• Registrarse
  • Iniciar sesión


  • Resultados 1 al 4 de 4

    Problema con infeccion en system

    Hola a todos. Mi problema es el siguiente, hacia un mes mas o menos que no pasaba el anti-virus y hace pocos dias me di cuenta que estaba desactivado, hoy lo actualize y lo pase ...

    1. #1
      Usuario Avatar de Ikuharu
      Registrado
      ene 2013
      Ubicación
      Chile
      Mensajes
      9

      Atención Problema con infeccion en system

      Hola a todos.

      Mi problema es el siguiente, hacia un mes mas o menos que no pasaba el anti-virus y hace pocos dias me di cuenta que estaba desactivado, hoy lo actualize y lo pase y encontro unos archivos infectados como muestra esta imagen.






      Como puedo solucionar este problema?

      Saludos y muchas gracias por su tiempo.

      PD: uso windows XP. Disculpen pero no encontre algo para colocar esas imagenes dentro de un spoiler.

    2. #2
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: Problema con infeccion en system

      Hola!

      Realiza los pasos que te indico a continuación:

      Crear un punto de restauración del sistema.

      Descarga según => Manual de TDSSKiller. el archivo zip del progrma, PERO NO HAGAS NADA TODAVÍA.

      Descarga/Actualiza este programa Malwarebytes Anti-Malware 1.65.1 | InfoSpyware => Manual de Malwarebytes Anti-Malware 2. NO LO EJECUTES AÚN.

      Desconéctate de Internet físicamente/Apaga el router, cuando hayas perdido la conexión descomprime el Archivo zip del TDSSKiller colocándolo en el Escritorio.

      -Presiona Start Scan para proceder a su inicio. Antes de empezar el análisis tienes que tener las casillas de la imagen seleccionadas. IMPORTANTE: si lees bien el Manual, verás que el programa te dará las opciones automáticamente para aplicar en caso de detección de infección o sospecha de ellas, NO LAS CAMBIES: SKIP, QUARENTINE, CURE SI EL EQUIPO ESTÁ INFECTADO. Si te pide reiniciar lo haces.
      Ejecuta el Malwarebytes/Realiza un Análisis completo, seleccionando todo lo que te salga y borrándolo según la imagen que te muestro:



      Reinicia el Equipo te conectas a Internet y me aduntas los resultados del Malwarebytes de la PESTAÑA REGISTROS del Programa y el del TDSSKiller que estará en la raíz del disco duro (Por lo general es el disco C:) como:
      TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.

      Saludos.

    3. #3
      Usuario Avatar de Ikuharu
      Registrado
      ene 2013
      Ubicación
      Chile
      Mensajes
      9

      Re: Problema con infeccion en system

      Reportes del Malwarebytes Anti-Malware 1.70

      Versión de la Base de Datos: v2013.01.02.10

      Windows XP Service Pack 3 x86 NTFS
      Internet Explorer 6.0.2900.5512
      PC08 :: PC33 [administrador]

      23/01/2013 5:21:22
      mbam-log-2013-01-23 (05-21-22).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 248562
      Tiempo transcurrido: 1 hora(s), 9 minuto(s), 17 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 3
      HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Malo: (1) Bueno: (0) -> En cuarentena y reparado con éxito.
      HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Malo: (1) Bueno: (0) -> En cuarentena y reparado con éxito.
      HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Malo: (1) Bueno: (0) -> En cuarentena y reparado con éxito.

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)
      --------------------------------------------------------------------------------------------------------------------
      Reportes del TDSSKiller:

