| Bonepay |  |
|
2011-03-08 12:41 - Respuestas: 11 - Tema nº: 2769156
Windows Vista, 64Bits, Core 2 Quad
Buenas, tengo un problema con un troyano llamado trojan-banker.js.banker.f., el cual cuando abro algún programa que use internet el antivirus kaspersky me prohibe abrirlo y enseña un aviso que dice algo de descargando de www.keepwalkingtv.net 0xf04.pac denegado (aunque no lo borra) ya pase al malwarebytes y el Super antispyware, y borró algunas cosas pero no ese troyano, ya no se que hacer, si alguien me puede decir que hacer para borrarlo le estare tremendamente agradecido.
| |
|
|
| enrique1970 |  |
|
Re: Troyan Banker no se puede borrar - 2011-03-08 13:11 - Respuesta 2
Hola, activa en opciones de carapeta la opción "mostrar archivos y carpetas ocultas" vas a pasar ESET Online Scanner y TrendMicro-HouseCall
Dinos si alguno de estos lo elimina. Tambien vas a iniciar tu pc en modo segruo con funciones de red (pulsa f8 varias veces al encender la pc) y corres malwarebytes en escaneo completo.
Limpias con ccleaner y por ultimo vas a descargar el
HijackThis 2.0.4 este ultimo lo va a ejecutar en modo normal y le das a "Do a system scan and save a log file" esto generará un archivo de texto
el cual vas a pegar en este post para que un moderador autorizado lo analice
saludos!
Recuerda notificar si solucionaste tu problema y si tienes conocimientos en algún area puedes ayudar a otros cómo tu has sido ayudado!
Una sugerencia a todos los usuarios, en la sección de TUTORIALES encontraran la solución a muchos problemas, visitenla!
| |
|
|
| Bonepay | |
|
Re: Troyan Banker no se puede borrar - 2011-03-08 21:39 - Respuesta 3
Pues nada, el troyan sigue ahi, pego el reporte del HijackThis para ver si podeis decirme que diablos es ese troyano o virus y que puedo hacer;
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:35:48, on 08/03/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\DeltaIITray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\XWindowsDock\XWindowsDock.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bone\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.keepwalkingtv.net/0xf04.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 60.190.218.24 www.kavkiskey.com127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - Startup: XWindowsDock.lnk = C:\Program Files (x86)\XWindowsDock\XWindowsDock.exe
O8 - Extra context menu item: Agregar al componente Anti-Banners - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: Estadísticas de protección del tráfico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/es/uno1/GAME_UNO1.cab
O16 - DPF: {B91AEDBE-93DF-4017-8BB3-F1C300C0EC51} (InstallShield Setup Player 2K2) - https://avba.movistar.es/public/AntivirusOneClickInstall/setup.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B10A676F-9DAE-43F1-AD29-D4BA64E634C9}: NameServer = 80.58.61.250,80.58.61.254
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~2\GOEC62~1.DLL, C:\PROGRA~2\KASPER~2\KASPER~1\mzvkbd.dll, C:\PROGRA~2\KASPER~2\KASPER~1\mzvkbd3.dll, C:\PROGRA~2\KASPER~2\KASPER~1\adialhk.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
End of file - 24467 bytes
| |
|
|
| marinalope |  |
|
Re: Troyan Banker no se puede borrar - 2011-03-08 23:07 - Respuesta 4
Hola Bonepay.
Cierra todos los programas incluido el navegador,abre el HijackThis,pulsa do a system scan only y marca estas entradas:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.keepwalkingtv.net/0xf04.pac
O1 - Hosts: 60.190.218.24 www.kavkiskey.com127.255.255.255 serial.alcohol-soft.com
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Pulsa fix checked,reinicia,pega un nuevo log y comentanós.
