• Registrarse
  • Iniciar sesión


  • Página 2 de 4 PrimeroPrimero 1234 ÚltimoÚltimo
    Resultados 11 al 20 de 34

    Virus file_recover

    No puedo Lo tengo apagado Saludos...

    1. #11
      Usuario Avatar de pepo.ar
      Registrado
      nov 2009
      Ubicación
      argentina
      Mensajes
      35

      Re: Virus file_recover

      No puedo

      Lo tengo apagado

      Saludos

    2. #12
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de pepo.ar
      Registrado
      nov 2009
      Ubicación
      argentina
      Mensajes
      35

      Re: Virus file_recover

      Hola

      Antes de hacer eso prefiero seguir intentando reparala PC un poco más.
      Te cuento que volví a escanear la PC con el CD de kaspersky y detecto un rootkit dev/ rootkit.boost.sst.a lo elimino (no se por que la primera vez no lo detecto?). Luego inicie la PC en modo prueba de fallos y pude correr el TDS, te pego el reporte, luego intente instalar el malwareb. pero me da error time error 5. Por lo que la PC sigue infectada, intente hacer un escaner on line con el eset, pero cuando quiere actualizar la base me dice que debo programar el proxi y no tengo proxi, por lo que no se puede conectar. Entonces ejecute el At detroyer y luego volví a intentar lo anterior, pero sigue igual. Luego ejecute el superantisp. y encontró un par de troyanos, volví a intentar instalar el malwareb. pero me sigue dando error. Luego ejecute el DR cureit y detecto dentro de un temp dos virus con un nombre similar al AT detroyer. Por último ejecute el aswmbr. Te adjunto los reportes.


      TDS:

