• Registrarse
  • Iniciar sesión


  • Resultados 1 al 2 de 2

    Problemas en el pc debido a Keylogger Ardamax y [email protected]

    Hola comunidad como van? Hcae dos dias me di cuenta que teia ese keylogger ardamax , no lo pude desisntalar hasta queecontre su carpeta en programdat la elimino y pense que todo muy bien, pero ...

    1. #1
      Usuario Avatar de jpok30
      Registrado
      ago 2017
      Ubicación
      Colombia
      Mensajes
      1

      Triste Problemas en el pc debido a Keylogger Ardamax y [email protected]

      Hola comunidad como van?

      Hcae dos dias me di cuenta que teia ese keylogger ardamax , no lo pude desisntalar hasta queecontre su carpeta en programdat la elimino y pense que todo muy bien, pero el computar se puso muy lento y ahora inicio sesion de manera diferente a la habitual , se demora mas y me dda avisos como:
      • Esperando servicio de notificacion de eventos del sistema
      • Esperando configuracion autentico de WLAN
      • Cerrando el servicio: Cliente directiva de Grupo
      • Cerrando servicio: asdbIDSAgent.
      • Esperando administrador servicio Local

      Antes de desintalar ese Keylogger o lo que crei no aparecia nada de eso tambien me quito la opcion de inicio de sesion con PIN. Adicional al iniciar adminitrasdor de tarea me doy cuenta que tenia unos procesos relacionados con este [email protected] y SppExtComObj.exe relacionado con algo llamado KMS broker. Ya ejecute RKILL , MalwareBytes, ADWcleaner, Spyhunter,ESET y FARBAR pero no ha dejado de estar lento. Tambien inicie en modo seguro el pc y elimine manualmente esos [email protected] eran 3 pero aun sigue muy lento. Adjuntare la informacion que me provee IFS V 1.3 y Hijack this:

      INFORMACION IFS

      Código:
      ~~~~~~~~~~~| Inicio: 
      
      *IFS (InfoSpyware First Steps) v 1.3
      *www.InfoSpyware.com | www.ForoSpyware.com
      *Iniciado: 31/08/2017 a las 10h.39m.45s
      
      ~~~~~~~~~~~|  Información del Sistema:
      
      OS: Microsoft Windows 10 Home Single Language x64 
      Idioma: Spanish (Colombia) (Colombia|es-CO)
      Permisos de Administrador / ON
      Windows se Inició en   Modo Normal
      Drive: C:\WINDOWS (Install: \Device\HarddiskVolume5)
      
      ~~~~~~~~~~~| Arquitectura Fisica:
      
      CPU: LENOVO
      CPU Modelo: 20237
      Procesador: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz (x64-BasedPC)
      Memoria RAM: 6 Gb. En Uso: 60 %
      Video: Intel(R) HD Graphics 4600
      Chip: Intel(R) HD Graphics Family Capacidad video:1024 MB (Internal)
      
      ~~~~~~~~~~~| Unidades
      
      C: [FIXED|NTFS|Windows8_OS] - [891.6 Gb][711.7 Gb][179.9 Gb]
      D: [FIXED|NTFS|LENOVO] - [25 Gb][18.3 Gb][6.6 Gb]
      E: [CDROM]
      C:\ Fragmentación total 2.30% - Correcto
      D:\ Fragmentación total 0.00% - Correcto
      
      ~~~~~~~~~~~| Seguridad del SO
      
      SafeBoot: Inicio en Modo seguro Correcto
      Security Center: Correcto (Servicio Activo)
      Windows Update: El servicio no está activo 
      AV: Windows Defender *Protección Residente [OFF] / Actualizado*
      AV: Malwarebytes *Protección Residente [ON] / Actualizado*
      AV: ESET Internet Security *Protección Residente [ON] / Actualizado*
      SP: Spybot - Search and Destroy *Protección Residente [OFF] / Actualizado*
      SP: ESET Internet Security *Protección Residente [ON] / Actualizado*
      SP: Malwarebytes *Protección Residente [ON] / Actualizado*
      SP: Windows Defender *Protección Residente [OFF] / Actualizado*
      FW: Firewall personal de ESET *Protección Residente [ON]*
      FW: Windows Firewall *Habilitado*
      