Cuando pongas una pregunta,recuerda refrescar la página para ver si has tenido alguna respuesta.Puedes hacerlo pulsando F5. | |
|
|
| Bonepay | |
|
Re: Troyan Banker no se puede borrar - 2011-03-08 23:27 - Respuesta 5
resuelto! mil gracias!! aqui pego el reporte último del hijackthis;
logfile of trend micro hijackthis v2.0.4
scan saved at 22:23:06, on 08/03/2011
platform: windows vista sp2 (winnt 6.00.1906)
msie: internet explorer v7.00 (7.00.6002.18005)
boot mode: normal
running processes:
c:\program files (x86)\common files\microsoft
shared\ink\tabtip32.exe
c:\program files (x86)\intel\intel matrix storage
manager\iaanotif.exe
c:\windows\syswow64\deltaiitray.exe
c:\program files (x86)\xwindowsdock\xwindowsdock.exe
c:\program files (x86)\kaspersky lab\kaspersky
internet security 2009\avp.exe
c:\program files (x86)\common files\java\java
update\jusched.exe
c:\program files (x86)\windows
live\messenger\msnmsgr.exe
c:\program files (x86)\windows
live\contacts\wlcomm.exe
c:\users\bone\desktop\hijackthis.exe
c:\program files (x86)\common
files\nero\lib\nmindexstoresvr.exe
r1 - hkcu\software\microsoft\internet
explorer\main,default_page_url = http://www.medion.com
r0 - hkcu\software\microsoft\internet
explorer\main,start page = http://www.google.es/
r1 - hklm\software\microsoft\internet
explorer\main,default_page_url = http://www.medion.com
r1 - hklm\software\microsoft\internet
explorer\main,default_search_url =
http://go.microsoft.com/fwlink/?linkid=54896
r1 - hklm\software\microsoft\internet
explorer\main,search page =
http://go.microsoft.com/fwlink/?linkid=54896
r0 - hklm\software\microsoft\internet
explorer\main,start page =
http://go.microsoft.com/fwlink/?linkid=69157
r0 - hklm\software\microsoft\internet
explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet
explorer\search,customizesearch =
r1 -
hkcu\software\microsoft\windows\currentversion\interne
t settings,proxyoverride = local
r0 - hkcu\software\microsoft\internet
explorer\toolbar,linksfoldername =
f2 - reg:system.ini: userinit=userinit.exe,
o1 - hosts: ::1 localhost
o1 - hosts: 60.190.218.24
www.kavkiskey.com127.255.255.255 serial.alcohol-
soft.com
o2 - bho: aplicación auxiliar de vínculos de adobe pdf
reader - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} -
c:\program files (x86)\common
files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: ievkbdbho - {59273ab4-e7d3-40f9-a1a8-
6fa9cca1862c} - c:\program files (x86)\kaspersky
lab\kaspersky internet security 2009\ievkbd.dll
o2 - bho: groove gfs browser helper - {72853161-30c5-
4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)
\microsoft office\office12\grooveshellextensions.dll
o2 - bho: windows live id sign-in helper - {9030d464-
4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)
\common files\microsoft shared\windows
live\windowslivelogin.dll
o2 - bho: google toolbar notifier bho - {af69de43-
7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)
\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
o2 - bho: megaiemn - {bf00e119-21a3-4fd1-b178-
3b8537e75c92} - c:\program files (x86)\megaupload\mega
manager\megaiemn.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-
a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)
\java\jre6\bin\jp2ssv.dll
o4 - hklm\..\run: [avp] "c:\program files (x86)
\kaspersky lab\kaspersky internet security 2009
\avp.exe"
o4 - hklm\..\run: [sunjavaupdatesched] "c:\program
files (x86)\common files\java\java update\jusched.exe"
o4 - hkcu\..\run: [ehtray.exe]
c:\windows\ehome\ehtray.exe
o4 - hkcu\..\run: [superantispyware] c:\program
files\superantispyware\superantispyware.exe
o4 - hkcu\..\run: [adobeupdater] "c:\program files
(x86)\common files\adobe\updater5\adobeupdater.exe"
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%
\windows sidebar\sidebar.exe /detectmem (user
'servicio local')
o4 - hkus\s-1-5-19\..\run: [windowswelcomecenter]
rundll32.exe oobefldr.dll,showwelcomecenter (user
'servicio local')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%
\windows sidebar\sidebar.exe /detectmem (user
'servicio de red')
o4 - startup: xwindowsdock.lnk = c:\program files
(x86)\xwindowsdock\xwindowsdock.exe
o8 - extra context menu item: agregar al componente
anti-banners - c:\program files (x86)\kaspersky
lab\kaspersky internet security 2009
\ie_banner_deny.htm
o8 - extra context menu item: convertir a adobe pdf -
