Run: [Sidebar] C:\ \ Program Files\ \ Windows Sidebar\ \ sidebar.exe /autoRun O4 - HKCU\ \ .\ \ Run: [RESTART_STICKY_NOTES] C:\ \ Windows\ \ System32\ \ StikyNot.exe O4 - HKUS\ \ S-1-5-19\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /autoRun (User 'SERVICIO LOCAL') O4 - HKUS\ \ S-1-5-19\ \ .\ \ RunOnce: [mctadmin] C:\ \ Windows\ \ System32\ \ mctadmin.exe (User 'SERVICIO LOCAL') O4 - HKUS\ \ S-1-5-20\ \ .\ \ Run: [Sidebar] %ProgramFiles%\ \ Windows Sidebar\ \ Sidebar.exe /autoRun (User 'Servicio de red') O4 - HKUS\ \ S-1-5-20\ \ .\ \ RunOnce: [mctadmin] C:\ \ Windows\ \ System32\ \ mctadmin.exe (User 'Servicio de red') O4 - HKUS\ \ S-1-5-18\ \ .\ \ RunOnce: [panda2_0dn] reg.exe delete "HKCU\ \ Software\ \ AppDataLow\ \ Software\ \ panda2_0dn" /f (User 'SYSTEM') O4 - HKUS\ \ .DEFAULT\ \ .\ \ RunOnce: [panda2_0dn] reg.exe delete "HKCU\ \ Software\ \ AppDataLow\ \ Software\ \ panda2_0dn" /f (User 'Default user') O8 - Extra context menu item: &Enviar a OneNote - res://C:\ \ PROGRA~1\ \ MICROS~2\ \ Office14\ \ ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\ \ Windows\ \ system32\ \ GPhotos.scr/200 O8 - Extra context menu item: Anexar a PDF existente - res://C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - res://C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - res://C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ Acrobat\ \ ActiveX\ \ AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ \ PROGRA~1\ \ MICROS~2\ \ Office14\ \ EXCEL.EXE/3000 O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ Program Files\ \ Microsoft Office\ \ Office14\ \ ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ \ Program Files\ \ Microsoft Office\ \ Office14\ \ ONBttnIE.dll O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\ \ Program Files\ \ Microsoft Office\ \ Office14\ \ ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\ \ Program Files\ \ Microsoft Office\ \ Office14\ \ ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\ \ program files\ \ common files\ \ microsoft shared\ \ windows live\ \ wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\ \ program files\ \ common files\ \ microsoft shared\ \ windows live\ \ wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.fnmt.es O15 - Trusted Zone: http://*.fnmt.gob.es O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://yoreparo.webex.com/client/T27L/nbr/ieatgpc1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldes-es.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\ \ Program Files\ \ Common Files\ \ Microsoft Shared\ \ OFFICE14\ \ MSOXMLMF.DLL O20 - AppInit_DLLs: acaptuser32.dll O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\ \ Program Files\ \ Common Files\ \ ABBYY\ \ FineReader\ \ 10.00\ \ Licensing\ \ PE\ \ NetworkLicenseServer.exe O23 - Service: Servicio de Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\ \ Program Files\ \ Common Files\ \ Acronis\ \ Schedule2\ \ schedul2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\ \ Program Files\ \ Common Files\ \ Adobe\ \ ARM\ \ 1.0\ \ armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\ \ Windows\ \ system32\ \ Macromed\ \ Flash\ \ FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\ \ system32\ \ aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\ \ Windows\ \ system32\ \ afasrv32.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\ \ Program Files\ \ Common Files\ \ Acronis\ \ CDP\ \ afcdpsrv.exe O23 - Service: @%SystemRoot%\ \ system32\ \ Alg.exe,-112 (ALG) - Unknown owner - C:\ \ Windows\ \ System32\ \ alg.exe O23 - Service: AMD External Events Utility - AMD - C:\ \ Windows\ \ system32\ \ atiesrxx.exe O23 - Service: @%systemroot%\ \ system32\ \ appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ appinfo.dll,-100 (Appinfo) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\ \ Program Files\ \ Common Files\ \ Apple\ \ Mobile Device Support\ \ AppleMobileDeviceService.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\ \ Program Files\ \ Common Files\ \ Autodesk Shared\ \ Service\ \ AdskScSrv.exe O23 - Service: @%SystemRoot%\ \ system32\ \ AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ bfe.dll,-1001 (BFE) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ qmgr.dll,-1000 (BITS) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\ \ Program Files\ \ Bonjour\ \ mDNSResponder.exe O23 - Service: @%systemroot%\ \ system32\ \ browser.dll,-100 (Browser) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ bthserv.dll,-101 (bthserv) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ cscsvc.dll,-200 (CscService) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ dps.dll,-500 (DPS) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ eapsvc.dll,-1 (EapHost) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ ehome\ \ ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\ \ Windows\ \ ehome\ \ ehRecvr.exe O23 - Service: @%SystemRoot%\ \ ehome\ \ ehsched.exe,-101 (ehSched) - Unknown owner - C:\ \ Windows\ \ ehome\ \ ehsched.exe O23 - Service: @%SystemRoot%\ \ system32\ \ wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\ \ Program Files\ \ Common Files\ \ Macrovision Shared\ \ FLEXnet Publisher\ \ FNPLicensingService.exe O23 - Service: @%systemroot%\ \ system32\ \ FntCache.dll,-100 (FontCache) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @C:\ \ Program Files\ \ NOS\ \ bin\ \ getPlus_Helper.dll,-101 (getPlusHelper) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\ \ Program Files\ \ Google\ \ Common\ \ Google Updater\ \ GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\ \ System32\ \ hidserv.dll,-101 (hidserv) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: KMService - Unknown owner - C:\ \ Windows\ \ system32\ \ srvany.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\ \ Program Files\ \ Common Files\ \ LightScribe\ \ LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\ \ PROGRA~1\ \ Symantec\ \ LIVEUP~1\ \ LUCOMS~1.EXE O23 - Service: @%SystemRoot%\ \ system32\ \ lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ mmcss.dll,-100 (MMCSS) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\ \ Windows\ \ System32\ \ msdtc.exe O23 - Service: @%SystemRoot%\ \ system32\ \ iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ msimsg.dll,-27 (msiserver) - Unknown owner - C:\ \ Windows\ \ system32\ \ msiexec.exe O23 - Service: @%SystemRoot%\ \ system32\ \ qagentrt.dll,-6 (napagent) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\ \ Program Files\ \ Common Files\ \ Nero\ \ Nero BackItUp 4\ \ NBService.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ netman.dll,-109 (Netman) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ netprofm.dll,-202 (netprofm) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ nsisvc.dll,-200 (nsi) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: Orange update Core Service - Unknown owner - C:\ \ Program Files\ \ Orange\ \ OrangeUpdate\ \ Service\ \ OUCore.exe O23 - Service: @%SystemRoot%\ \ system32\ \ pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ pla.dll,-500 (pla) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ umpo.dll,-100 (Power) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ qwave.dll,-1 (QWAVE) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%Systemroot%\ \ system32\ \ rasauto.dll,-200 (RasAuto) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%Systemroot%\ \ system32\ \ rasmans.dll,-200 (RasMan) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\ \ Program Files\ \ CyberLink\ \ Shared files\ \ RichVideo.exe O23 - Service: Rohos Disk service (Rohos Disk) - Tesline-Service SRL - C:\ \ Program Files\ \ Rohos\ \ agent.exe O23 - Service: @%windir%\ \ system32\ \ RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ Locator.exe,-2 (RpcLocator) - Unknown owner - C:\ \ Windows\ \ system32\ \ locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: Tarjeta inteligente (SCardSvr) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ schedsvc.dll,-100 (Schedule) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ seclogon.dll,-7001 (seclogon) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ Sens.dll,-200 (SENS) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\ \ Windows\ \ System32\ \ snmptrap.exe O23 - Service: @%systemroot%\ \ system32\ \ spoolsv.exe,-1 (Spooler) - Unknown owner - C:\ \ Windows\ \ System32\ \ spoolsv.exe O23 - Service: @%SystemRoot%\ \ system32\ \ sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ sppsvc.exe O23 - Service: @%SystemRoot%\ \ system32\ \ sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\ \ Program Files\ \ Alcohol Soft\ \ Alcohol 120\ \ StarWind\ \ StarWindServiceAE.exe O23 - Service: @%SystemRoot%\ \ system32\ \ wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ swprv.dll,-103 (swprv) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ sysmain.dll,-1000 (SysMain) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ tbssvc.dll,-100 (TBS) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\ \ Program Files\ \ TeamViewer\ \ Version9\ \ TeamViewer_Service.exe O23 - Service: @%SystemRoot%\ \ System32\ \ termsrv.dll,-268 (TermService) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ themeservice.dll,-8192 (Themes) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\ \ Program Files\ \ Toshiba\ \ Bluetooth Toshiba Stack\ \ TosBtSrv.exe O23 - Service: @%SystemRoot%\ \ system32\ \ trkwks.dll,-1 (TrkWks) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ servicing\ \ TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\ \ Windows\ \ servicing\ \ TrustedInstaller.