      ~~~~~~~~~~~|  Update Check
      
      Internet Explorer Versión Instalada 11
      Mozilla FireFox Versión Instalada 55.0.3
      Google Chrome Versión Instalada 60.0.3112.113
      Microsoft SilverLigth Versión instalada 5.1.50907.0
      
      ~~~~~~~~~~~| Process List 
      
      egui.exe (Productos Eset)
      ekrn.exe (Productos Eset)
      SDWSCSvc.exe (Spybot Search & Destroy)
      MBAMservice.exe (Malwarebytes Anti-Malware)
      
      ~~~~~~~~~~~| Install Check 
      
      
      Spybot - Search & Destroy [2.6.46]
      CCleaner [5.33]
      ESET Internet Security [10.1.219.1]
      
      ~~~~~~~~~~~| Registry Check
      
      HKLM\Run(x64): [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
      HKLM\Run(x64): [RtsFT] RTFTrack.exe
      HKLM\Run(x64): [cAudioFilterAgent] "C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
      HKLM\Run(x64): [SmartAudio] "C:\Program Files\CONEXANT\SAII\SACpl.exe" /t
      HKLM\Run(x64): [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe"
      HKLM\Run(x64): [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
      HKLM\Run(x64): [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
      HKLM\Run(x64): [Bluetooth] C:\Program Files\Lenovo\Bluetooth Software\bttray.exe
      HKLM\Run(x64): [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
      HKLM\Run(x64): [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      HKLM\Run(x64): [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
      HKLM\Run(x64): [LenovoUtility] C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
      HKLM\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
      HKLM\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
      HKLM\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      HKLM\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
      HKLM\Run: [HP Deskjet 3050 J610 series (NET)] "C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN19S412C805HX:NW" -scfn "HP Deskjet 3050 J610 series (NET)" -AutoStart 1
      HKLM\Run: [OneDrive] "C:\Users\Julian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      HKLM\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      HKLM\Run: [CGFLoader] C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe
      HKLM\Run: [CalibrizeResume] C:\Program Files (x86)\Calibrize\CalibrizeResume.exe
      HKLM\Run: [Spotify] C:\Users\Julian\AppData\Roaming\Spotify\Spotify.exe --autostart
      HKLM\Run: [Spotify Web Helper] C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
      Winlogon(x64): Shell = explorer.exe
      Winlogon: Shell = explorer.exe
      Userinit(x64): Userinit = C:\WINDOWS\system32\userinit.exe
      Userinit: Userinit = C:\WINDOWS\system32\userinit.exe
      
      [HKCR\.\.open\command] -> Navegador Preferido es FireFox
      user_pref("browser.search.countryCode", "CO");
      user_pref("browser.search.region", "CO");
      
      ~~~~~~~~~~~| PUPs Check
      
      HKLM64\SOFTWARE\Partner
      
      
      ~~~~~~~~~~~| Listado 7 Días (Predeterminado)
      
      [24/08/2017 10:56] - C:\WINDOWS\LastGood.Tmp
      [31/08/2017 10:20] - C:\WINDOWS\WindowsUpdate.log
      [29/08/2017 00:36] - C:\WINDOWS\wininit.ini
      [30/08/2017 23:27] - C:\AdwCleaner
      [30/08/2017 01:40] - C:\autoexec.bat
      [30/08/2017 23:12] - C:\FRST
      [31/08/2017 10:39] - C:\FSTool
      [30/08/2017 02:39] - C:\hiberfil.sys
      [31/08/2017 10:39] - C:\IFS.log
      [31/08/2017 10:24] - C:\OneDriveTemp
      
      ~~~~~~~~~~~| C:\WINDOWS\Tasks:
      
      [31/08/2017 00:15] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
      [10/08/2017 20:54] - C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
      
      ~~~~~~~~~~~| End Report
      *Finalizado 10:49:02
      *Se limpiaron los archivos temporales
      *[1599815] C:\Users\Julian\Downloads\IFS.exe
      *Herramienta de Análisis e investigación
      INFORMACION HiJackThis

      Logfile of Trend Micro HijackThis v2.0.5
      Scan saved at 11:09:08 a.m., on 31/08/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.15063.0000)