res://c:\program files (x86)\adobe\acrobat 8.0
\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convertir destino de
vínculo en archivo adobe pdf - res://c:\program files
(x86)\adobe\acrobat 8.0
\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convertir selección a
adobe pdf - res://c:\program files (x86)\adobe\acrobat
8.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convertir vínculos
seleccionados a adobe pdf - res://c:\program files
(x86)\adobe\acrobat 8.0
\acrobat\acroiefavclient.dll/acroiecapturesellinks.htm
l
o8 - extra context menu item: e&xportar a microsoft
excel - res://c:\progra~2\micros~2\office12
\excel.exe/3000
o8 - extra context menu item: enlace de descarga
usando mega manager... - c:\program files (x86)
\megaupload\mega manager\mm_file.htm
o9 - extra button: estadísticas de protección del
tráfico web - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} -
c:\program files (x86)\kaspersky lab\kaspersky
internet security 2009\scieplgn.dll
o9 - extra button: enviar a onenote - {2670000a-7350-
4f3c-8081-5663ee0c6c49} - c:\progra~2\micros~2
\office12\onbttnie.dll
o9 - extra 'tools' menuitem: &enviar a onenote -
{2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~2
\micros~2\office12\onbttnie.dll
o9 - extra button: research - {92780b25-18cc-41c8-
b9be-3c9c571a8263} - c:\progra~2\micros~2\office12
\refiebar.dll
o16 - dpf: {1e54d648-b804-468d-bc78-4affed8e262e}
(system requirements lab) -
http://www.srtest.com/srl_bin/sysreqlab_srl.cab
o16 - dpf: {40f576ad-8680-4f9e-9490-99d069cd665f} -
http://srtest-
cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sys
reqlabdetect.cab
o16 - dpf: {5d6f45b3-9043-443d-a792-115447494d24}
(unoctrl class) -
http://messenger.zone.msn.com/messengergamescontent/ga
mecontent/es/uno1/game_uno1.cab
o16 - dpf: {b91aedbe-93df-4017-8bb3-f1c300c0ec51}
(installshield setup player 2k2) -
https://avba.movistar.es/public/antivirusoneclickinsta
ll/setup.exe
o16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072}
(messengerstatsclient class) -
http://messenger.zone.msn.com/binary/messengerstatspac
lient.cab56907.cab
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000}
(shockwave flash object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/f
lash/swflash.cab
o17 - hklm\system\ccs\services\tcpip\..\{b10a676f-
9dae-43f1-ad29-d4ba64e634c9}: nameserver =
80.58.61.250,80.58.61.254
o18 - protocol: groovelocalgws - {88fed34c-f0ca-4636-
a375-3cb6248b04cd} - c:\program files (x86)\microsoft
office\office12\groovesystemservices.dll
o20 - appinit_dlls: c:\progra~2\google\google~2
\goec62~1.dll, c:\progra~2\kasper~2\kasper~1
\mzvkbd.dll, c:\progra~2\kasper~2\kasper~1
\mzvkbd3.dll, c:\progra~2\kasper~2\kasper~1
\adialhk.dll
o22 - sharedtaskscheduler: component categories cache
daemon - {8c7461ef-2b13-11d2-be35-3078302c2030} -
c:\windows\system32\browseui.dll
o23 - service: sas core service (!sascore) -
superantispyware.com - c:\program
files\superantispyware\sascore64.exe
o23 - service: adobe lm service - adobe systems -
c:\program files (x86)\common files\adobe systems
shared\service\adobelmsvc.exe
o23 - service: @%systemroot%\system32\aelupsvc.dll,-1
(aelookupsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\alg.exe,-112
(alg) - unknown owner - c:\windows\system32\alg.exe
(file missing)
o23 - service: @%systemroot%\system32\appinfo.dll,-100
(appinfo) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\audiosrv.dll,-
204 (audioendpointbuilder) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\audiosrv.dll,-
200 (audiosrv) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: kaspersky internet security (avp) -
kaspersky lab - c:\program files (x86)\kaspersky
lab\kaspersky internet security 2009\avp.exe
o23 - service: @%systemroot%\system32\bfe.dll,-1001
(bfe) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\qmgr.dll,-1000
(bits) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service:
##id_string1.6844f930_1628_4223_b5cc_5bb94b879762##
(bonjour service) - apple computer, inc. - c:\program
files (x86)\bonjour\mdnsresponder.exe
o23 - service: @%systemroot%\system32\browser.dll,-100
(browser) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\bthserv.dll,-101
(bthserv) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\certprop.dll,-11
(certpropsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\cryptsvc.dll,-