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\ \ Users\ \ MANEL\ \ Documents\ \ PROGRAMAS\ \ UTILIDADES\ \ TuneUpPortable 2013\ \ APP\ \ TuneUp Utilities 2013\ \ TuneUpUtilitiesService32.exe O23 - Service: @%SystemRoot%\ \ system32\ \ ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\ \ Windows\ \ system32\ \ UI0Detect.exe O23 - Service: @%SystemRoot%\ \ system32\ \ umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ upnphost.dll,-213 (upnphost) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ dwm.exe,-2000 (UxSms) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ vds.exe,-100 (vds) - Unknown owner - C:\ \ Windows\ \ System32\ \ vds.exe O23 - Service: @%systemroot%\ \ system32\ \ vssvc.exe,-102 (VSS) - Unknown owner - C:\ \ Windows\ \ system32\ \ vssvc.exe O23 - Service: @%SystemRoot%\ \ system32\ \ w32time.dll,-200 (W32Time) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ wbengine.exe,-104 (wbengine) - Unknown owner - C:\ \ Windows\ \ system32\ \ wbengine.exe O23 - Service: @%systemroot%\ \ system32\ \ wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ webclnt.dll,-100 (WebClient) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ wersvc.dll,-100 (WerSvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%ProgramFiles%\ \ Windows Defender\ \ MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%Systemroot%\ \ system32\ \ wbem\ \ wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%Systemroot%\ \ system32\ \ wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%Systemroot%\ \ system32\ \ wbem\ \ wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\ \ Windows\ \ system32\ \ wbem\ \ WmiApSrv.exe O23 - Service: @%PROGRAMFILES%\ \ Windows Media Player\ \ wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\ \ Program Files\ \ Windows Media Player\ \ wmpnetwk.exe O23 - Service: @%SystemRoot%\ \ system32\ \ wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\ \ Windows\ \ System32\ \ svchost.exe O23 - Service: @%systemroot%\ \ system32\ \ SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\ \ Windows\ \ system32\ \ SearchIndexer.exe O23 - Service: @%systemroot%\ \ system32\ \ wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ system32\ \ wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe O23 - Service: @%SystemRoot%\ \ System32\ \ wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\ \ Windows\ \ system32\ \ svchost.exe -- End of file - 25787 bytes |
#1   swissman (39.814 Posts) - 18/05/2014 20:32:20 | ||
| Qué entradas ves sospechosas? tienes lector de tarjetas? tienes instalado windows live onecare safety scanner? | ||
| Bajar - Subir | ||
#2  MANELBCN (55 Posts) - 18/05/2014 21:27:23 | ||
| Ante todo muchas gracias por responder, contestando a tu pregunta hace tiempo tuve instalado un hub para usb que llevaba lector de tarjetas, pero se estropeó.
Por otra parte el ordenador también lleva incorporado lector de tarjetas. Referente a Windows Onecare Safety scaner creo que no lo tengo instalado. Y a lo relacionado a entradas sospechosas me refería a la entrada nº: 23 que veo muchos servicios como Unkonwn owner pero creo que eso es normal. Te comento que el ordenador me va perfecto pero me llamo la atención lo mencionado anteriormente. | ||
| Bajar - Subir | ||
| #3 swissman (39.814 Posts) - 19/05/2014 07:13:40 | ||
| No ví nada sospechosos en el log, pero si algun programa has dejado de usarlo, puedes (es mejor) desinstalarlo. No está de más de vez en cuando pasar las herramientas habituales, como Ccleaner (limpiar temporales y registro), Malwarebytes\ ' Anti-Malware 1.3,
ad-aware y/o desfragmentar el disco duro y escanear el disco con scandisk. saludos [Mensaje editado por Moderador swissman con fecha: 19/05/2014 07:14:04]. | ||
| Bajar - Subir | ||
#4  Mega-tron (24.583 Posts) - 19/05/2014 08:11:09 | ||
| Yo lo único que veo sospechoso es el túne up portable, esos programas son regularmente un coladero de spyware esto es una firma: Si quieres ver volar tu Windows 2000. avienta la computadora por la ventana. :D | ||
| Bajar - Subir | ||
| #5 swissman (39.814 Posts) - 19/05/2014 09:06:23 | ||
| Correcto sobre lo del tune up y/o sus derivados, gracias, se me ha pasado indicar que lo desinstales
[Mensaje editado por Moderador swissman con fecha: 19/05/2014 09:06:47]. | ||
| Bajar - Subir | ||
| #6 MANELBCN (55 Posts) - 19/05/2014 19:44:03 | ||
| Muchas gracias swissman / mega- tron por vuestra ayuda.