      FIREFOX: 55.0.3 (x86 es-ES)
      Boot mode: Normal

      Running processes:
      C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
      C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
      C:\Users\Julian\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      C:\Program Files (x86)\Calibrize\CalibrizeResume.exe
      C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
      C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      C:\WINDOWS\SysWOW64\RunDll32.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Program Files (x86)\Trusteer\Rapport\bin\TanzanServer.exe
      C:\Users\Julian\Downloads\HijackThis(1).exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
      O3 - Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)
      O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
      O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
      O4 - HKCU\..\Run: [HP Deskjet 3050 J610 series (NET)] "C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN19S412C805HX:NW" -scfn "HP Deskjet 3050 J610 series (NET)" -AutoStart 1
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Julian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\Run: [CGFLoader] C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe
      O4 - HKCU\..\Run: [CalibrizeResume] C:\Program Files (x86)\Calibrize\CalibrizeResume.exe
      O4 - HKCU\..\Run: [Spotify] C:\Users\Julian\AppData\Roaming\Spotify\Spotify.exe --autostart
      O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
      O4 - Startup: Supervisar alertas de tinta - HP Deskjet 3050 J610 series (Red).lnk = ?
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
      O8 - Extra context menu item: Call this number using SideSync - res://C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll/105
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: http://help.eset.com (HKLM)
      O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{bd828ed8-209c-42c0-a41e-26b82e66101e}: NameServer = 8.8.8.8,8.8.4.4
      O17 - HKLM\System\CS2\Services\Tcpip\..\{9AB2E7F1-8B24-48C7-9FD8-2194531835F4}: NameServer = 8.8.8.8,8.8.4.4
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
      O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
      O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
      O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @oem30.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
      O23 - Service: @%SystemRoot%\system32\cdpsvc.dll,-100 (CDPSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cdpusersvc.dll,-100 (CDPUserSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Servicio de usuario de plataforma de dispositivos conectados_c716a (CDPUserSvc_c716a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: Cron Service (CronService) - Fork, Ltd. - C:\Windows\Prey\wpxsvc.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
      O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DevicesFlowBroker.dll,-103 (DevicesFlowUserSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: DevicesFlow_c716a (DevicesFlowUserSvc_c716a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dusmsvc.dll,-1 (DusmSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
      O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
      O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-201 (embeddedmode) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FrameServer.dll,-100 (FrameServer) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\hvhostsvc.dll,-100 (HvHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
      O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
      O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\ipxlatcfg.dll,-500 (IpxlatCfgSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (irmon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\lfsvc.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\licensemanagersvc.dll,-200 (LicenseManager) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
      O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @%SystemRoot%\system32\MessagingService.dll,-100 (MessagingService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: MessagingService_c716a - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
      O23 - Service: @%systemroot%\system32\NaturalAuth.dll,-100 (NaturalAuthentication) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\SysWOW64\NLSSRV32.EXE
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Sincronizar host_c716a (OneSyncSvc_c716a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe
      O23 - Service: @%SystemRoot%\system32\PhoneserviceRes.dll,-10000 (PhoneSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Datos de contactos_c716a (PimIndexMaintenanceSvc_c716a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
      O23 - Service: @%SystemRoot%\system32\RMapi.dll,-1001 (RmSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
      O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
      O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
      O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\SEMgrSvc.dll,-1001 (SEMgrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\tileobjserver.dll,-1 (tiledatamodelsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBrokerSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\tokenbroker.dll,-100 (TokenBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\tzautoupdate.dll,-200 (tzautoupdate) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: Almacenamiento de datos de usuarios_c716a (UnistoreSvc_c716a) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Acceso a datos de usuarios_c716a (UserDataSvc_c716a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
      O23 - Service: @%systemroot%\system32\usocore.dll,-101 (UsoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvcext.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvcext.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wfdsconmgrsvc.dll,-9000 (WFDSConMgrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\flightsettings.dll,-104 (wisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lpasvc.dll,-1000 (wlpasvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
      O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WpnUserService.dll,-1 (WpnUserService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Servicio de usuario de notificaciones de inserción de Windows_c716a (WpnUserService_c716a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\xbgmsvc.dll,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\xboxgipsvc.dll,-100 (XboxGipSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

      --
      End of file - 38570 bytes

      Gracias por al ayuda en verdad es importante

    2. #2
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      11.917

      Re: Problemas en el pc debido a Keylogger Ardamax y [email protected]

      Saludos jpok30. al foro de InfoSpyware.

      Déjanos los reportes de RKILL , MalwareBytes, ADWcleaner, ESET y FARBAR para que podamos analizarlos. Si es necesario, nos los dejas en varias respuestas sucesivas.

      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.