      05:19:31.0765 2600 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      05:19:33.0765 2600 ============================================================
      05:19:33.0765 2600 Current date / time: 2013/01/23 05:19:33.0765
      05:19:33.0765 2600 SystemInfo:
      05:19:33.0765 2600
      05:19:33.0765 2600 OS Version: 5.1.2600 ServicePack: 3.0
      05:19:33.0765 2600 Product type: Workstation
      05:19:33.0765 2600 ComputerName: PC33
      05:19:33.0765 2600 UserName: PC08
      05:19:33.0765 2600 Windows directory: C:\WINDOWS
      05:19:33.0765 2600 System windows directory: C:\WINDOWS
      05:19:33.0765 2600 Processor architecture: Intel x86
      05:19:33.0765 2600 Number of processors: 2
      05:19:33.0765 2600 Page size: 0x1000
      05:19:33.0765 2600 Boot type: Normal boot
      05:19:33.0765 2600 ============================================================
      05:19:35.0546 2600 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
      05:19:35.0578 2600 ============================================================
      05:19:35.0578 2600 \Device\Harddisk0\DR0:
      05:19:35.0609 2600 MBR partitions:
      05:19:35.0609 2600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
      05:19:35.0609 2600 ============================================================
      05:19:35.0656 2600 C: <-> \Device\Harddisk0\DR0\Partition1
      05:19:35.0656 2600 ============================================================
      05:19:35.0656 2600 Initialize success
      05:19:35.0656 2600 ============================================================
      05:19:51.0750 3584 ============================================================
      05:19:51.0750 3584 Scan started
      05:19:51.0750 3584 Mode: Manual; SigCheck; TDLFS;
      05:19:51.0750 3584 ============================================================
      05:19:52.0203 3584 ================ Scan system memory ========================
      05:19:52.0203 3584 System memory - ok
      05:19:52.0203 3584 ================ Scan services =============================
      05:19:52.0328 3584 Abiosdsk - ok
      05:19:52.0328 3584 abp480n5 - ok
      05:19:52.0375 3584 [ CF2A07E1751A2D612D7E13AA431AB057 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
      05:19:53.0093 3584 ACPI - ok
      05:19:53.0109 3584 [ 1C905333C0B9F3D7C68DDF25E54B00F9 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
      05:19:53.0265 3584 ACPIEC - ok
      05:19:53.0359 3584 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      05:19:53.0375 3584 AdobeFlashPlayerUpdateSvc - ok
      05:19:53.0390 3584 adpu160m - ok
      05:19:53.0437 3584 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
      05:19:53.0546 3584 aec - ok
      05:19:53.0593 3584 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
      05:19:53.0750 3584 AFD - ok
      05:19:53.0750 3584 Aha154x - ok
      05:19:53.0750 3584 aic78u2 - ok
      05:19:53.0765 3584 aic78xx - ok
      05:19:53.0796 3584 [ FEDCA791A089D4E15084DA10F38BCE45 ] Alerter C:\WINDOWS\system32\alrsvc.dll
      05:19:53.0953 3584 Alerter - ok
      05:19:53.0968 3584 [ 764B7A1E6AE2D70416A7932F3B97AC99 ] ALG C:\WINDOWS\System32\alg.exe
      05:19:54.0046 3584 ALG - ok
      05:19:54.0046 3584 AliIde - ok
      05:19:54.0046 3584 amsint - ok
      05:19:54.0062 3584 [ 30CD42BFCDAFEFE8567B9E527DD3AE08 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
      05:19:54.0156 3584 AppMgmt - ok
      05:19:54.0171 3584 asc - ok
      05:19:54.0171 3584 asc3350p - ok
      05:19:54.0171 3584 asc3550 - ok
      05:19:54.0296 3584 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
      05:19:54.0375 3584 aspnet_state - ok
      05:19:54.0406 3584 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      05:19:54.0546 3584 AsyncMac - ok
      05:19:54.0578 3584 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
      05:19:54.0703 3584 atapi - ok
      05:19:54.0703 3584 Atdisk - ok
      05:19:54.0734 3584 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      05:19:54.0859 3584 Atmarpc - ok
      05:19:54.0906 3584 [ A37F6480B06C37DB69BBFF045CF9F55B ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
      05:19:55.0015 3584 AudioSrv - ok
      05:19:55.0046 3584 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
      05:19:55.0171 3584 audstub - ok
      05:19:56.0156 3584 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Archivos de programa\AVG\AVG2013\avgidsagent.exe
      05:19:57.0218 3584 AVGIDSAgent - ok
      05:19:57.0265 3584 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
      05:19:57.0296 3584 AVGIDSDriver - ok
      05:19:57.0343 3584 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
      05:19:57.0359 3584 AVGIDSHX - ok
      05:19:57.0375 3584 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
      05:19:57.0390 3584 AVGIDSShim - ok
      05:19:57.0453 3584 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
      05:19:57.0468 3584 Avgldx86 - ok
      05:19:57.0515 3584 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
      05:19:57.0531 3584 Avglogx - ok
      05:19:57.0562 3584 [ 6C7C00B8DD22B4343B47FED148387057 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
      05:19:57.0578 3584 Avgmfx86 - ok
      05:19:57.0593 3584 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