estas dos entradas las puedo dejar : r3 - urlsearchhook: (no name) - {ac6fad42-419e-4f3a-abde-1bc6ce916b7d} - (no file) r3 - urlsearchhook: (no name) - {a5317aec-a96f-4339-9b7f-61e77ca96b81} - (no file) | ||
| Bajar - Subir | ||
| #7 Mega-tron (24.583 Posts) - 19/05/2014 19:50:17 | ||
| Espera a que swissman responda, desde mi particular punto de vista dejaría sólo una entrada r0 y sólo una r1, también quitaría todas las que digan noname y/o nofile y las entradas r15 a menos que tu hayas bloqueado esas webs esto es una firma: Si quieres ver volar tu Windows 2000. avienta la computadora por la ventana. :D | ||
| Bajar - Subir | ||
| #8 swissman (39.814 Posts) - 19/05/2014 21:38:45 | ||
| Marca las siguientes entradas
R3 - URLSearchHook: (no name) - {ac6fad42-419e-4f3a-abde-1bc6ce916b7d} - (no file) R3 - URLSearchHook: (no name) - {a5317aec-a96f-4339-9b7f-61e77ca96b81} - (no file) O3 - Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file) O3 - Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file) pulsas fix select pasa ccleaner para limpiar el registro, deshabilita todos los programa s excepto antivirus y cortafuegos con Deshabilitar programa_s de inicio desde agregar o quitar programas, mira desinstalar todo lo que diga \ "toolbar\ ", y cuando instales algo, escoge siempre la opción \ "para usuarios avanzados\ " o similar y mira MUY bien lo que se instala, ya que lo más leve puede ser una toolbar que solo ensucia. | ||
| Bajar - Subir | ||
| #9 MANELBCN (55 Posts) - 20/05/2014 19:26:19 | ||
| Gracias a los dos por la ayuda y pongo en marcha vuestras sugerencias. | ||
| Bajar - Subir |
Temas relacionados: |
| Hijack this | |
| Hola, alguien me puede decir como interpretar correctamente el resultado después de un scaneo con el hijack this, puesto de muestra lo bueno y lo malo, como reconocer que archivos puedo eliminar sin problemas? gracias ... | |
| Hijack.startpage | |
| Tengo el hijack.startpage lo intente sacar con el malwaresbytes y el adwcleaner. pero no tengo resulados así que instalé el hijackthis. y me salió este registro Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 06:09:06 p.m., on 06/11/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17344) Boot mode: Normal Running processes: C:\\Program Files (x86)\\IObit\\Advanced SystemCare 7\\Monitor.exe C:\\Program Files (x86)\\Malwarebytes Anti-Malware\\mbam.exe C:\\Program Files (x86)\\M... | |
| Hijack test babylon spyware | |
| Windows 7 (6.1) 32b, Microsoft Internet Explorer 6.0 Problema con babylon, ejecutando el programa hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:31:42 p.m., on 10/07/2012 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\\ProgramData\\DatacardService\\DCSHelper.exe C:\\Program Files (x86)\\Trend Micro\\HijackThis\\HijackThis.exe R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://g.msn.com/HPALL/1... | |
| Eliminar search canvas con hijack this (Solucionada) | |
| LAPTOP WINDOWS 7 gracias de antemano.quise adronar una foto y entre a una pagina de efectos online.pero esto cambio mi pagina de busqueda que era siempre google pues ahora aparece search canvas con la figura de un perrito.he querido quitarla y nada.por eso lei la respuesta que le dieron a un usuario con mi mismo problema.entre a hijack this y copie el texto que me dieron tal como uds. lo indicaron.ayúdenme por favor.gracias Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 05:13:18 p.m., on 15/07/2012 Platform: Windows 7 SP1 (Wi... | |
| Que es revisar el adn | |
| Hay momentos en que me aperase revisar el adn la verdad es que no se donde se busca en mi celular el adn me pueden explicar que significa y por que me aprese revisar el adn por favor Samsung Galaxy Pocket Duos S5302. ... | |
| Subir |
Foros: |
|