Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Aquí pedo mi log a ver si me podéis ayudar:

Logfile of HijackThis v1.99.1
Scan saved at 11:22:28, on 05/08/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\Documents and Settings\Administrador\WINDOWS\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\MSSQL7\binn\sqlservr.exe
c:\orant\bin\oracle80.exe
C:\ORANT\BIN\TNSLSNR80.exe
C:\Archivos de programa\Microsoft Office\Office\OWSTIMER.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\MSSQL7\binn\sqlagent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\termsrv.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\lserver.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Archivos de programa\Key Drive\Manager.exe
C:\WINNT\System32\ctfmon.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\System32\svchost.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Archivos de programa\Grisoft\AVG Free\avgcc.exe
C:\WINNT\system32\ielt.exe
C:\WINNT\atlep32.exe
C:\Documents and Settings\Administrador\Mis documentos\Utilidades\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\pumqf.dll/sp.html#83556
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\pumqf.dll/sp.html#83556
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\pumqf.dll/sp.html#83556
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\pumqf.dll/sp.html#83556
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\pumqf.dll/sp.html#83556
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\pumqf.dll/sp.html#83556
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\System32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Class - {1226C677-A0E2-B07C-6C5C-AF77FA44913F} - C:\WINNT\ieos.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [KeyDrive] C:\Archivos de programa\Key Drive\Manager.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [atlep32.exe] C:\WINNT\atlep32.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Administrador de servicios.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Documents and Settings\Administrador\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Documents and Settings\Administrador\WINDOWS\web\related.htm (file missing)
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrador\windows\system32\rnr20.dll' missing
O16 - DPF: {11010101-1001-1111-1000-110112345679} - ms-its:mhtml:file://c:\nosuch.mht!http://findgal.net/bcegfgpnpm.mjdhyq.kgjf-D-B-C-D.cdqs.yfin::/code.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O17 - HKLM\System\CS1\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O17 - HKLM\System\CS2\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINNT\system32\ielt.exe
O23 - Service: Servicio de alerta (Alerter) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Administración de aplicaciones (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Examinador de equipos (Browser) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Portafolios (ClipSrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\clipsrv.ex e (file missing)
O23 - Service: Sistema de archivos distribuido (Dfs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\Dfssvc.exe (file missing)
O23 - Service: Cliente DHCP (Dhcp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servidor de DHCP (DHCPServer) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\tcpsvcs.ex e (file missing)
O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\dmadmin.ex e (file missing)
O23 - Service: Administrador de discos lógicos (dmserver) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servidor DNS (DNS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\dns.exe (file missing)
O23 - Service: Cliente DNS (Dnscache) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Registro de sucesos (Eventlog) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Servicio de fax (Fax) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\faxsvc.exe (file missing)
O23 - Service: Servicio de autenticación de Internet (IAS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servidor (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Estación de trabajo (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servicio de registro de licencias (LicenseService) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\llssrv.exe (file missing)
O23 - Service: Servicio de ayuda TCP/IP NetBIOS (LmHosts) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Mensajero (Messenger) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: DDE de red (NetDDE) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: DSDM de DDE de red (NetDDEdsdm) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: Inicio de sesión en red (Netlogon) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Conexiones de red (Netman) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Réplica de archivos (NtFrs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\ntfrs.exe (file missing)
O23 - Service: Proveedor de asistencia de seguridad LM de Windows NT (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Medios de almacenamiento extraíbles (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Oracle%ORACLE_HOME_SERVICE%ClientCache80 - Unknown owner - C:\ORANT\BIN\ONRSD80.EXE
O23 - Service: OracleExtprocAgent - Unknown owner - C:\ORANT\BIN\EXTPROCT.EXE
O23 - Service: OracleServiceJABU - Oracle Corporation - c:\orant\bin\oracle80.exe
O23 - Service: OracleTNSListener80 - Unknown owner - C:\ORANT\BIN\TNSLSNR80.exe
O23 - Service: Office Server Extensions Notification Service (OWSTimer) - Unknown owner - C:\Archivos de programa\Microsoft Office\Office\OWSTIMER.EXE
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Agente de directivas IPSEC (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Almacenamiento protegido (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Administrador de conexión automática de acceso remoto (RasAuto) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Administrador de conexión de acceso remoto (RasMan) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicio de Registro remoto (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\regsvc.exe (file missing)
O23 - Service: Localizador de llamadas a procedimiento remoto (RPC) (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\locator.ex e (file missing)
O23 - Service: Llamada a procedimiento remoto(RPC) (RpcSs) - Unknown owner - C:\Documents.exe (file missing)
O23 - Service: Control de admisión QoS (RSVP) (RSVP) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\rsvp.exe (file missing)
O23 - Service: Administrador de cuentas de seguridad (SamSs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Sistema de ayuda de tarjeta inteligente (SCardDrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\SCardSvr.e xe (file missing)
O23 - Service: Tarjeta inteligente (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\SCardSvr.e xe (file missing)
O23 - Service: Programador de tareas (Schedule) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\MSTask.exe (file missing)
O23 - Service: Servicio RunAs (seclogon) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Notificación de sucesos del sistema (SENS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\svchost.ex e (file missing)
O23 - Service: Conexión compartida a Internet (SharedAccess) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicios simples de TCP/IP (SimpTcp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\tcpsvcs.ex e (file missing)
O23 - Service: Cola de impresión (Spooler) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\spoolsv.ex e (file missing)
O23 - Service: Still Image Service (StiSvc) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\stisvc.exe (file missing)
O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)
O23 - Service: Registros y alertas de rendimiento (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\smlogsvc.e xe (file missing)
O23 - Service: Telefonía (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicios de Terminal Server (TermService) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\termsrv.ex e (file missing)
O23 - Service: Licencias de Servicios de Terminal Server (TermServLicensing) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lserver.ex e (file missing)
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\tlntsvr.ex e (file missing)
O23 - Service: Servidor de seguimiento de vínculos distribuidos (TrkSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Cliente de seguimiento de vinculos distribuidos (TrkWks) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Sistema de alimentación ininterrumpida (UPS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\ups.exe (file missing)
O23 - Service: Administrador de utilidades (UtilMan) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\UtilMan.ex e (file missing)
O23 - Service: Horario de Windows (W32Time) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Instrumental de administración de Windows (WinMgmt) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\WBEM\WinMg mt.exe (file missing)
O23 - Service: Servicio WINS (WINS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\wins.exe (file missing)
O23 - Service: Exten. controlador Instrumental de admon. de Windows (Wmi) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\Services.e xe (file missing)