1001 (cryptsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @oleres.dll,-5012 (dcomlaunch) -
unknown owner - c:\windows\system32\svchost.exe
o23 - service: @dfsrres.dll,-101 (dfsr) - unknown
owner - c:\windows\system32\dfsr.exe (file missing)
o23 - service: @%systemroot%\system32\dhcpcsvc.dll,-
100 (dhcp) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\dot3svc.dll,-
1102 (dot3svc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\dps.dll,-500
(dps) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\eapsvc.dll,-1
(eaphost) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\ehome\ehrecvr.exe,-101
(ehrecvr) - unknown owner -
c:\windows\ehome\ehrecvr.exe
o23 - service: @%systemroot%\ehome\ehsched.exe,-101
(ehsched) - unknown owner -
c:\windows\ehome\ehsched.exe
o23 - service: @%systemroot%\ehome\ehstart.dll,-101
(ehstart) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\emdmgmt.dll,-
1000 (emdmgmt) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\wevtsvc.dll,-200
(eventlog) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @comres.dll,-2450 (eventsystem) -
unknown owner - c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\fdphost.dll,-100
(fdphost) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\fdrespub.dll,-
100 (fdrespub) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: flexnet licensing service - macrovision
europe ltd. - c:\program files (x86)\common
files\macrovision shared\flexnet
publisher\fnplicensingservice.exe
o23 - service: @%systemroot%\system32\fntcache.dll,-
100 (fontcache) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: france telecom routing table service
(ftrtsvc) - unknown owner - c:\progra~2\common~1
\france telecom\shared modules\ftrtsvc\0\ftrtsvc.exe
o23 - service: @gpapi.dll,-112 (gpsvc) - unknown owner
- c:\windows\system32\svchost.exe
o23 - service: google update service (gupdate)
(gupdate) - unknown owner - c:\program files (x86)
\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) -
google - c:\program files (x86)\google\common\google
updater\googleupdaterservice.exe
o23 - service: @%systemroot%\system32\hidserv.dll,-101
(hidserv) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\kmsvc.dll,-6
(hkmsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: intel(r) matrix storage event monitor
(iaantmon) - intel corporation - c:\program files
(x86)\intel\intel matrix storage manager\iaantmon.exe
o23 - service: @%systemroot%\system32\ikeext.dll,-501
(ikeext) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\ipbusenum.dll,-
102 (ipbusenum) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\iphlpsvc.dll,-
200 (iphlpsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @keyiso.dll,-100 (keyiso) - unknown
owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @comres.dll,-2946 (ktmrm) - unknown
owner - c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\srvsvc.dll,-100
(lanmanserver) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\wkssvc.dll,-100
(lanmanworkstation) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\lltdres.dll,-1
(lltdsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\lmhsvc.dll,-101
(lmhosts) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\mmcss.dll,-100
(mmcss) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32
\firewallapi.dll,-23090 (mpssvc) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @comres.dll,-2797 (msdtc) - unknown
owner - c:\windows\system32\msdtc.exe (file missing)
o23 - service: @%systemroot%\system32\iscsidsc.dll,-
5000 (msiscsi) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\msimsg.dll,-27
(msiserver) - unknown owner - c:\windows\system32
\msiexec.exe
o23 - service: @%systemroot%\system32\qagentrt.dll,-6
(napagent) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: nero backitup scheduler 3 - nero ag -
c:\program files (x86)\nero\nero8\nero
backitup\nbservice.exe
o23 - service: @%systemroot%\system32\netlogon.dll,-
102 (netlogon) - unknown owner - c:\windows\system32
\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\netman.dll,-109
(netman) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\netprof.dll,-246
(netprofm) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\nlasvc.dll,-1
(nlasvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: nmindexingservice - nero ag -
c:\program files (x86)\common