      09:45:19.0703 1400 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
      09:45:19.0734 1400 ============================================================
      09:45:19.0734 1400 Current date / time: 2012/10/16 09:45:19.0734
      09:45:19.0734 1400 SystemInfo:
      09:45:19.0734 1400
      09:45:19.0734 1400 OS Version: 5.1.2600 ServicePack: 3.0
      09:45:19.0734 1400 Product type: Workstation
      09:45:19.0734 1400 ComputerName: SS-899B0D52B795
      09:45:19.0734 1400 UserName: Administrador
      09:45:19.0734 1400 Windows directory: C:\WINDOWS
      09:45:19.0734 1400 System windows directory: C:\WINDOWS
      09:45:19.0734 1400 Processor architecture: Intel x86
      09:45:19.0734 1400 Number of processors: 1
      09:45:19.0734 1400 Page size: 0x1000
      09:45:19.0734 1400 Boot type: Safe boot with network
      09:45:19.0734 1400 ============================================================
      09:45:21.0078 1400 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
      09:45:21.0078 1400 Drive \Device\Harddisk1\DR3 - Size: 0xEF100000 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      09:45:21.0078 1400 ============================================================
      09:45:21.0078 1400 \Device\Harddisk0\DR0:
      09:45:21.0078 1400 MBR partitions:
      09:45:21.0078 1400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2EE1AB5
      09:45:21.0078 1400 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE1B33, BlocksNum 0xFB36F8E
      09:45:21.0078 1400 \Device\Harddisk1\DR3:
      09:45:21.0078 1400 MBR partitions:
      09:45:21.0078 1400 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x7787C1
      09:45:21.0078 1400 ============================================================
      09:45:21.0109 1400 D: <-> \Device\Harddisk0\DR0\Partition2
      09:45:21.0125 1400 C: <-> \Device\Harddisk0\DR0\Partition1
      09:45:21.0187 1400 ============================================================
      09:45:21.0187 1400 Initialize success
      09:45:21.0187 1400 ============================================================
      09:46:09.0531 1456 ============================================================
      09:46:09.0531 1456 Scan started
      09:46:09.0531 1456 Mode: Manual; SigCheck; TDLFS;
      09:46:09.0531 1456 ============================================================
      09:46:10.0156 1456 ================ Scan system memory ========================
      09:46:10.0156 1456 System memory - ok
      09:46:10.0156 1456 ================ Scan services =============================
      09:46:10.0218 1456 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Archivos de programa\SUPERAntiSpyware\SASCORE.EXE
      09:46:10.0359 1456 !SASCORE - ok
      09:46:10.0546 1456 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
      09:46:10.0671 1456 Aavmker4 - ok
      09:46:10.0687 1456 Abiosdsk - ok
      09:46:10.0718 1456 abp480n5 - ok
      09:46:10.0781 1456 [ CF2A07E1751A2D612D7E13AA431AB057 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
      09:46:11.0875 1456 ACPI - ok
      09:46:11.0921 1456 [ 1C905333C0B9F3D7C68DDF25E54B00F9 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
      09:46:12.0062 1456 ACPIEC - ok
      09:46:12.0093 1456 [ C1EB9968EC89FBA5F3A264E2E57923AB ] Adobe LM Service C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
      09:46:12.0109 1456 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
      09:46:12.0109 1456 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
      09:46:12.0140 1456 adpu160m - ok
      09:46:12.0187 1456 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
      09:46:12.0296 1456 aec - ok
      09:46:12.0359 1456 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
      09:46:12.0406 1456 AFD - ok
      09:46:12.0421 1456 Aha154x - ok
      09:46:12.0453 1456 aic78u2 - ok
      09:46:12.0484 1456 aic78xx - ok
      09:46:12.0609 1456 [ 95AA37BEC6C72C277C2CAEAEE736DD2D ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
      09:46:12.0765 1456 ALCXWDM - ok
      09:46:12.0796 1456 [ FEDCA791A089D4E15084DA10F38BCE45 ] Alerter C:\WINDOWS\system32\alrsvc.dll
      09:46:12.0921 1456 Alerter - ok
      09:46:12.0953 1456 [ 764B7A1E6AE2D70416A7932F3B97AC99 ] ALG C:\WINDOWS\System32\alg.exe
      09:46:13.0046 1456 ALG - ok
      09:46:13.0062 1456 AliIde - ok
      09:46:13.0093 1456 amsint - ok
      09:46:13.0140 1456 [ 30CD42BFCDAFEFE8567B9E527DD3AE08 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
      09:46:13.0250 1456 AppMgmt - ok
      09:46:13.0265 1456 asc - ok
      09:46:13.0296 1456 asc3350p - ok
      09:46:13.0328 1456 asc3550 - ok
      09:46:13.0421 1456 [ ED8CEE58C1E4C5893F5B2FD686A272BF ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
      09:46:13.0437 1456 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
      09:46:13.0437 1456 Aspi32 - detected UnsignedFile.Multi.Generic (1)
      09:46:13.0531 1456 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
      09:46:13.0531 1456 aspnet_state - ok
      09:46:13.0578 1456 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
      09:46:13.0578 1456 aswFsBlk - ok
      09:46:13.0609 1456 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
      09:46:13.0625 1456 aswMon2 - ok
      09:46:13.0656 1456 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
      09:46:13.0671 1456 aswRdr - ok
      09:46:13.0718 1456 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
      09:46:13.0750 1456 aswSnx - ok
      09:46:13.0781 1456 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
      09:46:13.0812 1456 aswSP - ok
      09:46:13.0828 1456 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
      09:46:13.0843 1456 aswTdi - ok
      09:46:13.0906 1456 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      09:46:14.0000 1456 AsyncMac - ok
      09:46:14.0031 1456 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
      09:46:14.0156 1456 atapi - ok
      09:46:14.0187 1456 Atdisk - ok
      09:46:14.0234 1456 [ C67BDE7FB9B34496BDDD0F5F5922D3E4 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
      09:46:14.0281 1456 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
      09:46:14.0281 1456 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
      09:46:14.0359 1456 [ 56A1EFFDE2B68B59E82905E083B9D77F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
      09:46:14.0406 1456 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
      09:46:14.0406 1456 ati2mtag - detected UnsignedFile.Multi.Generic (1)
      09:46:14.0468 1456 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      09:46:14.0562 1456 Atmarpc - ok
      09:46:14.0625 1456 [ A37F6480B06C37DB69BBFF045CF9F55B ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
      09:46:14.0718 1456 AudioSrv - ok
      09:46:14.0750 1456 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
      09:46:14.0859 1456 audstub - ok
      09:46:14.0906 1456 [ 5A3DF3C98F3883394F8E4B703EB270CA ] Autodesk Licensing Service C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe
      09:46:14.0921 1456 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - warning
      09:46:14.0921 1456 Autodesk Licensing Service - detected UnsignedFile.Multi.Generic (1)
      09:46:14.0984 1456 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe
      09:46:15.0000 1456 avast! Antivirus - ok
      09:46:15.0046 1456 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
      09:46:15.0156 1456 Beep - ok
      09:46:15.0203 1456 [ 8EE9639C01B92490E09638CAA1B16C3C ] BITS C:\WINDOWS\system32\qmgr.dll
      09:46:15.0515 1456 BITS - ok
      09:46:15.0578 1456 [ DCA0E43CB14D2390FAA5A21B9DC92274 ] Browser C:\WINDOWS\System32\browser.dll
      09:46:15.0625 1456 Browser - ok
      09:46:15.0718 1456 catchme - ok
      09:46:15.0765 1456 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
      09:46:15.0906 1456 cbidf2k - ok
      09:46:15.0921 1456 cd20xrnt - ok
      09:46:15.0968 1456 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
      09:46:16.0078 1456 Cdaudio - ok
      09:46:16.0109 1456 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
      09:46:16.0218 1456 Cdfs - ok
      09:46:16.0281 1456 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
      09:46:16.0375 1456 Cdrom - ok
      09:46:16.0390 1456 Changer - ok
      09:46:16.0437 1456 [ B0E3FEC4EE7B935A7387FD6EF31EA780 ] CiSvc C:\WINDOWS\system32\cisvc.exe
      09:46:16.0531 1456 CiSvc - ok
      09:46:16.0578 1456 [ 0C3BF68AB94CEFD64B333B326F84510E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
      09:46:16.0703 1456 ClipSrv - ok
      09:46:16.0765 1456 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      09:46:16.0765 1456 clr_optimization_v2.0.50727_32 - ok
      09:46:16.0828 1456 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      09:46:16.0843 1456 clr_optimization_v4.0.30319_32 - ok
      09:46:16.0859 1456 CmdIde - ok
      09:46:16.0890 1456 COMSysApp - ok
      09:46:16.0921 1456 Cpqarray - ok
      09:46:16.0984 1456 [ E423C9C1946C656E0E4840210A0A8681 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
      09:46:17.0078 1456 CryptSvc - ok
      09:46:17.0109 1456 dac2w2k - ok
      09:46:17.0140 1456 dac960nt - ok
      09:46:17.0218 1456 [ 97869C55F562B777987100EA30AD8108 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
      09:46:17.0265 1456 DcomLaunch - ok
      09:46:17.0375 1456 [ 2DDFB3A5679FA02366686ECB1AF622F0 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
      09:46:17.0500 1456 Dhcp - ok
      09:46:17.0531 1456 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
      09:46:17.0625 1456 Disk - ok
      09:46:17.0640 1456 dmadmin - ok
      09:46:17.0703 1456 [ C252A99C0A78B39FAA2E2D1D048B1050 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
      09:46:17.0828 1456 dmboot - ok
      09:46:17.0859 1456 [ 33B4D4039CD2CB25351A7BF13B2988D9 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
      09:46:17.0968 1456 dmio - ok
      09:46:18.0015 1456 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
      09:46:18.0109 1456 dmload - ok
      09:46:18.0156 1456 [ 40D0520DDAA9312C5DDDD8C7C99D8325 ] dmserver C:\WINDOWS\System32\dmserver.dll
      09:46:18.0265 1456 dmserver - ok
      09:46:18.0328 1456 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
      09:46:18.0437 1456 DMusic - ok
      09:46:18.0484 1456 [ 2E6D76CAB5A402AF257A963916FE05E7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
      09:46:18.0515 1456 Dnscache - ok
      09:46:18.0562 1456 [ 412134C50E2063D882EF1634676E2B25 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
      09:46:18.0656 1456 Dot3svc - ok
