• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 19

    May day

    ESTOY Q PASO Y PASO EL ANTIMALWARABYTE Y SIEMPRE ME BOTA LO MISMO Y NO LO ELIMINA POR FAVIR AYUNDEME ES UNA LAPTOP ACER Y YA VAN VARIAS VECES Q LA FORMATEO Y NO S ...

    1. #1
      Usuario Avatar de kikland
      Registrado
      sep 2009
      Ubicación
      peru
      Mensajes
      193

      May day

      ESTOY Q PASO Y PASO EL ANTIMALWARABYTE Y SIEMPRE ME BOTA LO MISMO Y NO LO ELIMINA POR FAVIR AYUNDEME ES UNA LAPTOP ACER Y YA VAN VARIAS VECES Q LA FORMATEO Y NO S EPOR DONDE SE METE ESE BICHO


      Malwarebytes Anti-Malware 1.62.0.1300
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.08.17.07

      Windows XP Service Pack 2 x86 NTFS
      Internet Explorer 8.0.6001.18702
      Administrador :: PC31 [administrador]

      17/08/2012 06:16:27 p.m.
      mbam-log-2012-08-17 (18-40-35).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 200105
      Tiempo transcurrido: 23 minuto(s), 36 segundo(s)

      Procesos en Memoria Detectados: 1
      C:\WINDOWS\Temp\VRT4.tmp (Trojan.FakeMS) -> 5328 -> No se tomaron medidas.

      Módulos de Memoria Detectados: 1
      C:\WINDOWS\system32\nwcwks.dll (Trojan.Inject) -> No se tomaron medidas.

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 2
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|hopvmcsa (Trojan.Winlock.P) -> datos: C:\WINDOWS\System32\hopvmcsa.exe -> No se tomaron medidas.
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|hopvmcsa (Trojan.Winlock.P) -> datos: C:\Documents and Settings\Administrador\hopvmcsa.exe -> No se tomaron medidas.

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 12
      C:\WINDOWS\system32\nwcwks.dll (Trojan.Inject) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT4.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\system32\hopvmcsa.exe (Trojan.Winlock.P) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\hopvmcsa.exe (Trojan.Winlock.P) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\ljysba.exe (Trojan.Inject) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\napzck.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP12\A0003898.exe (Trojan.Winlock.P) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP12\A0003899.exe (Trojan.Winlock.P) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT2.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT3.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT5.tmp (Trojan.Winlock.P) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT7.tmp (Trojan.Winlock.P) -> No se tomaron medidas.

      por favor ayuda

    2. #2
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: May day

      Hola kikland:

      ¿Formateas la pc y te vuelve a salir el mismo virus?

      Ejecuta nuevamente Malwarebytes y selecciona todos y dale a eliminar seleccionados.

      Te comento que en tu pc fue encontrado Koobface que infecta la pc con un rootkit TDL3 .


      Descarga TDSSKiller.zip a tu escritorio.
      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip
      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón

        .
      • TDSSKiller comenzara a analizar el equipo.
      • Si el equipo no está infectado:
      • Mostrara
      • No threats found.
      • Presiona clic sobre el botón "Close"
      • Si el equipo está infectado:
      • Mostrara:
      • Threats detected.
      • Select action for found objects:

      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".
      • Suspicious object, medium risk. Usa siempre la opción "Skip"
      • El programa selecciona de forma automática la acción a tomar.
      • Presiona clic sobre el botón "Continue"
      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.
      • Presiona clic sobre el botón

      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.


      Ademas de todo ese malware tenes el virus de la policia
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de kikland
      Registrado
      sep 2009
      Ubicación
      peru
      Mensajes
      193

      Re: May day

      aca esta l eporte


      12:07:12.0437 2324 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
      12:07:12.0671 2324 ============================================================
      12:07:12.0671 2324 Current date / time: 2012/08/18 12:07:12.0671
      12:07:12.0671 2324 SystemInfo:
      12:07:12.0671 2324
      12:07:12.0671 2324 OS Version: 5.1.2600 ServicePack: 2.0
      12:07:12.0671 2324 Product type: Workstation
      12:07:12.0703 2324 ComputerName: PC31
      12:07:12.0703 2324 UserName: Administrador
      12:07:12.0703 2324 Windows directory: C:\WINDOWS
      12:07:12.0703 2324 System windows directory: C:\WINDOWS
      12:07:12.0703 2324 Processor architecture: Intel x86
      12:07:12.0703 2324 Number of processors: 1
      12:07:12.0703 2324 Page size: 0x1000
      12:07:12.0703 2324 Boot type: Normal boot
      12:07:12.0703 2324 ============================================================
      12:07:28.0359 2324 BG loaded
      12:07:29.0281 2324 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x15A1E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x1C, Type 'K0', Flags 0x00000054
      12:07:29.0343 2324 ============================================================
      12:07:29.0343 2324 \Device\Harddisk0\DR0:
      12:07:29.0375 2324 MBR partitions:
      12:07:29.0375 2324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x30D4025
      12:07:29.0406 2324 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x30D40A3, BlocksNum 0x643AF31
      12:07:29.0406 2324 ============================================================
      12:07:29.0796 2324 C: <-> \Device\Harddisk0\DR0\Partition1
      12:07:32.0171 2324 D: <-> \Device\Harddisk0\DR0\Partition2
      12:07:32.0171 2324 ============================================================
      12:07:32.0171 2324 Initialize success
      12:07:32.0171 2324 ============================================================


      esto es lo q salio, q debo hacder ahora?

    4. #4
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: May day

      Hola ,

      Ejecuta nuevamente Tdsskiller desde modo seguro con funciones de red .

      Saludos
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de kikland
      Registrado
      sep 2009
      Ubicación
      peru
      Mensajes
      193