files\nero\lib\nmindexingservice.exe
o23 - service: @%systemroot%\system32\nsisvc.dll,-200
(nsi) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: nvidia display driver service (nvsvc) -
unknown owner - c:\windows\system32\nvvsvc.exe (file
missing)
o23 - service: @%systemroot%\system32\p2psvc.dll,-8004
(p2pimsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\p2psvc.dll,-8006
(p2psvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\pcasvc.dll,-1
(pcasvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\syswow64\perfhost.exe,-2
(perfhost) - unknown owner - c:\windows\syswow64
\perfhost.exe
o23 - service: @%systemroot%\system32\pla.dll,-500
(pla) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: plflash deviceiocontrol service -
prolific technology inc. - c:\windows\syswow64
\ioctlsvc.exe
o23 - service: @%systemroot%\system32\umpnpmgr.dll,-
100 (plugplay) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: pnkbstra - unknown owner -
c:\windows\system32\pnkbstra.exe
o23 - service: @%systemroot%\system32\p2psvc.dll,-8002
(pnrpautoreg) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\p2psvc.dll,-8000
(pnrpsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\polstore.dll,-
5010 (policyagent) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\profsvc.dll,-300
(profsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\psbase.dll,-300
(protectedstorage) - unknown owner -
c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\qwave.dll,-1
(qwave) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\rasauto.dll,-200
(rasauto) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\rasmans.dll,-200
(rasman) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\locator.exe,-2
(rpclocator) - unknown owner - c:\windows\system32
\locator.exe (file missing)
o23 - service: @oleres.dll,-5010 (rpcss) - unknown
owner - c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\samsrv.dll,-1
(samss) - unknown owner - c:\windows\system32
\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\scardsvr.dll,-1
(scardsvr) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\schedsvc.dll,-
100 (schedule) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\certprop.dll,-13
(scpolicysvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\sdrsvc.dll,-107
(sdrsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\seclogon.dll,-
7001 (seclogon) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\sens.dll,-200
(sens) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: servicelayer - nokia - c:\program files
(x86)\pc connectivity solution\servicelayer.exe
o23 - service: @%systemroot%\system32\sessenv.dll,-
1026 (sessionenv) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\ipnathlp.dll,-
106 (sharedaccess) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\shsvcs.dll,-
12288 (shellhwdetection) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\slsvc.exe,-101
(slsvc) - unknown owner - c:\windows\system32
\slsvc.exe (file missing)
o23 - service: @%systemroot%\system32\sluinotify.dll,
-103 (sluinotify) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\snmptrap.exe,-3
(snmptrap) - unknown owner - c:\windows\system32
\snmptrap.exe (file missing)
o23 - service: @%systemroot%\system32\spoolsv.exe,-1
(spooler) - unknown owner - c:\windows\system32
\spoolsv.exe (file missing)
o23 - service: @%systemroot%\system32\ssdpsrv.dll,-100
(ssdpsrv) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\sstpsvc.dll,-200
(sstpsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: starwind ae service (starwindserviceae)
- rocket division software - c:\program files (x86)
\alcohol soft\alcohol 52
\starwind\starwindserviceae.exe
o23 - service: steam client service - valve
corporation - c:\program files (x86)\common
files\steam\steamservice.exe
o23 - service: nvidia stereoscopic 3d driver service
(stereo service) - nvidia corporation - c:\program
files (x86)\nvidia corporation\3d
vision\nvscpapisvr.exe
o23 - service: @%systemroot%\system32\wiaservc.dll,-9
(stisvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\swprv.dll,-103
(swprv) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\sysmain.dll,-
1000 (sysmain) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\tabsvc.dll,-100
(tabletinputservice) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: tabletservicepen - unknown owner -
c:\windows\system32\pen_tablet.exe (file missing)