      09:46:18.0671 1456 dpti2o - ok
      09:46:18.0703 1456 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
      09:46:18.0796 1456 drmkaud - ok
      09:46:18.0812 1456 dwshd - ok
      09:46:18.0859 1456 [ FC3FE3654588E597FFF395C305062C46 ] EapHost C:\WINDOWS\System32\eapsvc.dll
      09:46:18.0968 1456 EapHost - ok
      09:46:19.0031 1456 [ 322BA5A5FEBB6C3E16053981B7E97354 ] EprDrv C:\WINDOWS\system32\DRIVERS\EprDrv.sys
      09:46:19.0046 1456 EprDrv ( UnsignedFile.Multi.Generic ) - warning
      09:46:19.0046 1456 EprDrv - detected UnsignedFile.Multi.Generic (1)
      09:46:19.0093 1456 [ D96623DD7CE1EA9E4DE7285D740E14F6 ] ERSvc C:\WINDOWS\System32\ersvc.dll
      09:46:19.0187 1456 ERSvc - ok
      09:46:19.0234 1456 [ 953DF7327510DF0DE048B8E80E504EF9 ] Eventlog C:\WINDOWS\system32\services.exe
      09:46:19.0250 1456 Eventlog - ok
      09:46:19.0312 1456 [ A225DD0D0489BD580781D19524A10B19 ] EventSystem C:\WINDOWS\system32\es.dll
      09:46:19.0343 1456 EventSystem - ok
      09:46:19.0406 1456 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
      09:46:19.0515 1456 Fastfat - ok
      09:46:19.0593 1456 [ 1F617C5A76215C380478D750CE92CC73 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
      09:46:19.0625 1456 FastUserSwitchingCompatibility - ok
      09:46:19.0656 1456 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
      09:46:19.0765 1456 Fdc - ok
      09:46:19.0796 1456 [ E5E61F2C07344E91DBFB7EAFDE549AB4 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
      09:46:19.0906 1456 Fips - ok
      09:46:19.0953 1456 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
      09:46:20.0062 1456 Flpydisk - ok
      09:46:20.0109 1456 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
      09:46:20.0187 1456 FltMgr - ok
      09:46:20.0265 1456 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
      09:46:20.0296 1456 FontCache3.0.0.0 - ok
      09:46:20.0312 1456 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
      09:46:20.0437 1456 Fs_Rec - ok
      09:46:20.0468 1456 [ CC5F3AF5711A1C7C8FA1D43BB16B401A ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      09:46:20.0609 1456 Ftdisk - ok
      09:46:20.0625 1456 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
      09:46:20.0718 1456 gagp30kx - ok
      09:46:20.0812 1456 [ EA0E4AF8B6A11B2BE17758D371DDF67B ] GhostStartService C:\Archivos de programa\Symantec\Norton Ghost 2003\GhostStartService.exe
      09:46:20.0812 1456 GhostStartService ( UnsignedFile.Multi.Generic ) - warning
      09:46:20.0812 1456 GhostStartService - detected UnsignedFile.Multi.Generic (1)
      09:46:20.0859 1456 [ 3A7C94ED99FE7FE05D88B26F97614626 ] GhPciScan C:\Archivos de programa\Symantec\Norton Ghost 2003\ghpciscan.sys
      09:46:20.0875 1456 GhPciScan ( UnsignedFile.Multi.Generic ) - warning
      09:46:20.0875 1456 GhPciScan - detected UnsignedFile.Multi.Generic (1)
      09:46:20.0921 1456 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
      09:46:21.0015 1456 Gpc - ok
      09:46:21.0093 1456 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Archivos de programa\Google\Update\GoogleUpdate.exe
      09:46:21.0109 1456 gupdate - ok
      09:46:21.0140 1456 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca0b199b118eac C:\Archivos de programa\Google\Update\GoogleUpdate.exe
      09:46:21.0156 1456 gupdate1ca0b199b118eac - ok
      09:46:21.0171 1456 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Archivos de programa\Google\Update\GoogleUpdate.exe
      09:46:21.0187 1456 gupdatem - ok
      09:46:21.0250 1456 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
      09:46:21.0390 1456 HDAudBus - ok
      09:46:21.0437 1456 [ 6B5E1788ABF15177A20C6C76C11382BB ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
      09:46:21.0546 1456 helpsvc - ok
      09:46:21.0562 1456 HidServ - ok
      09:46:21.0609 1456 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
      09:46:21.0703 1456 HidUsb - ok
      09:46:21.0765 1456 [ 8F80B5FB68E1E767D872CB9A8CAD5B5D ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
      09:46:21.0875 1456 hkmsvc - ok
      09:46:21.0890 1456 hpn - ok
      09:46:21.0953 1456 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
      09:46:21.0984 1456 HTTP - ok
      09:46:22.0015 1456 [ 0406B351908A8C143B6B6BB8834D4920 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
      09:46:22.0125 1456 HTTPFilter - ok
      09:46:22.0156 1456 i2omgmt - ok
      09:46:22.0187 1456 i2omp - ok
      09:46:22.0234 1456 [ 4A2490A66E8271901E89DD5FB79748AE ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      09:46:22.0343 1456 i8042prt - ok
      09:46:22.0421 1456 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      09:46:22.0468 1456 idsvc - ok
      09:46:22.0515 1456 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
      09:46:22.0625 1456 Imapi - ok
      09:46:22.0656 1456 [ E50ABD04CA0C015017722014D1D9251E ] ImapiService C:\WINDOWS\system32\imapi.exe
      09:46:22.0750 1456 ImapiService - ok
      09:46:22.0781 1456 ini910u - ok
      09:46:22.0984 1456 [ 001AACA6ED0E6B00FC5B8FAF74977E81 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
      09:46:23.0187 1456 IntcAzAudAddService - ok
      09:46:23.0203 1456 IntelIde - ok
      09:46:23.0265 1456 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
      09:46:23.0359 1456 Ip6Fw - ok
      09:46:23.0421 1456 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      09:46:23.0515 1456 IpFilterDriver - ok
      09:46:23.0562 1456 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
      09:46:23.0671 1456 IpInIp - ok
      09:46:23.0718 1456 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
      09:46:23.0812 1456 IpNat - ok
      09:46:23.0859 1456 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
      09:46:23.0984 1456 IPSec - ok
      09:46:24.0000 1456 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
      09:46:24.0109 1456 irda - ok
      09:46:24.0140 1456 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
      09:46:24.0234 1456 IRENUM - ok
      09:46:24.0296 1456 [ 0771560A594A1089319D4DF59E356A2F ] Irmon C:\WINDOWS\System32\irmon.dll
      09:46:24.0390 1456 Irmon - ok
      09:46:24.0421 1456 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
      09:46:24.0500 1456 irsir - ok
      09:46:24.0546 1456 [ 0F3D281B0410FE5D482AADA37D20524B ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
      09:46:24.0640 1456 isapnp - ok
      09:46:24.0734 1456 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Archivos de programa\Java\jre6\bin\jqs.exe
      09:46:24.0750 1456 JavaQuickStarterService - ok
      09:46:24.0781 1456 [ 188DDD286BC0DAEA6984858C6A4D7BBF ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      09:46:24.0890 1456 Kbdclass - ok
      09:46:24.0937 1456 [ 72EFEBECF76EB1DCCC5BA9EA746D90E8 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
      09:46:25.0046 1456 kbdhid - ok
      09:46:25.0078 1456 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
      09:46:25.0171 1456 kmixer - ok
      09:46:25.0218 1456 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
      09:46:25.0250 1456 KSecDD - ok
      09:46:25.0296 1456 [ CCFC469EFD7ECDDC8FC887BAE7B8563F ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
      09:46:25.0343 1456 lanmanserver - ok
      09:46:25.0406 1456 [ 3DB7B764F5066587DAE58A71AE51292E ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
      09:46:25.0421 1456 lanmanworkstation - ok
      09:46:25.0453 1456 lbrtfdc - ok
      09:46:25.0531 1456 [ 01AF2112FF79AA613B6621A75C4E9277 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
      09:46:25.0625 1456 LmHosts - ok
      09:46:25.0671 1456 [ 047E70B04B288439245DDC8DD1A31982 ] Messenger C:\WINDOWS\System32\msgsvc.dll
      09:46:25.0765 1456 Messenger - ok
      09:46:25.0859 1456 [ AA0C4A2C33CE075DF2C272D678734991 ] mi-raysat_3dsmax8 C:\Archivos de programa\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
      09:46:25.0875 1456 mi-raysat_3dsmax8 ( UnsignedFile.Multi.Generic ) - warning
      09:46:25.0875 1456 mi-raysat_3dsmax8 - detected UnsignedFile.Multi.Generic (1)
      09:46:25.0921 1456 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
      09:46:26.0046 1456 mnmdd - ok
      09:46:26.0093 1456 [ 85ADA209695A677C9D60962CDE10696B ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
      09:46:26.0187 1456 mnmsrvc - ok
      09:46:26.0218 1456 [ 9024556E739B8469D2B8F5F0E4C9BC9F ] Modem C:\WINDOWS\system32\drivers\Modem.sys
      09:46:26.0343 1456 Modem - ok
      09:46:26.0390 1456 [ 6FD36B4994A2363659A65C9F970CFDB7 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
      09:46:26.0500 1456 Mouclass - ok
      09:46:26.0562 1456 [ 8EE532E516B2D23D686CFC1CC0A15C25 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
      09:46:26.0656 1456 mouhid - ok
      09:46:26.0703 1456 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
      09:46:26.0812 1456 MountMgr - ok
      09:46:26.0828 1456 mraid35x - ok
      09:46:26.0875 1456 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      09:46:26.0984 1456 MRxDAV - ok
      09:46:27.0031 1456 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      09:46:27.0093 1456 MRxSmb - ok
      09:46:27.0140 1456 [ 975BD2762BF355A572597CC54D97BA93 ] MSDTC C:\WINDOWS\system32\msdtc.exe
      09:46:27.0234 1456 MSDTC - ok
      09:46:27.0343 1456 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
      09:46:27.0437 1456 Msfs - ok
      09:46:27.0468 1456 MSIServer - ok
      09:46:27.0500 1456 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
      09:46:27.0609 1456 MSKSSRV - ok
      09:46:27.0656 1456 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      09:46:27.0750 1456 MSPCLOCK - ok
      09:46:27.0765 1456 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
      09:46:27.0890 1456 MSPQM - ok
      09:46:27.0921 1456 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      09:46:28.0015 1456 mssmbios - ok
      09:46:28.0046 1456 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
      09:46:28.0093 1456 Mup - ok
      09:46:28.0140 1456 [ FD578FCC03BBD76AF1E62202E6670D29 ] napagent C:\WINDOWS\System32\qagentrt.dll
      09:46:28.0250 1456 napagent - ok
      09:46:28.0281 1456 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
      09:46:28.0390 1456 NDIS - ok
      09:46:28.0421 1456 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      09:46:28.0453 1456 NdisTapi - ok
      09:46:28.0484 1456 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      09:46:28.0578 1456 Ndisuio - ok
