• Registrarse
  • Iniciar sesión


  • Página 3 de 3 PrimeroPrimero 123
    Resultados 21 al 28 de 28

    Problema con virus

    Hola amigos del foro les comento que realize todos lo que me indicaron pero el combofix cuando va en completed satage 4 se reinicia indicando el apagado a sido iniciado por NT AUTHORITY\SYSTEM e indica ...

    1. #21
      Usuario Avatar de marciano
      Registrado
      nov 2012
      Ubicación
      chile
      Mensajes
      13

      Re: Problema con virus

      Hola amigos del foro les comento que realize todos lo que me indicaron pero el combofix cuando va en completed satage 4 se reinicia indicando el apagado a sido iniciado por NT AUTHORITY\SYSTEM e indica el siguiente mensaje windows debe reiniciar ahora por que el servicio llamada a procedimiento remoto (RPC) termino de forma inesperada. Una ves que se reinicia no me da ningun reporte. En cuanto a TdssKiller adjunto informe. Favor su ayuda.

      15:14:34.0359 3432 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      15:14:36.0359 3432 ============================================================
      15:14:36.0359 3432 Current date / time: 2012/11/19 15:14:36.0359
      15:14:36.0359 3432 SystemInfo:
      15:14:36.0359 3432
      15:14:36.0359 3432 OS Version: 5.1.2600 ServicePack: 3.0
      15:14:36.0359 3432 Product type: Workstation
      15:14:36.0359 3432 ComputerName: COMPLEME-FF52DF
      15:14:36.0359 3432 UserName: usuario2
      15:14:36.0359 3432 Windows directory: C:\WINDOWS
      15:14:36.0359 3432 System windows directory: C:\WINDOWS
      15:14:36.0359 3432 Processor architecture: Intel x86
      15:14:36.0359 3432 Number of processors: 2
      15:14:36.0359 3432 Page size: 0x1000
      15:14:36.0359 3432 Boot type: Normal boot
      15:14:36.0359 3432 ============================================================
      15:14:37.0265 3432 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4BB55, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000054
      15:14:37.0265 3432 ============================================================
      15:14:37.0265 3432 \Device\Harddisk0\DR0:
      15:14:37.0265 3432 MBR partitions:
      15:14:37.0265 3432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7E91
      15:14:37.0281 3432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7F0F, BlocksNum 0xC8717C1
      15:14:37.0281 3432 ============================================================
      15:14:37.0312 3432 C: <-> \Device\Harddisk0\DR0\Partition1
      15:14:37.0359 3432 D: <-> \Device\Harddisk0\DR0\Partition2
      15:14:37.0390 3432 ============================================================
      15:14:37.0390 3432 Initialize success
      15:14:37.0390 3432 ============================================================
      15:14:43.0000 0116 ============================================================
      15:14:43.0000 0116 Scan started
      15:14:43.0000 0116 Mode: Manual; SigCheck; TDLFS;
      15:14:43.0000 0116 ============================================================
      15:14:43.0531 0116 ================ Scan system memory ========================
      15:14:43.0531 0116 System memory - ok
      15:14:43.0531 0116 ================ Scan services =============================
      15:14:43.0765 0116 [ 8D488938E2F7048906F1FBD3AF394887 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
      15:14:43.0953 0116 Aavmker4 - ok
      15:14:43.0968 0116 Abiosdsk - ok
      15:14:43.0968 0116 abp480n5 - ok
      15:14:44.0000 0116 [ CF2A07E1751A2D612D7E13AA431AB057 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
      15:14:44.0093 0116 ACPI - ok
      15:14:44.0125 0116 [ 1C905333C0B9F3D7C68DDF25E54B00F9 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
      15:14:44.0203 0116 ACPIEC - ok
      15:14:44.0203 0116 adpu160m - ok
      15:14:44.0218 0116 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
      15:14:44.0296 0116 aec - ok
      15:14:44.0328 0116 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
      15:14:44.0359 0116 AFD - ok
      15:14:44.0359 0116 Aha154x - ok
      15:14:44.0375 0116 aic78u2 - ok
      15:14:44.0375 0116 aic78xx - ok
      15:14:44.0406 0116 [ FEDCA791A089D4E15084DA10F38BCE45 ] Alerter C:\WINDOWS\system32\alrsvc.dll
      15:14:44.0484 0116 Alerter - ok
      15:14:44.0484 0116 AliIde - ok
      15:14:44.0500 0116 amsint - ok
      15:14:44.0531 0116 [ 3E59DF4984FBD6800D6621480B38A34E ] Andbus C:\WINDOWS\system32\DRIVERS\lgandbus.sys
      15:14:44.0609 0116 Andbus - ok
      15:14:44.0640 0116 [ 8E0BF6F3B2C9C292BC7CE0DE727CDD56 ] AndDiag C:\WINDOWS\system32\DRIVERS\lganddiag.sys
      15:14:44.0656 0116 AndDiag - ok
      15:14:44.0687 0116 [ 1D2C90E25483363D54B652898BBC8F2A ] AndGps C:\WINDOWS\system32\DRIVERS\lgandgps.sys
      15:14:44.0687 0116 AndGps - ok
      15:14:44.0718 0116 [ B1B06A95DA2CAC7FA19832C60C348C85 ] ANDModem C:\WINDOWS\system32\DRIVERS\lgandmodem.sys
      15:14:44.0750 0116 ANDModem - ok
      15:14:44.0781 0116 [ 30CD42BFCDAFEFE8567B9E527DD3AE08 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
      15:14:44.0859 0116 AppMgmt - ok
      15:14:44.0859 0116 asc - ok
      15:14:44.0859 0116 asc3350p - ok
      15:14:44.0875 0116 asc3550 - ok
      15:14:44.0937 0116 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
      15:14:44.0968 0116 aspnet_state - ok
      15:14:44.0984 0116 [ A0D86B8AC93EF95620420C7A24AC5344 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
      15:14:45.0000 0116 aswFsBlk - ok
      15:14:45.0000 0116 [ 7D880C76A285A41284D862E2D798EC0D ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
      15:14:45.0015 0116 aswMon2 - ok
      15:14:45.0015 0116 [ 69823954BBD461A73D69774928C9737E ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
      15:14:45.0031 0116 aswRdr - ok
      15:14:45.0046 0116 [ 7ECC2776638B04553F9A85BD684C3ABF ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
      15:14:45.0046 0116 aswSP - ok
      15:14:45.0062 0116 [ 095ED820A926AA8189180B305E1BCFC9 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
      15:14:45.0078 0116 aswTdi - ok
      15:14:45.0093 0116 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      15:14:45.0171 0116 AsyncMac - ok
      15:14:45.0187 0116 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
      15:14:45.0250 0116 atapi - ok
      15:14:45.0250 0116 Atdisk - ok
      15:14:45.0265 0116 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      15:14:45.0343 0116 Atmarpc - ok
      15:14:45.0390 0116 [ A37F6480B06C37DB69BBFF045CF9F55B ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
      15:14:45.0453 0116 AudioSrv - ok
      15:14:45.0484 0116 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
      15:14:45.0562 0116 audstub - ok
      15:14:45.0640 0116 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Antivirus C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
      15:14:45.0656 0116 avast! Antivirus - ok
      15:14:45.0656 0116 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Mail Scanner C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
      15:14:45.0671 0116 avast! Mail Scanner - ok
      15:14:45.0671 0116 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Web Scanner C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
      15:14:45.0671 0116 avast! Web Scanner - ok
      15:14:45.0703 0116 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
      15:14:45.0796 0116 Beep - ok
      15:14:45.0828 0116 [ 8EE9639C01B92490E09638CAA1B16C3C ] BITS C:\WINDOWS\system32\qmgr.dll
      15:14:45.0937 0116 BITS - ok
      15:14:45.0968 0116 [ DCA0E43CB14D2390FAA5A21B9DC92274 ] Browser C:\WINDOWS\System32\browser.dll
      15:14:46.0015 0116 Browser - ok
      15:14:46.0109 0116 [ A3333663E400B6327E0A0B98CAD20A24 ] Browser Manager C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
      15:14:46.0203 0116 Browser Manager - ok
      15:14:46.0265 0116 catchme - ok
      15:14:46.0296 0116 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
      15:14:46.0375 0116 cbidf2k - ok
      15:14:46.0390 0116 cd20xrnt - ok
      15:14:46.0421 0116 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
      15:14:46.0500 0116 Cdaudio - ok
      15:14:46.0531 0116 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
      15:14:46.0593 0116 Cdfs - ok
      15:14:46.0609 0116 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
      15:14:46.0687 0116 Cdrom - ok
      15:14:46.0703 0116 Changer - ok
      15:14:46.0734 0116 [ B0E3FEC4EE7B935A7387FD6EF31EA780 ] CiSvc C:\WINDOWS\system32\cisvc.exe
      15:14:46.0812 0116 CiSvc - ok
      15:14:46.0843 0116 [ 0C3BF68AB94CEFD64B333B326F84510E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
      15:14:46.0921 0116 ClipSrv - ok
      15:14:46.0937 0116 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      15:14:47.0000 0116 clr_optimization_v2.0.50727_32 - ok
      15:14:47.0000 0116 CmdIde - ok
      15:14:47.0015 0116 COMSysApp - ok
      15:14:47.0015 0116 Cpqarray - ok
      15:14:47.0031 0116 [ E423C9C1946C656E0E4840210A0A8681 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
      15:14:47.0125 0116 CryptSvc - ok
      15:14:47.0125 0116 dac2w2k - ok
      15:14:47.0125 0116 dac960nt - ok
      15:14:47.0140 0116 dac970nt - ok
      15:14:47.0156 0116 [ 97869C55F562B777987100EA30AD8108 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
      15:14:47.0203 0116 DcomLaunch - ok
      15:14:47.0234 0116 [ 2DDFB3A5679FA02366686ECB1AF622F0 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
      15:14:47.0312 0116 Dhcp - ok
      15:14:47.0343 0116 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
      15:14:47.0421 0116 Disk - ok
      15:14:47.0421 0116 dmadmin - ok
      15:14:47.0453 0116 [ C252A99C0A78B39FAA2E2D1D048B1050 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
      15:14:47.0562 0116 dmboot - ok
      15:14:47.0578 0116 [ 33B4D4039CD2CB25351A7BF13B2988D9 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
      15:14:47.0671 0116 dmio - ok
      15:14:47.0687 0116 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
      15:14:47.0765 0116 dmload - ok
      15:14:47.0796 0116 [ 40D0520DDAA9312C5DDDD8C7C99D8325 ] dmserver C:\WINDOWS\System32\dmserver.dll
      15:14:47.0875 0116 dmserver - ok
      15:14:47.0890 0116 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
      15:14:47.0968 0116 DMusic - ok
      15:14:48.0000 0116 [ 2E6D76CAB5A402AF257A963916FE05E7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
      15:14:48.0078 0116 Dnscache - ok
      15:14:48.0109 0116 [ 412134C50E2063D882EF1634676E2B25 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
      15:14:48.0171 0116 Dot3svc - ok
      15:14:48.0171 0116 dpti2o - ok
      15:14:48.0203 0116 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
      15:14:48.0265 0116 drmkaud - ok
      15:14:48.0296 0116 [ FC3FE3654588E597FFF395C305062C46 ] EapHost C:\WINDOWS\System32\eapsvc.dll
      15:14:48.0375 0116 EapHost - ok
      15:14:48.0390 0116 [ D96623DD7CE1EA9E4DE7285D740E14F6 ] ERSvc C:\WINDOWS\System32\ersvc.dll
      15:14:48.0468 0116 ERSvc - ok
      15:14:48.0484 0116 [ 953DF7327510DF0DE048B8E80E504EF9 ] Eventlog C:\WINDOWS\system32\services.exe
      15:14:48.0500 0116 Eventlog - ok
      15:14:48.0531 0116 [ A225DD0D0489BD580781D19524A10B19 ] EventSystem C:\WINDOWS\system32\es.dll
      15:14:48.0578 0116 EventSystem - ok
      15:14:48.0578 0116 ewusbnet - ok
      15:14:48.0593 0116 ew_hwusbdev - ok
      15:14:48.0625 0116 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
      15:14:48.0687 0116 Fastfat - ok
      15:14:48.0734 0116 [ 1F617C5A76215C380478D750CE92CC73 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
      15:14:48.0765 0116 FastUserSwitchingCompatibility - ok
      15:14:48.0812 0116 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
      15:14:48.0890 0116 Fdc - ok
      15:14:48.0921 0116 [ E5E61F2C07344E91DBFB7EAFDE549AB4 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
      15:14:48.0984 0116 Fips - ok
      15:14:49.0000 0116 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
      15:14:49.0203 0116 Flpydisk - ok
      15:14:49.0234 0116 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
      15:14:49.0343 0116 FltMgr - ok
      15:14:49.0390 0116 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
      15:14:49.0406 0116 FontCache3.0.0.0 - ok
      15:14:49.0406 0116 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
      15:14:49.0484 0116 Fs_Rec - ok
      15:14:49.0515 0116 [ CC5F3AF5711A1C7C8FA1D43BB16B401A ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      15:14:49.0593 0116 Ftdisk - ok
      15:14:49.0625 0116 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
      15:14:49.0703 0116 Gpc - ok
      15:14:49.0718 0116 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
      15:14:49.0781 0116 HDAudBus - ok
      15:14:49.0828 0116 [ 6B5E1788ABF15177A20C6C76C11382BB ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
      15:14:49.0906 0116 helpsvc - ok
      15:14:49.0906 0116 HidServ - ok
      15:14:49.0921 0116 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
      15:14:50.0000 0116 HidUsb - ok
      15:14:50.0031 0116 [ 8F80B5FB68E1E767D872CB9A8CAD5B5D ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
      15:14:50.0109 0116 hkmsvc - ok
      15:14:50.0109 0116 hpn - ok
      15:14:50.0156 0116 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
      15:14:50.0187 0116 HTTP - ok
      15:14:50.0218 0116 [ 0406B351908A8C143B6B6BB8834D4920 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
      15:14:50.0296 0116 HTTPFilter - ok
      15:14:50.0296 0116 huawei_enumerator - ok
      15:14:50.0312 0116 hwdatacard - ok
      15:14:50.0312 0116 i2omgmt - ok
      15:14:50.0328 0116 i2omp - ok
      15:14:50.0343 0116 [ 4A2490A66E8271901E89DD5FB79748AE ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      15:14:50.0421 0116 i8042prt - ok
      15:14:50.0546 0116 [ D1359E54D9755D28E56B17A352AB8AAE ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
      15:14:50.0765 0116 ialm - ok
      15:14:50.0812 0116 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      15:14:50.0859 0116 idsvc - ok
      15:14:50.0890 0116 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
      15:14:50.0968 0116 Imapi - ok
      15:14:50.0984 0116 [ E50ABD04CA0C015017722014D1D9251E ] ImapiService C:\WINDOWS\system32\imapi.exe
      15:14:51.0062 0116 ImapiService - ok
      15:14:51.0062 0116 ini910u - ok
      15:14:51.0171 0116 [ 19D3781892A3794672CD1962F3D8D3B8 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
      15:14:51.0328 0116 IntcAzAudAddService - ok
      15:14:51.0328 0116 IntelIde - ok
      15:14:51.0359 0116 [ 49A060498C09DB18C3EA9939789005AB ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
      15:14:51.0437 0116 intelppm - ok
      15:14:51.0453 0116 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
      15:14:51.0531 0116 Ip6Fw - ok
      15:14:51.0562 0116 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      15:14:51.0640 0116 IpFilterDriver - ok
      15:14:51.0656 0116 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
      15:14:51.0718 0116 IpInIp - ok
      15:14:51.0750 0116 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
      15:14:51.0828 0116 IpNat - ok
      15:14:51.0843 0116 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
      15:14:51.0921 0116 IPSec - ok
      15:14:51.0921 0116 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
      15:14:52.0000 0116 IRENUM - ok
      15:14:52.0015 0116 [ 0F3D281B0410FE5D482AADA37D20524B ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
      15:14:52.0093 0116 isapnp - ok
      15:14:52.0125 0116 [ 188DDD286BC0DAEA6984858C6A4D7BBF ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      15:14:52.0187 0116 Kbdclass - ok
      15:14:52.0203 0116 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
      15:14:52.0265 0116 kmixer - ok
      15:14:52.0281 0116 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
      15:14:52.0359 0116 KSecDD - ok
      15:14:52.0390 0116 [ CCFC469EFD7ECDDC8FC887BAE7B8563F ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
      15:14:52.0437 0116 lanmanserver - ok
      15:14:52.0468 0116 [ 3DB7B764F5066587DAE58A71AE51292E ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
      15:14:52.0531 0116 lanmanworkstation - ok
      15:14:52.0531 0116 lbrtfdc - ok
      15:14:52.0562 0116 [ 01AF2112FF79AA613B6621A75C4E9277 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
      15:14:52.0640 0116 LmHosts - ok
      15:14:52.0687 0116 [ C663F00553D965B119983A1AB9E63237 ] LMIGuardianSvc C:\Archivos de programa\LogMeIn\x86\LMIGuardianSvc.exe
      15:14:52.0718 0116 LMIGuardianSvc ( UnsignedFile.Multi.Generic ) - warning
      15:14:52.0718 0116 LMIGuardianSvc - detected UnsignedFile.Multi.Generic (1)
      15:14:52.0734 0116 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Archivos de programa\LogMeIn\x86\RaInfo.sys
      15:14:52.0750 0116 LMIInfo - ok
      15:14:52.0796 0116 [ 4EFB00233C669155A652F5A9BA858913 ] LMIMaint C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
      15:14:52.0796 0116 LMIMaint ( UnsignedFile.Multi.Generic ) - warning
      15:14:52.0796 0116 LMIMaint - detected UnsignedFile.Multi.Generic (1)
      15:14:52.0828 0116 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
      15:14:52.0828 0116 lmimirr - ok
      15:14:52.0828 0116 LMIRfsClientNP - ok
      15:14:52.0875 0116 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
      15:14:52.0875 0116 LMIRfsDriver - ok
      15:14:52.0937 0116 [ A9D4FDE0A0AFF23193FD5C933BA1005D ] LogMeIn C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
      15:14:52.0937 0116 LogMeIn ( UnsignedFile.Multi.Generic ) - warning
      15:14:52.0937 0116 LogMeIn - detected UnsignedFile.Multi.Generic (1)
      15:14:52.0968 0116 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
      15:14:52.0968 0116 MBAMProtector - ok
      15:14:53.0031 0116 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe
      15:14:53.0046 0116 MBAMScheduler - ok
      15:14:53.0062 0116 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
      15:14:53.0093 0116 MBAMService - ok
      15:14:53.0156 0116 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
      15:14:53.0171 0116 MDM - ok
      15:14:53.0187 0116 [ 047E70B04B288439245DDC8DD1A31982 ] Messenger C:\WINDOWS\System32\msgsvc.dll
      15:14:53.0265 0116 Messenger - ok
      15:14:53.0312 0116 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
      15:14:53.0390 0116 mnmdd - ok
      15:14:53.0421 0116 [ 85ADA209695A677C9D60962CDE10696B ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
      15:14:53.0515 0116 mnmsrvc - ok
      15:14:53.0546 0116 [ 9024556E739B8469D2B8F5F0E4C9BC9F ] Modem C:\WINDOWS\system32\drivers\Modem.sys
      15:14:53.0625 0116 Modem - ok
      15:14:53.0640 0116 [ 6FD36B4994A2363659A65C9F970CFDB7 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
      15:14:53.0718 0116 Mouclass - ok
      15:14:53.0750 0116 [ 8EE532E516B2D23D686CFC1CC0A15C25 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
      15:14:53.0812 0116 mouhid - ok
      15:14:53.0843 0116 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
      15:14:53.0921 0116 MountMgr - ok
      15:14:53.0937 0116 mraid35x - ok
      15:14:53.0937 0116 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      15:14:54.0015 0116 MRxDAV - ok
      15:14:54.0062 0116 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      15:14:54.0109 0116 MRxSmb - ok
      15:14:54.0140 0116 [ 975BD2762BF355A572597CC54D97BA93 ] MSDTC C:\WINDOWS\system32\msdtc.exe
      15:14:54.0218 0116 MSDTC - ok
      15:14:54.0234 0116 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
      15:14:54.0312 0116 Msfs - ok
      15:14:54.0312 0116 MSIServer - ok
      15:14:54.0328 0116 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
      15:14:54.0390 0116 MSKSSRV - ok
      15:14:54.0421 0116 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      15:14:54.0500 0116 MSPCLOCK - ok
      15:14:54.0515 0116 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
      15:14:54.0593 0116 MSPQM - ok
      15:14:54.0625 0116 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      15:14:54.0703 0116 mssmbios - ok
      15:14:54.0718 0116 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
      15:14:54.0750 0116 Mup - ok
      15:14:54.0781 0116 [ FD578FCC03BBD76AF1E62202E6670D29 ] napagent C:\WINDOWS\System32\qagentrt.dll
      15:14:54.0859 0116 napagent - ok
      15:14:54.0890 0116 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
      15:14:54.0968 0116 NDIS - ok
      15:14:54.0984 0116 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      15:14:55.0031 0116 NdisTapi - ok
      15:14:55.0046 0116 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      15:14:55.0125 0116 Ndisuio - ok
      15:14:55.0125 0116 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      15:14:55.0203 0116 NdisWan - ok
      15:14:55.0250 0116 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
      15:14:55.0296 0116 NDProxy - ok
      15:14:55.0328 0116 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
      15:14:55.0328 0116 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      15:14:55.0328 0116 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      15:14:55.0343 0116 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
      15:14:55.0421 0116 NetBIOS - ok
      15:14:55.0437 0116 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
      15:14:55.0515 0116 NetBT - ok
      15:14:55.0546 0116 [ 96B009E5B163850CF94DC333ED2BEE93 ] NetDDE C:\WINDOWS\system32\netdde.exe
      15:14:55.0609 0116 NetDDE - ok
      15:14:55.0609 0116 [ 96B009E5B163850CF94DC333ED2BEE93 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
      15:14:55.0687 0116 NetDDEdsdm - ok
      15:14:55.0718 0116 [ 671ACA589DA3733FAC878A751C5BF0ED ] Netlogon C:\WINDOWS\system32\lsass.exe
      15:14:55.0796 0116 Netlogon - ok
      15:14:55.0828 0116 [ A48884C9359EE9F1FC8F3F0D93FB1D95 ] Netman C:\WINDOWS\System32\netman.dll
      15:14:55.0906 0116 Netman - ok
      15:14:55.0937 0116 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      15:14:55.0953 0116 NetTcpPortSharing - ok
      15:14:55.0984 0116 [ 5E11D375C92A0DDA7AC4D487FC4E1978 ] Nla C:\WINDOWS\System32\mswsock.dll
      15:14:56.0000 0116 Nla - ok
      15:14:56.0031 0116 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
      15:14:56.0109 0116 Npfs - ok
      15:14:56.0375 0116 [ FD9666A8EB88E713C18E2E90F6E746D0 ] npkcrypt C:\WINDOWS\system32\spool\XPSEP\i386\i386\NCsoft\Lineage II\system\npkcrypt.sys
      15:14:56.0390 0116 npkcrypt ( UnsignedFile.Multi.Generic ) - warning
      15:14:56.0390 0116 npkcrypt - detected UnsignedFile.Multi.Generic (1)
      15:14:56.0421 0116 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
      15:14:56.0500 0116 Ntfs - ok
      15:14:56.0515 0116 [ 671ACA589DA3733FAC878A751C5BF0ED ] NtLmSsp C:\WINDOWS\system32\lsass.exe
      15:14:56.0593 0116 NtLmSsp - ok
      15:14:56.0625 0116 [ D60C40D71A4D874C903255E4827AFA0C ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
      15:14:56.0718 0116 NtmsSvc - ok
      15:14:56.0734 0116 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
      15:14:56.0812 0116 Null - ok
      15:14:56.0843 0116 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      15:14:56.0937 0116 NwlnkFlt - ok
      15:14:56.0953 0116 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      15:14:57.0031 0116 NwlnkFwd - ok
      15:14:57.0062 0116 [ C8335BFE8CEC7AA398BD5B8CE21E3EBB ] OpenVPNService C:\Archivos de programa\OpenVPN\bin\openvpnserv.exe
      15:14:57.0078 0116 OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
      15:14:57.0078 0116 OpenVPNService - detected UnsignedFile.Multi.Generic (1)
      15:14:57.0109 0116 [ 26999DE89B3FEAAB753A902AD963DE70 ] ose C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
      15:14:57.0109 0116 ose ( UnsignedFile.Multi.Generic ) - warning
      15:14:57.0109 0116 ose - detected UnsignedFile.Multi.Generic (1)
      15:14:57.0140 0116 [ E7855CBD8BD1FDA085A3F92CFF7906E2 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
      15:14:57.0218 0116 Parport - ok
      15:14:57.0234 0116 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
      15:14:57.0312 0116 PartMgr - ok
      15:14:57.0328 0116 [ FAD44D704ECD7D39AD01415B8BB34204 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
      15:14:57.0421 0116 ParVdm - ok
      15:14:57.0437 0116 [ F11BC84AE6C7B003B5E0C8EEB4A1F444 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
      15:14:57.0515 0116 PCI - ok
      15:14:57.0515 0116 PCIDump - ok
      15:14:57.0531 0116 [ 33D63F0A9021ACB4D75D83B646B93A30 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
      15:14:57.0625 0116 PCIIde - ok
      15:14:57.0640 0116 [ F50C27CCA56DC97B3A45E7F0059BD2BA ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
      15:14:57.0718 0116 Pcmcia - ok
      15:14:57.0718 0116 PDCOMP - ok
      15:14:57.0734 0116 PDFRAME - ok
      15:14:57.0734 0116 PDRELI - ok
      15:14:57.0734 0116 PDRFRAME - ok
      15:14:57.0750 0116 perc2 - ok
      15:14:57.0750 0116 perc2hib - ok
      15:14:57.0781 0116 [ 953DF7327510DF0DE048B8E80E504EF9 ] PlugPlay C:\WINDOWS\system32\services.exe
      15:14:57.0781 0116 PlugPlay - ok
      15:14:57.0812 0116 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
      15:14:57.0828 0116 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      15:14:57.0828 0116 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      15:14:57.0843 0116 [ 671ACA589DA3733FAC878A751C5BF0ED ] PolicyAgent C:\WINDOWS\system32\lsass.exe
      15:14:57.0906 0116 PolicyAgent - ok
      15:14:57.0921 0116 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
      15:14:57.0984 0116 PptpMiniport - ok
      15:14:58.0000 0116 [ 671ACA589DA3733FAC878A751C5BF0ED ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
      15:14:58.0062 0116 ProtectedStorage - ok
      15:14:58.0062 0116 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
      15:14:58.0140 0116 PSched - ok
      15:14:58.0156 0116 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
      15:14:58.0234 0116 Ptilink - ok
      15:14:58.0250 0116 ql1080 - ok
      15:14:58.0250 0116 Ql10wnt - ok
      15:14:58.0250 0116 ql12160 - ok
      15:14:58.0265 0116 ql1240 - ok
      15:14:58.0265 0116 ql1280 - ok
      15:14:58.0265 0116 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
      15:14:58.0343 0116 RasAcd - ok
      15:14:58.0375 0116 [ 8345C6F52F38A95B950B9B3D064AE3EE ] RasAuto C:\WINDOWS\System32\rasauto.dll
      15:14:58.0437 0116 RasAuto - ok
      15:14:58.0468 0116 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      15:14:58.0531 0116 Rasl2tp - ok
      15:14:58.0562 0116 [ B279F6A9EA3ACB5844C103ED2DB65B44 ] RasMan C:\WINDOWS\System32\rasmans.dll
      15:14:58.0625 0116 RasMan - ok
      15:14:58.0640 0116 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      15:14:58.0703 0116 RasPppoe - ok
      15:14:58.0718 0116 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
      15:14:58.0796 0116 Raspti - ok
      15:14:58.0812 0116 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
      15:14:58.0875 0116 Rdbss - ok
      15:14:58.0875 0116 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      15:14:58.0984 0116 RDPCDD - ok
      15:14:59.0000 0116 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
      15:14:59.0078 0116 rdpdr - ok
      15:14:59.0109 0116 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
      15:14:59.0156 0116 RDPWD - ok
      15:14:59.0187 0116 [ 6193E6B05336C277EA4DB39AFA46BC23 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
      15:14:59.0265 0116 RDSessMgr - ok
      15:14:59.0296 0116 [ 20950948970A0EA329B4254052BCF093 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
      15:14:59.0375 0116 redbook - ok
      15:14:59.0406 0116 [ 1B7481D377BD7997452352F82F4CFFED ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
      15:14:59.0468 0116 RemoteAccess - ok
      15:14:59.0500 0116 [ E424F05B07AC4357DC08D06218D76C7C ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
      15:14:59.0562 0116 RemoteRegistry - ok
      15:14:59.0593 0116 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
      15:14:59.0625 0116 RimUsb - ok
      15:14:59.0640 0116 [ 9FCCBDBAA0CF915AAC0132DE1C9566B3 ] RpcLocator C:\WINDOWS\system32\locator.exe
      15:14:59.0703 0116 RpcLocator - ok
      15:14:59.0734 0116 [ 97869C55F562B777987100EA30AD8108 ] RpcSs C:\WINDOWS\System32\rpcss.dll
      15:14:59.0750 0116 RpcSs - ok
      15:14:59.0781 0116 [ 5E38212C2C00DC342E2281D2F6BFB746 ] RSVP C:\WINDOWS\system32\rsvp.exe
      15:14:59.0875 0116 RSVP - ok
      15:14:59.0906 0116 [ 581E74880AEB1DBA1CB5AC8E6E6C0A69 ] RT61 C:\WINDOWS\system32\DRIVERS\RT61.sys
      15:14:59.0937 0116 RT61 - ok
      15:14:59.0984 0116 [ 6E7470477D08F6E47E91016D6A1C5A5F ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
      15:15:00.0015 0116 RTLE8023xp - ok
      15:15:00.0046 0116 [ 671ACA589DA3733FAC878A751C5BF0ED ] SamSs C:\WINDOWS\system32\lsass.exe
      15:15:00.0109 0116 SamSs - ok
      15:15:00.0140 0116 [ A50E4DD0E2A9DF762807C84153B4953A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
      15:15:00.0218 0116 SCardSvr - ok
      15:15:00.0250 0116 [ 51BE25C404D3DD344C6079DE715E4977 ] Schedule C:\WINDOWS\system32\schedsvc.dll
      15:15:00.0328 0116 Schedule - ok
      15:15:00.0359 0116 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
      15:15:00.0421 0116 Secdrv - ok
      15:15:00.0453 0116 [ B62C489373A1E1B949FC0FAA90F3B47A ] seclogon C:\WINDOWS\System32\seclogon.dll
      15:15:00.0531 0116 seclogon - ok
      15:15:00.0546 0116 [ A95A27C874B0931A6F8F656924F4A14A ] SENS C:\WINDOWS\system32\sens.dll
      15:15:00.0625 0116 SENS - ok
      15:15:00.0640 0116 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
      15:15:00.0718 0116 serenum - ok
      15:15:00.0734 0116 [ F41B42B92AE9C1191858C3F80CC24A9C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
      15:15:00.0812 0116 Serial - ok
      15:15:00.0828 0116 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
      15:15:00.0890 0116 Sfloppy - ok
      15:15:00.0921 0116 [ 4A4EF3EE166FAD4A04B1D767AD986329 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
      15:15:01.0000 0116 SharedAccess - ok
      15:15:01.0031 0116 [ 1F617C5A76215C380478D750CE92CC73 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
      15:15:01.0031 0116 ShellHWDetection - ok
      15:15:01.0046 0116 Simbad - ok
      15:15:01.0046 0116 Sparrow - ok
      15:15:01.0078 0116 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
      15:15:01.0140 0116 splitter - ok
      15:15:01.0171 0116 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
      15:15:01.0203 0116 Spooler - ok
      15:15:01.0218 0116 [ CCB3065C3EE63A4515FE84AF9E78D1DD ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
      15:15:01.0281 0116 sr - ok
      15:15:01.0312 0116 [ 0F30EEC6013FCF76693405EC4A7DF899 ] srservice C:\WINDOWS\system32\srsvc.dll
      15:15:01.0390 0116 srservice - ok
      15:15:01.0406 0116 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
      15:15:01.0453 0116 Srv - ok
      15:15:01.0500 0116 [ B622A432EF02895DE4AA38AC8B85FA4C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
      15:15:01.0578 0116 SSDPSRV - ok
      15:15:01.0609 0116 [ 7226422C95FDF8AA6092EE964912B0DF ] stisvc C:\WINDOWS\system32\wiaservc.dll
      15:15:01.0687 0116 stisvc - ok
      15:15:01.0703 0116 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
      15:15:01.0781 0116 swenum - ok
      15:15:01.0796 0116 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
      15:15:01.0875 0116 swmidi - ok
      15:15:01.0875 0116 SwPrv - ok
      15:15:01.0875 0116 symc810 - ok
      15:15:01.0890 0116 symc8xx - ok
      15:15:01.0890 0116 sym_hi - ok
      15:15:01.0890 0116 sym_u3 - ok
      15:15:01.0921 0116 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
      15:15:01.0984 0116 sysaudio - ok
      15:15:02.0015 0116 [ F1F6EE807F0112AAE2259B253B6DDF89 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
      15:15:02.0078 0116 SysmonLog - ok
      15:15:02.0109 0116 [ 0C82061920A2DE35D33C2C2BB83B1E98 ] tap0801 C:\WINDOWS\system32\DRIVERS\tap0801.sys
      15:15:02.0109 0116 tap0801 ( UnsignedFile.Multi.Generic ) - warning
      15:15:02.0109 0116 tap0801 - detected UnsignedFile.Multi.Generic (1)
      15:15:02.0156 0116 [ 04A5B8EA326951DB27DF60A14F2999FF ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
      15:15:02.0218 0116 TapiSrv - ok
      15:15:02.0250 0116 [ 4AFB3B0919649F95C1964AA1FAD27D73 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
      15:15:02.0265 0116 Tcpip ( UnsignedFile.Multi.Generic ) - warning
      15:15:02.0265 0116 Tcpip - detected UnsignedFile.Multi.Generic (1)
      15:15:02.0296 0116 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
      15:15:02.0375 0116 TDPIPE - ok
      15:15:02.0406 0116 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
      15:15:02.0484 0116 TDTCP - ok
      15:15:02.0562 0116 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Archivos de programa\TeamViewer\Version7\TeamViewer_Service.exe
      15:15:02.0640 0116 TeamViewer7 - ok
      15:15:02.0671 0116 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
      15:15:02.0734 0116 TermDD - ok
      15:15:02.0781 0116 [ 288B20D56D5F0EC4BCC77FBFA5A81740 ] TermService C:\WINDOWS\System32\termsrv.dll
      15:15:02.0859 0116 TermService - ok
      15:15:02.0890 0116 [ 1F617C5A76215C380478D750CE92CC73 ] Themes C:\WINDOWS\System32\shsvcs.dll
      15:15:02.0906 0116 Themes - ok
      15:15:02.0937 0116 [ 65BF170815C0DF302BE038FD8891C722 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
      15:15:03.0015 0116 TlntSvr - ok
      15:15:03.0031 0116 TosIde - ok
      15:15:03.0062 0116 [ 321761D0D12EE5285CE79AC175CBA672 ] TrkWks C:\WINDOWS\system32\trkwks.dll
      15:15:03.0125 0116 TrkWks - ok
      15:15:03.0140 0116 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
      15:15:03.0218 0116 Udfs - ok
      15:15:03.0218 0116 ultra - ok
      15:15:03.0250 0116 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
      15:15:03.0328 0116 Update - ok
      15:15:03.0343 0116 [ 7594203F459ABDB5FE53C08D6B1BD53B ] upnphost C:\WINDOWS\System32\upnphost.dll
      15:15:03.0421 0116 upnphost - ok
      15:15:03.0453 0116 [ 575BAFEB33AF057B13A10579D0DC884A ] UPS C:\WINDOWS\System32\ups.exe
      15:15:03.0515 0116 UPS - ok
      15:15:03.0546 0116 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
      15:15:03.0609 0116 usbccgp - ok
      15:15:03.0625 0116 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
      15:15:03.0703 0116 usbehci - ok
      15:15:03.0718 0116 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
      15:15:03.0796 0116 usbhub - ok
      15:15:03.0828 0116 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
      15:15:03.0906 0116 usbscan - ok
      15:15:03.0937 0116 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      15:15:04.0000 0116 usbstor - ok
      15:15:04.0015 0116 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      15:15:04.0093 0116 usbuhci - ok
      15:15:04.0093 0116 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
      15:15:04.0171 0116 VgaSave - ok
      15:15:04.0171 0116 ViaIde - ok
      15:15:04.0203 0116 [ C41FFDC191E6C832E2E53C967EAE0A16 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
      15:15:04.0281 0116 VolSnap - ok
      15:15:04.0328 0116 [ 60F28DE3FAE525D026E4D66405B80DB8 ] VSS C:\WINDOWS\System32\vssvc.exe
      15:15:04.0406 0116 VSS - ok
      15:15:04.0437 0116 [ C71CFACDBFADD819736F61F5738BDDC1 ] W32Time C:\WINDOWS\system32\w32time.dll
      15:15:04.0515 0116 W32Time - ok
      15:15:04.0515 0116 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
      15:15:04.0593 0116 Wanarp - ok
      15:15:04.0625 0116 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
      15:15:04.0640 0116 Wdf01000 - ok
      15:15:04.0640 0116 WDICA - ok
      15:15:04.0671 0116 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
      15:15:04.0734 0116 wdmaud - ok
      15:15:04.0765 0116 [ 340A4FD9017D1EBD1F6DC435282A39DC ] WebClient C:\WINDOWS\System32\webclnt.dll
      15:15:04.0843 0116 WebClient - ok
      15:15:04.0906 0116 [ A5FC75CAB140CF6A78E16C3681001872 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
      15:15:04.0984 0116 winmgmt - ok
      15:15:05.0015 0116 [ 24596C3FA207F3E6693D54EEE6F2FBC1 ] WinVNC4 C:\Archivos de programa\RealVNC\VNC4\WinVNC4.exe
      15:15:05.0046 0116 WinVNC4 ( UnsignedFile.Multi.Generic ) - warning
      15:15:05.0046 0116 WinVNC4 - detected UnsignedFile.Multi.Generic (1)
      15:15:05.0109 0116 [ 57CF215B0250DE0C4AE36ABC8AE31BE4 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
      15:15:05.0250 0116 WmdmPmSN - ok
      15:15:05.0265 0116 [ C40A0AF014D54DA0E729066845A2A6DC ] Wmi C:\WINDOWS\System32\advapi32.dll
      15:15:05.0296 0116 Wmi - ok
      15:15:05.0312 0116 [ CA1A5270ACC0062B13F62CA5A0CD8DA8 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
      15:15:05.0390 0116 WmiApSrv - ok
      15:15:05.0421 0116 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
      15:15:05.0500 0116 WS2IFSL - ok
      15:15:05.0546 0116 [ 8CD684FD248DFE208C2F8F5052838A81 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
      15:15:05.0609 0116 wscsvc - ok
      15:15:05.0640 0116 [ 0B8FC4D0F9D6964713E81AD558B50A71 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
      15:15:05.0718 0116 wuauserv - ok
      15:15:05.0750 0116 [ D2CAF9FF9DA12F0CC6398C6E331015E4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
      15:15:05.0843 0116 WZCSVC - ok
      15:15:05.0859 0116 [ 14FDADCF05A37582399DAF1DA1DE1C7B ] xmlprov C:\WINDOWS\System32\xmlprov.dll
      15:15:05.0937 0116 xmlprov - ok
      15:15:05.0937 0116 ================ Scan global ===============================
      15:15:05.0984 0116 [ 5E83265291342AE4B13481CA25B115A0 ] C:\WINDOWS\system32\basesrv.dll
      15:15:06.0015 0116 [ DCA20D06B0F7243F31275EC160E720A6 ] C:\WINDOWS\system32\winsrv.dll
      15:15:06.0031 0116 [ DCA20D06B0F7243F31275EC160E720A6 ] C:\WINDOWS\system32\winsrv.dll
      15:15:06.0078 0116 [ 953DF7327510DF0DE048B8E80E504EF9 ] C:\WINDOWS\system32\services.exe
      15:15:06.0078 0116 [Global] - ok
      15:15:06.0078 0116 ================ Scan MBR ==================================
      15:15:06.0093 0116 [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk0\DR0
      15:15:06.0343 0116 \Device\Harddisk0\DR0 - ok
      15:15:06.0343 0116 ================ Scan VBR ==================================
      15:15:06.0359 0116 [ E4208ABCDE7C4481DBFEDC8823F4C271 ] \Device\Harddisk0\DR0\Partition1
      15:15:06.0359 0116 \Device\Harddisk0\DR0\Partition1 - ok
      15:15:06.0359 0116 [ 288AC5B2585DBCFCB1BF426489648A9A ] \Device\Harddisk0\DR0\Partition2
      15:15:06.0359 0116 \Device\Harddisk0\DR0\Partition2 - ok
      15:15:06.0359 0116 ============================================================
      15:15:06.0359 0116 Scan finished
      15:15:06.0359 0116 ============================================================
      15:15:06.0468 2040 Detected object count: 11
      15:15:06.0468 2040 Actual detected object count: 11
      15:15:19.0078 2040 LMIGuardianSvc ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0078 2040 LMIGuardianSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0078 2040 LMIMaint ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0078 2040 LMIMaint ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0078 2040 LogMeIn ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0078 2040 LogMeIn ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0078 2040 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0078 2040 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0078 2040 npkcrypt ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0078 2040 npkcrypt ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0078 2040 OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0078 2040 OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0093 2040 ose ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0093 2040 ose ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0093 2040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0093 2040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0093 2040 tap0801 ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0093 2040 tap0801 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0093 2040 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0093 2040 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:19.0093 2040 WinVNC4 ( UnsignedFile.Multi.Generic ) - skipped by user
      15:15:19.0093 2040 WinVNC4 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:15:22.0968 1772 Deinitialize success

    2. #22
      Usuario Avatar de marciano
      Registrado
      nov 2012
      Ubicación
      chile
      Mensajes
      13

      Re: Problema con virus

      Amigos del foro el compu sigue igual para su informacion no hay ningun cambio.

    3. #23
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: Problema con virus

      Hola.


      Ejecuta nuevamente ComboFix.exe como te indique, hazlo en Modo seguro con funciones de Red. Ya me cuentas.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #24
      Usuario Avatar de marciano
      Registrado
      nov 2012
      Ubicación
      chile
      Mensajes
      13

      Re: Problema con virus

      Estimado. Te comento que no puedo realizar lo que me indicas ya que no puedo ingresar en modo seguro de red, sistema y modo seguro ya que me reinicia la pc al momento de ingresar de esta forma.

      Saludos.

    5. #25
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: Problema con virus

      Buenas.



      Realiza lo siguiente:


      • Descarga la herramienta OTL by OldTimer en tu escritorio.
      • Cierre todas las ventanas y programas abiertos. Haga doble clic sobre OTL.exe para ejecutarlo.
      • En Tipo de Análisis marque la casilla "Resultado Mínimo". Por ultimo seleccione las opciones:
        • Usar listado de Compañías Reconocidas
        • Omitir Archivos de Microsoft
        • Buscar Lop
      • Copie el siguiente código: (No copiar la palabra "Código:")
      Código:
      drives
      netsvcs
      msconfig
      drivers32
      %systemdrive%\*.*
      CREATERESTOREPOINT
      • Pegue el código sobre el área Análisis Personalizados/Código de Reparación.



      • Haga clic en el botón Analizar y espere paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos, OTL.txt y Extras.txt, estos estarán en donde OTL fue ejecutado.



      Para terminar, solo abra el archivo OTL.txt, copie y pegue todo su contenido en la siguiente respuesta.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #26
      Usuario Avatar de marciano
      Registrado
      nov 2012
      Ubicación
      chile
      Mensajes
      13

      Re: Problema con virus

      Amigos del foro adjunto reporte.




      OTL logfile created on: 20-11-2012 15:30:18 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\usuario2\Escritorio
      Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 0000340A | Country: Chile | Language: ESL | Date Format: dd-MM-yyyy

      1014,23 Mb Total Physical Memory | 698,21 Mb Available Physical Memory | 68,84% Memory free
      2,39 Gb Paging File | 2,05 Gb Available in Paging File | 85,92% Paging File free
      Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 48,83 Gb Total Space | 13,75 Gb Free Space | 28,15% Space Free | Partition Type: NTFS
      Drive D: | 100,22 Gb Total Space | 97,99 Gb Free Space | 97,78% Space Free | Partition Type: NTFS

      Computer Name: COMPLEME-FF52DF | User Name: usuario2 | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Documents and Settings\usuario2\Escritorio\OTL.exe (OldTimer Tools)
      PRC - C:\WINDOWS\temp\absq.exe ()
      PRC - C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe ()
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
      PRC - C:\Archivos de programa\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.)
      PRC - C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\WINDOWS\temp\absq.exe ()
      MOD - C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe ()
      MOD - C:\Archivos de programa\WinRAR\RarExt.dll ()
      MOD - C:\WINDOWS\system32\tsd32.dll ()


      ========== Services (SafeList) ==========

      SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
      SRV - (Browser Manager) -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe ()
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (TeamViewer7) -- C:\Archivos de programa\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
      SRV - (LMIMaint) -- C:\Archivos de programa\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
      SRV - (LMIGuardianSvc) -- C:\Archivos de programa\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
      SRV - (LogMeIn) -- C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
      SRV - (avast! Web Scanner) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      SRV - (avast! Mail Scanner) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      SRV - (OpenVPNService) -- C:\Archivos de programa\OpenVPN\bin\openvpnserv.exe ()
      SRV - (WinVNC4) -- C:\Archivos de programa\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.)
      SRV - (ose) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (MDM) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (WDICA) -- File not found
      DRV - (PDRFRAME) -- File not found
      DRV - (PDRELI) -- File not found
      DRV - (PDFRAME) -- File not found
      DRV - (PDCOMP) -- File not found
      DRV - (PCIDump) -- File not found
      DRV - (lbrtfdc) -- File not found
      DRV - (i2omgmt) -- File not found
      DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
      DRV - (huawei_enumerator) -- system32\DRIVERS\ew_jubusenum.sys File not found
      DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
      DRV - (ew_hwusbdev) -- system32\DRIVERS\ew_hwusbdev.sys File not found
      DRV - (dac970nt) -- C:\WINDOWS\system32\drivers\pjrknj.sys File not found
      DRV - (Changer) -- File not found
      DRV - (catchme) -- C:\DOCUME~1\usuario2\CONFIG~1\Temp\catchme.sys File not found
      DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
      DRV - (npkcrypt) -- C:\WINDOWS\system32\spool\XPSEP\i386\i386\NCsoft\Lineage II\System\npkcrypt.sys (INCA Internet Co., Ltd.)
      DRV - (ANDModem) -- C:\WINDOWS\system32\drivers\lgandmodem.sys (LG Electronics Inc.)
      DRV - (AndDiag) -- C:\WINDOWS\system32\drivers\lganddiag.sys (LG Electronics Inc.)
      DRV - (AndGps) -- C:\WINDOWS\system32\drivers\lgandgps.sys (LG Electronics Inc.)
      DRV - (Andbus) -- C:\WINDOWS\system32\drivers\lgandbus.sys (LG Electronics Inc.)
      DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
      DRV - (LMIInfo) -- C:\Archivos de programa\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
      DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
      DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
      DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
      DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
      DRV - (tap0801) -- C:\WINDOWS\system32\drivers\tap0801.sys (The OpenVPN Project)
      DRV - (RT61) -- C:\WINDOWS\system32\drivers\rt61.sys (Ralink Technology Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Claro Search
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Messenger y más en MSN Chile, noticias, deportes, entretención y videos.
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-cl
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A6 7B 80 1F 25 C7 CD 01 [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, =
      IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4512_3&babsrc=SP_clro&mntrId=9843523600000000000000259c7d5dbf
      IE - HKCU\..\SearchScopes\{A0B1E4AB-28F8-4872-AF8B-D10379DA5582}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
      IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220247
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Archivos de programa\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\usuario2\Configuración local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\usuario2\Configuración local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Archivos de programa\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Archivos de programa\Mozilla Thunderbird\components [2012-08-20 11:22:10 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Archivos de programa\Mozilla Thunderbird\plugins
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension [2012-11-08 13:30:15 | 000,000,000 | ---D | M]

      [2012-08-20 13:44:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\usuario2\Datos de programa\Mozilla\Extensions
      [2012-01-02 19:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\usuario2\Datos de programa\Mozilla\Firefox\extensions
      [2012-01-02 19:07:00 | 000,000,000 | ---D | M] (uTorrentBar_ES Community Toolbar) -- C:\Documents and Settings\usuario2\Datos de programa\Mozilla\Firefox\extensions\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}
      [2012-11-08 13:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions

      ========== Chrome ==========

      CHR - homepage: Search
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Search
      CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\usuario2\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\usuario2\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\usuario2\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\pdf.dll
      CHR - plugin: Application Manager (Enabled) = C:\Documents and Settings\usuario2\Configuraci\u00F3n local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npdrmv2.dll
      CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Archivos de programa\Windows Media Player\npdsplay.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npwmsdrm.dll
      CHR - plugin: Pando Web Plugin (Enabled) = C:\Archivos de programa\Pando Networks\Media Booster\npPandoWebPlugin.dll
      CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\usuario2\Configuraci\u00F3n local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      CHR - Extension: Faceless = C:\Documents and Settings\usuario2\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\dnkeackpfepceelcbglalfkkkdhcaomp\10.13.20.29_0\
      CHR - Extension: Stylish = C:\Documents and Settings\usuario2\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
      CHR - Extension: Settings Protector = C:\Documents and Settings\usuario2\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

      O1 HOSTS File: ([2012-11-12 11:42:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O16 - DPF: {26ACAE6F-BC95-44B4-9150-61E4D20D5C2E} http://www.onlinemania.org/snes/donk...oadgame_et.cab (Activex Control)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.28.4.129 200.28.4.130
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B21D9460-2274-4F5E-94C8-68D034B204CB}: DhcpNameServer = 200.28.4.129 200.28.4.130
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF79227F-6030-4E8B-ABB5-B2F334260420}: NameServer = 200.28.4.129 200.28.4.130
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
      O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
      O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Felicidad.bmp
      O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Felicidad.bmp
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2010-03-29 18:39:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

      NetSvcs: 6to4 - File not found
      NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
      NetSvcs: Ias - File not found
      NetSvcs: Iprip - File not found
      NetSvcs: Irmon - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: WmdmPmSp - File not found

      MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Adobe Reader Speed Launch.lnk - C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
      MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^WinZip Quick Pick.lnk - C:\Archivos de programa\WinZip\WZQKPICK.EXE - (WinZip Computing, Inc.)
      MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found
      MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Documents and Settings\usuario2\Configuración local\Datos de programa\Google\Update\GoogleUpdate.exe (Google Inc.)
      MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
      MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
      MsConfig - StartUpReg: LogMeIn GUI - hkey= - key= - C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
      MsConfig - StartUpReg: openvpn-gui - hkey= - key= - C:\Archivos de programa\OpenVPN\bin\openvpn-gui.exe ()
      MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
      MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
      MsConfig - State: "system.ini" - 0
      MsConfig - State: "win.ini" - 0
      MsConfig - State: "bootini" - 0
      MsConfig - State: "services" - 0
      MsConfig - State: "startup" - 1

      Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
      Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
      Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
      Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (www)
      Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
      Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
      Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
      Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
      Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
      Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
      Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
      Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
      Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
      Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
      Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012-11-20 15:28:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\usuario2\Escritorio\OTL.exe
      [2012-11-19 16:55:22 | 000,000,000 | -HSD | C] -- C:\RECYCLER
      [2012-11-19 15:40:00 | 000,000,000 | --SD | C] -- C:\ComboFix
      [2012-11-19 14:28:11 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\usuario2\Escritorio\TDSSKiller.exe
      [2012-11-19 14:15:57 | 005,084,814 | R--- | C] (Swearware) -- C:\Documents and Settings\usuario2\Escritorio\ComboFix.exe
      [2012-11-12 11:41:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
      [2012-11-12 11:37:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
      [2012-11-12 11:37:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
      [2012-11-12 11:37:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
      [2012-11-12 11:37:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
      [2012-11-12 11:37:31 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012-11-09 1533 | 000,000,000 | ---D | C] -- C:\_PoliFix
      [2012-11-09 14:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario2\Configuración local\Datos de programa\Faceless
      [2012-11-09 14:44:52 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Faceless
      [2012-11-09 14:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario2\Configuración local\Datos de programa\CRE
      [2012-11-09 14:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
      [2012-11-09 14:08:36 | 000,000,000 | ---D | C] -- C:\RegUnlocker Backups
      [2012-11-09 13:29:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Panda Security
      [2012-11-09 13:29:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Panda Security
      [2012-11-08 19:03:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
      [2012-11-08 19:02:08 | 000,000,000 | R--D | C] -- D:\Mis documentos\Mis vídeos
      [2012-11-08 19:02:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\usuario2\Menú Inicio\Programas\Herramientas administrativas
      [2012-11-08 19:02:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
      [2012-11-08 16:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario2\Datos de programa\Safer Networking
      [2012-11-08 16:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Safer Networking
      [2012-11-08 16:53:51 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Safer Networking
      [2012-11-08 16:39:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
      [2012-11-08 13:31:42 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Mozilla Firefox
      [2012-11-08 13:28:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
      [2012-11-08 13:28:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
      [2012-11-08 13:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager
      [2012-11-08 13:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario2\Datos de programa\Malwarebytes
      [2012-11-08 13:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware
      [2012-11-08 13:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
      [2012-11-08 13:27:16 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
      [2012-11-08 13:27:16 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
      [2012-11-08 1340 | 003,505,536 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\usuario2\Escritorio\ccsetup235.exe
      [2012-11-06 15:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\usuario2\Datos de programa\InstallShield
      [2012-10-31 11:36:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\usuario2\Recent
      [2012-08-17 18:35:34 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\usuario2\Datos de programa\pcouffin.sys
      [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
      [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012-11-20 15:34:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\Browser Manager.job
      [2012-11-20 15:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\usuario2\Escritorio\OTL.exe
      [2012-11-20 12:33:22 | 000,000,494 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D40624FA-110A-48A7-A681-64229B9A64E8}.job
      [2012-11-20 10:13:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2012-11-20 10:13:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2012-11-19 15:47:20 | 001,097,886 | ---- | M] () -- C:\Documents and Settings\usuario2\Escritorio\panta.bmp
      [2012-11-19 15:41:54 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\usuario2\Escritorio\Dibujo.bmp
      [2012-11-19 15:08:12 | 005,084,814 | R--- | M] (Swearware) -- C:\Documents and Settings\usuario2\Escritorio\ComboFix.exe
      [2012-11-19 14:26:27 | 002,195,061 | ---- | M] () -- C:\Documents and Settings\usuario2\Escritorio\tdsskiller.zip
      [2012-11-16 12:15:24 | 000,137,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
      [2012-11-16 12:11:03 | 000,002,686 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
      [2012-11-16 12:04:46 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
      [2012-11-16 12:03:03 | 000,499,322 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
      [2012-11-16 12:03:03 | 000,435,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
      [2012-11-16 12:03:03 | 000,087,214 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
      [2012-11-16 12:03:03 | 000,068,728 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
      [2012-11-16 09:05:20 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\usuario2\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012-11-12 11:42:29 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
      [2012-11-09 15:48:24 | 000,000,327 | RHS- | M] () -- C:\boot.ini
      [2012-11-09 14:45:11 | 000,000,009 | ---- | M] () -- C:\END
      [2012-11-09 14:08:51 | 000,000,021 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
      [2012-11-08 18:25:13 | 000,000,211 | ---- | M] () -- C:\Boot.bak
      [2012-11-08 18:03:41 | 001,388,544 | ---- | M] () -- C:\Documents and Settings\usuario2\Escritorio\HiJackThis.msi
      [2012-11-08 13:27:18 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
      [2012-11-08 12:52:16 | 000,000,008 | RHS- | M] () -- C:\Documents and Settings\usuario2\ntuser.pol
      [2012-11-07 08:43:10 | 000,002,363 | ---- | M] () -- C:\Documents and Settings\usuario2\Escritorio\Google Chrome.lnk
      [2012-11-06 15:42:31 | 000,000,031 | ---- | M] () -- C:\WINDOWS\GunzLauncher.INI
      [2012-11-05 13:09:36 | 002,154,755 | ---- | M] () -- C:\Documents and Settings\usuario2\Escritorio\FOTOS.rar
      [2012-10-31 21:49:22 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\usuario2\Escritorio\TDSSKiller.exe
      [2012-10-25 18:07:08 | 000,000,214 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts(2012-11-08 204102)
      [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
      [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012-11-20 10:13:35 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\Browser Manager.job
      [2012-11-19 15:47:20 | 001,097,886 | ---- | C] () -- C:\Documents and Settings\usuario2\Escritorio\panta.bmp
      [2012-11-19 15:41:54 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\usuario2\Escritorio\Dibujo.bmp
      [2012-11-19 14:25:26 | 002,195,061 | ---- | C] () -- C:\Documents and Settings\usuario2\Escritorio\tdsskiller.zip
      [2012-11-16 12:04:45 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
      [2012-11-12 11:37:37 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
      [2012-11-12 11:37:37 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
      [2012-11-12 11:37:37 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
      [2012-11-12 11:37:37 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
      [2012-11-12 11:37:37 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
      [2012-11-09 14:45:10 | 000,000,009 | ---- | C] () -- C:\END
      [2012-11-08 19:27:24 | 000,002,686 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
      [2012-11-08 19:03:56 | 000,000,211 | ---- | C] () -- C:\Boot.bak
      [2012-11-08 19:03:53 | 000,260,272 | RHS- | C] () -- C:\cmldr
      [2012-11-08 17:53:34 | 001,388,544 | ---- | C] () -- C:\Documents and Settings\usuario2\Escritorio\HiJackThis.msi
      [2012-11-08 13:27:18 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
      [2012-11-08 12:52:09 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\usuario2\ntuser.pol
      [2012-11-06 15:41:58 | 000,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
      [2012-11-05 13:09:36 | 002,154,755 | ---- | C] () -- C:\Documents and Settings\usuario2\Escritorio\FOTOS.rar
      [2012-08-22 14:28:22 | 000,075,776 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
      [2012-08-17 18:35:34 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\usuario2\Datos de programa\pcouffin.cat
      [2012-08-17 18:35:34 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\usuario2\Datos de programa\pcouffin.inf
      [2012-06-08 18:26:13 | 000,368,312 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
      [2012-04-10 09:43:47 | 000,005,044 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
      [2012-04-06 02:19:09 | 000,032,828 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
      [2012-04-05 18:48:44 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
      [2012-02-16 04:17:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
      [2010-12-29 17:34:11 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\usuario2\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

      ========== ZeroAccess Check ==========

      [2012-03-09 13:38:14 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-13 23:18:36 | 001,499,648 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 07:52:53 | 000,473,600 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-13 23:18:46 | 000,273,920 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2010-12-24 11:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Alwil Software
      [2012-05-18 15:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Babylon
      [2012-05-30 14:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Banda Ancha Movil
      [2012-11-08 13:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager
      [2012-08-17 19:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\DatacardService
      [2011-08-22 09:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\LogMeIn
      [2012-03-29 13:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\PMB Files
      [2012-03-06 10:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Axanqye
      [2012-05-18 15:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Babylon
      [2012-03-05 19:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Bei
      [2012-08-16 17:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\BITS
      [2012-08-17 19:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\BSplayer
      [2012-07-19 18:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\BSplayer Pro
      [2012-08-22 14:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\CAD-KAS
      [2011-11-10 16:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Cyfyb
      [2012-08-17 18:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\FILEminimizer
      [2012-08-17 18:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\FlashgetSetup
      [2012-03-15 14:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\PC Speed Maximizer
      [2012-11-08 16:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Safer Networking
      [2011-11-09 17:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Sony Online Entertainment
      [2012-08-20 11:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\TeamViewer
      [2012-08-20 13:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Thunderbird
      [2012-09-22 18:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\TS3Client
      [2011-11-11 08:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Unanir
      [2012-08-03 10:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\uTorrent
      [2012-08-17 18:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Vso
      [2012-05-18 15:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\YourFileDownloader

      ========== Custom Scans ==========

      ========== Drive Information ==========

      Physical Drives
      ---------------

      Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
      Interface type: IDE
      Media Type: Fixed\thard disk media
      Model: WDC WD1600AAJS-00L7A0
      Partitions: 2
      Status: OK
      Status Info: 0

      Partitions
      ---------------

      DeviceID: Disk #0, Partition #0
      PartitionType: Installable File System
      Bootable: True
      BootPartition: True
      PrimaryPartition: True
      Size: 49,00GB
      Starting Offset: 32256
      Hidden sectors: 0


      DeviceID: Disk #0, Partition #1
      PartitionType: Extended w/Extended Int 13
      Bootable: False
      BootPartition: False
      PrimaryPartition: False
      Size: 100,00GB
      Starting Offset: 52428644352
      Hidden sectors: 0


      < %systemdrive%\*.* >
      [2010-12-15 10:54:26 | 000,001,024 | ---- | M] () -- C:\.rnd
      [2010-03-29 18:39:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
      [2012-11-08 18:25:13 | 000,000,211 | ---- | M] () -- C:\Boot.bak
      [2012-11-09 15:48:24 | 000,000,327 | RHS- | M] () -- C:\boot.ini
      [2001-08-24 07:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
      [2004-08-03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
      [2010-03-29 18:39:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
      [2012-11-09 14:45:11 | 000,000,009 | ---- | M] () -- C:\END
      [2010-03-29 18:39:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2010-03-29 18:39:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2004-08-03 17:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
      [2010-12-16 09:29:50 | 000,251,168 | RHS- | M] () -- C:\ntldr
      [2012-11-20 10:13:19 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
      [2012-11-09 1551 | 000,000,484 | ---- | M] () -- C:\PoliFix.txt
      [2012-11-19 14:47:51 | 000,086,602 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_19.11.2012_14.28.15_log.txt
      [2012-11-19 15:15:22 | 000,086,602 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_19.11.2012_15.14.34_log.txt
      [2012-05-18 15:06:42 | 000,001,531 | ---- | M] () -- C:\user.js

      < CREATERESTOREPOIN >
      [2010-03-29 18:37:27 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
      [2010-03-29 18:43:23 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
      [2011-04-28 13:48:56 | 000,000,494 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D40624FA-110A-48A7-A681-64229B9A64E8}.job
      [2012-11-20 10:13:35 | 000,000,294 | ---- | C] () -- C:\WINDOWS\Tasks\Browser Manager.job

      < End of report >

    7. #27
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: Problema con virus

      Hola.


      Disculpas, no me había llegado la notificación. Te pido paciencia mientras analizamos tu reporte de OTL, que como veras es muy extenso y esto lleva su tiempo. Responderé en la mayor brevedad posible.


      IMPORTANTE:

      • NO descargues o instales mas programas mientras terminamos la desinfección.

      • NO ejecutes otras herramientas Antivirus/Antimalwares. Aunque puedes activar nuevamente tu Antivirus.

      • NO ejecutes nuevamente OTL hasta que vuelva con una respuesta.



      Saludos.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #28
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: Problema con virus

      Buenas.


      Disculpa la demora.


      Realiza lo siguiente:


      Paso 1.-

      Inicia en Modo seguro para hacer el siguiente paso:

      • Has doble clic sobre el archivo OTL.exe para ejecutarlo.
        • Copie todo el siguiente código: (No copiar la palabra "Código:")
      Código:
      :OTL
      MOD - C:\WINDOWS\temp\absq.exe ()
      MOD - C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe ()
      SRV - (Browser Manager) -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe ()
      DRV - (dac970nt) -- C:\WINDOWS\system32\drivers\pjrknj.sys File not found
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Claro Search
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4512_3&babsrc=SP_clro&mntrId=9843523600000000000000259c7d5dbf
      IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220247
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension [2012-11-08 13:30:15 | 000,000,000 | ---D | M]
      [2012-01-02 19:07:00 | 000,000,000 | ---D | M] (uTorrentBar_ES Community Toolbar) -- C:\Documents and Settings\usuario2\Datos de programa\Mozilla\Firefox\extensions\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}
      MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found
      MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
      MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
      MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
      [2012-11-09 14:44:52 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Faceless
      [2012-11-08 13:28:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
      [2012-11-08 13:28:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
      [2012-11-08 13:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager
      [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
      [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [2012-11-20 15:34:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\Browser Manager.job
      [2012-08-22 14:28:22 | 000,075,776 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
      [2012-05-18 15:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Babylon
      [2012-05-18 15:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Babylon
      [2011-11-10 16:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\usuario2\Datos de programa\Cyfyb
      :Commands
      [Purity]
      [EmptyTemp]
      [EmptyJava]
      • Pegue el código sobre el área Análisis Personalizados/Código de Reparación.



      • Haga clic en el botón Reparar para comenzar la reparación. Se te solicitara reiniciar el ordenador haga clic en Aceptar.
      • Tras el reinicio se abrirá un reporte con los resultados, ese reporte también quedara guardado en C:\_OTL\MovedFiles\***_***.txt (Donde dice "***_***" es la fecha y hora).



      Paso 2.-

      Reinicia en Modo normal y has el siguiente paso.

      • Descarga Malwarebytes Anti-Rootkits Beta y descomprimes en tu escritorio.
        1. Abre la carpeta Mbar, doble clic a Mbar.exe
        2. Presiona Next , luego Update para permitir actualizar.
        3. Nuevamente Next. Pulsa Scan para comenzar el análisis.
        4. Permite todas las acciones y reiniciar si te lo solicita.



      Para terminar, copia y pega el contenido de ambos reporte comentándonos como marcha todo ahora.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 3 de 3 PrimeroPrimero 123