      Re: May day

      aqui esta lo q me pidieron

      19:32:18.0734 1548 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
      19:32:19.0640 1548 ============================================================
      19:32:19.0640 1548 Current date / time: 2012/08/18 19:32:19.0640
      19:32:19.0640 1548 SystemInfo:
      19:32:19.0640 1548
      19:32:19.0640 1548 OS Version: 5.1.2600 ServicePack: 2.0
      19:32:19.0640 1548 Product type: Workstation
      19:32:19.0640 1548 ComputerName: PC31
      19:32:19.0640 1548 UserName: Administrador
      19:32:19.0640 1548 Windows directory: C:\WINDOWS
      19:32:19.0640 1548 System windows directory: C:\WINDOWS
      19:32:19.0640 1548 Processor architecture: Intel x86
      19:32:19.0640 1548 Number of processors: 1
      19:32:19.0640 1548 Page size: 0x1000
      19:32:19.0640 1548 Boot type: Safe boot with network
      19:32:19.0640 1548 ============================================================
      19:32:22.0609 1548 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x15A1E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x1C, Type 'K0', Flags 0x00000054
      19:32:22.0609 1548 ============================================================
      19:32:22.0609 1548 \Device\Harddisk0\DR0:
      19:32:22.0609 1548 MBR partitions:
      19:32:22.0609 1548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x30D4025
      19:32:22.0656 1548 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x30D40A3, BlocksNum 0x643AF31
      19:32:22.0656 1548 ============================================================
      19:32:22.0718 1548 C: <-> \Device\Harddisk0\DR0\Partition1
      19:32:22.0734 1548 D: <-> \Device\Harddisk0\DR0\Partition2
      19:32:22.0734 1548 ============================================================
      19:32:22.0734 1548 Initialize success
      19:32:22.0734 1548 ============================================================
      19:32:29.0968 1804 ============================================================
      19:32:29.0968 1804 Scan started
      19:32:29.0968 1804 Mode: Manual; SigCheck; TDLFS;
      19:32:29.0968 1804 ============================================================
      19:32:31.0250 1804 ================ Scan services =============================
      19:32:31.0343 1804 Abiosdsk - ok
      19:32:31.0375 1804 abp480n5 - ok
      19:32:31.0437 1804 [ 33d1373ee875ce8b063777f7e77815b7 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
      19:32:32.0953 1804 ACPI - ok
      19:32:33.0000 1804 [ 1c905333c0b9f3d7c68ddf25e54b00f9 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
      19:32:33.0140 1804 ACPIEC - ok
      19:32:33.0156 1804 adpu160m - ok
      19:32:33.0218 1804 [ 841f385c6cfaf66b58fbd898722bb4f0 ] aec C:\WINDOWS\system32\drivers\aec.sys
      19:32:33.0343 1804 aec - ok
      19:32:33.0375 1804 [ 2c5c22990156a1063e19ad162191dc1d ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
      19:32:33.0375 1804 AegisP ( UnsignedFile.Multi.Generic ) - warning
      19:32:33.0375 1804 AegisP - detected UnsignedFile.Multi.Generic (1)
      19:32:33.0437 1804 [ 5ac495f4cb807b2b98ad2ad591e6d92e ] AFD C:\WINDOWS\System32\drivers\afd.sys
      19:32:33.0546 1804 AFD - ok
      19:32:33.0640 1804 [ 7725414fc319dd4ee6d6a6a01a6be4c0 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
      19:32:33.0703 1804 AgereSoftModem - ok
      19:32:33.0750 1804 Aha154x - ok
      19:32:33.0750 1804 aic78u2 - ok
      19:32:33.0781 1804 aic78xx - ok
      19:32:33.0921 1804 [ 4e0aca5290b2966f24c45250a56c2da1 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
      19:32:34.0156 1804 ALCXWDM - ok
      19:32:34.0203 1804 [ ffd14ea04a74ce3aa34e9511c994c590 ] Alerter C:\WINDOWS\system32\alrsvc.dll
      19:32:34.0328 1804 Alerter - ok
      19:32:34.0359 1804 [ 549b78a9339847f27efae50b81c89030 ] ALG C:\WINDOWS\System32\alg.exe
      19:32:34.0359 1804 ALG ( UnsignedFile.Multi.Generic ) - warning
      19:32:34.0359 1804 ALG - detected UnsignedFile.Multi.Generic (1)
      19:32:34.0375 1804 AliIde - ok
      19:32:34.0390 1804 amsint - ok
      19:32:34.0437 1804 [ 0cf68b185221e5b162ef1b0559428b40 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
      19:32:34.0515 1804 AppMgmt - ok
      19:32:34.0562 1804 [ f0d692b0bffb46e30eb3cea168bbc49f ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
      19:32:34.0687 1804 Arp1394 - ok
      19:32:34.0703 1804 asc - ok
      19:32:34.0734 1804 asc3350p - ok
      19:32:34.0750 1804 asc3550 - ok
      19:32:35.0000 1804 [ b3a20c671e9a3b7d095a79eca2472d95 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
      19:32:35.0015 1804 aspnet_state ( UnsignedFile.Multi.Generic ) - warning
      19:32:35.0015 1804 aspnet_state - detected UnsignedFile.Multi.Generic (1)
      19:32:35.0046 1804 [ 02000abf34af4c218c35d257024807d6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      19:32:35.0171 1804 AsyncMac - ok
      19:32:35.0203 1804 [ cdfe4411a69c224bd1d11b2da92dac51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
      19:32:35.0328 1804 atapi - ok
      19:32:35.0343 1804 Atdisk - ok
      19:32:35.0375 1804 [ ec88da854ab7d7752ec8be11a741bb7f ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      19:32:35.0500 1804 Atmarpc - ok
      19:32:35.0546 1804 [ f72df7512d92c2abedfae488411c9fe4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
      19:32:35.0656 1804 AudioSrv - ok
      19:32:35.0703 1804 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
      19:32:35.0812 1804 audstub - ok
      19:32:35.0875 1804 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
      19:32:35.0984 1804 Beep - ok
      19:32:36.0046 1804 [ 02451268dc47e4dc228210da0e3c3274 ] BITS C:\WINDOWS\system32\qmgr.dll
      19:32:36.0218 1804 BITS - ok
      19:32:36.0265 1804 [ d01cfcc753b09e70f5b7622501ff5383 ] Browser C:\WINDOWS\System32\browser.dll
      19:32:36.0375 1804 Browser - ok
      19:32:36.0421 1804 [ d24b8d1784c68a25060fffbe8ed34b76 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
      19:32:36.0546 1804 BthEnum - ok
      19:32:36.0578 1804 [ 10355270be12641b9764235da39dcf0f ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
      19:32:36.0703 1804 BthPan - ok
      19:32:36.0734 1804 [ 7deb334536e21679ad3f061bb4e366ff ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
      19:32:36.0859 1804 BTHPORT - ok
      19:32:36.0906 1804 [ 4da7d3b931ab2755a24093dd9728840e ] BthServ C:\WINDOWS\System32\bthserv.dll
      19:32:37.0015 1804 BthServ - ok
      19:32:37.0046 1804 [ f06d4cb9918b462a84d9ac00027efc30 ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
      19:32:37.0156 1804 BTHUSB - ok
      19:32:37.0250 1804 [ 7249ef21d6f70d971bda3ed0af16d340 ] BTKRNL C:\WINDOWS\system32\drivers\btkrnl.sys
      19:32:37.0375 1804 BTKRNL ( UnsignedFile.Multi.Generic ) - warning
      19:32:37.0375 1804 BTKRNL - detected UnsignedFile.Multi.Generic (1)
      19:32:37.0375 1804 [ 3e98d2550a6222cd6d278425fbb21c3e ] BTSERIAL C:\WINDOWS\system32\drivers\btserial.sys
      19:32:37.0406 1804 BTSERIAL ( UnsignedFile.Multi.Generic ) - warning
      19:32:37.0406 1804 BTSERIAL - detected UnsignedFile.Multi.Generic (1)
      19:32:37.0421 1804 [ 48b9ad7437ff5bfb8f13cab03179fe72 ] BTSLBCSP C:\WINDOWS\system32\drivers\btslbcsp.sys
      19:32:37.0437 1804 BTSLBCSP ( UnsignedFile.Multi.Generic ) - warning
      19:32:37.0437 1804 BTSLBCSP - detected UnsignedFile.Multi.Generic (1)
      19:32:37.0515 1804 [ c5e4569c83c3e3c368f907e69e8cd243 ] btwdins C:\Archivos de programa\WIDCOMM\Bluetooth Software\bin\btwdins.exe
      19:32:37.0546 1804 btwdins ( UnsignedFile.Multi.Generic ) - warning
      19:32:37.0546 1804 btwdins - detected UnsignedFile.Multi.Generic (1)
      19:32:37.0593 1804 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
      19:32:37.0703 1804 cbidf2k - ok
      19:32:37.0750 1804 [ 6163ed60b684bab19d3352ab22fc48b2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
      19:32:37.0859 1804 CCDECODE - ok
      19:32:37.0875 1804 cd20xrnt - ok