Gracias de antemano.

Hola te doy la bienvenida al Foro de InfoSpyware, empeza siguiendo los pasos de el "Tutorial de Spywares" con las herramientas Ewido,*Microsoft Antispyware, Ad-Aware SE y SpyBot.

Pásale al menos dos de estos "Antivirus Online" y genera un nuevo log de HijackThis para pegarlo en este mismo mensaje y decirnos los resultados de los análisis de las herramientas.

Salu2

Después de seguir los pasos indicados, este es el nuevo log de Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 11:33:01, on 11/08/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\Documents and Settings\Administrador\WINDOWS\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\WINNT\System32\llssrv.exe
C:\MSSQL7\binn\sqlservr.exe
c:\orant\bin\oracle80.exe
C:\ORANT\BIN\TNSLSNR80.exe
C:\Archivos de programa\Microsoft Office\Office\OWSTIMER.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\MSSQL7\binn\sqlagent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\termsrv.exe
C:\WINNT\System32\lserver.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\svchost.exe
C:\Archivos de programa\Key Drive\Manager.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\System32\ctfmon.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Archivos de programa\ewido\security suite\ewidoguard.exe
C:\Documents and Settings\Administrador\Escritorio\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\pumqf.dll/sp.html#83556
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\pumqf.dll/sp.html#83556
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\pumqf.dll/sp.html#83556
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\pumqf.dll/sp.html#83556
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\pumqf.dll/sp.html#83556
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\System32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Class - {1226C677-A0E2-B07C-6C5C-AF77FA44913F} - C:\WINNT\ieos.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Archivos de programa\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [KeyDrive] C:\Archivos de programa\Key Drive\Manager.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [atlep32.exe] C:\WINNT\atlep32.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Administrador de servicios.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\Office10\EXCEL.EXE/3000
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrador\windows\system32\rnr20.dll' missing
O16 - DPF: {11010101-1001-1111-1000-110112345679} - ms-its:mhtml:file://c:\nosuch.mht!http://findgal.net/bcegfgpnpm.mjdhyq.kgjf-D-B-C-D.cdqs.yfin::/code.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O17 - HKLM\System\CS1\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O17 - HKLM\System\CS2\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINNT\system32\ielt.exe (file missing)
O23 - Service: Servicio de alerta (Alerter) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Administración de aplicaciones (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Examinador de equipos (Browser) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Portafolios (ClipSrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\clipsrv.ex e (file missing)
O23 - Service: Sistema de archivos distribuido (Dfs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\Dfssvc.exe (file missing)
O23 - Service: Cliente DHCP (Dhcp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servidor de DHCP (DHCPServer) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\tcpsvcs.ex e (file missing)
O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\dmadmin.ex e (file missing)
O23 - Service: Administrador de discos lógicos (dmserver) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servidor DNS (DNS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\dns.exe (file missing)
O23 - Service: Cliente DNS (Dnscache) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Registro de sucesos (Eventlog) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoguard.exe
O23 - Service: Servicio de fax (Fax) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\faxsvc.exe (file missing)
O23 - Service: Servicio de autenticación de Internet (IAS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servidor (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Estación de trabajo (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servicio de registro de licencias (LicenseService) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\llssrv.exe (file missing)
O23 - Service: Servicio de ayuda TCP/IP NetBIOS (LmHosts) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Mensajero (Messenger) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: DDE de red (NetDDE) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: DSDM de DDE de red (NetDDEdsdm) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: Inicio de sesión en red (Netlogon) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Conexiones de red (Netman) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Réplica de archivos (NtFrs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\ntfrs.exe (file missing)