      09:46:28.0625 1456 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      09:46:28.0734 1456 NdisWan - ok
      09:46:28.0765 1456 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
      09:46:28.0796 1456 NDProxy - ok
      09:46:28.0812 1456 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
      09:46:28.0937 1456 NetBIOS - ok
      09:46:28.0984 1456 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
      09:46:29.0078 1456 NetBT - ok
      09:46:29.0140 1456 [ 96B009E5B163850CF94DC333ED2BEE93 ] NetDDE C:\WINDOWS\system32\netdde.exe
      09:46:29.0250 1456 NetDDE - ok
      09:46:29.0265 1456 [ 96B009E5B163850CF94DC333ED2BEE93 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
      09:46:29.0375 1456 NetDDEdsdm - ok
      09:46:29.0421 1456 [ 671ACA589DA3733FAC878A751C5BF0ED ] Netlogon C:\WINDOWS\system32\lsass.exe
      09:46:29.0531 1456 Netlogon - ok
      09:46:29.0578 1456 [ A48884C9359EE9F1FC8F3F0D93FB1D95 ] Netman C:\WINDOWS\System32\netman.dll
      09:46:29.0687 1456 Netman - ok
      09:46:29.0718 1456 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      09:46:29.0734 1456 NetTcpPortSharing - ok
      09:46:29.0765 1456 [ 5E11D375C92A0DDA7AC4D487FC4E1978 ] Nla C:\WINDOWS\System32\mswsock.dll
      09:46:29.0781 1456 Nla - ok
      09:46:29.0843 1456 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
      09:46:29.0921 1456 Npfs - ok
      09:46:29.0968 1456 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
      09:46:30.0093 1456 Ntfs - ok
      09:46:30.0109 1456 [ 671ACA589DA3733FAC878A751C5BF0ED ] NtLmSsp C:\WINDOWS\system32\lsass.exe
      09:46:30.0203 1456 NtLmSsp - ok
      09:46:30.0343 1456 [ D60C40D71A4D874C903255E4827AFA0C ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
      09:46:30.0515 1456 NtmsSvc - ok
      09:46:30.0562 1456 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
      09:46:30.0656 1456 Null - ok
      09:46:30.0687 1456 [ 1B83B60541BE1B6DB81641C448007F21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
      09:46:30.0734 1456 NVENETFD - ok
      09:46:30.0765 1456 [ 57B669F9234604A350174B86764444B0 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
      09:46:30.0781 1456 nvnetbus - ok
      09:46:30.0828 1456 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      09:46:30.0937 1456 NwlnkFlt - ok
      09:46:30.0968 1456 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      09:46:31.0109 1456 NwlnkFwd - ok
      09:46:31.0187 1456 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
      09:46:31.0203 1456 ose - ok
      09:46:31.0250 1456 [ E7855CBD8BD1FDA085A3F92CFF7906E2 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
      09:46:31.0343 1456 Parport - ok
      09:46:31.0375 1456 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
      09:46:31.0468 1456 PartMgr - ok
      09:46:31.0546 1456 [ FAD44D704ECD7D39AD01415B8BB34204 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
      09:46:31.0671 1456 ParVdm - ok
      09:46:31.0687 1456 [ F11BC84AE6C7B003B5E0C8EEB4A1F444 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
      09:46:31.0812 1456 PCI - ok
      09:46:31.0843 1456 PCIDump - ok
      09:46:31.0906 1456 [ 33D63F0A9021ACB4D75D83B646B93A30 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
      09:46:32.0031 1456 PCIIde - ok
      09:46:32.0078 1456 [ F50C27CCA56DC97B3A45E7F0059BD2BA ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
      09:46:32.0171 1456 Pcmcia - ok
      09:46:32.0203 1456 PDCOMP - ok
      09:46:32.0234 1456 PDFRAME - ok
      09:46:32.0281 1456 PDRELI - ok
      09:46:32.0312 1456 PDRFRAME - ok
      09:46:32.0343 1456 perc2 - ok
      09:46:32.0375 1456 perc2hib - ok
      09:46:32.0468 1456 [ 953DF7327510DF0DE048B8E80E504EF9 ] PlugPlay C:\WINDOWS\system32\services.exe
      09:46:32.0484 1456 PlugPlay - ok
      09:46:32.0500 1456 [ 671ACA589DA3733FAC878A751C5BF0ED ] PolicyAgent C:\WINDOWS\system32\lsass.exe
      09:46:32.0609 1456 PolicyAgent - ok
      09:46:32.0671 1456 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
      09:46:32.0765 1456 PptpMiniport - ok
      09:46:32.0796 1456 [ D4D8634DFDAE3ECA83620EE4088F7AA9 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
      09:46:32.0906 1456 Processor - ok
      09:46:32.0921 1456 [ 671ACA589DA3733FAC878A751C5BF0ED ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
      09:46:33.0015 1456 ProtectedStorage - ok
      09:46:33.0046 1456 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
      09:46:33.0156 1456 PSched - ok
      09:46:33.0203 1456 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
      09:46:33.0328 1456 Ptilink - ok
      09:46:33.0390 1456 [ D970470F8F39470BDAE94D313A1CCDCE ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
      09:46:33.0390 1456 PxHelp20 - ok
      09:46:33.0406 1456 ql1080 - ok
      09:46:33.0437 1456 Ql10wnt - ok
      09:46:33.0468 1456 ql12160 - ok
      09:46:33.0500 1456 ql1240 - ok
      09:46:33.0531 1456 ql1280 - ok
      09:46:33.0562 1456 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
      09:46:33.0703 1456 RasAcd - ok
      09:46:33.0750 1456 [ 8345C6F52F38A95B950B9B3D064AE3EE ] RasAuto C:\WINDOWS\System32\rasauto.dll
      09:46:33.0843 1456 RasAuto - ok
      09:46:33.0890 1456 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
      09:46:33.0953 1456 Rasirda - ok
      09:46:33.0984 1456 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      09:46:34.0093 1456 Rasl2tp - ok
      09:46:34.0140 1456 [ B279F6A9EA3ACB5844C103ED2DB65B44 ] RasMan C:\WINDOWS\System32\rasmans.dll
      09:46:34.0234 1456 RasMan - ok
      09:46:34.0265 1456 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      09:46:34.0390 1456 RasPppoe - ok
      09:46:34.0406 1456 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
      09:46:34.0546 1456 Raspti - ok
      09:46:34.0578 1456 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
      09:46:34.0687 1456 Rdbss - ok
      09:46:34.0703 1456 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      09:46:34.0828 1456 RDPCDD - ok
      09:46:34.0859 1456 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
      09:46:34.0953 1456 rdpdr - ok
      09:46:35.0000 1456 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
      09:46:35.0031 1456 RDPWD - ok
      09:46:35.0078 1456 [ 6193E6B05336C277EA4DB39AFA46BC23 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
      09:46:35.0203 1456 RDSessMgr - ok
      09:46:35.0250 1456 [ 20950948970A0EA329B4254052BCF093 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
      09:46:35.0375 1456 redbook - ok
      09:46:35.0421 1456 [ 1B7481D377BD7997452352F82F4CFFED ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
      09:46:35.0515 1456 RemoteAccess - ok
      09:46:35.0562 1456 [ E424F05B07AC4357DC08D06218D76C7C ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
      09:46:35.0656 1456 RemoteRegistry - ok
      09:46:35.0718 1456 [ 9FCCBDBAA0CF915AAC0132DE1C9566B3 ] RpcLocator C:\WINDOWS\system32\locator.exe
      09:46:35.0812 1456 RpcLocator - ok
      09:46:35.0843 1456 [ 97869C55F562B777987100EA30AD8108 ] RpcSs C:\WINDOWS\System32\rpcss.dll
      09:46:35.0890 1456 RpcSs - ok
      09:46:35.0921 1456 [ 5E38212C2C00DC342E2281D2F6BFB746 ] RSVP C:\WINDOWS\system32\rsvp.exe
      09:46:36.0046 1456 RSVP - ok
      09:46:36.0078 1456 [ 671ACA589DA3733FAC878A751C5BF0ED ] SamSs C:\WINDOWS\system32\lsass.exe
      09:46:36.0187 1456 SamSs - ok
      09:46:36.0218 1456 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS
      09:46:36.0234 1456 SASDIFSV - ok
      09:46:36.0296 1456 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS
      09:46:36.0328 1456 SASKUTIL - ok
      09:46:36.0390 1456 [ A50E4DD0E2A9DF762807C84153B4953A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
      09:46:36.0500 1456 SCardSvr - ok
      09:46:36.0531 1456 [ 51BE25C404D3DD344C6079DE715E4977 ] Schedule C:\WINDOWS\system32\schedsvc.dll
      09:46:36.0625 1456 Schedule - ok
      09:46:36.0671 1456 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
      09:46:36.0781 1456 Secdrv - ok
      09:46:36.0812 1456 [ B62C489373A1E1B949FC0FAA90F3B47A ] seclogon C:\WINDOWS\System32\seclogon.dll
      09:46:36.0906 1456 seclogon - ok
      09:46:36.0953 1456 [ A95A27C874B0931A6F8F656924F4A14A ] SENS C:\WINDOWS\system32\sens.dll
      09:46:37.0046 1456 SENS - ok
      09:46:37.0093 1456 [ FABB763BC9CACB020EB8E2F230AB8C66 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl.sys
      09:46:37.0125 1456 Ser2pl - ok
      09:46:37.0171 1456 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
      09:46:37.0265 1456 serenum - ok
      09:46:37.0312 1456 [ F41B42B92AE9C1191858C3F80CC24A9C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
      09:46:37.0406 1456 Serial - ok
      09:46:37.0515 1456 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
      09:46:37.0625 1456 Sfloppy - ok
      09:46:37.0671 1456 [ 4A4EF3EE166FAD4A04B1D767AD986329 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
      09:46:37.0781 1456 SharedAccess - ok
      09:46:37.0828 1456 [ 1F617C5A76215C380478D750CE92CC73 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
      09:46:37.0828 1456 ShellHWDetection - ok
      09:46:37.0859 1456 Simbad - ok
      09:46:37.0906 1456 Sparrow - ok
      09:46:37.0953 1456 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
      09:46:38.0046 1456 splitter - ok
      09:46:38.0078 1456 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
      09:46:38.0109 1456 Spooler - ok
      09:46:38.0125 1456 [ CCB3065C3EE63A4515FE84AF9E78D1DD ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
      09:46:38.0234 1456 sr - ok
      09:46:38.0296 1456 [ 0F30EEC6013FCF76693405EC4A7DF899 ] srservice C:\WINDOWS\system32\srsvc.dll
      09:46:38.0375 1456 srservice - ok
      09:46:38.0406 1456 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
      09:46:38.0453 1456 Srv - ok
      09:46:38.0484 1456 [ B622A432EF02895DE4AA38AC8B85FA4C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
      09:46:38.0593 1456 SSDPSRV - ok
      09:46:38.0640 1456 [ 4E634BA97C122F84A6C2595AF4D2DC62 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
      09:46:38.0765 1456 StillCam - ok
      09:46:38.0828 1456 [ 7226422C95FDF8AA6092EE964912B0DF ] stisvc C:\WINDOWS\system32\wiaservc.dll
      09:46:38.0953 1456 stisvc - ok
      09:46:38.0984 1456 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
      09:46:39.0062 1456 swenum - ok
      09:46:39.0093 1456 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
      09:46:39.0203 1456 swmidi - ok
      09:46:39.0218 1456 SwPrv - ok
      09:46:39.0265 1456 symc810 - ok
      09:46:39.0296 1456 symc8xx - ok