      19:32:37.0921 1804 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
      19:32:38.0015 1804 Cdaudio - ok
      19:32:38.0031 1804 [ cd7d5152df32b47f4e36f710b35aae02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
      19:32:38.0156 1804 Cdfs - ok
      19:32:38.0218 1804 [ af9c19b3100fe010496b1a27181fbf72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
      19:32:38.0328 1804 Cdrom - ok
      19:32:38.0343 1804 Changer - ok
      19:32:38.0421 1804 [ d7aa932567b5e8f8f061e2a0edc6418f ] CiSvc C:\WINDOWS\system32\cisvc.exe
      19:32:38.0437 1804 CiSvc ( UnsignedFile.Multi.Generic ) - warning
      19:32:38.0437 1804 CiSvc - detected UnsignedFile.Multi.Generic (1)
      19:32:38.0484 1804 [ c34a76c6821c432250ae1ea4492f06d5 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
      19:32:38.0484 1804 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
      19:32:38.0484 1804 ClipSrv - detected UnsignedFile.Multi.Generic (1)
      19:32:38.0531 1804 [ 4266be808f85826aedf3c64c1e240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
      19:32:38.0640 1804 CmBatt - ok
      19:32:38.0671 1804 CmdIde - ok
      19:32:38.0796 1804 [ df1b1a24bf52d0ebc01ed4ece8979f50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
      19:32:38.0906 1804 Compbatt - ok
      19:32:38.0937 1804 COMSysApp - ok
      19:32:38.0968 1804 Cpqarray - ok
      19:32:39.0031 1804 [ 149cffbf77cc1306fc535557cf513b91 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
      19:32:39.0140 1804 CryptSvc - ok
      19:32:39.0156 1804 dac2w2k - ok
      19:32:39.0187 1804 dac960nt - ok
      19:32:39.0312 1804 [ 86945706ebf0460631917e967bab3cc4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
      19:32:39.0437 1804 DcomLaunch - ok
      19:32:39.0484 1804 [ 83e48a6e01e8d9b26cfdda050b0a4758 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
      19:32:39.0609 1804 Dhcp - ok
      19:32:39.0640 1804 [ 00ca44e4534865f8a3b64f7c0984bff0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
      19:32:39.0750 1804 Disk - ok
      19:32:39.0750 1804 dmadmin - ok
      19:32:39.0875 1804 [ 9fb634a0ed429aa64de57c53dd10ccf9 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
      19:32:40.0046 1804 dmboot - ok
      19:32:40.0062 1804 [ 67decfaf3b6cdb34b3fa77d965281bb5 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
      19:32:40.0203 1804 dmio - ok
      19:32:40.0234 1804 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys
      19:32:40.0343 1804 dmload - ok
      19:32:40.0359 1804 [ 9108afa79d60ebfb2d6af87b9515ba1a ] dmserver C:\WINDOWS\System32\dmserver.dll
      19:32:40.0468 1804 dmserver - ok
      19:32:40.0500 1804 [ a6f881284ac1150e37d9ae47ff601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
      19:32:40.0609 1804 DMusic - ok
      19:32:40.0656 1804 [ 8739d42144e3687f5d107d1a1b10b9c1 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
      19:32:40.0781 1804 Dnscache - ok
      19:32:40.0796 1804 dpti2o - ok
      19:32:40.0812 1804 [ 1ed4dbbae9f5d558dbba4cc450e3eb2e ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
      19:32:40.0968 1804 drmkaud - ok
      19:32:41.0015 1804 [ d3d0ef132eb8f7351e0f6e8072e26331 ] EMSCR C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
      19:32:41.0031 1804 EMSCR - ok
      19:32:41.0093 1804 [ 90c85a6f2e6529526b897be25343663a ] ERSvc C:\WINDOWS\System32\ersvc.dll
      19:32:41.0203 1804 ERSvc - ok
      19:32:41.0234 1804 [ a2effc588a8df44f45aa75528c5d2e9c ] ESDCR C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
      19:32:41.0250 1804 ESDCR - ok
      19:32:41.0281 1804 [ f7bdd947074d092cbfebfec9817cc8a0 ] ESMCR C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
      19:32:41.0359 1804 ESMCR - ok
      19:32:41.0375 1804 [ f9852f505e0699bb83d5c6321917040b ] Eventlog C:\WINDOWS\system32\services.exe
      19:32:41.0515 1804 Eventlog - ok
      19:32:41.0562 1804 [ 86f565e6fdd0c0776089d2f92ab1fc3f ] EventSystem C:\WINDOWS\system32\es.dll
      19:32:41.0703 1804 EventSystem - ok
      19:32:41.0812 1804 [ a3bd44620161ec65461457072e4765e1 ] EvtEng C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
      19:32:41.0828 1804 EvtEng ( UnsignedFile.Multi.Generic ) - warning
      19:32:41.0828 1804 EvtEng - detected UnsignedFile.Multi.Generic (1)
      19:32:41.0890 1804 [ 3117f595e9615e04f05a54fc15a03b20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
      19:32:42.0000 1804 Fastfat - ok
      19:32:42.0046 1804 [ dbcf824ba771a1f27e6f5124d0516358 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
      19:32:42.0156 1804 FastUserSwitchingCompatibility - ok
      19:32:42.0187 1804 [ ced2e8396a8838e59d8fd529c680e02c ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
      19:32:42.0312 1804 Fdc - ok
      19:32:42.0343 1804 [ 6e9d149cfae2af4783f85dbd6cedf7a1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
      19:32:42.0453 1804 Fips - ok
      19:32:42.0484 1804 [ 0dd1de43115b93f4d85e889d7a86f548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
      19:32:42.0578 1804 Flpydisk - ok
      19:32:42.0640 1804 [ 157754f0df355a9e0a6f54721914f9c6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
      19:32:42.0765 1804 FltMgr - ok
      19:32:42.0781 1804 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
      19:32:42.0890 1804 Fs_Rec - ok
      19:32:42.0906 1804 [ cc5f3af5711a1c7c8fa1d43bb16b401a ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      19:32:43.0031 1804 Ftdisk - ok
      19:32:43.0109 1804 [ e8710b78540b738c3d18dfedf9ebea55 ] ftsata2 C:\WINDOWS\system32\drivers\ftsata2.sys
      19:32:43.0109 1804 ftsata2 ( UnsignedFile.Multi.Generic ) - warning
      19:32:43.0109 1804 ftsata2 - detected UnsignedFile.Multi.Generic (1)
      19:32:43.0125 1804 [ c0f1d4a21de5a415df8170616703debf ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
      19:32:43.0250 1804 Gpc - ok
      19:32:43.0312 1804 [ e9982061a16ec28239efede6bd6de846 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
      19:32:43.0437 1804 helpsvc - ok
      19:32:43.0437 1804 HidServ - ok
      19:32:43.0484 1804 [ 1de6783b918f540149aa69943bdfeba8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
      19:32:43.0593 1804 HidUsb - ok
      19:32:43.0593 1804 hpn - ok
      19:32:43.0656 1804 [ c19b522a9ae0bbc3293397f3055e80a1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
      19:32:43.0781 1804 HTTP - ok
      19:32:43.0812 1804 [ ef167770bd4358b395608f61ba11c6d4 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
      19:32:43.0921 1804 HTTPFilter - ok
      19:32:43.0937 1804 i2omgmt - ok
      19:32:43.0953 1804 i2omp - ok
      19:32:44.0015 1804 [ 0cab3ee361cfeab260b3906c8b6fb2be ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      19:32:44.0125 1804 i8042prt - ok
      19:32:44.0156 1804 [ f8aa320c6a0409c0380e5d8a99d76ec6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
      19:32:44.0250 1804 Imapi - ok
      19:32:44.0296 1804 [ 5215a76795d60d317d2a06b883827cee ] ImapiService C:\WINDOWS\system32\imapi.exe
      19:32:44.0328 1804 ImapiService ( UnsignedFile.Multi.Generic ) - warning
      19:32:44.0328 1804 ImapiService - detected UnsignedFile.Multi.Generic (1)
      19:32:44.0359 1804 ini910u - ok
      19:32:44.0437 1804 [ 161b54c8200663ada2c145d87e8d4340 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
      19:32:44.0531 1804 IntelIde - ok
      19:32:44.0562 1804 [ 98bbc0e8efa90fff1ec9456ee7b0b1f1 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
      19:32:44.0671 1804 intelppm - ok
      19:32:44.0812 1804 [ 4448006b6bc60e6c027932cfc38d6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
      19:32:44.0921 1804 Ip6Fw - ok
      19:32:45.0000 1804 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      19:32:45.0093 1804 IpFilterDriver - ok
      19:32:45.0109 1804 [ e1ec7f5da720b640cd8fb8424f1b14bb ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
      19:32:45.0218 1804 IpInIp - ok
      19:32:45.0265 1804 [ b5a8e215ac29d24d60b4d1250ef05ace ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