O23 - Service: Proveedor de asistencia de seguridad LM de Windows NT (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Medios de almacenamiento extraíbles (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Oracle%ORACLE_HOME_SERVICE%ClientCache80 - Unknown owner - C:\ORANT\BIN\ONRSD80.EXE
O23 - Service: OracleExtprocAgent - Unknown owner - C:\ORANT\BIN\EXTPROCT.EXE
O23 - Service: OracleServiceJABU - Oracle Corporation - c:\orant\bin\oracle80.exe
O23 - Service: OracleTNSListener80 - Unknown owner - C:\ORANT\BIN\TNSLSNR80.exe
O23 - Service: Office Server Extensions Notification Service (OWSTimer) - Unknown owner - C:\Archivos de programa\Microsoft Office\Office\OWSTIMER.EXE
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Agente de directivas IPSEC (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Almacenamiento protegido (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Administrador de conexión automática de acceso remoto (RasAuto) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Administrador de conexión de acceso remoto (RasMan) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicio de Registro remoto (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\regsvc.exe (file missing)
O23 - Service: Localizador de llamadas a procedimiento remoto (RPC) (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\locator.ex e (file missing)
O23 - Service: Llamada a procedimiento remoto(RPC) (RpcSs) - Unknown owner - C:\Documents.exe (file missing)
O23 - Service: Control de admisión QoS (RSVP) (RSVP) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\rsvp.exe (file missing)
O23 - Service: Administrador de cuentas de seguridad (SamSs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Sistema de ayuda de tarjeta inteligente (SCardDrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\SCardSvr.e xe (file missing)
O23 - Service: Tarjeta inteligente (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\SCardSvr.e xe (file missing)
O23 - Service: Programador de tareas (Schedule) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\MSTask.exe (file missing)
O23 - Service: Servicio RunAs (seclogon) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Notificación de sucesos del sistema (SENS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\svchost.ex e (file missing)
O23 - Service: Conexión compartida a Internet (SharedAccess) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicios simples de TCP/IP (SimpTcp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\tcpsvcs.ex e (file missing)
O23 - Service: Cola de impresión (Spooler) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\spoolsv.ex e (file missing)
O23 - Service: Still Image Service (StiSvc) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\stisvc.exe (file missing)
O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)
O23 - Service: Registros y alertas de rendimiento (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\smlogsvc.e xe (file missing)
O23 - Service: Telefonía (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicios de Terminal Server (TermService) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\termsrv.ex e (file missing)
O23 - Service: Licencias de Servicios de Terminal Server (TermServLicensing) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lserver.ex e (file missing)
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\tlntsvr.ex e (file missing)
O23 - Service: Servidor de seguimiento de vínculos distribuidos (TrkSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Cliente de seguimiento de vinculos distribuidos (TrkWks) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Sistema de alimentación ininterrumpida (UPS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\ups.exe (file missing)
O23 - Service: Administrador de utilidades (UtilMan) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\UtilMan.ex e (file missing)
O23 - Service: Horario de Windows (W32Time) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Instrumental de administración de Windows (WinMgmt) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\WBEM\WinMg mt.exe (file missing)
O23 - Service: Servicio WINS (WINS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\wins.exe (file missing)
O23 - Service: Exten. controlador Instrumental de admon. de Windows (Wmi) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\Services.e xe (file missing)

Creo que está todo correcto ya, pero me gustaría que me dieras tu opinión.