o23 - service: @%systemroot%\system32\tapisrv.dll,-
10100 (tapisrv) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\tbssvc.dll,-100
(tbs) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\termsrv.dll,-268
(termservice) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\shsvcs.dll,-8192
(themes) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\mmcss.dll,-102
(threadorder) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\trkwks.dll,-1
(trkwks) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%
\servicing\trustedinstaller.exe,-100
(trustedinstaller) - unknown owner -
c:\windows\servicing\trustedinstaller.exe
o23 - service: @%systemroot%\system32
\tuneupdefragservice.exe,-1 (tuneup.defrag) - unknown
owner - c:\windows\system32\tuneupdefragservice.exe
(file missing)
o23 - service: @%systemroot%\system32\tuprogst.exe,-1
(tuneup.programstatisticssvc) - unknown owner -
c:\windows\system32\tuprogst.exe (file missing)
o23 - service: @%systemroot%\system32\ui0detect.exe,-
101 (ui0detect) - unknown owner - c:\windows\system32
\ui0detect.exe (file missing)
o23 - service: @%systemroot%\system32\upnphost.dll,-
213 (upnphost) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\dwm.exe,-2000
(uxsms) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\uxtuneup.dll,-
4096 (uxtuneup) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\vds.exe,-100
(vds) - unknown owner - c:\windows\system32\vds.exe
(file missing)
o23 - service: @%systemroot%\system32\vssvc.exe,-102
(vss) - unknown owner - c:\windows\system32\vssvc.exe
(file missing)
o23 - service: @%systemroot%\system32\w32time.dll,-200
(w32time) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\wcncsvc.dll,-3
(wcncsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32
\wcspluginservice.dll,-200 (wcspluginservice) -
unknown owner - c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\wdi.dll,-502
(wdiservicehost) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\wdi.dll,-500
(wdisystemhost) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\webclnt.dll,-100
(webclient) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\wecsvc.dll,-200
(wecsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32
\wercplsupport.dll,-101 (wercplsupport) - unknown
owner - c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\wersvc.dll,-100
(wersvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%programfiles%\windows
defender\msmpres.dll,-103 (windefend) - unknown owner
- c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\winhttp.dll,-100
(winhttpautoproxysvc) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32
\wbem\wmisvc.dll,-205 (winmgmt) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @%systemroot%\system32\wsmsvc.dll,-101
(winrm) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\wlansvc.dll,-257
(wlansvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32
\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner -
c:\windows\system32\wbem\wmiapsrv.exe (file missing)
o23 - service: @%programfiles%\windows media
player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown
owner - c:\program files (x86)\windows media
player\wmpnetwk.exe (file missing)
o23 - service: @%systemroot%\system32\wpcsvc.dll,-100
(wpcsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\wpdbusenum.dll,
-100 (wpdbusenum) - unknown owner -
c:\windows\system32\svchost.exe
o23 - service: @c:\windows\microsoft.net\framework64
\v4.0.30319\wpf\wpffontcache_v0400.exe,-100
(wpffontcache_v0400) - unknown owner -
c:\windows\microsoft.net\framework64\v4.0.30319
\wpf\wpffontcache_v0400.exe
o23 - service: @%systemroot%\system32\wscsvc.dll,-200
(wscsvc) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32
\searchindexer.exe,-103 (wsearch) - unknown owner -
c:\windows\system32\searchindexer.exe
o23 - service: @%systemroot%\system32\wuaueng.dll,-105
(wuauserv) - unknown owner - c:\windows\system32
\svchost.exe
o23 - service: @%systemroot%\system32\wudfsvc.dll,-
1000 (wudfsvc) - unknown owner - c:\windows\system32
\svchost.exe
end of file - 24132 bytes
de todas formas tengo una pregunta mas relacionada con esto, yo tengo el kis09 siempre funcionando y cada tiempo hago limpiezas con el ccleaner, que mas debo o puedo hacer para evitar cosas como esta en un futuro? algún programa concreto o algo? mil gracias de nuevo. | |
|
|
|