      19:32:45.0359 1804 IpNat - ok
      19:32:45.0390 1804 [ 64537aa5c003a6afeee1df819062d0d1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
      19:32:45.0531 1804 IPSec - ok
      19:32:45.0593 1804 [ 86c204836feec22510d434982d4221b8 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
      19:32:45.0671 1804 irda - ok
      19:32:45.0703 1804 [ 50708daa1b1cbb7d6ac1cf8f56a24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
      19:32:45.0750 1804 IRENUM - ok
      19:32:45.0781 1804 [ 185c3091b037cd0c8dfc141315973d83 ] Irmon C:\WINDOWS\System32\irmon.dll
      19:32:45.0843 1804 Irmon - ok
      19:32:45.0921 1804 [ 90bc6118193b4e8a76f0fc0d4a3572de ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
      19:32:46.0031 1804 isapnp - ok
      19:32:46.0109 1804 [ 872d090ca5c306f62d1982bce6302376 ] IWCA C:\WINDOWS\system32\DRIVERS\iwca.sys
      19:32:46.0140 1804 IWCA - ok
      19:32:46.0171 1804 [ 71bfdda7b3006b45b18d8bac92bc9993 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      19:32:46.0296 1804 Kbdclass - ok
      19:32:46.0343 1804 [ d93cad07c5683db066b0b2d2d3790ead ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
      19:32:46.0468 1804 kmixer - ok
      19:32:46.0500 1804 [ eb7ffe87fd367ea8fca0506f74a87fbb ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
      19:32:46.0609 1804 KSecDD - ok
      19:32:46.0656 1804 [ 22211f6fb9c4369b64a2b62050241eb3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
      19:32:46.0765 1804 lanmanserver - ok
      19:32:46.0796 1804 [ 2df7771f82b1a904c319d2519d85eafd ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
      19:32:46.0906 1804 lanmanworkstation - ok
      19:32:46.0906 1804 lbrtfdc - ok
      19:32:46.0968 1804 [ f9801c6f1682a9f3099d694320bffc27 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
      19:32:47.0078 1804 LmHosts - ok
      19:32:47.0109 1804 [ ca33f6547c49e749e47fb6a0d1dbe192 ] Messenger C:\WINDOWS\System32\msgsvc.dll
      19:32:47.0218 1804 Messenger - ok
      19:32:47.0312 1804 [ fafe367d032ed82e9332b4c741a20216 ] Microsoft Office Groove Audit Service C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe
      19:32:47.0328 1804 Microsoft Office Groove Audit Service - ok
      19:32:47.0375 1804 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
      19:32:47.0484 1804 mnmdd - ok
      19:32:47.0531 1804 [ b8ba9f5622a0e2e0b92505811ce968d1 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
      19:32:47.0531 1804 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
      19:32:47.0531 1804 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
      19:32:47.0562 1804 [ b65f57d37e8d43089b701ed16e22d0e9 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
      19:32:47.0656 1804 Modem - ok
      19:32:47.0718 1804 [ 05e9c75c6797145a4983e9d0a4778bc3 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
      19:32:47.0843 1804 Mouclass - ok
      19:32:47.0875 1804 [ 8ee532e516b2d23d686cfc1cc0a15c25 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
      19:32:47.0984 1804 mouhid - ok
      19:32:48.0000 1804 [ 65653f3b4477f3c63e68a9659f85ee2e ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
      19:32:48.0109 1804 MountMgr - ok
      19:32:48.0125 1804 mraid35x - ok
      19:32:48.0187 1804 [ 46edcc8f2db2f322c24f48785cb46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      19:32:48.0312 1804 MRxDAV - ok
      19:32:48.0359 1804 [ 1fd607fc67f7f7c633c3da65bfc53d18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      19:32:48.0515 1804 MRxSmb - ok
      19:32:48.0562 1804 [ d375b8ec73e951b9a7406a48fc75eef1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
      19:32:48.0578 1804 MSDTC ( UnsignedFile.Multi.Generic ) - warning
      19:32:48.0578 1804 MSDTC - detected UnsignedFile.Multi.Generic (1)
      19:32:48.0593 1804 [ 561b3a4333ca2dbdba28b5b956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
      19:32:48.0703 1804 Msfs - ok
      19:32:48.0718 1804 MSIServer - ok
      19:32:48.0750 1804 [ ae431a8dd3c1d0d0610cdbac16057ad0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
      19:32:48.0875 1804 MSKSSRV - ok
      19:32:48.0906 1804 [ 13e75fef9dfeb08eeded9d0246e1f448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      19:32:49.0000 1804 MSPCLOCK - ok
      19:32:49.0015 1804 [ 1988a33ff19242576c3d0ef9ce785da7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
      19:32:49.0125 1804 MSPQM - ok
      19:32:49.0156 1804 [ 469541f8bfd2b32659d5d463a6714bce ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      19:32:49.0265 1804 mssmbios - ok
      19:32:49.0312 1804 [ bf13612142995096ab084f2db7f40f77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
      19:32:49.0437 1804 MSTEE - ok
      19:32:49.0437 1804 [ 82035e0f41c2dd05ae41d27fe6cf7de1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
      19:32:49.0578 1804 Mup - ok
      19:32:49.0609 1804 [ 5c8dc6429c43dc6177c1fa5b76290d1a ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
      19:32:49.0703 1804 NABTSFEC - ok
      19:32:49.0750 1804 [ 558635d3af1c7546d26067d5d9b6959e ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
      19:32:49.0875 1804 NDIS - ok
      19:32:49.0906 1804 [ 520ce427a8b298f54112857bcf6bde15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
      19:32:50.0000 1804 NdisIP - ok
      19:32:50.0031 1804 [ 08d43bbdacdf23f34d79e44ed35c1b4c ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      19:32:50.0140 1804 NdisTapi - ok
      19:32:50.0187 1804 [ 34d6cd56409da9a7ed573e1c90a308bf ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      19:32:50.0296 1804 Ndisuio - ok
      19:32:50.0328 1804 [ 0b90e255a9490166ab368cd55a529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      19:32:50.0468 1804 NdisWan - ok
      19:32:50.0484 1804 [ 59fc3fb44d2669bc144fd87826bb571f ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
      19:32:50.0593 1804 NDProxy - ok
      19:32:50.0640 1804 [ 3a2aca8fc1d7786902ca434998d7ceb4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
      19:32:50.0734 1804 NetBIOS - ok
      19:32:50.0781 1804 [ 0c80e410cd2f47134407ee7dd19cc86b ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
      19:32:50.0921 1804 NetBT - ok
      19:32:50.0968 1804 [ 05fdc0b600f06adb4b26c6e8b96ac4c3 ] NetDDE C:\WINDOWS\system32\netdde.exe
      19:32:50.0984 1804 NetDDE ( UnsignedFile.Multi.Generic ) - warning
      19:32:50.0984 1804 NetDDE - detected UnsignedFile.Multi.Generic (1)
      19:32:51.0000 1804 [ 05fdc0b600f06adb4b26c6e8b96ac4c3 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
      19:32:51.0015 1804 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
      19:32:51.0015 1804 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
      19:32:51.0031 1804 [ 2b0b88652c9f6714fd4886839b3b0442 ] Netlogon C:\WINDOWS\system32\lsass.exe
      19:32:51.0140 1804 Netlogon - ok
      19:32:51.0187 1804 [ 25128473f0d3fd431f74cc5bafa123ca ] Netman C:\WINDOWS\System32\netman.dll
      19:32:51.0296 1804 Netman - ok
      19:32:51.0343 1804 [ 5c5c53db4fef16cf87b9911c7e8c6fbc ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
      19:32:51.0453 1804 NIC1394 - ok
      19:32:51.0531 1804 [ 10558fed65aaa5dc95125e069ae65036 ] Nla C:\WINDOWS\System32\mswsock.dll
      19:32:51.0671 1804 Nla - ok
      19:32:51.0703 1804 [ 4f601bcb8f64ea3ac0994f98fed03f8e ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
      19:32:51.0796 1804 Npfs - ok
      19:32:51.0875 1804 [ b78be402c3f63dd55521f73876951cdd ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
      19:32:52.0000 1804 Ntfs - ok
      19:32:52.0031 1804 [ 2b0b88652c9f6714fd4886839b3b0442 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
      19:32:52.0125 1804 NtLmSsp - ok
      19:32:52.0203 1804 [ 395948dee2b0f534a8c70687cc6dd7ca ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
      19:32:52.0359 1804 NtmsSvc - ok
      19:32:52.0390 1804 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys
      19:32:52.0484 1804 Null - ok