Gracias Piedra, como siempre yn FENÓMENO.

Hola, todavia quedan algunas cosas pera terminar en tu sistema, empeza descargando (de la firma) el programa LSPFix.exe lo ejecutas y pones el archivo rnr20.dll lo pones en REMOVE y le das FINISH

Luego ejecuta HijackThis y dale FIX a estas:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\pumqf.dll/sp.html#83556

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\pumqf.dll/sp.html#83556
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\pumqf.dll/sp.html#83556
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\pumqf.dll/sp.html#83556
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\pumqf.dll/sp.html#83556
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\System32\blank.htm

O2 - BHO: Class - {1226C677-A0E2-B07C-6C5C-AF77FA44913F} - C:\WINNT\ieos.dll (file missing)

O4 - HKLM\..\Run: [atlep32.exe] C:\WINNT\atlep32.exe

O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINNT\system32\ielt.exe (file missing)

Con KillBox elimina estos archivos

C:\WINNT\atlep32.exe
C:\WINNT\pumqf.dll

Reinicia y nos contas los resultados.

Salu2

A ver:
Ninguno de los 2 nuevos programas he podido utilizar, ya que el primero no me deja poner en REMOVE, y en el segundo no he encontrado esos 2 archivos que me dices que debo eliminar.
He eliminado con el Hijackthis lo que me has dicho y he vuelto a sacar el log que es el siguiente:

Logfile of HijackThis v1.99.1
Scan saved at 9:47:36, on 12/08/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\Documents and Settings\Administrador\WINDOWS\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\WINNT\System32\llssrv.exe
C:\MSSQL7\binn\sqlservr.exe
c:\orant\bin\oracle80.exe
C:\ORANT\BIN\TNSLSNR80.exe
C:\Archivos de programa\Microsoft Office\Office\OWSTIMER.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\MSSQL7\binn\sqlagent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\termsrv.exe
C:\WINNT\System32\lserver.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\svchost.exe
C:\Archivos de programa\Key Drive\Manager.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\System32\ctfmon.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Archivos de programa\ewido\security suite\ewidoguard.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrador\Escritorio\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Archivos de programa\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [KeyDrive] C:\Archivos de programa\Key Drive\Manager.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Administrador de servicios.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\Office10\EXCEL.EXE/3000
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrador\windows\system32\rnr20.dll' missing
O16 - DPF: {11010101-1001-1111-1000-110112345679} - ms-its:mhtml:file://c:\nosuch.mht!http://findgal.net/bcegfgpnpm.mjdhyq.kgjf-D-B-C-D.cdqs.yfin::/code.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O17 - HKLM\System\CS1\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O17 - HKLM\System\CS2\Services\Tcpip\..\{15A3BA75-DD3B-4FB0-BE0A-CCA7344161FE}: NameServer = 127.0.0.1,192.148.167.16
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINNT\system32\ielt.exe (file missing)
O23 - Service: Servicio de alerta (Alerter) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Administración de aplicaciones (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Examinador de equipos (Browser) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Portafolios (ClipSrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\clipsrv.ex e (file missing)
O23 - Service: Sistema de archivos distribuido (Dfs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\Dfssvc.exe (file missing)
O23 - Service: Cliente DHCP (Dhcp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servidor de DHCP (DHCPServer) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\tcpsvcs.ex e (file missing)
O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\dmadmin.ex e (file missing)
O23 - Service: Administrador de discos lógicos (dmserver) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servidor DNS (DNS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\dns.exe (file missing)
O23 - Service: Cliente DNS (Dnscache) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Registro de sucesos (Eventlog) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoguard.exe
O23 - Service: Servicio de fax (Fax) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\faxsvc.exe (file missing)
O23 - Service: Servicio de autenticación de Internet (IAS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servidor (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Estación de trabajo (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Servicio de registro de licencias (LicenseService) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\llssrv.exe (file missing)
O23 - Service: Servicio de ayuda TCP/IP NetBIOS (LmHosts) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Mensajero (Messenger) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: DDE de red (NetDDE) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: DSDM de DDE de red (NetDDEdsdm) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: Inicio de sesión en red (Netlogon) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Conexiones de red (Netman) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Réplica de archivos (NtFrs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\ntfrs.exe (file missing)
O23 - Service: Proveedor de asistencia de seguridad LM de Windows NT (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Medios de almacenamiento extraíbles (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Oracle%ORACLE_HOME_SERVICE%ClientCache80 - Unknown owner - C:\ORANT\BIN\ONRSD80.EXE
O23 - Service: OracleExtprocAgent - Unknown owner - C:\ORANT\BIN\EXTPROCT.EXE
O23 - Service: OracleServiceJABU - Oracle Corporation - c:\orant\bin\oracle80.exe
O23 - Service: OracleTNSListener80 - Unknown owner - C:\ORANT\BIN\TNSLSNR80.exe
O23 - Service: Office Server Extensions Notification Service (OWSTimer) - Unknown owner - C:\Archivos de programa\Microsoft Office\Office\OWSTIMER.EXE
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Agente de directivas IPSEC (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Almacenamiento protegido (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Administrador de conexión automática de acceso remoto (RasAuto) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Administrador de conexión de acceso remoto (RasMan) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicio de Registro remoto (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\regsvc.exe (file missing)
O23 - Service: Localizador de llamadas a procedimiento remoto (RPC) (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\locator.ex e (file missing)
O23 - Service: Llamada a procedimiento remoto(RPC) (RpcSs) - Unknown owner - C:\Documents.exe (file missing)
O23 - Service: Control de admisión QoS (RSVP) (RSVP) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\rsvp.exe (file missing)
O23 - Service: Administrador de cuentas de seguridad (SamSs) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Sistema de ayuda de tarjeta inteligente (SCardDrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\SCardSvr.e xe (file missing)
O23 - Service: Tarjeta inteligente (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\SCardSvr.e xe (file missing)
O23 - Service: Programador de tareas (Schedule) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\MSTask.exe (file missing)
O23 - Service: Servicio RunAs (seclogon) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Notificación de sucesos del sistema (SENS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\svchost.ex e (file missing)
O23 - Service: Conexión compartida a Internet (SharedAccess) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicios simples de TCP/IP (SimpTcp) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\tcpsvcs.ex e (file missing)
O23 - Service: Cola de impresión (Spooler) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\spoolsv.ex e (file missing)
O23 - Service: Still Image Service (StiSvc) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\stisvc.exe (file missing)
O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)
O23 - Service: Registros y alertas de rendimiento (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\smlogsvc.e xe (file missing)
O23 - Service: Telefonía (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\svchost.ex e (file missing)
O23 - Service: Servicios de Terminal Server (TermService) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\termsrv.ex e (file missing)
O23 - Service: Licencias de Servicios de Terminal Server (TermServLicensing) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\lserver.ex e (file missing)
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\tlntsvr.ex e (file missing)
O23 - Service: Servidor de seguimiento de vínculos distribuidos (TrkSvr) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Cliente de seguimiento de vinculos distribuidos (TrkWks) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\services.e xe (file missing)
O23 - Service: Sistema de alimentación ininterrumpida (UPS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\ups.exe (file missing)
O23 - Service: Administrador de utilidades (UtilMan) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\UtilMan.ex e (file missing)
O23 - Service: Horario de Windows (W32Time) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\services.e xe (file missing)
O23 - Service: Instrumental de administración de Windows (WinMgmt) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\WBEM\WinMg mt.exe (file missing)
O23 - Service: Servicio WINS (WINS) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\System32\wins.exe (file missing)
O23 - Service: Exten. controlador Instrumental de admon. de Windows (Wmi) - Unknown owner - C:\Documents and Settings\Administrador\WINDOWS\system32\Services.e xe (file missing)

¿Cómo lo ves?

Gracias.

Bien el log aparece relativamente limpio y sobre el archivo que no podes poner en REMOVE si bien es un archivo legitimo esta en un lugar que no tendría que estar pero si el problema principal esta resuelto confírmanos para dar el tema por solucionado.

Salu2

Gracias Piedra. ¿Qué sería de nosotros sin ti?