      09:46:39.0328 1456 sym_hi - ok
      09:46:39.0359 1456 sym_u3 - ok
      09:46:39.0406 1456 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
      09:46:39.0515 1456 sysaudio - ok
      09:46:39.0578 1456 [ F1F6EE807F0112AAE2259B253B6DDF89 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
      09:46:39.0671 1456 SysmonLog - ok
      09:46:39.0703 1456 [ 04A5B8EA326951DB27DF60A14F2999FF ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
      09:46:39.0812 1456 TapiSrv - ok
      09:46:39.0875 1456 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
      09:46:39.0921 1456 Tcpip - ok
      09:46:39.0984 1456 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
      09:46:40.0062 1456 TDPIPE - ok
      09:46:40.0093 1456 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
      09:46:40.0187 1456 TDTCP - ok
      09:46:40.0234 1456 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
      09:46:40.0328 1456 TermDD - ok
      09:46:40.0390 1456 [ 288B20D56D5F0EC4BCC77FBFA5A81740 ] TermService C:\WINDOWS\System32\termsrv.dll
      09:46:40.0500 1456 TermService - ok
      09:46:40.0546 1456 [ 1F617C5A76215C380478D750CE92CC73 ] Themes C:\WINDOWS\System32\shsvcs.dll
      09:46:40.0562 1456 Themes - ok
      09:46:40.0609 1456 [ 65BF170815C0DF302BE038FD8891C722 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
      09:46:40.0703 1456 TlntSvr - ok
      09:46:40.0718 1456 TosIde - ok
      09:46:40.0765 1456 [ 321761D0D12EE5285CE79AC175CBA672 ] TrkWks C:\WINDOWS\system32\trkwks.dll
      09:46:40.0859 1456 TrkWks - ok
      09:46:40.0906 1456 [ BE45DAD1C73A3216EDC8C485916F6594 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
      09:46:40.0953 1456 truecrypt - ok
      09:46:41.0031 1456 [ 9474ECE6561990F7EB443E80CDFD2951 ] uagqecsvc C:\Archivos de programa\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
      09:46:41.0031 1456 uagqecsvc - ok
      09:46:41.0093 1456 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
      09:46:41.0187 1456 Udfs - ok
      09:46:41.0218 1456 ultra - ok
      09:46:41.0296 1456 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
      09:46:41.0390 1456 Update - ok
      09:46:41.0437 1456 [ 7594203F459ABDB5FE53C08D6B1BD53B ] upnphost C:\WINDOWS\System32\upnphost.dll
      09:46:41.0562 1456 upnphost - ok
      09:46:41.0593 1456 [ 575BAFEB33AF057B13A10579D0DC884A ] UPS C:\WINDOWS\System32\ups.exe
      09:46:41.0687 1456 UPS - ok
      09:46:41.0734 1456 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
      09:46:41.0843 1456 usbccgp - ok
      09:46:41.0875 1456 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
      09:46:41.0968 1456 usbehci - ok
      09:46:42.0000 1456 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
      09:46:42.0093 1456 usbhub - ok
      09:46:42.0156 1456 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
      09:46:42.0250 1456 usbohci - ok
      09:46:42.0296 1456 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
      09:46:42.0406 1456 usbprint - ok
      09:46:42.0421 1456 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      09:46:42.0515 1456 USBSTOR - ok
      09:46:42.0562 1456 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      09:46:42.0656 1456 usbuhci - ok
      09:46:42.0687 1456 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
      09:46:42.0781 1456 VgaSave - ok
      09:46:42.0828 1456 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
      09:46:42.0937 1456 ViaIde - ok
      09:46:42.0968 1456 [ 0363E216E4EB5052969C96608934DBDE ] viamraid C:\WINDOWS\system32\DRIVERS\viamraid.sys
      09:46:42.0984 1456 viamraid - ok
      09:46:43.0015 1456 [ C41FFDC191E6C832E2E53C967EAE0A16 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
      09:46:43.0125 1456 VolSnap - ok
      09:46:43.0156 1456 [ 60F28DE3FAE525D026E4D66405B80DB8 ] VSS C:\WINDOWS\System32\vssvc.exe
      09:46:43.0265 1456 VSS - ok
      09:46:43.0296 1456 [ C9A8BA443F809B70BCCCCD60CC73FA5C ] vulfnths C:\WINDOWS\System32\Drivers\vulfnth.sys
      09:46:43.0343 1456 vulfnths ( UnsignedFile.Multi.Generic ) - warning
      09:46:43.0343 1456 vulfnths - detected UnsignedFile.Multi.Generic (1)
      09:46:43.0390 1456 [ 2D8C55889616F7767E9FB8ADEE37A02A ] vulfntrs C:\WINDOWS\System32\Drivers\vulfntr.sys
      09:46:43.0406 1456 vulfntrs ( UnsignedFile.Multi.Generic ) - warning
      09:46:43.0406 1456 vulfntrs - detected UnsignedFile.Multi.Generic (1)
      09:46:43.0421 1456 [ C71CFACDBFADD819736F61F5738BDDC1 ] W32Time C:\WINDOWS\system32\w32time.dll
      09:46:43.0515 1456 W32Time - ok
      09:46:43.0578 1456 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
      09:46:43.0687 1456 Wanarp - ok
      09:46:43.0703 1456 WDICA - ok
      09:46:43.0750 1456 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
      09:46:43.0843 1456 wdmaud - ok
      09:46:43.0890 1456 [ 340A4FD9017D1EBD1F6DC435282A39DC ] WebClient C:\WINDOWS\System32\webclnt.dll
      09:46:44.0000 1456 WebClient - ok
      09:46:44.0046 1456 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys
      09:46:44.0046 1456 WimFltr - ok
      09:46:44.0140 1456 [ A5FC75CAB140CF6A78E16C3681001872 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
      09:46:44.0250 1456 winmgmt - ok
      09:46:44.0390 1456 [ 644D9E863192CD94A448BBC0930BC91F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
      09:46:44.0500 1456 WinRM - ok
      09:46:44.0578 1456 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
      09:46:44.0640 1456 WmdmPmSN - ok
      09:46:44.0718 1456 [ C40A0AF014D54DA0E729066845A2A6DC ] Wmi C:\WINDOWS\System32\advapi32.dll
      09:46:44.0765 1456 Wmi - ok
      09:46:44.0812 1456 [ CA1A5270ACC0062B13F62CA5A0CD8DA8 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
      09:46:44.0906 1456 WmiApSrv - ok
      09:46:45.0015 1456 [ 6782482A8CA4B5B5DAB4EF0AD78DB08F ] WMPNetworkSvc C:\Archivos de programa\Windows Media Player\WMPNetwk.exe
      09:46:45.0078 1456 WMPNetworkSvc - ok
      09:46:45.0171 1456 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
      09:46:45.0203 1456 WPFFontCache_v0400 - ok
      09:46:45.0296 1456 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
      09:46:45.0453 1456 WS2IFSL - ok
      09:46:45.0484 1456 [ 8CD684FD248DFE208C2F8F5052838A81 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
      09:46:45.0578 1456 wscsvc - ok
      09:46:45.0640 1456 [ 0B8FC4D0F9D6964713E81AD558B50A71 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
      09:46:45.0765 1456 wuauserv - ok
      09:46:45.0796 1456 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
      09:46:45.0812 1456 WudfPf - ok
      09:46:45.0843 1456 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
      09:46:45.0875 1456 WudfRd - ok
      09:46:45.0906 1456 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
      09:46:45.0921 1456 WudfSvc - ok
      09:46:45.0968 1456 [ D2CAF9FF9DA12F0CC6398C6E331015E4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
      09:46:46.0109 1456 WZCSVC - ok
      09:46:46.0156 1456 [ 14FDADCF05A37582399DAF1DA1DE1C7B ] xmlprov C:\WINDOWS\System32\xmlprov.dll
      09:46:46.0250 1456 xmlprov - ok
      09:46:46.0296 1456 [ A8D429E2268792638CFFC57552C5E736 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
      09:46:46.0343 1456 yukonwxp - ok
      09:46:46.0375 1456 ================ Scan global ===============================
      09:46:46.0390 1456 [ 5E83265291342AE4B13481CA25B115A0 ] C:\WINDOWS\system32\basesrv.dll
      09:46:46.0421 1456 [ DCA20D06B0F7243F31275EC160E720A6 ] C:\WINDOWS\system32\winsrv.dll
      09:46:46.0453 1456 [ DCA20D06B0F7243F31275EC160E720A6 ] C:\WINDOWS\system32\winsrv.dll
      09:46:46.0468 1456 [ 953DF7327510DF0DE048B8E80E504EF9 ] C:\WINDOWS\system32\services.exe
      09:46:46.0468 1456 [Global] - ok
      09:46:46.0484 1456 ================ Scan MBR ==================================
      09:46:46.0515 1456 [ 4661F953F30D48FD76A9DA73C4892179 ] \Device\Harddisk0\DR0
      09:46:46.0734 1456 \Device\Harddisk0\DR0 - ok
      09:46:46.0765 1456 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
      09:46:50.0375 1456 \Device\Harddisk1\DR3 - ok
      09:46:50.0390 1456 ================ Scan VBR ==================================
      09:46:50.0406 1456 [ 5FB081F1AC87D80E21F9F4B7C557DDD7 ] \Device\Harddisk0\DR0\Partition1
      09:46:50.0406 1456 \Device\Harddisk0\DR0\Partition1 - ok
      09:46:50.0437 1456 [ 7A3E44994D70C3CA5B99B7D1A8931979 ] \Device\Harddisk0\DR0\Partition2
      09:46:50.0437 1456 \Device\Harddisk0\DR0\Partition2 - ok
      09:46:50.0468 1456 [ 2931864C6E71257345370069C0566E50 ] \Device\Harddisk1\DR3\Partition1
      09:46:50.0468 1456 \Device\Harddisk1\DR3\Partition1 - ok
      09:46:50.0484 1456 ============================================================
      09:46:50.0484 1456 Scan finished
      09:46:50.0484 1456 ============================================================
      09:46:50.0640 1444 Detected object count: 11
      09:46:50.0640 1444 Actual detected object count: 11
      09:48:32.0828 1444 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0828 1444 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0828 1444 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0828 1444 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0828 1444 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0828 1444 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0828 1444 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0828 1444 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0843 1444 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0843 1444 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0843 1444 EprDrv ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0843 1444 EprDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0843 1444 GhostStartService ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0843 1444 GhostStartService ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0843 1444 GhPciScan ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0843 1444 GhPciScan ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0859 1444 mi-raysat_3dsmax8 ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0859 1444 mi-raysat_3dsmax8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0859 1444 vulfnths ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0859 1444 vulfnths ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:32.0875 1444 vulfntrs ( UnsignedFile.Multi.Generic ) - skipped by user
      09:48:32.0875 1444 vulfntrs ( UnsignedFile.Multi.Generic ) - User select action: Skip
      09:48:46.0796 0812 Deinitialize success

      AT destr:

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 16/10/2012
      Hora iniciada en el analisis 9:53:14,10
      Usuario Actual : [C:\Documents and Settings\Administrador]
      Sistema Operativo: Windows XP
      Service pack: 3
      Arquitectura: Sistema operativo de 32 bits
      Versión Internet Explorer: 8.0.6001.18702
      Modo Actual: Modo Seguro.
      Privilegios: [Administrador-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox: 1.9.2.23

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======




      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\WINDOWS\System32\d3d9caps.dat


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      -
      Start Page == http://www.google.com
      -
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      -
      Local Page == C:\WINDOWS\system32\blank.htm
      -
      Default_Search_URL == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      -
      Default_Page_URL == http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      -
      Start Page == http://www.google.com
      -
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      -
      Local Page == C:\WINDOWS\system32\blank.htm
      -
      Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
      -
      Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-343818398-413027322-725345543-500\Software\Microsoft\Internet Explorer\Main"
      -
      Start Page == http://www.google.com
      -
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      -
      Local Page == C:\WINDOWS\system32\blank.htm
      -
      Default_Search_URL == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      -
      Default_Page_URL == http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome








      ======= EOF =======

      Super anti:

      SUPERAntiSpyware Scan Log
      http://www.superantispyware.com

      Generated 10/16/2012 at 10:26 AM

      Application Version : 5.6.1010

      Core Rules Database Version : 9412
      Trace Rules Database Version: 7224

      Scan type : Complete Scan
      Total Scan Time : 00:23:36

      Operating System Information
      Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
      Administrator

      Memory items scanned : 284
      Memory threats detected : 0
      Registry items scanned : 39505
      Registry threats detected : 0
      File items scanned : 40547
      File threats detected : 4

      Adware.Tracking Cookie
      C:\DOCUMENTS AND SETTINGS\NIC\Cookies\HADRYGVQ.txt [ Cookie:[email protected]/ ]
      www.porntelecast.com [ C:\DOCUMENTS AND SETTINGS\NIC\DATOS DE PROGRAMA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8BQMKQ6D ]

      Trojan.Agent/Gen-Frauder
      C:\DOCUMENTS AND SETTINGS\ADMINISTRADOR\CONFIGURACIóN LOCAL\TEMP\AT-DESTROYER\AT-UNINSTALL.EXE
      C:\WINDOWS\AT-UNINSTALL.EXE


      ASWmbr:


      aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
      Run date: 2012-10-16 11:49:58
      -----------------------------
      11:49:58.250 OS Version: Windows 5.1.2600 Service Pack 3
      11:49:58.250 Number of processors: 1 586 0x2701
      11:49:58.250 ComputerName: SS-899B0D52B795 UserName: Administrador
      11:49:58.656 Initialize success
      11:49:59.968 AVAST engine defs: 12101501
      11:51:42.296 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
      11:51:42.312 Disk 0 Vendor: Hitachi_HDS721616PLAT80 P22OA8BA Size: 152627MB BusType: 3
      11:51:42.359 Disk 0 MBR read successfully
      11:51:42.375 Disk 0 MBR scan
      11:51:42.781 Disk 0 unknown MBR code
      11:51:42.812 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 24003 MB offset 63
      11:51:43.281 Disk 0 Partition - 00 0F Extended LBA 128621 MB offset 49158900
      11:51:43.312 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 128621 MB offset 49158963
      11:51:43.390 Disk 0 scanning sectors +312576705
      11:51:43.718 Disk 0 scanning C:\WINDOWS\system32\drivers
      11:51:58.984 Service scanning
      11:52:17.265 Modules scanning
      11:52:26.328 Disk 0 trace - called modules:
      11:52:26.531 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
      11:52:26.718 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f80030]
      11:52:26.890 3 CLASSPNP.SYS[f74d7fd7] -> nt!IofCallDriver -> \Device\0000006b[0x86f80968]
      11:52:27.078 5 ACPI.sys[f743d620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f7f940]
      11:52:27.421 AVAST engine scan C:\WINDOWS
      11:52:33.765 AVAST engine scan C:\WINDOWS\system32
      11:54:36.656 AVAST engine scan C:\WINDOWS\system32\drivers
      11:54:54.406 AVAST engine scan C:\Documents and Settings\Administrador
      11:55:01.500 AVAST engine scan C:\Documents and Settings\All Users
      11:55:22.562 Scan finished successfully
      11:55:39.765 Disk 0 MBR has been saved successfully to "E:\Antyivir\16-10-12\MBR.dat"
      11:55:39.812 The log file has been saved successfully to "E:\Antyivir\16-10-12\aswMBR.txt"


      El log del cureit es muy grande si lo necesitas te lo pego en otro post.

      Saludos

    4. #14
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: Virus file_recover

      Hola.

      Vuelve a ejecutar ComboFix y pega el log que se genere.

      También haces esto:

      Ve a inicio > Ejecutar y escribe: diskmgmt.msc luego presiona enter

      Sacas una imagen de la ventana de administración de discos y la pegas en la próxima respuesta.


      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de pepo.ar
      Registrado
      nov 2009
      Ubicación
      argentina
      Mensajes
      35

      Re: Virus file_recover

      Ahi van

      http://i.imgur.com/OFA5l.png


      combofix

      ComboFix 12-10-15.01 - nic 16/10/2012 13:54:44.3.1 - x86
      Microsoft Windows XP Professional 5.1.2600.3.1252.34.3082.18.1023.609 [GMT -3:00]
      Running from: c:\documents and settings\nic\Escritorio\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\windows\isRS-000.tmp
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-09-16 to 2012-10-16 )))))))))))))))))))))))))))))))
      .
      .
      2012-10-16 16:20 . 2009-06-30 13:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
      2012-10-16 16:20 . 2012-10-16 16:20 -------- d-----w- c:\archivos de programa\Panda Security
      2012-10-16 15:46 . 2012-10-16 15:46 -------- d-----w- c:\documents and settings\Administrador\Datos de programa\GlarySoft
      2012-10-16 15:44 . 2012-10-16 16:33 -------- d-----w- c:\documents and settings\Administrador\Configuración local\Datos de programa\Adobe
      2012-10-16 15:44 . 2012-10-16 15:44 -------- d-----w- c:\documents and settings\Administrador\Configuración local\Datos de programa\Temp
      2012-10-16 13:31 . 2012-10-16 14:40 -------- d-----w- c:\documents and settings\Administrador\DoctorWeb
      2012-10-13 12:50 . 2012-10-13 12:50 -------- d-----w- c:\documents and settings\nic\Datos de programa\GlarySoft
      2012-10-13 12:45 . 2012-10-13 13:05 -------- d-----w- c:\archivos de programa\Glary Utilities
      2012-10-13 12:20 . 2012-03-13 02:27 11776 ----a-w- c:\windows\Colous.exe
      2012-10-13 12:20 . 2008-03-25 13:39 69660 ----a-w- c:\windows\Fart.exe
      2012-10-13 10:15 . 2012-10-13 10:15 -------- d-----w- c:\documents and settings\Administrador\Datos de programa\SUPERAntiSpyware.com
      2012-10-13 10:15 . 2012-10-13 10:15 -------- d-----w- c:\archivos de programa\SUPERAntiSpyware
      2012-10-13 10:15 . 2012-10-13 10:15 -------- d-----w- c:\documents and settings\All Users\Datos de programa\SUPERAntiSpyware.com
      2012-10-13 09:46 . 2012-10-15 23:37 -------- d-----w- c:\documents and settings\Administrador\Configuración local\Datos de programa\ApplicationHistory
      2012-10-13 09:46 . 2012-10-13 09:46 -------- d-----w- c:\documents and settings\Administrador\Datos de programa\Genie-soft
      2012-10-13 09:42 . 2012-10-13 09:42 -------- d--h--w- c:\windows\PIF
      2012-09-17 16:40 . 2011-10-14 14:47 23040 -c----w- c:\windows\system32\dllcache\mciseq.dll
      2012-09-17 16:40 . 2011-10-14 14:47 180224 -c----w- c:\windows\system32\dllcache\winmm.dll
      2012-09-17 16:39 . 2011-11-20 06:12 61440 -c----w- c:\windows\system32\dllcache\packager.exe
      2012-09-17 16:36 . 2011-11-03 15:28 387072 -c----w- c:\windows\system32\dllcache\qdvd.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-10-13 09:32 . 2011-07-30 17:27 24270154 ----a-w- C:\UsbFix_Upload_Me_SS-899B0D52B795.zip
      2012-08-28 15:18 . 2004-08-19 18:42 916992 ----a-w- c:\windows\system32\wininet.dll
      2012-08-28 15:18 . 2004-08-19 18:42 43520 ----a-w- c:\windows\system32\licmgr10.dll
      2012-08-28 15:18 . 2004-08-19 18:43 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-08-28 12:07 . 2004-08-19 18:23 385024 ----a-w- c:\windows\system32\html.iec
      2012-08-21 09:13 . 2008-04-11 16:45 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
      2012-08-21 09:13 . 2008-04-11 16:45 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2012-08-21 09:13 . 2002-01-01 12:39 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2012-08-21 09:13 . 2008-04-11 16:45 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
      2012-08-21 09:13 . 2008-04-11 16:45 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
      2012-08-21 09:13 . 2008-04-11 16:45 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
      2012-08-21 09:13 . 2008-04-11 16:45 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
      2012-08-21 09:13 . 2008-04-11 16:45 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
      2012-08-21 09:12 . 2002-01-01 12:38 41224 ----a-w- c:\windows\avastSS.scr
      2012-08-21 09:12 . 2008-04-11 16:45 227648 ----a-w- c:\windows\system32\aswBoot.exe
      2006-02-23 11:16 . 2011-07-07 00:10 34048 ---ha-w- c:\archivos de programa\mozilla firefox\plugins\upd62i9x.dll
      2006-02-23 11:16 . 2011-07-07 00:10 45056 ---ha-w- c:\archivos de programa\mozilla firefox\plugins\upd62int.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-08-21 09:12 121528 ----a-w- c:\archivos de programa\AVAST Software\Avast\ashShell.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "GBMPro8Agent"="c:\archivos de programa\Genie-Soft\GBMPro8\GBMAgent.exe" [2008-09-11 189056]
      "Eraser"="c:\archivos de programa\Eraser\eraser.exe" [2009-06-10 334224]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
      "RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
      "SoundMan"="SOUNDMAN.EXE" [2005-04-15 77824]
      "GBMPro8Agent"="c:\archivos de programa\Genie-Soft\GBMPro8\GBMAgent.exe" [2008-09-11 189056]
      "Adobe ARM"="c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "SSBkgdUpdate"="c:\archivos de programa\Archivos comunes\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
      "PaperPort PTD"="c:\archivos de programa\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-10 57393]
      "IndexSearch"="c:\archivos de programa\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-10 40960]
      "avast"="c:\archivos de programa\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
      .
      c:\documents and settings\nic\Menú Inicio\Programas\Inicio\
      Adobe Gamma.lnk - c:\archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 110592]
      .
      c:\documents and settings\All Users\Menú Inicio\Programas\Inicio\
      Acrobat Assistant.lnk - c:\archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
      Adobe Gamma Loader.lnk - c:\archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 110592]
      AutoCAD Startup Accelerator.lnk - c:\archivos de programa\Archivos comunes\Autodesk Shared\acstart16.exe [2005-3-5 10872]
      Microsoft Office.lnk - c:\archivos de programa\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
      WinZip Quick Pick.lnk - c:\archivos de programa\WinZip\WZQKPICK.EXE [2007-6-6 106560]
      .
      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\archivos de programa\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "Alcmtr"=ALCMTR.EXE
      "Corel Reminder"=
      "GhostStartTrayApp"=c:\archivos de programa\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
      "Adobe Reader Speed Launcher"="c:\archivos de programa\Adobe\Reader 10.0\Reader\Reader_sl.exe"
      "NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
      "SunJavaUpdateSched"="c:\archivos de programa\Java\jre1.6.0_07\bin\jusched.exe"
      .
      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "d:\\Orsi\\Comunicaciones\\eMule\\emule.exe"=
      "c:\\WINDOWS\\system32\\mmc.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "%windir%\\system32\\sessmgr.exe"=
      .
      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "5985:TCP"= 5985:TCP:*:Disabled:Administración remota de Windows
      .
      R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [16/10/2012 13:20 28552]
      R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [01/01/2002 09:39 729752]
      R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11/04/2008 13:45 355632]
      R1 GhPciScan;GhostPciScanner;c:\archivos de programa\Symantec\Norton Ghost 2003\GhPciScan.sys [17/12/2003 15:41 5632]
      R1 SASDIFSV;SASDIFSV;c:\archivos de programa\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 13:27 12880]
      R1 SASKUTIL;SASKUTIL;c:\archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 18:55 67664]
      R2 !SASCORE;SAS Core Service;c:\archivos de programa\SUPERAntiSpyware\SASCore.exe [11/07/2012 15:54 116608]
      R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11/04/2008 13:45 21256]
      R2 EprDrv;EPR100 Service;c:\windows\system32\drivers\EprDrv.sys [02/02/2009 19:22 7168]
      R2 uagqecsvc;Microsoft Forefront UAG Quarantine Enforcement Client;c:\archivos de programa\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [26/05/2010 13:04 149904]
      S2 gupdate;Google Update Servicio (gupdate);c:\archivos de programa\Google\Update\GoogleUpdate.exe [22/07/2009 19:13 133104]
      S2 gupdate1ca0b199b118eac;Servicio de actualización de Google (gupdate1ca0b199b118eac);c:\archivos de programa\Google\Update\GoogleUpdate.exe [22/07/2009 19:13 133104]
      S3 gupdatem;Google Update Servicio (gupdatem);c:\archivos de programa\Google\Update\GoogleUpdate.exe [22/07/2009 19:13 133104]
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - PAVBOOT
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-10-16 c:\windows\Tasks\avast! Emergency Update.job
      - c:\archivos de programa\AVAST Software\Avast\AvastEmUpdate.exe [2002-01-01 09:12]
      .
      2012-10-15 c:\windows\Tasks\GBM - copia 2-Completa.job
      - c:\archivos de programa\Genie-Soft\GBMPro8\GBM8.exe [2008-12-22 07:27]
      .
      2012-10-11 c:\windows\Tasks\GBM - Copia Perfil-Completa.job
      - c:\archivos de programa\Genie-Soft\GBMPro8\GBM8.exe [2008-12-22 07:27]
      .
      2012-10-16 c:\windows\Tasks\GlaryInitialize.job
      - c:\archivos de programa\Glary Utilities\initialize.exe [2012-10-13 00:59]
      .
      2012-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\archivos de programa\Google\Update\GoogleUpdate.exe [2009-07-22 22:13]
      .
      2012-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\archivos de programa\Google\Update\GoogleUpdate.exe [2009-07-22 22:13]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com
      mStart Page = hxxp://www.google.com
      IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\Office10\EXCEL.EXE/3000
      TCP: Interfaces\{B95ED02F-760B-4B64-897D-6492C161A3FB}: NameServer = 192.168.1.1
      FF - ProfilePath - c:\documents and settings\nic\Datos de programa\Mozilla\Firefox\Profiles\wuhcawov.default\
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxp://google.com
      .
      .
      ------- File Associations -------
      .
      inifile=Notepad.exe "%1"
      txtfile=Notepad.exe "%1"
      .scr=AutoCADScriptFile
      .
      .
      **************************************************************************
      .
      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
      Rootkit scan 2012-10-16 14:01
      Windows 5.1.2600 Service Pack 3 NTFS
      .
      scanning hidden processes ...
      .
      scanning hidden autostart entries ...
      .
      scanning hidden files ...
      .
      scan completed successfully
      hidden files: 0
      .
      **************************************************************************
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------
      .
      - - - - - - - > 'winlogon.exe'(836)
      c:\windows\system32\Ati2evxx.dll
      .
      Completion time: 2012-10-16 14:04:13
      ComboFix-quarantined-files.txt 2012-10-16 17:04
      .
      Pre-Run: 7.540.158.464 bytes libres
      Post-Run: 7.657.517.056 bytes libres
      .
      - - End Of File - - F90DED31BACBE49562380E10F960D3CE

      Saludos

    6. #16
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: Virus file_recover

      Hola.

      Yo veo todo limpio.

      Dale doble clic a OTL.exe y luego pulsa en LIMPIAR.

      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #17
      Usuario Avatar de pepo.ar
      Registrado
      nov 2009
      Ubicación
      argentina
      Mensajes
      35

      Re: Virus file_recover

      Hola

      Ya lo hice, el avast no me indica que haya alguna página que intente abrirse sola, pero sigo sin poder instalar el malawreb. y no puedo ejecutar el eset on line, parece como si se hubiera cambiado la configuración de la conexión, pero puedo navegar y enviar y recibir correo.

      Saludos

    8. #18
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: Virus file_recover

      Descarga Farbar Service Scanner a tu escritorio.

      • Ejecuta FSS.exe (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Marca las siguientes casillas
        • Internet Services.
        • Windows Firewall.
        • System Restore.
        • Security Center/Action Center.
        • Windows Update.
        • Windows Defender.
      • Pulsa en el botón Scan.


      Se abrirá un Bloc de notas copia y pega el contenido en tu próxima respuesta.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #19
      Usuario Avatar de pepo.ar
      Registrado
      nov 2009
      Ubicación
      argentina
      Mensajes
      35

      Re: Virus file_recover

      Hola

      Va reporte FSS


      Farbar Service Scanner Version: 07-10-2012
      Ran by nic (administrator) on 16-10-2012 at 16:49:34
      Running from "C:\Documents and Settings\nic\Escritorio"
      Microsoft Windows XP Professional Service Pack 3 (X86)
      Boot Mode: Normal
      ****************************************************************

      Internet Services:
      ============

      Connection Status:
      ==============
      Localhost is accessible.
      LAN connected.
      Attempt to access Google IP returned error: Google IP is offline
      Attempt to access Google.com returned error: Google.com is offline
      Attempt to access Yahoo IP returned error: Yahoo IP is offline
      Attempt to access Yahoo.com returned error: Yahoo.com is offline


      Windows Firewall:
      =============

      Firewall Disabled Policy:
      ==================


      System Restore:
      ============

      System Restore Disabled Policy:
      ========================


      Security Center:
      ============

      Windows Update:
      ============

      Windows Autoupdate Disabled Policy:
      ============================


      File Check:
      ========
      C:\WINDOWS\system32\dhcpcsvc.dll
      [2004-08-19 15:42] - [2008-04-14 07:48] - 0126976 ____A (Microsoft Corporation) 2DDFB3A5679FA02366686ECB1AF622F0

      C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
      C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
      C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
      C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
      C:\WINDOWS\system32\dnsrslvr.dll
      [2004-08-19 15:42] - [2009-04-20 14:18] - 0045568 ____A (Microsoft Corporation) 2E6D76CAB5A402AF257A963916FE05E7

      C:\WINDOWS\system32\ipnathlp.dll
      [2004-08-19 15:42] - [2008-04-14 07:48] - 0332288 ____A (Microsoft Corporation) 4A4EF3EE166FAD4A04B1D767AD986329

      C:\WINDOWS\system32\netman.dll
      [2004-08-19 15:42] - [2008-04-14 07:48] - 0198144 ____A (Microsoft Corporation) A48884C9359EE9F1FC8F3F0D93FB1D95

      C:\WINDOWS\system32\wbem\WMIsvc.dll
      [2007-06-06 16:06] - [2008-04-14 07:48] - 0145408 ____A (Microsoft Corporation) A5FC75CAB140CF6A78E16C3681001872

      C:\WINDOWS\system32\srsvc.dll
      [2007-06-06 16:07] - [2008-04-14 07:48] - 0171520 ____A (Microsoft Corporation) 0F30EEC6013FCF76693405EC4A7DF899

      C:\WINDOWS\system32\Drivers\sr.sys
      [2007-06-06 16:07] - [2008-04-14 07:28] - 0073472 ____A (Microsoft Corporation) CCB3065C3EE63A4515FE84AF9E78D1DD

      C:\WINDOWS\system32\wscsvc.dll
      [2004-08-19 15:42] - [2008-04-14 07:48] - 0080896 ____A (Microsoft Corporation) 8CD684FD248DFE208C2F8F5052838A81

      C:\WINDOWS\system32\wbem\WMIsvc.dll
      [2007-06-06 16:06] - [2008-04-14 07:48] - 0145408 ____A (Microsoft Corporation) A5FC75CAB140CF6A78E16C3681001872

      C:\WINDOWS\system32\wuauserv.dll
      [2007-06-06 16:07] - [2008-04-14 07:48] - 0006656 ____A (Microsoft Corporation) 0B8FC4D0F9D6964713E81AD558B50A71

      C:\WINDOWS\system32\qmgr.dll
      [2007-06-06 16:07] - [2008-04-14 07:48] - 0409088 ____A (Microsoft Corporation) 8EE9639C01B92490E09638CAA1B16C3C

      C:\WINDOWS\system32\es.dll
      [2004-08-19 15:42] - [2008-07-07 17:27] - 0253952 ____A (Microsoft Corporation) A225DD0D0489BD580781D19524A10B19

      C:\WINDOWS\system32\cryptsvc.dll
      [2004-08-19 15:41] - [2008-04-14 07:48] - 0062464 ____A (Microsoft Corporation) E423C9C1946C656E0E4840210A0A8681

      C:\WINDOWS\system32\svchost.exe
      [2004-08-19 15:43] - [2008-04-14 07:49] - 0014336 ____A (Microsoft Corporation) 4F2340F0BD5B6365C38E74DD391919A8

      C:\WINDOWS\system32\rpcss.dll
      [2004-08-19 15:42] - [2009-02-09 07:52] - 0401408 ____A (Microsoft Corporation) 97869C55F562B777987100EA30AD8108

      C:\WINDOWS\system32\services.exe
      [2004-08-19 15:43] - [2009-02-09 08:23] - 0111104 ____A (Microsoft Corporation) 953DF7327510DF0DE048B8E80E504EF9


      Extra List:
      =======
      aswTdi(9) Gpc(4) IPSec(6) irda(3) NetBT(7) PSched(8) Tcpip(5)
      0x09000000060000000100000002000000030000000400000005000000090000000700000008000000
      IpSec Tag value is correct.

      **** End of log ****

      Saludos

    10. #20
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: Virus file_recover

      Descarga en el escritorio de windows la herramienta Complete Internet Repair.

      1. Extrae el contenido del archivo zip
      2. Busca y ejecuta dentro de la carpeta CIntRep-#-#-#-#### el archivo llamado Cintrep.exe.
        Click derecho >> Ejecutar como Administrador/Si estas en Windows Vista o Windows 7
      3. Se abrirá el programa con las opciones que ves en la imagen


      4. Activa las siguientes casillas:


        • Flush DNS Resolver Cache
        • Repair Internet Explorer
        • Clear Windows Update history
        • Reset Windows Firewall Cofigurations
        • Restore the default Hosts File


      5. Luego pulsa en GO.

      6. Reinicia el sistema al terminar con la reparación.


      Nos comentas los resultados.

      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.