      19:32:52.0546 1804 [ 560f8147e9bb5a728d8715120d2f7e7f ] NWCWorkstation C:\WINDOWS\system32\nwcwks.dll
      19:32:52.0562 1804 NWCWorkstation ( UnsignedFile.Multi.Generic ) - warning
      19:32:52.0562 1804 NWCWorkstation - detected UnsignedFile.Multi.Generic (1)
      19:32:52.0609 1804 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      19:32:52.0718 1804 NwlnkFlt - ok
      19:32:52.0734 1804 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      19:32:52.0843 1804 NwlnkFwd - ok
      19:32:53.0000 1804 [ 84de1dd996b48b05ace31ad015fa108a ] odserv C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE
      19:32:53.0015 1804 odserv - ok
      19:32:53.0062 1804 [ 0951db8e5823ea366b0e408d71e1ba2a ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
      19:32:53.0187 1804 ohci1394 - ok
      19:32:53.0250 1804 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
      19:32:53.0265 1804 ose - ok
      19:32:53.0328 1804 [ 75bd3ac5a0339e10e923fb2ba15193e5 ] OwnershipProtocol C:\Archivos de programa\Intel\Wireless\Bin\OProtSvc.exe
      19:32:53.0343 1804 OwnershipProtocol ( UnsignedFile.Multi.Generic ) - warning
      19:32:53.0343 1804 OwnershipProtocol - detected UnsignedFile.Multi.Generic (1)
      19:32:53.0390 1804 [ 0df0b83c90473ccfdc3dc882cbb6e4a9 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
      19:32:53.0500 1804 Parport - ok
      19:32:53.0515 1804 [ 3334430c29dc338092f79c38ef7b4cd0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
      19:32:53.0625 1804 PartMgr - ok
      19:32:53.0671 1804 [ fad44d704ecd7d39ad01415b8bb34204 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
      19:32:53.0781 1804 ParVdm - ok
      19:32:53.0875 1804 [ a566b8da5e70b3237274d418853a87e0 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
      19:32:53.0984 1804 PCI - ok
      19:32:54.0000 1804 PCIDump - ok
      19:32:54.0015 1804 [ 33d63f0a9021acb4d75d83b646b93a30 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
      19:32:54.0140 1804 PCIIde - ok
      19:32:54.0171 1804 [ 6374a34b03aea7971c976982a391ad07 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
      19:32:54.0296 1804 Pcmcia - ok
      19:32:54.0312 1804 PDCOMP - ok
      19:32:54.0343 1804 PDFRAME - ok
      19:32:54.0359 1804 PDRELI - ok
      19:32:54.0375 1804 PDRFRAME - ok
      19:32:54.0406 1804 perc2 - ok
      19:32:54.0421 1804 perc2hib - ok
      19:32:54.0593 1804 [ f9852f505e0699bb83d5c6321917040b ] PlugPlay C:\WINDOWS\system32\services.exe
      19:32:54.0703 1804 PlugPlay - ok
      19:32:54.0718 1804 [ 2b0b88652c9f6714fd4886839b3b0442 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
      19:32:54.0828 1804 PolicyAgent - ok
      19:32:54.0875 1804 [ 1c5cc65aac0783c344f16353e60b72ac ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
      19:32:54.0968 1804 PptpMiniport - ok
      19:32:55.0000 1804 [ 2b0b88652c9f6714fd4886839b3b0442 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
      19:32:55.0109 1804 ProtectedStorage - ok
      19:32:55.0125 1804 [ 48671f327553dcf1d27f6197f622a668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
      19:32:55.0234 1804 PSched - ok
      19:32:55.0250 1804 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
      19:32:55.0359 1804 Ptilink - ok
      19:32:55.0375 1804 ql1080 - ok
      19:32:55.0406 1804 Ql10wnt - ok
      19:32:55.0421 1804 ql12160 - ok
      19:32:55.0453 1804 ql1240 - ok
      19:32:55.0468 1804 ql1280 - ok
      19:32:55.0593 1804 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
      19:32:55.0687 1804 RasAcd - ok
      19:32:55.0734 1804 [ c6133601f8d4b3c995b51307ee7be086 ] RasAuto C:\WINDOWS\System32\rasauto.dll
      19:32:55.0843 1804 RasAuto - ok
      19:32:55.0906 1804 [ 0207d26ddf796a193ccd9f83047bb5fc ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
      19:32:55.0968 1804 Rasirda - ok
      19:32:55.0984 1804 [ 98faeb4a4dcf812ba1c6fca4aa3e115c ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      19:32:56.0109 1804 Rasl2tp - ok
      19:32:56.0156 1804 [ c680bf19ca33f3fcae850275d7719634 ] RasMan C:\WINDOWS\System32\rasmans.dll
      19:32:56.0265 1804 RasMan - ok
      19:32:56.0296 1804 [ 7306eeed8895454cbed4669be9f79faa ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      19:32:56.0421 1804 RasPppoe - ok
      19:32:56.0437 1804 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
      19:32:56.0546 1804 Raspti - ok
      19:32:56.0593 1804 [ 29d66245adba878fff574cd66abd2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
      19:32:56.0703 1804 Rdbss - ok
      19:32:56.0718 1804 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      19:32:56.0828 1804 RDPCDD - ok
      19:32:56.0890 1804 [ a2cae2c60bc37e0751ef9dda7ceaf4ad ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
      19:32:57.0015 1804 rdpdr - ok
      19:32:57.0109 1804 [ d4f5643d7714ef499ae9527fdcd50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
      19:32:57.0234 1804 RDPWD - ok
      19:32:57.0312 1804 [ 0a13a72c4b201a4672aa8f4697b522b7 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
      19:32:57.0312 1804 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
      19:32:57.0312 1804 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
      19:32:57.0343 1804 [ 28531a950381da67fc6412dfebcc8c5c ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
      19:32:57.0468 1804 redbook - ok
      19:32:57.0515 1804 [ 5bd36da5a55b966ad610932455634fa9 ] RegSrvc C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
      19:32:57.0515 1804 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
      19:32:57.0515 1804 RegSrvc - detected UnsignedFile.Multi.Generic (1)
      19:32:57.0578 1804 [ ce85b0049c7f0ac32cb5576affeeec4d ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
      19:32:57.0687 1804 RemoteAccess - ok
      19:32:57.0734 1804 [ d025e953864ebebab5933086d15c4fc6 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
      19:32:57.0843 1804 RemoteRegistry - ok
      19:32:57.0859 1804 [ 99c4b74981a1413f142a3903130088cb ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
      19:32:57.0968 1804 RFCOMM - ok
      19:32:58.0031 1804 [ 85383ec06b82f0165785e372e1ba269f ] RpcLocator C:\WINDOWS\system32\locator.exe
      19:32:58.0031 1804 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
      19:32:58.0031 1804 RpcLocator - detected UnsignedFile.Multi.Generic (1)
      19:32:58.0078 1804 [ 86945706ebf0460631917e967bab3cc4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
      19:32:58.0203 1804 RpcSs - ok
      19:32:58.0265 1804 [ a55f138547bac1e2dbe513472f628181 ] RSVP C:\WINDOWS\system32\rsvp.exe
      19:32:58.0296 1804 RSVP ( UnsignedFile.Multi.Generic ) - warning
      19:32:58.0296 1804 RSVP - detected UnsignedFile.Multi.Generic (1)
      19:32:58.0359 1804 [ ad865d27f3ed4203a99d21a128fc38d0 ] S24EventMonitor C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
      19:32:58.0375 1804 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
      19:32:58.0375 1804 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
      19:32:58.0421 1804 [ 85a26a3bb748dfd3170cdbf45b0dd7fd ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
      19:32:58.0437 1804 s24trans ( UnsignedFile.Multi.Generic ) - warning
      19:32:58.0437 1804 s24trans - detected UnsignedFile.Multi.Generic (1)
      19:32:58.0468 1804 [ 2b0b88652c9f6714fd4886839b3b0442 ] SamSs C:\WINDOWS\system32\lsass.exe
      19:32:58.0578 1804 SamSs - ok
      19:32:58.0640 1804 [ 69dc0d16cdd4da12be24ba92b9e91963 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
      19:32:58.0656 1804 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
      19:32:58.0656 1804 SCardSvr - detected UnsignedFile.Multi.Generic (1)
      19:32:58.0703 1804 [ 0125649b3c00d037e07fd7bcef7b653b ] Schedule C:\WINDOWS\system32\schedsvc.dll
      19:32:58.0828 1804 Schedule - ok
      19:32:58.0890 1804 [ 02fc71b020ec8700ee8a46c58bc6f276 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
      19:32:59.0000 1804 sdbus - ok
      19:32:59.0046 1804 [ d26e26ea516450af9d072635c60387f4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