      05:19:57.0609 3584 Avgrkx86 - ok
      05:19:57.0671 3584 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Archivos de programa\AVG\AVG2013\avgwdsvc.exe
      05:19:57.0687 3584 avgwd - ok
      05:19:57.0734 3584 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
      05:19:57.0875 3584 Beep - ok
      05:19:57.0984 3584 [ 8EE9639C01B92490E09638CAA1B16C3C ] BITS C:\WINDOWS\system32\qmgr.dll
      05:19:58.0125 3584 BITS - ok
      05:19:58.0156 3584 [ E28818BD591F8AF8FBE9897472B9665E ] Browser C:\WINDOWS\System32\browser.dll
      05:19:58.0281 3584 Browser - ok
      05:19:58.0312 3584 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
      05:19:58.0468 3584 cbidf2k - ok
      05:19:58.0468 3584 cd20xrnt - ok
      05:19:58.0515 3584 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
      05:19:58.0656 3584 Cdaudio - ok
      05:19:58.0703 3584 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
      05:19:58.0875 3584 Cdfs - ok
      05:19:58.0906 3584 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
      05:19:59.0078 3584 Cdrom - ok
      05:19:59.0078 3584 Changer - ok
      05:19:59.0109 3584 [ B0E3FEC4EE7B935A7387FD6EF31EA780 ] CiSvc C:\WINDOWS\system32\cisvc.exe
      05:19:59.0234 3584 CiSvc - ok
      05:19:59.0250 3584 [ 0C3BF68AB94CEFD64B333B326F84510E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
      05:19:59.0406 3584 ClipSrv - ok
      05:19:59.0484 3584 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      05:19:59.0546 3584 clr_optimization_v2.0.50727_32 - ok
      05:19:59.0593 3584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      05:19:59.0703 3584 clr_optimization_v4.0.30319_32 - ok
      05:19:59.0703 3584 CmdIde - ok
      05:19:59.0703 3584 COMSysApp - ok
      05:19:59.0718 3584 Cpqarray - ok
      05:19:59.0750 3584 [ E423C9C1946C656E0E4840210A0A8681 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
      05:19:59.0875 3584 CryptSvc - ok
      05:19:59.0875 3584 dac2w2k - ok
      05:19:59.0890 3584 dac960nt - ok
      05:19:59.0968 3584 [ 53D02EFFA72CA5C57687BEE20610ABA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
      05:20:00.0140 3584 DcomLaunch - ok
      05:20:00.0171 3584 [ 723D57CD0F2962AE4F10277D6580CF07 ] DepFrzHi C:\WINDOWS\system32\drivers\DepFrzHi.sys
      05:20:00.0187 3584 DepFrzHi ( UnsignedFile.Multi.Generic ) - warning
      05:20:00.0187 3584 DepFrzHi - detected UnsignedFile.Multi.Generic (1)
      05:20:00.0187 3584 [ 4EB1E722BA61BA464C630A163CBEC141 ] DepFrzLo C:\WINDOWS\system32\drivers\DepFrzLo.sys
      05:20:00.0203 3584 DepFrzLo ( UnsignedFile.Multi.Generic ) - warning
      05:20:00.0203 3584 DepFrzLo - detected UnsignedFile.Multi.Generic (1)
      05:20:00.0250 3584 [ 9A023679726373EFEAB732D88085DBB5 ] DFServEx C:\Archivos de programa\HyperTechnologies\Deep Freeze\DfServEx.exe
      05:20:00.0296 3584 DFServEx ( UnsignedFile.Multi.Generic ) - warning
      05:20:00.0296 3584 DFServEx - detected UnsignedFile.Multi.Generic (1)
      05:20:00.0343 3584 [ 2DDFB3A5679FA02366686ECB1AF622F0 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
      05:20:00.0468 3584 Dhcp - ok
      05:20:00.0500 3584 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
      05:20:00.0609 3584 Disk - ok
      05:20:00.0625 3584 dmadmin - ok
      05:20:00.0671 3584 [ C252A99C0A78B39FAA2E2D1D048B1050 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
      05:20:00.0875 3584 dmboot - ok
      05:20:00.0906 3584 [ 33B4D4039CD2CB25351A7BF13B2988D9 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
      05:20:01.0062 3584 dmio - ok
      05:20:01.0078 3584 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
      05:20:01.0203 3584 dmload - ok
      05:20:01.0234 3584 [ 40D0520DDAA9312C5DDDD8C7C99D8325 ] dmserver C:\WINDOWS\System32\dmserver.dll
      05:20:01.0343 3584 dmserver - ok
      05:20:01.0390 3584 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
      05:20:01.0500 3584 DMusic - ok
      05:20:01.0546 3584 [ E903D6C886CA0C86164BF778589F7C6E ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
      05:20:01.0656 3584 Dnscache - ok
      05:20:01.0687 3584 [ 412134C50E2063D882EF1634676E2B25 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
      05:20:01.0828 3584 Dot3svc - ok
      05:20:01.0828 3584 dpti2o - ok
      05:20:01.0859 3584 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
      05:20:01.0984 3584 drmkaud - ok
      05:20:01.0984 3584 EagleNT - ok
      05:20:01.0984 3584 EagleXNt - ok
      05:20:02.0015 3584 [ FC3FE3654588E597FFF395C305062C46 ] EapHost C:\WINDOWS\System32\eapsvc.dll
      05:20:02.0156 3584 EapHost - ok
      05:20:02.0156 3584 [ D96623DD7CE1EA9E4DE7285D740E14F6 ] ERSvc C:\WINDOWS\System32\ersvc.dll
      05:20:02.0281 3584 ERSvc - ok
      05:20:02.0328 3584 [ B3D8BCC68C5764F29FE70F493E6D18A6 ] escSrv C:\WINDOWS\system32\escsrv.exe
      05:20:02.0343 3584 escSrv ( UnsignedFile.Multi.Generic ) - warning
      05:20:02.0343 3584 escSrv - detected UnsignedFile.Multi.Generic (1)
      05:20:02.0375 3584 [ D658A8C2FC7B2AD53D1259741A09EE04 ] Eventlog C:\WINDOWS\system32\services.exe
      05:20:02.0500 3584 Eventlog - ok
      05:20:02.0531 3584 [ 76ABF3BB5A6D684641EC92B28240811D ] EventSystem C:\WINDOWS\system32\es.dll
      05:20:02.0671 3584 EventSystem - ok
      05:20:02.0718 3584 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
      05:20:02.0843 3584 Fastfat - ok
      05:20:02.0890 3584 [ CA70EDBF32032EA53F114CB930741CB5 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
      05:20:03.0015 3584 FastUserSwitchingCompatibility - ok
      05:20:03.0062 3584 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
      05:20:03.0171 3584 Fdc - ok
      05:20:03.0203 3584 [ E5E61F2C07344E91DBFB7EAFDE549AB4 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
      05:20:03.0328 3584 Fips - ok
      05:20:03.0359 3584 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
      05:20:03.0500 3584 Flpydisk - ok
      05:20:03.0531 3584 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
      05:20:03.0656 3584 FltMgr - ok
      05:20:03.0656 3584 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
      05:20:03.0781 3584 Fs_Rec - ok
      05:20:03.0796 3584 [ CC5F3AF5711A1C7C8FA1D43BB16B401A ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      05:20:03.0921 3584 Ftdisk - ok
      05:20:03.0968 3584 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
      05:20:04.0078 3584 Gpc - ok
      05:20:04.0109 3584 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
      05:20:04.0156 3584 hamachi - ok
      05:20:04.0203 3584 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
      05:20:04.0312 3584 HDAudBus - ok
      05:20:04.0406 3584 [ 6B5E1788ABF15177A20C6C76C11382BB ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
      05:20:04.0531 3584 helpsvc - ok
      05:20:04.0531 3584 HidServ - ok
      05:20:04.0562 3584 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
      05:20:04.0734 3584 HidUsb - ok
      05:20:04.0750 3584 [ 8F80B5FB68E1E767D872CB9A8CAD5B5D ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
      05:20:04.0906 3584 hkmsvc - ok
      05:20:04.0906 3584 hpn - ok
      05:20:04.0968 3584 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
      05:20:05.0109 3584 HTTP - ok
      05:20:05.0171 3584 [ 0406B351908A8C143B6B6BB8834D4920 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
      05:20:05.0281 3584 HTTPFilter - ok
      05:20:05.0296 3584 i2omgmt - ok
      05:20:05.0296 3584 i2omp - ok
      05:20:05.0312 3584 [ 4A2490A66E8271901E89DD5FB79748AE ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      05:20:05.0453 3584 i8042prt - ok
      05:20:05.0671 3584 [ 2AAE7BE67911F4AEC9AD28E9CFB9096F ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
      05:20:06.0156 3584 ialm - ok
      05:20:06.0203 3584 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
      05:20:06.0312 3584 Imapi - ok
      05:20:06.0343 3584 [ E50ABD04CA0C015017722014D1D9251E ] ImapiService C:\WINDOWS\system32\imapi.exe
      05:20:06.0500 3584 ImapiService - ok
      05:20:06.0515 3584 ini910u - ok
      05:20:06.0687 3584 [ A5D5B8C427F4B67580FB2B511291A89D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
      05:20:07.0046 3584 IntcAzAudAddService - ok
      05:20:07.0062 3584 IntelIde - ok
      05:20:07.0125 3584 [ 49A060498C09DB18C3EA9939789005AB ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
      05:20:07.0250 3584 intelppm - ok
      05:20:07.0265 3584 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
      05:20:07.0421 3584 Ip6Fw - ok
      05:20:07.0437 3584 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      05:20:07.0578 3584 IpFilterDriver - ok
      05:20:07.0593 3584 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
      05:20:07.0718 3584 IpInIp - ok
      05:20:07.0765 3584 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
      05:20:07.0890 3584 IpNat - ok
      05:20:07.0953 3584 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
      05:20:08.0125 3584 IPSec - ok
      05:20:08.0156 3584 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
      05:20:08.0234 3584 IRENUM - ok
      05:20:08.0250 3584 [ 0F3D281B0410FE5D482AADA37D20524B ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
      05:20:08.0375 3584 isapnp - ok
      05:20:08.0468 3584 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Archivos de programa\Java\jre7\bin\jqs.exe
      05:20:08.0468 3584 JavaQuickStarterService - ok
      05:20:08.0515 3584 [ 188DDD286BC0DAEA6984858C6A4D7BBF ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      05:20:08.0671 3584 Kbdclass - ok
      05:20:08.0703 3584 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
      05:20:08.0828 3584 kmixer - ok
      05:20:08.0843 3584 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
      05:20:08.0968 3584 KSecDD - ok
      05:20:09.0000 3584 [ 1814A50472885DB3036CD2097F2BB77C ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
      05:20:09.0125 3584 LanmanServer - ok
      05:20:09.0171 3584 [ 26A6587E6EACD49A77A4AE11AA490493 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
      05:20:09.0296 3584 lanmanworkstation - ok
      05:20:09.0296 3584 lbrtfdc - ok
      05:20:09.0328 3584 [ 01AF2112FF79AA613B6621A75C4E9277 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
      05:20:09.0437 3584 LmHosts - ok
      05:20:09.0453 3584 [ 047E70B04B288439245DDC8DD1A31982 ] Messenger C:\WINDOWS\System32\msgsvc.dll
      05:20:09.0609 3584 Messenger - ok
      05:20:09.0640 3584 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
      05:20:09.0765 3584 mnmdd - ok
      05:20:09.0812 3584 [ 85ADA209695A677C9D60962CDE10696B ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
      05:20:09.0937 3584 mnmsrvc - ok
      05:20:09.0968 3584 [ 9024556E739B8469D2B8F5F0E4C9BC9F ] Modem C:\WINDOWS\system32\drivers\Modem.sys
      05:20:10.0109 3584 Modem - ok
      05:20:10.0156 3584 [ 6FD36B4994A2363659A65C9F970CFDB7 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
      05:20:10.0296 3584 Mouclass - ok
      05:20:10.0343 3584 [ 8EE532E516B2D23D686CFC1CC0A15C25 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
      05:20:10.0437 3584 mouhid - ok
      05:20:10.0500 3584 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
      05:20:10.0609 3584 MountMgr - ok
      05:20:10.0656 3584 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe
      05:20:10.0671 3584 MozillaMaintenance - ok
      05:20:10.0687 3584 mraid35x - ok
      05:20:10.0718 3584 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      05:20:10.0828 3584 MRxDAV - ok
      05:20:10.0890 3584 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      05:20:11.0015 3584 MRxSmb - ok
      05:20:11.0046 3584 [ 975BD2762BF355A572597CC54D97BA93 ] MSDTC C:\WINDOWS\system32\msdtc.exe
      05:20:11.0187 3584 MSDTC - ok
      05:20:11.0203 3584 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
      05:20:11.0328 3584 Msfs - ok
      05:20:11.0328 3584 MSIServer - ok
      05:20:11.0359 3584 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
      05:20:11.0500 3584 MSKSSRV - ok
      05:20:11.0531 3584 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      05:20:11.0656 3584 MSPCLOCK - ok
      05:20:11.0671 3584 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
      05:20:11.0812 3584 MSPQM - ok
      05:20:11.0843 3584 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      05:20:11.0953 3584 mssmbios - ok
      05:20:11.0984 3584 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
      05:20:12.0093 3584 Mup - ok
      05:20:12.0140 3584 [ FD578FCC03BBD76AF1E62202E6670D29 ] napagent C:\WINDOWS\System32\qagentrt.dll
      05:20:12.0296 3584 napagent - ok
      05:20:12.0312 3584 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
      05:20:12.0421 3584 NDIS - ok
      05:20:12.0453 3584 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      05:20:12.0562 3584 NdisTapi - ok
      05:20:12.0609 3584 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      05:20:12.0718 3584 Ndisuio - ok
      05:20:12.0734 3584 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      05:20:12.0890 3584 NdisWan - ok
      05:20:12.0906 3584 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
      05:20:13.0078 3584 NDProxy - ok
      05:20:13.0125 3584 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
      05:20:13.0234 3584 NetBIOS - ok
      05:20:13.0250 3584 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
      05:20:13.0390 3584 NetBT - ok
      05:20:13.0421 3584 [ 96B009E5B163850CF94DC333ED2BEE93 ] NetDDE C:\WINDOWS\system32\netdde.exe
      05:20:13.0562 3584 NetDDE - ok
      05:20:13.0562 3584 [ 96B009E5B163850CF94DC333ED2BEE93 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
      05:20:13.0687 3584 NetDDEdsdm - ok
      05:20:13.0703 3584 [ 671ACA589DA3733FAC878A751C5BF0ED ] Netlogon C:\WINDOWS\system32\lsass.exe
      05:20:13.0812 3584 Netlogon - ok
      05:20:13.0859 3584 [ A48884C9359EE9F1FC8F3F0D93FB1D95 ] Netman C:\WINDOWS\System32\netman.dll
      05:20:13.0984 3584 Netman - ok
      05:20:14.0046 3584 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      05:20:14.0140 3584 NetTcpPortSharing - ok
      05:20:14.0171 3584 [ AD893C9D3A09081D55A4BDFBC66AD592 ] Nla C:\WINDOWS\System32\mswsock.dll
      05:20:14.0312 3584 Nla - ok
      05:20:14.0328 3584 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
      05:20:14.0437 3584 Npfs - ok
      05:20:14.0500 3584 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
      05:20:14.0640 3584 Ntfs - ok
      05:20:14.0671 3584 [ 671ACA589DA3733FAC878A751C5BF0ED ] NtLmSsp C:\WINDOWS\system32\lsass.exe
      05:20:14.0781 3584 NtLmSsp - ok
      05:20:14.0828 3584 [ D60C40D71A4D874C903255E4827AFA0C ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
      05:20:15.0000 3584 NtmsSvc - ok
      05:20:15.0015 3584 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
      05:20:15.0171 3584 Null - ok
      05:20:15.0203 3584 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      05:20:15.0312 3584 NwlnkFlt - ok
      05:20:15.0312 3584 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      05:20:15.0437 3584 NwlnkFwd - ok
      05:20:15.0500 3584 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
      05:20:15.0578 3584 ose - ok
      05:20:15.0609 3584 [ E7855CBD8BD1FDA085A3F92CFF7906E2 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
      05:20:15.0750 3584 Parport - ok
      05:20:15.0765 3584 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
      05:20:15.0875 3584 PartMgr - ok
      05:20:15.0921 3584 [ FAD44D704ECD7D39AD01415B8BB34204 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
      05:20:16.0062 3584 ParVdm - ok
      05:20:16.0062 3584 [ F11BC84AE6C7B003B5E0C8EEB4A1F444 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
      05:20:16.0171 3584 PCI - ok
      05:20:16.0187 3584 PCIDump - ok
      05:20:16.0187 3584 [ 33D63F0A9021ACB4D75D83B646B93A30 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
      05:20:16.0296 3584 PCIIde - ok
      05:20:16.0328 3584 [ F50C27CCA56DC97B3A45E7F0059BD2BA ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
      05:20:16.0437 3584 Pcmcia - ok
      05:20:16.0453 3584 PDCOMP - ok
      05:20:16.0453 3584 PDFRAME - ok
      05:20:16.0468 3584 PDRELI - ok
      05:20:16.0468 3584 PDRFRAME - ok
      05:20:16.0468 3584 perc2 - ok
      05:20:16.0484 3584 perc2hib - ok
      05:20:16.0515 3584 [ D658A8C2FC7B2AD53D1259741A09EE04 ] PlugPlay C:\WINDOWS\system32\services.exe
      05:20:16.0640 3584 PlugPlay - ok
      05:20:16.0656 3584 [ 671ACA589DA3733FAC878A751C5BF0ED ] PolicyAgent C:\WINDOWS\system32\lsass.exe
      05:20:16.0765 3584 PolicyAgent - ok
      05:20:16.0781 3584 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
      05:20:16.0921 3584 PptpMiniport - ok
      05:20:16.0937 3584 [ 671ACA589DA3733FAC878A751C5BF0ED ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
      05:20:17.0031 3584 ProtectedStorage - ok
      05:20:17.0062 3584 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
      05:20:17.0187 3584 PSched - ok
      05:20:17.0187 3584 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
      05:20:17.0328 3584 Ptilink - ok
      05:20:17.0343 3584 ql1080 - ok
      05:20:17.0343 3584 Ql10wnt - ok
      05:20:17.0343 3584 ql12160 - ok
      05:20:17.0359 3584 ql1240 - ok
      05:20:17.0359 3584 ql1280 - ok
      05:20:17.0406 3584 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
      05:20:17.0531 3584 RasAcd - ok
      05:20:17.0562 3584 [ 8345C6F52F38A95B950B9B3D064AE3EE ] RasAuto C:\WINDOWS\System32\rasauto.dll
      05:20:17.0671 3584 RasAuto - ok
      05:20:17.0703 3584 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      05:20:17.0828 3584 Rasl2tp - ok
      05:20:17.0843 3584 [ B279F6A9EA3ACB5844C103ED2DB65B44 ] RasMan C:\WINDOWS\System32\rasmans.dll
      05:20:17.0968 3584 RasMan - ok
      05:20:18.0000 3584 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      05:20:18.0109 3584 RasPppoe - ok
      05:20:18.0140 3584 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
      05:20:18.0296 3584 Raspti - ok
      05:20:18.0328 3584 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
      05:20:18.0437 3584 Rdbss - ok
      05:20:18.0453 3584 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      05:20:18.0593 3584 RDPCDD - ok
      05:20:18.0625 3584 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
      05:20:18.0781 3584 rdpdr - ok
      05:20:18.0828 3584 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
      05:20:18.0984 3584 RDPWD - ok
      05:20:19.0031 3584 [ 6193E6B05336C277EA4DB39AFA46BC23 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
      05:20:19.0187 3584 RDSessMgr - ok
      05:20:19.0234 3584 [ 20950948970A0EA329B4254052BCF093 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
      05:20:19.0359 3584 redbook - ok
      05:20:19.0406 3584 [ 1B7481D377BD7997452352F82F4CFFED ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
      05:20:19.0546 3584 RemoteAccess - ok
      05:20:19.0578 3584 [ E424F05B07AC4357DC08D06218D76C7C ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
      05:20:19.0687 3584 RemoteRegistry - ok
      05:20:19.0718 3584 [ 9FCCBDBAA0CF915AAC0132DE1C9566B3 ] RpcLocator C:\WINDOWS\system32\locator.exe
      05:20:19.0843 3584 RpcLocator - ok
      05:20:19.0875 3584 [ 53D02EFFA72CA5C57687BEE20610ABA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
      05:20:20.0015 3584 RpcSs - ok
      05:20:20.0046 3584 [ 5E38212C2C00DC342E2281D2F6BFB746 ] RSVP C:\WINDOWS\system32\rsvp.exe
      05:20:20.0156 3584 RSVP - ok
      05:20:20.0187 3584 [ 25BE98C05808C57E4D8D26477DC12D39 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
      05:20:20.0281 3584 RTLE8023xp - ok
      05:20:20.0296 3584 [ 671ACA589DA3733FAC878A751C5BF0ED ] SamSs C:\WINDOWS\system32\lsass.exe
      05:20:20.0406 3584 SamSs - ok
      05:20:20.0421 3584 [ A50E4DD0E2A9DF762807C84153B4953A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
      05:20:20.0578 3584 SCardSvr - ok
      05:20:20.0609 3584 [ 51BE25C404D3DD344C6079DE715E4977 ] Schedule C:\WINDOWS\system32\schedsvc.dll
      05:20:20.0734 3584 Schedule - ok
      05:20:20.0750 3584 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
      05:20:20.0843 3584 Secdrv - ok
      05:20:20.0859 3584 [ B62C489373A1E1B949FC0FAA90F3B47A ] seclogon C:\WINDOWS\System32\seclogon.dll
      05:20:20.0968 3584 seclogon - ok
      05:20:20.0968 3584 [ A95A27C874B0931A6F8F656924F4A14A ] SENS C:\WINDOWS\system32\sens.dll
      05:20:21.0093 3584 SENS - ok
      05:20:21.0109 3584 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
      05:20:21.0203 3584 serenum - ok
      05:20:21.0234 3584 [ F41B42B92AE9C1191858C3F80CC24A9C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
      05:20:21.0375 3584 Serial - ok
      05:20:21.0406 3584 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
      05:20:21.0515 3584 Sfloppy - ok
      05:20:21.0546 3584 [ 4A4EF3EE166FAD4A04B1D767AD986329 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
      05:20:21.0671 3584 SharedAccess - ok
      05:20:21.0703 3584 [ CA70EDBF32032EA53F114CB930741CB5 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
      05:20:21.0828 3584 ShellHWDetection - ok
      05:20:21.0828 3584 Simbad - ok
      05:20:21.0843 3584 Sparrow - ok
      05:20:21.0859 3584 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
      05:20:21.0953 3584 splitter - ok
      05:20:21.0984 3584 [ CDD2DC6AE65084481E723E746C20539A ] Spooler C:\WINDOWS\system32\spoolsv.exe
      05:20:22.0093 3584 Spooler - ok
      05:20:22.0140 3584 [ CCB3065C3EE63A4515FE84AF9E78D1DD ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
      05:20:22.0218 3584 sr - ok
      05:20:22.0234 3584 [ 0F30EEC6013FCF76693405EC4A7DF899 ] srservice C:\WINDOWS\system32\srsvc.dll
      05:20:22.0312 3584 srservice - ok
      05:20:22.0328 3584 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
      05:20:22.0453 3584 Srv - ok
      05:20:22.0484 3584 [ B622A432EF02895DE4AA38AC8B85FA4C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
      05:20:22.0546 3584 SSDPSRV - ok
      05:20:22.0609 3584 [ 7226422C95FDF8AA6092EE964912B0DF ] stisvc C:\WINDOWS\system32\wiaservc.dll
      05:20:22.0734 3584 stisvc - ok
      05:20:22.0765 3584 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
      05:20:22.0875 3584 swenum - ok
      05:20:22.0890 3584 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
      05:20:23.0000 3584 swmidi - ok
      05:20:23.0000 3584 SwPrv - ok
      05:20:23.0015 3584 symc810 - ok
      05:20:23.0015 3584 symc8xx - ok
      05:20:23.0031 3584 sym_hi - ok
      05:20:23.0031 3584 sym_u3 - ok
      05:20:23.0062 3584 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
      05:20:23.0156 3584 sysaudio - ok
      05:20:23.0203 3584 [ F1F6EE807F0112AAE2259B253B6DDF89 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
      05:20:23.0312 3584 SysmonLog - ok
      05:20:23.0359 3584 [ 04A5B8EA326951DB27DF60A14F2999FF ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
      05:20:23.0531 3584 TapiSrv - ok
      05:20:23.0578 3584 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
      05:20:23.0750 3584 Tcpip - ok
      05:20:23.0765 3584 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
      05:20:23.0921 3584 TDPIPE - ok
      05:20:23.0937 3584 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
      05:20:24.0046 3584 TDTCP - ok
      05:20:24.0078 3584 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
      05:20:24.0187 3584 TermDD - ok
      05:20:24.0234 3584 [ 288B20D56D5F0EC4BCC77FBFA5A81740 ] TermService C:\WINDOWS\System32\termsrv.dll
      05:20:24.0359 3584 TermService - ok
      05:20:24.0375 3584 [ CA70EDBF32032EA53F114CB930741CB5 ] Themes C:\WINDOWS\System32\shsvcs.dll
      05:20:24.0484 3584 Themes - ok
      05:20:24.0515 3584 [ 65BF170815C0DF302BE038FD8891C722 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
      05:20:24.0593 3584 TlntSvr - ok
      05:20:24.0609 3584 TosIde - ok
      05:20:24.0656 3584 [ 321761D0D12EE5285CE79AC175CBA672 ] TrkWks C:\WINDOWS\system32\trkwks.dll
      05:20:24.0765 3584 TrkWks - ok
      05:20:24.0781 3584 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
      05:20:24.0921 3584 Udfs - ok
      05:20:24.0921 3584 UIUSys - ok
      05:20:24.0937 3584 ultra - ok
      05:20:24.0984 3584 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
      05:20:25.0140 3584 Update - ok
      05:20:25.0171 3584 [ 7594203F459ABDB5FE53C08D6B1BD53B ] upnphost C:\WINDOWS\System32\upnphost.dll
      05:20:25.0250 3584 upnphost - ok
      05:20:25.0281 3584 [ 575BAFEB33AF057B13A10579D0DC884A ] UPS C:\WINDOWS\System32\ups.exe
      05:20:25.0390 3584 UPS - ok
      05:20:25.0421 3584 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
      05:20:25.0531 3584 usbccgp - ok
      05:20:25.0562 3584 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
      05:20:25.0718 3584 usbehci - ok
      05:20:25.0750 3584 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
      05:20:25.0890 3584 usbhub - ok
      05:20:25.0937 3584 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      05:20:26.0078 3584 USBSTOR - ok
      05:20:26.0093 3584 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      05:20:26.0234 3584 usbuhci - ok
      05:20:26.0234 3584 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
      05:20:26.0375 3584 VgaSave - ok
      05:20:26.0375 3584 ViaIde - ok
      05:20:26.0390 3584 [ C41FFDC191E6C832E2E53C967EAE0A16 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
      05:20:26.0500 3584 VolSnap - ok
      05:20:26.0531 3584 [ 60F28DE3FAE525D026E4D66405B80DB8 ] VSS C:\WINDOWS\System32\vssvc.exe
      05:20:26.0640 3584 VSS - ok
      05:20:26.0687 3584 [ C71CFACDBFADD819736F61F5738BDDC1 ] W32Time C:\WINDOWS\system32\w32time.dll
      05:20:26.0796 3584 W32Time - ok
      05:20:26.0812 3584 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
      05:20:26.0953 3584 Wanarp - ok
      05:20:26.0968 3584 WDICA - ok
      05:20:26.0984 3584 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
      05:20:27.0093 3584 wdmaud - ok
      05:20:27.0109 3584 [ 340A4FD9017D1EBD1F6DC435282A39DC ] WebClient C:\WINDOWS\System32\webclnt.dll
      05:20:27.0218 3584 WebClient - ok
      05:20:27.0312 3584 [ A5FC75CAB140CF6A78E16C3681001872 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
      05:20:27.0421 3584 winmgmt - ok
      05:20:27.0468 3584 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
      05:20:27.0546 3584 WmdmPmSN - ok
      05:20:27.0609 3584 [ 992C944CD2D05BB9919258E48695AF07 ] Wmi C:\WINDOWS\System32\advapi32.dll
      05:20:27.0765 3584 Wmi - ok
      05:20:27.0812 3584 [ CA1A5270ACC0062B13F62CA5A0CD8DA8 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
      05:20:27.0921 3584 WmiApSrv - ok
      05:20:28.0015 3584 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
      05:20:28.0078 3584 WPFFontCache_v0400 - ok
      05:20:28.0140 3584 [ 8CD684FD248DFE208C2F8F5052838A81 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
      05:20:28.0250 3584 wscsvc - ok
      05:20:28.0296 3584 [ 0B8FC4D0F9D6964713E81AD558B50A71 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
      05:20:28.0390 3584 wuauserv - ok
      05:20:28.0437 3584 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
      05:20:28.0531 3584 WudfPf - ok
      05:20:28.0562 3584 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
      05:20:28.0609 3584 WudfRd - ok
      05:20:28.0640 3584 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
      05:20:28.0687 3584 WudfSvc - ok
      05:20:28.0750 3584 [ D2CAF9FF9DA12F0CC6398C6E331015E4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
      05:20:28.0937 3584 WZCSVC - ok
      05:20:28.0953 3584 XDva352 - ok
      05:20:28.0953 3584 XDva358 - ok
      05:20:28.0968 3584 XDva359 - ok
      05:20:28.0968 3584 XDva362 - ok
      05:20:28.0968 3584 XDva370 - ok
      05:20:28.0984 3584 XDva375 - ok
      05:20:28.0984 3584 XDva380 - ok
      05:20:29.0000 3584 XDva383 - ok
      05:20:29.0000 3584 XDva385 - ok
      05:20:29.0000 3584 XDva386 - ok
      05:20:29.0015 3584 XDva387 - ok
      05:20:29.0015 3584 XDva389 - ok
      05:20:29.0031 3584 XDva390 - ok
      05:20:29.0031 3584 XDva391 - ok
      05:20:29.0046 3584 [ 14FDADCF05A37582399DAF1DA1DE1C7B ] xmlprov C:\WINDOWS\System32\xmlprov.dll
      05:20:29.0156 3584 xmlprov - ok
      05:20:29.0171 3584 ================ Scan global ===============================
      05:20:29.0203 3584 [ 5E83265291342AE4B13481CA25B115A0 ] C:\WINDOWS\system32\basesrv.dll
      05:20:29.0218 3584 [ F24ABBB52A7895B77CB70AB05F01F2C3 ] C:\WINDOWS\system32\winsrv.dll
      05:20:29.0234 3584 [ F24ABBB52A7895B77CB70AB05F01F2C3 ] C:\WINDOWS\system32\winsrv.dll
      05:20:29.0234 3584 [ D658A8C2FC7B2AD53D1259741A09EE04 ] C:\WINDOWS\system32\services.exe
      05:20:29.0250 3584 [Global] - ok
      05:20:29.0250 3584 ================ Scan MBR ==================================
      05:20:29.0265 3584 [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk0\DR0
      05:20:29.0546 3584 \Device\Harddisk0\DR0 - ok
      05:20:29.0546 3584 ================ Scan VBR ==================================
      05:20:29.0546 3584 [ 09BB324F1E2D02FFE4AB7E288CE1F9E3 ] \Device\Harddisk0\DR0\Partition1
      05:20:29.0546 3584 \Device\Harddisk0\DR0\Partition1 - ok
      05:20:29.0546 3584 ============================================================
      05:20:29.0546 3584 Scan finished
      05:20:29.0546 3584 ============================================================
      05:20:29.0656 2984 Detected object count: 4
      05:20:29.0656 2984 Actual detected object count: 4
      05:20:37.0500 2984 DepFrzHi ( UnsignedFile.Multi.Generic ) - skipped by user
      05:20:37.0500 2984 DepFrzHi ( UnsignedFile.Multi.Generic ) - User select action: Skip
      05:20:37.0500 2984 DepFrzLo ( UnsignedFile.Multi.Generic ) - skipped by user
      05:20:37.0500 2984 DepFrzLo ( UnsignedFile.Multi.Generic ) - User select action: Skip
      05:20:37.0500 2984 DFServEx ( UnsignedFile.Multi.Generic ) - skipped by user
      05:20:37.0500 2984 DFServEx ( UnsignedFile.Multi.Generic ) - User select action: Skip
      05:20:37.0500 2984 escSrv ( UnsignedFile.Multi.Generic ) - skipped by user
      05:20:37.0500 2984 escSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
      05:20:46.0515 1452 Deinitialize success

      Ahi estan los dos reportes, aunque no entiendo mucho.
      Saludos y muchas gracias por tu ayuda :)

    4. #4
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: Problema con infeccion en system

      Hola, son pasos protocolarios.
      Realízame por favor lo siguiente:
      Descarga esta Herramienta AT-Destroyer 1.7 (by InfoSpyware) | InfoSpyware. Colócala en el escritorio. NO LA EJECUTES AÚN.

      Desactiva tu Antivirus/Antisyware y protecciones residentes: Cómo deshabilitar temporalmente su Antivirus. Realiza un análisis con ESET SMART INSTALLER
      Teniendo en cuenta que tienes que antes de comenzar el análisis debes de seleccionar las casillas de la imagen

      Ejecuta el AT, marcando la opción para buscar y destruir (te desaparecerán los iconos del Escritorio temporalmente), cuando acabe te pedirá reiniciar, lo haces. Luego la vuelves a ejecutar seleccionando Desinstalación.


      Reportas Informes del AT que estará en C:\AT-destroyer, y del ESET que lo encontrarás en %Program Files(x86)\ESET\ESET Online\log.

      Un saludo.