      19:32:59.0109 1804 Secdrv - ok
      19:32:59.0125 1804 [ 881e212e7d5dbc3a09732a9996c0cfd4 ] seclogon C:\WINDOWS\System32\seclogon.dll
      19:32:59.0234 1804 seclogon - ok
      19:32:59.0265 1804 [ 00b0a54474e8f99fd43d108446f0d5be ] SENS C:\WINDOWS\system32\sens.dll
      19:32:59.0359 1804 SENS - ok
      19:32:59.0375 1804 [ fa9c4c4ac544301fa13c5c00a270399f ] Serial C:\WINDOWS\system32\drivers\Serial.sys
      19:32:59.0484 1804 Serial - ok
      19:32:59.0500 1804 [ 0d13b6df6e9e101013a7afb0ce629fe0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
      19:32:59.0625 1804 Sfloppy - ok
      19:32:59.0687 1804 [ 0dc5698be9bbfe9673eb80a0d65d17e5 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
      19:32:59.0828 1804 SharedAccess - ok
      19:32:59.0875 1804 [ dbcf824ba771a1f27e6f5124d0516358 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
      19:32:59.0984 1804 ShellHWDetection - ok
      19:33:00.0000 1804 Simbad - ok
      19:33:00.0031 1804 [ f07af60b152221472fbdb2fecec4896d ] SkypeUpdate C:\Archivos de programa\Skype\Updater\Updater.exe
      19:33:00.0078 1804 SkypeUpdate - ok
      19:33:00.0125 1804 [ 5caeed86821fa2c6139e32e9e05ccdc9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
      19:33:00.0218 1804 SLIP - ok
      19:33:00.0296 1804 [ a8eb0aa07632a4c936ff6f8eda5bdead ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys
      19:33:00.0312 1804 SMCIRDA - ok
      19:33:00.0328 1804 Sparrow - ok
      19:33:00.0375 1804 [ 8e186b8f23295d1e42c573b82b80d548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
      19:33:00.0500 1804 splitter - ok
      19:33:00.0531 1804 [ 5847cb43fccbff5e1c25a919b0191e16 ] Spooler C:\WINDOWS\system32\spoolsv.exe
      19:33:00.0562 1804 Spooler ( UnsignedFile.Multi.Generic ) - warning
      19:33:00.0562 1804 Spooler - detected UnsignedFile.Multi.Generic (1)
      19:33:00.0609 1804 [ 3c151d50cf3ae1683c6e3ec201b2ad3d ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
      19:33:00.0687 1804 sr - ok
      19:33:00.0718 1804 [ c791d16bf25264738b14873436293bd0 ] srservice C:\WINDOWS\system32\srsvc.dll
      19:33:00.0781 1804 srservice - ok
      19:33:00.0812 1804 [ 20b7e396720353e4117d64d9dcb926ca ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
      19:33:00.0921 1804 Srv - ok
      19:33:00.0984 1804 [ 4aff5ea8bf2362c3d5001295fdeb3abd ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
      19:33:01.0046 1804 SSDPSRV - ok
      19:33:01.0093 1804 [ fffa385feadc60175c653afb215f539a ] stisvc C:\WINDOWS\system32\wiaservc.dll
      19:33:01.0218 1804 stisvc - ok
      19:33:01.0250 1804 [ 284c57df5dc7abca656bc2b96a667afb ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
      19:33:01.0375 1804 streamip - ok
      19:33:01.0406 1804 [ 03c1bae4766e2450219d20b993d6e046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
      19:33:01.0500 1804 swenum - ok
      19:33:01.0562 1804 [ 94abc808fc4b6d7d2bbf42b85e25bb4d ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
      19:33:01.0671 1804 swmidi - ok
      19:33:01.0687 1804 SwPrv - ok
      19:33:01.0703 1804 symc810 - ok
      19:33:01.0734 1804 symc8xx - ok
      19:33:01.0750 1804 sym_hi - ok
      19:33:01.0781 1804 sym_u3 - ok
      19:33:01.0859 1804 [ a63401d180863a2cefce51798542ae5f ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
      19:33:01.0906 1804 SynTP - ok
      19:33:01.0937 1804 [ 650ad082d46bac0e64c9c0e0928492fd ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
      19:33:02.0062 1804 sysaudio - ok
      19:33:02.0109 1804 [ c3cbdec393c132eb61130a6704f71d4d ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
      19:33:02.0156 1804 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
      19:33:02.0156 1804 SysmonLog - detected UnsignedFile.Multi.Generic (1)
      19:33:02.0203 1804 [ c2dc3f102c351fa6d4bdaf2b927eafc2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
      19:33:02.0312 1804 TapiSrv - ok
      19:33:02.0359 1804 [ 9f4b36614a0fc234525ba224957de55c ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
      19:33:02.0515 1804 Tcpip - ok
      19:33:02.0546 1804 [ 38d437cf2d98965f239b0abcd66dcb0f ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
      19:33:02.0671 1804 TDPIPE - ok
      19:33:02.0703 1804 [ ed0580af02502d00ad8c4c066b156be9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
      19:33:02.0796 1804 TDTCP - ok
      19:33:02.0859 1804 [ a540a99c281d933f3d69d55e48727f47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
      19:33:02.0953 1804 TermDD - ok
      19:33:03.0000 1804 [ c2038466be5a6a76efd592fa0b459e17 ] TermService C:\WINDOWS\System32\termsrv.dll
      19:33:03.0140 1804 TermService - ok
      19:33:03.0187 1804 [ dbcf824ba771a1f27e6f5124d0516358 ] Themes C:\WINDOWS\System32\shsvcs.dll
      19:33:03.0281 1804 Themes - ok
      19:33:03.0359 1804 [ 82081b2d3d71cbcd5ddd37dfd0dc7bc3 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
      19:33:03.0390 1804 TlntSvr ( UnsignedFile.Multi.Generic ) - warning
      19:33:03.0390 1804 TlntSvr - detected UnsignedFile.Multi.Generic (1)
      19:33:03.0406 1804 TosIde - ok
      19:33:03.0468 1804 [ bf0b2a43c17c4bbd38b8d8e10be980c1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
      19:33:03.0578 1804 TrkWks - ok
      19:33:03.0625 1804 [ 12f70256f140cd7d52c58c7048fde657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
      19:33:03.0718 1804 Udfs - ok
      19:33:03.0734 1804 ultra - ok
      19:33:03.0781 1804 [ fb80488f2209a016a0563bf1de48ec0e ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
      19:33:03.0781 1804 UMWdf ( UnsignedFile.Multi.Generic ) - warning
      19:33:03.0781 1804 UMWdf - detected UnsignedFile.Multi.Generic (1)
      19:33:03.0812 1804 [ aff2e5045961bbc0a602bb6f95eb1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
      19:33:03.0921 1804 Update - ok
      19:33:03.0968 1804 [ 4b48358383940f6e559da2f64753029f ] upnphost C:\WINDOWS\System32\upnphost.dll
      19:33:04.0031 1804 upnphost - ok
      19:33:04.0078 1804 [ a4c555b2f781243eb949d19670d05d7e ] UPS C:\WINDOWS\System32\ups.exe
      19:33:04.0078 1804 UPS ( UnsignedFile.Multi.Generic ) - warning
      19:33:04.0078 1804 UPS - detected UnsignedFile.Multi.Generic (1)
      19:33:04.0140 1804 [ 15e993ba2f6946b2bfbbfcd30398621e ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
      19:33:04.0250 1804 usbehci - ok
      19:33:04.0265 1804 [ c72f40947f92cea56a8fb532edf025f1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
      19:33:04.0375 1804 usbhub - ok
      19:33:04.0421 1804 [ 6cd7b22193718f1d17a47a1cd6d37e75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      19:33:04.0531 1804 USBSTOR - ok
      19:33:04.0578 1804 [ f8fd1400092e23c8f2f31406ef06167b ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      19:33:04.0671 1804 usbuhci - ok
      19:33:04.0765 1804 [ f293a4f280084cd3bf3fb9dc74e7a367 ] uw340j C:\Documents and Settings\Administrador\Datos de programa\in1eywv.bat
      19:33:04.0875 1804 uw340j ( UnsignedFile.Multi.Generic ) - warning
      19:33:04.0875 1804 uw340j - detected UnsignedFile.Multi.Generic (1)
      19:33:04.0890 1804 [ 8a60edd72b4ea5aea8202daf0e427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
      19:33:05.0062 1804 VgaSave - ok
      19:33:05.0078 1804 ViaIde - ok
      19:33:05.0125 1804 [ d6ec4aff061665a10f0b1a9517d338e3 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
      19:33:05.0234 1804 VolSnap - ok
      19:33:05.0296 1804 [ b8e1ba21627827ad206d9b8faa980d7b ] VSS C:\WINDOWS\System32\vssvc.exe
      19:33:05.0328 1804 VSS ( UnsignedFile.Multi.Generic ) - warning
      19:33:05.0328 1804 VSS - detected UnsignedFile.Multi.Generic (1)
      19:33:05.0390 1804 [ af0850cfd99e9e5e142537cd601bcb72 ] vvftav211 C:\WINDOWS\system32\drivers\vvftav211.sys
      19:33:05.0453 1804 vvftav211 - ok
      19:33:05.0656 1804 [ c89da341fcc883a3d79dc11727484fc2 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
      19:33:05.0906 1804 w29n51 - ok
      19:33:05.0968 1804 [ 13835c57c973519f82b27ea506239369 ] W32Time C:\WINDOWS\system32\w32time.dll
      19:33:06.0062 1804 W32Time - ok
      19:33:06.0093 1804 [ 984ef0b9788abf89974cfed4bfbaacbc ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
      19:33:06.0234 1804 Wanarp - ok
      19:33:06.0250 1804 WDICA - ok
      19:33:06.0296 1804 [ 2797f33ebf50466020c430ee4f037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
      19:33:06.0406 1804 wdmaud - ok
      19:33:06.0437 1804 [ a7096ff98f9ffb9f36e1ba3fcd4591cd ] WebClient C:\WINDOWS\System32\webclnt.dll
      19:33:06.0562 1804 WebClient - ok
      19:33:06.0640 1804 [ 3e8df5e4f0e6419801ff5f568cc8c531 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
      19:33:06.0781 1804 winmgmt - ok
      19:33:06.0843 1804 wltrysvc - ok
      19:33:07.0000 1804 [ a477391b7a8b0a0daabadb17cf533a4b ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
      19:33:07.0062 1804 WmdmPmSN - ok
      19:33:07.0171 1804 [ d8f738e92ea2122f5767acd5378c732b ] Wmi C:\WINDOWS\System32\advapi32.dll
      19:33:07.0437 1804 Wmi - ok
      19:33:07.0531 1804 [ da750a622d07b450d924fb0c8919bbc6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
      19:33:07.0593 1804 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
      19:33:07.0593 1804 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
      19:33:07.0671 1804 [ fa7335c49f09d764cd6e507b946cd8d1 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
      19:33:07.0828 1804 wscsvc - ok
      19:33:07.0875 1804 [ d5842484f05e12121c511aa93f6439ec ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
      19:33:07.0984 1804 WSTCODEC - ok
      19:33:08.0062 1804 [ eeda22e0c570c7204724c3a30a0b1a40 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
      19:33:08.0171 1804 wuauserv - ok
      19:33:08.0281 1804 [ e28bb7bb83250346eb4e71134acd5627 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
      19:33:08.0437 1804 WZCSVC - ok
      19:33:08.0531 1804 [ 843e0db8042a8c0d749eb2b9efa54f24 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
      19:33:08.0656 1804 xmlprov - ok
      19:33:08.0765 1804 [ e7d4da4044fc93902f407fd3a59d0b17 ] ZSMC30x C:\WINDOWS\system32\Drivers\ZS211.sys
      19:33:08.0875 1804 ZSMC30x - ok
      19:33:08.0921 1804 ================ Scan global ===============================
      19:33:08.0984 1804 (b594a2f6778b6b05cbf5022a645427f8) C:\WINDOWS\system32\basesrv.dll
      19:33:09.0015 1804 (f39602cf86e98bab77b49d93291bd3ef) C:\WINDOWS\system32\winsrv.dll
      19:33:09.0046 1804 (f39602cf86e98bab77b49d93291bd3ef) C:\WINDOWS\system32\winsrv.dll
      19:33:09.0078 1804 (f9852f505e0699bb83d5c6321917040b) C:\WINDOWS\system32\services.exe
      19:33:09.0093 1804 [Global] - ok
      19:33:09.0093 1804 ================ Scan MBR ==================================
      19:33:09.0125 1804 MBR (0x1B8) (792f61657fece3d17a9122b4ee282847) \Device\Harddisk0\DR0
      19:33:09.0359 1804 \Device\Harddisk0\DR0 - ok
      19:33:09.0359 1804 ================ Scan VBR ==================================
      19:33:09.0375 1804 Boot (0x1200) (b4b9707505e10da1e477faad52a571c9) \Device\Harddisk0\DR0\Partition1
      19:33:09.0375 1804 \Device\Harddisk0\DR0\Partition1 - ok
      19:33:09.0421 1804 Boot (0x1200) (d3c9024734c004ec7f7f5b7764bed3d3) \Device\Harddisk0\DR0\Partition2
      19:33:09.0421 1804 \Device\Harddisk0\DR0\Partition2 - ok
      19:33:09.0421 1804 ============================================================
      19:33:09.0421 1804 Scan finished
      19:33:09.0421 1804 ============================================================
      19:33:09.0578 1796 Detected object count: 33
      19:33:09.0578 1796 Actual detected object count: 33
      19:33:31.0296 1796 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0296 1796 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0312 1796 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0312 1796 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0312 1796 aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0312 1796 aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0328 1796 BTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0328 1796 BTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0343 1796 BTSERIAL ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0343 1796 BTSERIAL ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0343 1796 BTSLBCSP ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0343 1796 BTSLBCSP ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0359 1796 btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0359 1796 btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0375 1796 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0375 1796 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0375 1796 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0390 1796 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0390 1796 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0390 1796 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0406 1796 ftsata2 ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0406 1796 ftsata2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0421 1796 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0421 1796 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0421 1796 mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0421 1796 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0437 1796 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0437 1796 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0453 1796 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0453 1796 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0453 1796 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0453 1796 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0468 1796 NWCWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0468 1796 NWCWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0468 1796 OwnershipProtocol ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0468 1796 OwnershipProtocol ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0484 1796 RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0484 1796 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0500 1796 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0500 1796 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0500 1796 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0500 1796 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0515 1796 RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0515 1796 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0531 1796 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0531 1796 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0531 1796 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0531 1796 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0546 1796 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0546 1796 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0546 1796 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0546 1796 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0562 1796 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0562 1796 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0578 1796 TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0578 1796 TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0578 1796 UMWdf ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0578 1796 UMWdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0593 1796 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0593 1796 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0609 1796 uw340j ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0609 1796 uw340j ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0609 1796 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0609 1796 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
      19:33:31.0625 1796 WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
      19:33:31.0625 1796 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip



      todo lo deje en skip, q debo hacer ahora?

    6. #6
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: May day

      Hola ,

      Ejecuta nuevamente Tdsskiller y dale copy to cuarentine a lo siguiente:

      19:33:04.0875 1804 uw340j ( UnsignedFile.Multi.Generic ) - warning
      19:33:04.0875 1804 uw340j - detected UnsignedFile.Multi.Generic (1)
      Falta el nuevo informe de Malwarebytes...

      Saludos
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de kikland
      Registrado
      sep 2009
      Ubicación
      peru
      Mensajes
      193

      Re: May day

      creo q hice bien lo q me pedistes, ahora este es el reporte de anti

      Malwarebytes Anti-Malware 1.62.0.1300
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.08.17.07

      Windows XP Service Pack 2 x86 NTFS
      Internet Explorer 8.0.6001.18702
      Administrador :: PC31 [administrador]

      18/08/2012 08:54:57 p.m.
      mbam-log-2012-08-18 (21-08-13).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 200423
      Tiempo transcurrido: 12 minuto(s), 51 segundo(s)

      Procesos en Memoria Detectados: 2
      C:\WINDOWS\Temp\VRTA.tmp (Trojan.FakeMS) -> 2284 -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\napzck.exe (Trojan.Agent.DBGen) -> 3284 -> No se tomaron medidas.

      Módulos de Memoria Detectados: 1
      C:\WINDOWS\system32\nwcwks.dll (Trojan.Inject) -> No se tomaron medidas.

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 25
      C:\WINDOWS\system32\nwcwks.dll (Trojan.Inject) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRTA.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\napzck.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\a8frfra.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\ljysba.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003971.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003972.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003973.dll (Trojan.Inject) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003974.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003983.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003984.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003993.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003994.dll (Trojan.Inject) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0003995.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0004003.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0004005.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT1.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT2.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT3.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT4.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT5.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT6.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT7.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT8.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT9.tmp (Worm.KoobFace) -> No se tomaron medidas.

      fin)


      alli va

    8. #8
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: May day

      Hola ,

      Tenes que marcar todo y seleccionar a eliminar seleccionados y traer un nuevo reporte.

      Pega el informe de Tdsskiller que ejecutaste para eliminar la infección que te dije .
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de kikland
      Registrado
      sep 2009
      Ubicación
      peru
      Mensajes
      193

      Re: May day

      elimine a todos en modo seguron con red, despues la reinicie y pase el anti y esto es lo q me ha botado

      Malwarebytes Anti-Malware 1.62.0.1300
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.08.17.07

      Windows XP Service Pack 2 x86 NTFS
      Internet Explorer 8.0.6001.18702
      Administrador :: PC31 [administrador]

      18/08/2012 10:56:55 p.m.
      mbam-log-2012-08-18 (23-09-32).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 200267
      Tiempo transcurrido: 12 minuto(s), 18 segundo(s)

      Procesos en Memoria Detectados: 2
      C:\WINDOWS\Temp\VRT6.tmp (Trojan.FakeMS) -> 2548 -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\napzck.exe (Trojan.Agent.DBGen) -> 2204 -> No se tomaron medidas.

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 13
      C:\WINDOWS\Temp\VRT6.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\napzck.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\WINDOWS\system32\nwcwks.dll (Trojan.Inject) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\ljysba.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0004025.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0004026.dll (Trojan.Inject) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0004027.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\TDSSKiller_Quarantine\18.08.2012_22.46.27\susp0016\svc0000\tsk0000.dta (Trojan.Inject) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT1.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT2.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT3.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT4.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT5.tmp (Worm.KoobFace) -> No se tomaron medidas.

      fin)



      me sigue saliendo bichitos y el famoso koobface

    10. #10
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: May day

      Hola Amigo ,

      Malwarebytes Anti-Malware 1.62.0.1300
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.08.17.07

      Windows XP Service Pack 2 x86 NTFS
      Internet Explorer 8.0.6001.18702
      Administrador :: PC31 [administrador]

      18/08/2012 10:56:55 p.m.
      mbam-log-2012-08-18 (23-09-32).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 200267
      Tiempo transcurrido: 12 minuto(s), 18 segundo(s)

      Procesos en Memoria Detectados: 2
      C:\WINDOWS\Temp\VRT6.tmp (Trojan.FakeMS) -> 2548 -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\napzck.exe (Trojan.Agent.DBGen) -> 2204 -> No se tomaron medidas.

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 13
      C:\WINDOWS\Temp\VRT6.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\napzck.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\WINDOWS\system32\nwcwks.dll (Trojan.Inject) -> No se tomaron medidas.
      C:\Documents and Settings\Administrador\Datos de programa\ljysba.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0004025.exe (Trojan.Agent) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0004026.dll (Trojan.Inject) -> No se tomaron medidas.
      C:\System Volume Information\_restore{BE887D4D-02D4-423E-B9B8-507A5411D8E5}\RP13\A0004027.exe (Trojan.Agent.DBGen) -> No se tomaron medidas.
      C:\TDSSKiller_Quarantine\18.08.2012_22.46.27\susp0 016\svc0000\tsk0000.dta (Trojan.Inject) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT1.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT2.tmp (Worm.KoobFace) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT3.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT4.tmp (Trojan.FakeMS) -> No se tomaron medidas.
      C:\WINDOWS\Temp\VRT5.tmp (Worm.KoobFace) -> No se tomaron medidas.

      fin)
      No se tomaron medidas: Eso significa que no se elimino nada.

      Tenes que marcar TODO y darle a "eliminar seleccionados" abajo a la izquierda...

      Ademas de eso realiza lo siguiente ;

      Descarga Ccleaner:Manual de CCleaner

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad


      Realiza un análisis completo con Eset Nod32

      1- Lo ejecutas.

      2-Marcas las casillas de Eliminar las amenazas detectadas y analizar archivos.

      3- Haces clic en Configuración adicional y ahi marcas las casillas:

      - Analizar en busca de aplicaciones potencialmente indeseables.

      - Analizar en busca de aplicaciones potencialmente peligrosas.

      - Activar la tecnolgía Anti-Stealth.



      4- Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Cuando acabe haz clic en Finalizar

      5- Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log.

      Falta el reporte de Tdsskiller donde elimino los archivos infectados ...
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo