Jump to content

salt2012

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. really appreciate your promptness of replies. Your explanation were very clear. Thanks a lot!

  2. Dear MrC, I really appreciate your promptness of replies. Your explanation were very clear. Thanks a lot! David
  3. Here are the result of CoboFix: ComboFix 12-04-23.02 - Casa 24/04/2012 2:43.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.34.3082.18.1980.1423 [GMT 2:00] Running from: c:\documents and settings\Casa\Escritorio\ComboFix.exe AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\documents and settings\All Users\Datos de programa\abynaaa.tmp c:\documents and settings\All Users\Datos de programa\bbynaaa.tmp c:\documents and settings\All Users\Datos de programa\cbynaaa.tmp c:\documents and settings\All Users\Datos de programa\cpcoaaa.tmp c:\documents and settings\All Users\Datos de programa\dpcoaaa.tmp c:\documents and settings\All Users\Datos de programa\epcoaaa.tmp c:\documents and settings\All Users\Datos de programa\fpcoaaa.tmp c:\documents and settings\All Users\Datos de programa\gpcoaaa.tmp c:\documents and settings\All Users\Datos de programa\ioznaaa.tmp c:\documents and settings\All Users\Datos de programa\joznaaa.tmp c:\documents and settings\All Users\Datos de programa\koznaaa.tmp c:\documents and settings\All Users\Datos de programa\loznaaa.tmp c:\documents and settings\All Users\Datos de programa\moznaaa.tmp c:\documents and settings\All Users\Datos de programa\onwnaaa.tmp c:\documents and settings\All Users\Datos de programa\pnwnaaa.tmp c:\documents and settings\All Users\Datos de programa\qnwnaaa.tmp c:\documents and settings\All Users\Datos de programa\rnwnaaa.tmp c:\documents and settings\All Users\Datos de programa\snwnaaa.tmp c:\documents and settings\All Users\Datos de programa\yaynaaa.tmp c:\documents and settings\All Users\Datos de programa\zaynaaa.tmp c:\windows\system32\dllcache\dlimport.exe c:\windows\system32\SETED.tmp c:\windows\system32\SETF1.tmp c:\windows\system32\SETF9.tmp c:\windows\system32\urttemp c:\windows\system32\urttemp\regtlib.exe . . ((((((((((((((((((((((((( Files Created from 2012-03-24 to 2012-04-24 ))))))))))))))))))))))))))))))) . . 2012-04-23 23:51 . 2012-04-23 23:51 -------- d-----w- C:\TDSSKiller_Quarantine 2012-04-23 23:45 . 2012-04-23 23:45 -------- d-----w- c:\archivos de programa\ERUNT 2012-04-23 21:20 . 2012-04-23 21:56 -------- d-----w- c:\archivos de programa\Archivos comunes\Symantec Shared 2012-04-23 21:20 . 2012-04-23 21:20 -------- d-----w- c:\archivos de programa\Symantec 2012-04-23 21:20 . 2012-04-23 21:20 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2012-04-23 21:20 . 2012-04-23 21:20 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-04-23 21:19 . 2012-04-23 23:53 -------- d-----w- c:\windows\system32\drivers\NAV 2012-04-23 21:19 . 2012-04-23 21:19 -------- d-----w- c:\archivos de programa\Norton AntiVirus 2012-04-23 21:19 . 2012-04-23 21:19 -------- d-----w- c:\archivos de programa\Windows Sidebar 2012-04-23 21:18 . 2012-04-23 21:19 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Norton 2012-04-23 21:14 . 2012-04-23 23:53 -------- d-----w- c:\archivos de programa\NortonInstaller 2012-04-22 20:37 . 2012-04-22 20:37 -------- d-----w- c:\documents and settings\Casa\Configuración local\Datos de programa\ESET 2012-04-22 19:39 . 2012-04-22 19:39 -------- d-----w- c:\archivos de programa\Archivos comunes\Java 2012-04-22 19:38 . 2012-04-22 19:38 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-04-22 09:07 . 2012-04-22 09:07 -------- d-----w- c:\documents and settings\Casa\Datos de programa\Malwarebytes 2012-04-22 09:07 . 2012-04-22 09:07 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware 2012-04-22 09:07 . 2012-04-22 09:07 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Malwarebytes 2012-04-22 09:07 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-22 09:07 . 2012-04-22 09:07 388096 ----a-r- c:\documents and settings\Casa\Datos de programa\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-04-22 09:07 . 2012-04-22 09:07 -------- d-----w- c:\archivos de programa\Trend Micro 2012-04-22 07:57 . 2012-04-22 07:57 -------- d-----w- C:\Progra~1 2012-04-22 07:55 . 2012-04-22 07:57 -------- d-----w- c:\documents and settings\Casa\Configuración local\Datos de programa\Google 2012-04-14 14:48 . 2012-04-14 14:48 -------- d-----w- c:\documents and settings\Casa\Datos de programa\National Instruments 2012-04-14 13:54 . 2012-04-22 07:57 -------- d-----w- c:\documents and settings\All Users\Datos de programa\National Instruments 2012-04-14 13:54 . 2012-04-22 07:51 -------- d-----w- c:\windows\system32\cvirte 2012-04-14 13:54 . 2012-04-22 07:51 -------- d-----w- c:\archivos de programa\Archivos comunes\Merge Modules 2012-04-14 13:54 . 2012-04-14 13:56 -------- d-----w- c:\archivos de programa\National Instruments 2012-04-14 13:53 . 2012-04-14 13:53 -------- d-----w- C:\National Instruments Downloads 2012-03-31 15:35 . 2012-03-31 15:35 -------- d-----w- c:\documents and settings\Casa\Datos de programa\Media Player Classic . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-23 23:52 . 2004-08-20 10:00 189056 ----a-w- c:\windows\system32\drivers\acpi.sys 2012-04-22 19:38 . 2011-02-12 11:07 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-01 01:14 . 2006-03-04 03:35 832512 ----a-w- c:\windows\system32\wininet.dll 2012-03-01 01:14 . 2004-08-20 10:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl 2012-03-01 01:14 . 2012-03-18 10:30 78336 ----a-w- c:\windows\system32\ieencode.dll 2012-03-01 01:14 . 2004-08-20 10:00 17408 ----a-w- c:\windows\system32\corpol.dll 2012-02-29 14:09 . 2004-08-20 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 14:09 . 2004-08-20 10:00 148480 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-03 09:57 . 2004-08-20 10:00 1860224 ----a-w- c:\windows\system32\win32k.sys 2007-02-08 08:48 . 2007-02-08 08:48 133920 ----a-w- c:\archivos de programa\internet explorer\plugins\LV82ActiveXControl.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2008-04-14 . DA8898129E0075C7DE4DEE457514A73C . 579584 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . C79C4AE0CE1641F8AADAE3B3CBEA63F8 . 579584 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [7] 2004-08-20 . 5D5C9CC377A70D036816E7EA55F3CA73 . 578048 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\archivos de programa\Archivos comunes\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10c.exe" [2009-07-18 257440] . c:\documents and settings\Casa\Menú Inicio\Programas\Inicio\ ERUNT AutoBackup.lnk - c:\archivos de programa\ERUNT\AUTOBACK.EXE [2005-10-20 38912] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\archivos de programa\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\archivos de programa\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Acelerador de inicio de AutoCAD.lnk] path=c:\documents and settings\All Users\Menú Inicio\Programas\Inicio\Acelerador de inicio de AutoCAD.lnk backup=c:\windows\pss\Acelerador de inicio de AutoCAD.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Adobe Reader Synchronizer.lnk] path=c:\documents and settings\All Users\Menú Inicio\Programas\Inicio\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Inicio rápido de Adobe Reader.lnk] path=c:\documents and settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de Adobe Reader.lnk backup=c:\windows\pss\Inicio rápido de Adobe Reader.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 02:18 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2011-01-21 17:56 170008 ----a-w- c:\windows\system32\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2011-01-21 17:56 136216 ----a-w- c:\windows\system32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2004-07-27 14:50 221184 ----a-w- c:\archiv~1\ARCHIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2004-07-27 14:50 81920 ----a-w- c:\archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2012-04-04 13:56 462408 ----a-w- c:\archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 02:19 1695232 ------w- c:\archivos de programa\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] 2011-01-21 17:56 145432 ----a-w- c:\windows\system32\igfxpers.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon] 2010-05-21 12:28 111640 ----a-w- c:\archivos de programa\Archivos comunes\Intel\Privacy Icon\PIconStartup.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] 2006-08-17 07:00 1116920 ----a-w- c:\archivos de programa\Roxio\Drag-to-Disc\DrgToDsc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2012-02-29 07:55 17148552 ----a-r- c:\archivos de programa\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2009-06-22 13:21 1044480 ----a-w- c:\archivos de programa\Analog Devices\Core\smax4pnp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 12:02 254696 ----a-w- c:\archivos de programa\Archivos comunes\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2012-03-24 08:26 3905920 ----a-w- c:\archivos de programa\SUPERAntiSpyware\SUPERANTISPYWARE.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Dnscache"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Archivos de programa\\BitTorrent\\BitTorrent.exe"= "c:\\Archivos de programa\\Skype\\Phone\\Skype.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= . R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [18/02/2012 13:08 24064] R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1306020.00A\symds.sys [23/04/2012 23:24 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1306020.00A\symefa.sys [23/04/2012 23:24 905336] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120413.001\BHDrvx86.sys [13/04/2012 1:34 821880] R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAV\1306020.00A\ccsetx86.sys [23/04/2012 23:24 132744] R1 SASDIFSV;SASDIFSV;c:\archivos de programa\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 18:27 12880] R1 SASKUTIL;SASKUTIL;c:\archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 23:55 67664] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1306020.00A\ironx86.sys [23/04/2012 23:24 149624] R2 !SASCORE;SAS Core Service;c:\archivos de programa\SUPERAntiSpyware\SASCore.exe [12/08/2011 1:38 116608] R2 MBAMService;MBAMService;c:\archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe [22/04/2012 11:07 654408] R2 NAV;Norton AntiVirus;c:\archivos de programa\Norton AntiVirus\Engine\19.6.2.10\ccsvchst.exe [23/04/2012 23:24 138232] R2 UNS;Intel® Management and Security Application User Notification Service;c:\archivos de programa\Archivos comunes\Intel\Privacy Icon\UNS\UNS.exe [18/02/2012 13:19 2071064] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [13/10/2009 12:26 168616] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\archivos de programa\Archivos comunes\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [23/04/2012 23:24 106104] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120420.001\IDSXpx86.sys [20/04/2012 6:33 356280] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [22/04/2012 11:07 22344] S2 SkypeUpdate;Skype Updater;c:\archivos de programa\Skype\Updater\Updater.exe [15/02/2012 14:30 158856] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.es/ uInternet Settings,ProxyOverride = <local> TCP: DhcpNameServer = 192.168.0.1 . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) SafeBoot-05900231.sys MSConfigStartUp-ares - c:\archivos de programa\Ares\Ares.exe MSConfigStartUp-Google Update - c:\documents and settings\Casa\Configuración local\Datos de programa\Google\Update\GoogleUpdate.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-04-24 02:46 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NAV] "ImagePath"="\"c:\archivos de programa\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe\" /s \"NAV\" /m \"c:\archivos de programa\Norton AntiVirus\Engine\19.6.2.10\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*] "A0C0110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(700) c:\archivos de programa\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll . - - - - - - - > 'explorer.exe'(808) c:\windows\system32\WININET.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2012-04-24 02:48:05 ComboFix-quarantined-files.txt 2012-04-24 00:48 . Pre-Run: 17.634.910.208 bytes libres Post-Run: 17.593.475.072 bytes libres . - - End Of File - - E0E1A124E6DBDCCBDEB0ACBB434CBA3D
  4. It seems that the problem is solved. I restarted the PC and now google web opens correctly. Many thanks again! David
  5. Here are the results. Thanks, David PD: I hope font is ok now. 01:46:50.0906 1896 TDSS rootkit removing tool 2.7.32.0 Apr 23 2012 19:12:34 01:46:51.0171 1896 ============================================================ 01:46:51.0171 1896 Current date / time: 2012/04/24 01:46:51.0171 01:46:51.0171 1896 SystemInfo: 01:46:51.0171 1896 01:46:51.0171 1896 OS Version: 5.1.2600 ServicePack: 3.0 01:46:51.0171 1896 Product type: Workstation 01:46:51.0171 1896 ComputerName: IMAN 01:46:51.0171 1896 UserName: Casa 01:46:51.0171 1896 Windows directory: C:\WINDOWS 01:46:51.0171 1896 System windows directory: C:\WINDOWS 01:46:51.0171 1896 Processor architecture: Intel x86 01:46:51.0171 1896 Number of processors: 2 01:46:51.0171 1896 Page size: 0x1000 01:46:51.0171 1896 Boot type: Normal boot 01:46:51.0171 1896 ============================================================ 01:46:52.0843 1896 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 01:46:52.0843 1896 ============================================================ 01:46:52.0843 1896 \Device\Harddisk0\DR0: 01:46:52.0843 1896 MBR partitions: 01:46:52.0843 1896 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E6D500 01:46:52.0875 1896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x4E6D57E, BlocksNum 0x4695300 01:46:52.0875 1896 ============================================================ 01:46:53.0015 1896 C: <-> \Device\Harddisk0\DR0\Partition0 01:46:53.0046 1896 D: <-> \Device\Harddisk0\DR0\Partition1 01:46:53.0046 1896 ============================================================ 01:46:53.0046 1896 Initialize success 01:46:53.0046 1896 ============================================================ 01:47:45.0625 2052 ============================================================ 01:47:45.0625 2052 Scan started 01:47:45.0625 2052 Mode: Manual; SigCheck; TDLFS; 01:47:45.0625 2052 ============================================================ 01:47:46.0250 2052 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Archivos de programa\SUPERAntiSpyware\SASCORE.EXE 01:47:46.0640 2052 !SASCORE - ok 01:47:46.0734 2052 Abiosdsk - ok 01:47:46.0734 2052 abp480n5 - ok 01:47:46.0781 2052 ACPI (c6811f0f6a149516ba6fb048566bfc91) C:\WINDOWS\system32\DRIVERS\ACPI.sys 01:47:46.0781 2052 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: c6811f0f6a149516ba6fb048566bfc91, Fake md5: cf2a07e1751a2d612d7e13aa431ab057 01:47:46.0781 2052 ACPI ( Virus.Win32.Rloader.a ) - infected 01:47:46.0781 2052 ACPI - detected Virus.Win32.Rloader.a (0) 01:47:46.0812 2052 ACPIEC (1c905333c0b9f3d7c68ddf25e54b00f9) C:\WINDOWS\system32\drivers\ACPIEC.sys 01:47:48.0250 2052 ACPIEC - ok 01:47:48.0296 2052 ADIHdAudAddService (307f5e03b02a3022d664c36d1ea25f2c) C:\WINDOWS\system32\drivers\ADIHdAud.sys 01:47:48.0359 2052 ADIHdAudAddService - ok 01:47:48.0375 2052 adpu160m - ok 01:47:48.0390 2052 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 01:47:48.0500 2052 aec - ok 01:47:48.0515 2052 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 01:47:48.0546 2052 AFD - ok 01:47:48.0562 2052 Aha154x - ok 01:47:48.0562 2052 aic78u2 - ok 01:47:48.0562 2052 aic78xx - ok 01:47:48.0593 2052 Alerter (fedca791a089d4e15084da10f38bce45) C:\WINDOWS\system32\alrsvc.dll 01:47:48.0656 2052 Alerter - ok 01:47:48.0671 2052 ALG (764b7a1e6ae2d70416a7932f3b97ac99) C:\WINDOWS\System32\alg.exe 01:47:48.0750 2052 ALG - ok 01:47:48.0750 2052 AliIde - ok 01:47:48.0750 2052 amsint - ok 01:47:48.0781 2052 AppMgmt (30cd42bfcdafefe8567b9e527dd3ae08) C:\WINDOWS\System32\appmgmts.dll 01:47:48.0875 2052 AppMgmt - ok 01:47:48.0875 2052 asc - ok 01:47:48.0875 2052 asc3350p - ok 01:47:48.0875 2052 asc3550 - ok 01:47:48.0953 2052 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 01:47:48.0953 2052 aspnet_state - ok 01:47:48.0984 2052 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 01:47:49.0062 2052 AsyncMac - ok 01:47:49.0078 2052 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 01:47:49.0140 2052 atapi - ok 01:47:49.0156 2052 Atdisk - ok 01:47:49.0187 2052 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 01:47:49.0265 2052 Atmarpc - ok 01:47:49.0281 2052 AudioSrv (a37f6480b06c37db69bbff045cf9f55b) C:\WINDOWS\System32\audiosrv.dll 01:47:49.0359 2052 AudioSrv - ok 01:47:49.0390 2052 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 01:47:49.0468 2052 audstub - ok 01:47:49.0546 2052 Autodesk Licensing Service (7cc8cd6f86054c563e47e7f063ce7a61) C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe 01:47:49.0562 2052 Autodesk Licensing Service - ok 01:47:49.0593 2052 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 01:47:49.0671 2052 Beep - ok 01:47:49.0984 2052 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\Documents and Settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120413.001\BHDrvx86.sys 01:47:50.0046 2052 BHDrvx86 - ok 01:47:50.0093 2052 BITS (8ee9639c01b92490e09638caa1b16c3c) C:\WINDOWS\system32\qmgr.dll 01:47:50.0234 2052 BITS - ok 01:47:50.0250 2052 Browser (e28818bd591f8af8fbe9897472b9665e) C:\WINDOWS\System32\browser.dll 01:47:50.0328 2052 Browser - ok 01:47:50.0375 2052 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 01:47:50.0468 2052 cbidf2k - ok 01:47:50.0546 2052 ccSet_NAV (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NAV\1306020.00A\ccSetx86.sys 01:47:50.0562 2052 ccSet_NAV - ok 01:47:50.0578 2052 cd20xrnt - ok 01:47:50.0578 2052 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 01:47:50.0671 2052 Cdaudio - ok 01:47:50.0703 2052 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 01:47:50.0781 2052 Cdfs - ok 01:47:50.0796 2052 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 01:47:50.0859 2052 Cdrom - ok 01:47:50.0890 2052 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys 01:47:50.0906 2052 cercsr6 ( UnsignedFile.Multi.Generic ) - warning 01:47:50.0906 2052 cercsr6 - detected UnsignedFile.Multi.Generic (1) 01:47:50.0906 2052 Changer - ok 01:47:50.0921 2052 CiSvc (b0e3fec4ee7b935a7387fd6ef31ea780) C:\WINDOWS\system32\cisvc.exe 01:47:51.0000 2052 CiSvc - ok 01:47:51.0015 2052 ClipSrv (0c3bf68ab94cefd64b333b326f84510e) C:\WINDOWS\system32\clipsrv.exe 01:47:51.0093 2052 ClipSrv - ok 01:47:51.0156 2052 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 01:47:51.0171 2052 clr_optimization_v2.0.50727_32 - ok 01:47:51.0171 2052 CmdIde - ok 01:47:51.0171 2052 COMSysApp - ok 01:47:51.0171 2052 Cpqarray - ok 01:47:51.0187 2052 CryptSvc (e423c9c1946c656e0e4840210a0a8681) C:\WINDOWS\System32\cryptsvc.dll 01:47:51.0265 2052 CryptSvc - ok 01:47:51.0281 2052 cvintdrv (dbd89bc0dbe00dcd245be8f61dbee291) C:\WINDOWS\system32\drivers\cvintdrv.sys 01:47:51.0296 2052 cvintdrv ( UnsignedFile.Multi.Generic ) - warning 01:47:51.0296 2052 cvintdrv - detected UnsignedFile.Multi.Generic (1) 01:47:51.0296 2052 dac2w2k - ok 01:47:51.0296 2052 dac960nt - ok 01:47:51.0343 2052 DcomLaunch (97869c55f562b777987100ea30ad8108) C:\WINDOWS\system32\rpcss.dll 01:47:51.0437 2052 DcomLaunch - ok 01:47:51.0484 2052 Dhcp (2ddfb3a5679fa02366686ecb1af622f0) C:\WINDOWS\System32\dhcpcsvc.dll 01:47:51.0562 2052 Dhcp - ok 01:47:51.0578 2052 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 01:47:51.0656 2052 Disk - ok 01:47:51.0703 2052 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS 01:47:51.0718 2052 DLABMFSM - ok 01:47:51.0734 2052 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 01:47:51.0750 2052 DLABOIOM - ok 01:47:51.0750 2052 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 01:47:51.0750 2052 DLACDBHM - ok 01:47:51.0765 2052 DLADResM (ca69e4c7d09bef6cf44d3407cc2aca44) C:\WINDOWS\system32\DLA\DLADResM.SYS 01:47:51.0765 2052 DLADResM - ok 01:47:51.0781 2052 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 01:47:51.0796 2052 DLAIFS_M - ok 01:47:51.0796 2052 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 01:47:51.0812 2052 DLAOPIOM - ok 01:47:51.0812 2052 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 01:47:51.0828 2052 DLAPoolM - ok 01:47:51.0828 2052 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS 01:47:51.0843 2052 DLARTL_M - ok 01:47:51.0859 2052 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 01:47:51.0875 2052 DLAUDFAM - ok 01:47:51.0890 2052 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 01:47:51.0906 2052 DLAUDF_M - ok 01:47:51.0906 2052 dmadmin - ok 01:47:51.0968 2052 dmboot (c252a99c0a78b39faa2e2d1d048b1050) C:\WINDOWS\system32\drivers\dmboot.sys 01:47:52.0078 2052 dmboot - ok 01:47:52.0078 2052 dmio (33b4d4039cd2cb25351a7bf13b2988d9) C:\WINDOWS\system32\drivers\dmio.sys 01:47:52.0171 2052 dmio - ok 01:47:52.0171 2052 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 01:47:52.0265 2052 dmload - ok 01:47:52.0296 2052 dmserver (40d0520ddaa9312c5dddd8c7c99d8325) C:\WINDOWS\System32\dmserver.dll 01:47:52.0375 2052 dmserver - ok 01:47:52.0406 2052 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 01:47:52.0468 2052 DMusic - ok 01:47:52.0515 2052 Dnscache (2e6d76cab5a402af257a963916fe05e7) C:\WINDOWS\System32\dnsrslvr.dll 01:47:52.0578 2052 Dnscache - ok 01:47:52.0625 2052 Dot3svc (412134c50e2063d882ef1634676e2b25) C:\WINDOWS\System32\dot3svc.dll 01:47:52.0703 2052 Dot3svc - ok 01:47:52.0703 2052 dpti2o - ok 01:47:52.0734 2052 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 01:47:52.0812 2052 drmkaud - ok 01:47:52.0828 2052 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 01:47:52.0843 2052 DRVMCDB - ok 01:47:52.0859 2052 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 01:47:52.0875 2052 DRVNDDM - ok 01:47:52.0906 2052 e1kexpress (8bed3dbbb13d2c8e1c1c9decec309826) C:\WINDOWS\system32\DRIVERS\e1k5132.sys 01:47:52.0921 2052 e1kexpress - ok 01:47:52.0937 2052 EapHost (fc3fe3654588e597fff395c305062c46) C:\WINDOWS\System32\eapsvc.dll 01:47:53.0015 2052 EapHost - ok 01:47:53.0109 2052 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Archivos de programa\Archivos comunes\Symantec Shared\EENGINE\eeCtrl.sys 01:47:53.0140 2052 eeCtrl - ok 01:47:53.0171 2052 EraserUtilDrv11122 (028d50f059bd0d2ccb209e9011b9a9a4) C:\Archivos de programa\Archivos comunes\Symantec Shared\EENGINE\EraserUtilDrv11122.sys 01:47:53.0187 2052 EraserUtilDrv11122 - ok 01:47:53.0218 2052 ERSvc (d96623dd7ce1ea9e4de7285d740e14f6) C:\WINDOWS\System32\ersvc.dll 01:47:53.0296 2052 ERSvc - ok 01:47:53.0343 2052 Eventlog (953df7327510df0de048b8e80e504ef9) C:\WINDOWS\system32\services.exe 01:47:53.0375 2052 Eventlog - ok 01:47:53.0406 2052 EventSystem (a225dd0d0489bd580781d19524a10b19) C:\WINDOWS\system32\es.dll 01:47:53.0453 2052 EventSystem - ok 01:47:53.0484 2052 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 01:47:53.0578 2052 Fastfat - ok 01:47:53.0625 2052 FastUserSwitchingCompatibility (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll 01:47:53.0656 2052 FastUserSwitchingCompatibility - ok 01:47:53.0656 2052 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 01:47:53.0734 2052 Fdc - ok 01:47:53.0734 2052 Fips (e5e61f2c07344e91dbfb7eafde549ab4) C:\WINDOWS\system32\drivers\Fips.sys 01:47:53.0812 2052 Fips - ok 01:47:53.0812 2052 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 01:47:53.0890 2052 Flpydisk - ok 01:47:53.0921 2052 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 01:47:54.0000 2052 FltMgr - ok 01:47:54.0093 2052 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 01:47:54.0093 2052 FontCache3.0.0.0 - ok 01:47:54.0125 2052 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 01:47:54.0203 2052 Fs_Rec - ok 01:47:54.0218 2052 Ftdisk (cc5f3af5711a1c7c8fa1d43bb16b401a) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 01:47:54.0296 2052 Ftdisk - ok 01:47:54.0343 2052 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 01:47:54.0421 2052 Gpc - ok 01:47:54.0453 2052 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 01:47:54.0515 2052 HDAudBus - ok 01:47:54.0578 2052 helpsvc (6b5e1788abf15177a20c6c76c11382bb) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 01:47:54.0656 2052 helpsvc - ok 01:47:54.0687 2052 HidServ (158aedf024cd58fea03be2d7d62abc9c) C:\WINDOWS\System32\hidserv.dll 01:47:54.0750 2052 HidServ - ok 01:47:54.0781 2052 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 01:47:55.0187 2052 hidusb - ok 01:47:55.0218 2052 hkmsvc (8f80b5fb68e1e767d872cb9a8cad5b5d) C:\WINDOWS\System32\kmsvc.dll 01:47:55.0281 2052 hkmsvc - ok 01:47:55.0281 2052 hpn - ok 01:47:55.0328 2052 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 01:47:55.0375 2052 HPZid412 - ok 01:47:55.0406 2052 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 01:47:55.0437 2052 HPZipr12 - ok 01:47:55.0468 2052 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 01:47:55.0500 2052 HPZius12 - ok 01:47:55.0531 2052 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 01:47:55.0546 2052 HTTP - ok 01:47:55.0593 2052 HTTPFilter (0406b351908a8c143b6b6bb8834d4920) C:\WINDOWS\System32\w3ssl.dll 01:47:55.0656 2052 HTTPFilter - ok 01:47:55.0671 2052 i2omgmt - ok 01:47:55.0671 2052 i2omp - ok 01:47:55.0687 2052 i8042prt (4a2490a66e8271901e89dd5fb79748ae) C:\WINDOWS\system32\drivers\i8042prt.sys 01:47:55.0765 2052 i8042prt - ok 01:47:55.0843 2052 ialm (f0484b3da09aa0e0916febd9549d4a03) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 01:47:55.0984 2052 ialm - ok 01:47:56.0093 2052 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 01:47:56.0125 2052 idsvc - ok 01:47:56.0390 2052 IDSxpx86 (cfbc1ce72e5353d428704659199147b1) C:\Documents and Settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120420.001\IDSxpx86.sys 01:47:56.0421 2052 IDSxpx86 - ok 01:47:56.0546 2052 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 01:47:56.0625 2052 Imapi - ok 01:47:56.0656 2052 ImapiService (e50abd04ca0c015017722014d1d9251e) C:\WINDOWS\system32\imapi.exe 01:47:56.0734 2052 ImapiService - ok 01:47:56.0734 2052 ini910u - ok 01:47:56.0734 2052 IntelIde - ok 01:47:56.0765 2052 intelppm (49a060498c09db18c3ea9939789005ab) C:\WINDOWS\system32\DRIVERS\intelppm.sys 01:47:56.0843 2052 intelppm - ok 01:47:56.0859 2052 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 01:47:56.0921 2052 Ip6Fw - ok 01:47:56.0937 2052 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 01:47:57.0015 2052 IpFilterDriver - ok 01:47:57.0031 2052 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 01:47:57.0093 2052 IpInIp - ok 01:47:57.0109 2052 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 01:47:57.0187 2052 IpNat - ok 01:47:57.0203 2052 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 01:47:57.0265 2052 IPSec - ok 01:47:57.0296 2052 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 01:47:57.0390 2052 IRENUM - ok 01:47:57.0406 2052 isapnp (0f3d281b0410fe5d482aada37d20524b) C:\WINDOWS\system32\DRIVERS\isapnp.sys 01:47:57.0484 2052 isapnp - ok 01:47:57.0609 2052 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Archivos de programa\Java\jre6\bin\jqs.exe 01:47:57.0625 2052 JavaQuickStarterService - ok 01:47:57.0656 2052 Kbdclass (188ddd286bc0daea6984858c6a4d7bbf) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 01:47:57.0718 2052 Kbdclass - ok 01:47:57.0718 2052 kbdhid (72efebecf76eb1dccc5ba9ea746d90e8) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 01:47:57.0796 2052 kbdhid - ok 01:47:57.0828 2052 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 01:47:57.0906 2052 kmixer - ok 01:47:57.0937 2052 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 01:47:57.0968 2052 KSecDD - ok 01:47:58.0000 2052 lanmanserver (ccfc469efd7ecddc8fc887bae7b8563f) C:\WINDOWS\System32\srvsvc.dll 01:47:58.0046 2052 lanmanserver - ok 01:47:58.0078 2052 lanmanworkstation (3db7b764f5066587dae58a71ae51292e) C:\WINDOWS\System32\wkssvc.dll 01:47:58.0109 2052 lanmanworkstation - ok 01:47:58.0109 2052 lbrtfdc - ok 01:47:58.0156 2052 LkCitadelServer (20cdb07017497c94a0bad253c4bafcbc) C:\WINDOWS\system32\lkcitdl.exe 01:47:58.0187 2052 LkCitadelServer - ok 01:47:58.0203 2052 lkClassAds (78b0a5aa493995c7409b3168e8be3e90) C:\WINDOWS\system32\lkads.exe 01:47:58.0218 2052 lkClassAds - ok 01:47:58.0218 2052 lkTimeSync (53a2a034aa22696b05a1ec722187e811) C:\WINDOWS\system32\lktsrv.exe 01:47:58.0234 2052 lkTimeSync - ok 01:47:58.0250 2052 LmHosts (01af2112ff79aa613b6621a75c4e9277) C:\WINDOWS\System32\lmhsvc.dll 01:47:58.0328 2052 LmHosts - ok 01:47:58.0406 2052 LMS (41b093f838bfb8c38a7bfa4668a3bc11) C:\Archivos de programa\Intel\AMT\LMS.exe 01:47:58.0421 2052 LMS - ok 01:47:58.0468 2052 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys 01:47:58.0484 2052 MBAMProtector - ok 01:47:58.0546 2052 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe 01:47:58.0593 2052 MBAMService - ok 01:47:58.0625 2052 Messenger (047e70b04b288439245ddc8dd1a31982) C:\WINDOWS\System32\msgsvc.dll 01:47:58.0718 2052 Messenger - ok 01:47:58.0750 2052 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 01:47:58.0828 2052 mnmdd - ok 01:47:58.0859 2052 mnmsrvc (85ada209695a677c9d60962cde10696b) C:\WINDOWS\system32\mnmsrvc.exe 01:47:58.0937 2052 mnmsrvc - ok 01:47:58.0968 2052 Modem (9024556e739b8469d2b8f5f0e4c9bc9f) C:\WINDOWS\system32\drivers\Modem.sys 01:47:59.0046 2052 Modem - ok 01:47:59.0046 2052 Mouclass (6fd36b4994a2363659a65c9f970cfdb7) C:\WINDOWS\system32\DRIVERS\mouclass.sys 01:47:59.0125 2052 Mouclass - ok 01:47:59.0156 2052 mouhid (8ee532e516b2d23d686cfc1cc0a15c25) C:\WINDOWS\system32\DRIVERS\mouhid.sys 01:47:59.0234 2052 mouhid - ok 01:47:59.0250 2052 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 01:47:59.0328 2052 MountMgr - ok 01:47:59.0328 2052 mraid35x - ok 01:47:59.0328 2052 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 01:47:59.0421 2052 MRxDAV - ok 01:47:59.0468 2052 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 01:47:59.0515 2052 MRxSmb - ok 01:47:59.0546 2052 MSDTC (975bd2762bf355a572597cc54d97ba93) C:\WINDOWS\system32\msdtc.exe 01:47:59.0625 2052 MSDTC - ok 01:47:59.0640 2052 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 01:47:59.0718 2052 Msfs - ok 01:47:59.0718 2052 MSIServer - ok 01:47:59.0750 2052 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 01:47:59.0828 2052 MSKSSRV - ok 01:47:59.0828 2052 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 01:47:59.0906 2052 MSPCLOCK - ok 01:47:59.0921 2052 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 01:47:59.0984 2052 MSPQM - ok 01:48:00.0015 2052 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 01:48:00.0078 2052 mssmbios - ok 01:48:00.0171 2052 MSSQL$SQLEXPRESS - ok 01:48:00.0187 2052 MSSQLServerADHelper (adaf062116b4e6d96e44d26486a87af6) c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqladhlp90.exe 01:48:00.0203 2052 MSSQLServerADHelper - ok 01:48:00.0234 2052 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 01:48:00.0265 2052 Mup - ok 01:48:00.0312 2052 napagent (fd578fcc03bbd76af1e62202e6670d29) C:\WINDOWS\System32\qagentrt.dll 01:48:00.0406 2052 napagent - ok 01:48:00.0578 2052 NAV (7a02f128a454bb22e300f3f80bc1bd22) C:\Archivos de programa\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe 01:48:00.0578 2052 NAV - ok 01:48:00.0796 2052 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120423.002\NAVENG.SYS 01:48:00.0812 2052 NAVENG - ok 01:48:00.0890 2052 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120423.002\NAVEX15.SYS 01:48:00.0984 2052 NAVEX15 - ok 01:48:01.0109 2052 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 01:48:01.0187 2052 NDIS - ok 01:48:01.0218 2052 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 01:48:01.0250 2052 NdisTapi - ok 01:48:01.0250 2052 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 01:48:01.0328 2052 Ndisuio - ok 01:48:01.0359 2052 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 01:48:01.0437 2052 NdisWan - ok 01:48:01.0468 2052 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 01:48:01.0500 2052 NDProxy - ok 01:48:01.0531 2052 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll 01:48:01.0531 2052 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 01:48:01.0531 2052 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 01:48:01.0562 2052 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 01:48:01.0640 2052 NetBIOS - ok 01:48:01.0656 2052 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 01:48:01.0734 2052 NetBT - ok 01:48:01.0765 2052 NetDDE (96b009e5b163850cf94dc333ed2bee93) C:\WINDOWS\system32\netdde.exe 01:48:01.0859 2052 NetDDE - ok 01:48:01.0859 2052 NetDDEdsdm (96b009e5b163850cf94dc333ed2bee93) C:\WINDOWS\system32\netdde.exe 01:48:01.0921 2052 NetDDEdsdm - ok 01:48:01.0984 2052 Netlogon (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe 01:48:02.0109 2052 Netlogon - ok 01:48:02.0218 2052 Netman (a48884c9359ee9f1fc8f3f0d93fb1d95) C:\WINDOWS\System32\netman.dll 01:48:02.0296 2052 Netman - ok 01:48:02.0375 2052 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 01:48:02.0390 2052 NetTcpPortSharing - ok 01:48:02.0515 2052 NIDomainService (69ab64ad87fc57004dd7e28aa0270c7b) C:\Archivos de programa\National Instruments\Shared\Security\nidmsrv.exe 01:48:02.0531 2052 NIDomainService - ok 01:48:02.0656 2052 NILM License Manager (b17093b9a2c5f874975c732c1a8ba771) C:\Archivos de programa\National Instruments\Shared\License Manager\Bin\lmgrd.exe 01:48:02.0703 2052 NILM License Manager ( UnsignedFile.Multi.Generic ) - warning 01:48:02.0703 2052 NILM License Manager - detected UnsignedFile.Multi.Generic (1) 01:48:02.0750 2052 niSvcLoc - ok 01:48:02.0781 2052 Nla (5e11d375c92a0dda7ac4d487fc4e1978) C:\WINDOWS\System32\mswsock.dll 01:48:02.0812 2052 Nla - ok 01:48:02.0843 2052 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 01:48:02.0921 2052 Npfs - ok 01:48:02.0953 2052 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 01:48:03.0062 2052 Ntfs - ok 01:48:03.0093 2052 NtLmSsp (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe 01:48:03.0156 2052 NtLmSsp - ok 01:48:03.0187 2052 NtmsSvc (d60c40d71a4d874c903255e4827afa0c) C:\WINDOWS\system32\ntmssvc.dll 01:48:03.0281 2052 NtmsSvc - ok 01:48:03.0312 2052 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 01:48:03.0390 2052 Null - ok 01:48:03.0421 2052 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 01:48:03.0703 2052 NwlnkFlt - ok 01:48:03.0718 2052 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 01:48:03.0796 2052 NwlnkFwd - ok 01:48:03.0796 2052 OMCI - ok 01:48:03.0875 2052 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE 01:48:03.0890 2052 ose - ok 01:48:03.0921 2052 Parport (e7855cbd8bd1fda085a3f92cff7906e2) C:\WINDOWS\system32\DRIVERS\parport.sys 01:48:03.0984 2052 Parport - ok 01:48:04.0000 2052 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 01:48:04.0062 2052 PartMgr - ok 01:48:04.0093 2052 ParVdm (fad44d704ecd7d39ad01415b8bb34204) C:\WINDOWS\system32\drivers\ParVdm.sys 01:48:04.0171 2052 ParVdm - ok 01:48:04.0187 2052 PCI (f11bc84ae6c7b003b5e0c8eeb4a1f444) C:\WINDOWS\system32\DRIVERS\pci.sys 01:48:04.0265 2052 PCI - ok 01:48:04.0265 2052 PCIDump - ok 01:48:04.0296 2052 PCIIde (33d63f0a9021acb4d75d83b646b93a30) C:\WINDOWS\system32\DRIVERS\pciide.sys 01:48:04.0359 2052 PCIIde - ok 01:48:04.0390 2052 Pcmcia (f50c27cca56dc97b3a45e7f0059bd2ba) C:\WINDOWS\system32\drivers\Pcmcia.sys 01:48:04.0468 2052 Pcmcia - ok 01:48:04.0468 2052 PDCOMP - ok 01:48:04.0468 2052 PDFRAME - ok 01:48:04.0468 2052 PDRELI - ok 01:48:04.0468 2052 PDRFRAME - ok 01:48:04.0468 2052 perc2 - ok 01:48:04.0468 2052 perc2hib - ok 01:48:04.0500 2052 PlugPlay (953df7327510df0de048b8e80e504ef9) C:\WINDOWS\system32\services.exe 01:48:04.0531 2052 PlugPlay - ok 01:48:04.0562 2052 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll 01:48:04.0578 2052 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 01:48:04.0578 2052 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 01:48:04.0578 2052 PolicyAgent (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe 01:48:04.0640 2052 PolicyAgent - ok 01:48:04.0671 2052 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 01:48:04.0734 2052 PptpMiniport - ok 01:48:04.0750 2052 ProtectedStorage (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe 01:48:04.0812 2052 ProtectedStorage - ok 01:48:04.0812 2052 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 01:48:04.0875 2052 PSched - ok 01:48:04.0906 2052 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 01:48:04.0984 2052 Ptilink - ok 01:48:05.0015 2052 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys 01:48:05.0015 2052 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning 01:48:05.0015 2052 PxHelp20 - detected UnsignedFile.Multi.Generic (1) 01:48:05.0015 2052 ql1080 - ok 01:48:05.0031 2052 Ql10wnt - ok 01:48:05.0031 2052 ql12160 - ok 01:48:05.0031 2052 ql1240 - ok 01:48:05.0031 2052 ql1280 - ok 01:48:05.0046 2052 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 01:48:05.0125 2052 RasAcd - ok 01:48:05.0156 2052 RasAuto (8345c6f52f38a95b950b9b3d064ae3ee) C:\WINDOWS\System32\rasauto.dll 01:48:05.0234 2052 RasAuto - ok 01:48:05.0250 2052 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 01:48:05.0312 2052 Rasl2tp - ok 01:48:05.0343 2052 RasMan (b279f6a9ea3acb5844c103ed2db65b44) C:\WINDOWS\System32\rasmans.dll 01:48:05.0437 2052 RasMan - ok 01:48:05.0453 2052 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 01:48:05.0531 2052 RasPppoe - ok 01:48:05.0546 2052 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 01:48:05.0609 2052 Raspti - ok 01:48:05.0640 2052 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 01:48:05.0718 2052 Rdbss - ok 01:48:05.0718 2052 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 01:48:05.0796 2052 RDPCDD - ok 01:48:05.0812 2052 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 01:48:05.0890 2052 rdpdr - ok 01:48:05.0906 2052 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 01:48:05.0937 2052 RDPWD - ok 01:48:05.0968 2052 RDSessMgr (6193e6b05336c277ea4db39afa46bc23) C:\WINDOWS\system32\sessmgr.exe 01:48:06.0046 2052 RDSessMgr - ok 01:48:06.0062 2052 redbook (20950948970a0ea329b4254052bcf093) C:\WINDOWS\system32\DRIVERS\redbook.sys 01:48:06.0140 2052 redbook - ok 01:48:06.0156 2052 RemoteAccess (1b7481d377bd7997452352f82f4cffed) C:\WINDOWS\System32\mprdim.dll 01:48:06.0234 2052 RemoteAccess - ok 01:48:06.0265 2052 RemoteRegistry (e424f05b07ac4357dc08d06218d76c7c) C:\WINDOWS\system32\regsvc.dll 01:48:06.0328 2052 RemoteRegistry - ok 01:48:06.0375 2052 RpcLocator (9fccbdbaa0cf915aac0132de1c9566b3) C:\WINDOWS\system32\locator.exe 01:48:06.0453 2052 RpcLocator - ok 01:48:06.0484 2052 RpcSs (97869c55f562b777987100ea30ad8108) C:\WINDOWS\system32\rpcss.dll 01:48:06.0531 2052 RpcSs - ok 01:48:06.0562 2052 RSVP (5e38212c2c00dc342e2281d2f6bfb746) C:\WINDOWS\system32\rsvp.exe 01:48:06.0656 2052 RSVP - ok 01:48:06.0687 2052 SamSs (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe 01:48:06.0750 2052 SamSs - ok 01:48:06.0843 2052 SASDIFSV (39763504067962108505bff25f024345) C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS 01:48:06.0859 2052 SASDIFSV - ok 01:48:06.0859 2052 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS 01:48:06.0875 2052 SASKUTIL - ok 01:48:06.0890 2052 SCardSvr (a50e4dd0e2a9df762807c84153b4953a) C:\WINDOWS\System32\SCardSvr.exe 01:48:06.0968 2052 SCardSvr - ok 01:48:07.0015 2052 Schedule (51be25c404d3dd344c6079de715e4977) C:\WINDOWS\system32\schedsvc.dll 01:48:07.0093 2052 Schedule - ok 01:48:07.0125 2052 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 01:48:07.0203 2052 Secdrv - ok 01:48:07.0218 2052 seclogon (b62c489373a1e1b949fc0faa90f3b47a) C:\WINDOWS\System32\seclogon.dll 01:48:07.0281 2052 seclogon - ok 01:48:07.0296 2052 SENS (a95a27c874b0931a6f8f656924f4a14a) C:\WINDOWS\system32\sens.dll 01:48:07.0359 2052 SENS - ok 01:48:07.0375 2052 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 01:48:07.0453 2052 serenum - ok 01:48:07.0468 2052 Serial (f41b42b92ae9c1191858c3f80cc24a9c) C:\WINDOWS\system32\DRIVERS\serial.sys 01:48:07.0578 2052 Serial - ok 01:48:07.0609 2052 SFAUDIO (b6401608579b6431994425ba7653f774) C:\WINDOWS\system32\drivers\sfaudio.sys 01:48:07.0625 2052 SFAUDIO - ok 01:48:07.0640 2052 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 01:48:07.0718 2052 Sfloppy - ok 01:48:07.0765 2052 SharedAccess (4a4ef3ee166fad4a04b1d767ad986329) C:\WINDOWS\System32\ipnathlp.dll 01:48:07.0843 2052 SharedAccess - ok 01:48:07.0875 2052 ShellHWDetection (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll 01:48:07.0890 2052 ShellHWDetection - ok 01:48:07.0890 2052 Simbad - ok 01:48:07.0921 2052 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Archivos de programa\Skype\Updater\Updater.exe 01:48:07.0937 2052 SkypeUpdate - ok 01:48:07.0937 2052 Sparrow - ok 01:48:07.0968 2052 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 01:48:08.0046 2052 splitter - ok 01:48:08.0062 2052 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 01:48:08.0093 2052 Spooler - ok 01:48:08.0156 2052 SQLBrowser (d2b096cd2f56fac6eeeed9a77ddf6dc8) c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlbrowser.exe 01:48:08.0171 2052 SQLBrowser - ok 01:48:08.0187 2052 SQLWriter (54902536aad0e9b99bc65f89c0caf93f) c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe 01:48:08.0203 2052 SQLWriter - ok 01:48:08.0203 2052 sr (ccb3065c3ee63a4515fe84af9e78d1dd) C:\WINDOWS\system32\DRIVERS\sr.sys 01:48:08.0281 2052 sr - ok 01:48:08.0328 2052 srservice (0f30eec6013fcf76693405ec4a7df899) C:\WINDOWS\system32\srsvc.dll 01:48:08.0406 2052 srservice - ok 01:48:10.0765 2052 SRTSP (c16d048faf2978d2121f9f40594a6bdc) C:\WINDOWS\system32\drivers\NAV\1305000.091\SRTSP.SYS 01:48:10.0796 2052 SRTSP - ok 01:48:10.0859 2052 SRTSPX (f0d02c2e25970c9c72a5cd278c17cdb6) C:\WINDOWS\system32\drivers\NAV\1306020.00A\SRTSPX.SYS 01:48:10.0875 2052 SRTSPX - ok 01:48:10.0906 2052 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 01:48:10.0937 2052 Srv - ok 01:48:10.0968 2052 SSDPSRV (b622a432ef02895de4aa38ac8b85fa4c) C:\WINDOWS\System32\ssdpsrv.dll 01:48:11.0046 2052 SSDPSRV - ok 01:48:11.0078 2052 stisvc (7226422c95fdf8aa6092ee964912b0df) C:\WINDOWS\system32\wiaservc.dll 01:48:11.0156 2052 stisvc - ok 01:48:11.0281 2052 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Archivos de programa\Archivos comunes\SureThing Shared\stllssvr.exe 01:48:11.0281 2052 stllssvr ( UnsignedFile.Multi.Generic ) - warning 01:48:11.0281 2052 stllssvr - detected UnsignedFile.Multi.Generic (1) 01:48:11.0328 2052 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 01:48:11.0406 2052 swenum - ok 01:48:11.0437 2052 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 01:48:11.0515 2052 swmidi - ok 01:48:11.0515 2052 SwPrv - ok 01:48:11.0515 2052 symc810 - ok 01:48:11.0515 2052 symc8xx - ok 01:48:11.0562 2052 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NAV\1306020.00A\SYMDS.SYS 01:48:11.0593 2052 SymDS - ok 01:48:11.0656 2052 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NAV\1306020.00A\SYMEFA.SYS 01:48:11.0703 2052 SymEFA - ok 01:48:11.0750 2052 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 01:48:11.0765 2052 SymEvent - ok 01:48:11.0796 2052 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NAV\1306020.00A\Ironx86.SYS 01:48:11.0812 2052 SymIRON - ok 01:48:11.0890 2052 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\system32\drivers\NAV\1305000.091\SYMTDI.SYS 01:48:11.0906 2052 SYMTDI - ok 01:48:11.0921 2052 sym_hi - ok 01:48:11.0921 2052 sym_u3 - ok 01:48:11.0968 2052 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 01:48:12.0046 2052 sysaudio - ok 01:48:12.0078 2052 SysmonLog (f1f6ee807f0112aae2259b253b6ddf89) C:\WINDOWS\system32\smlogsvc.exe 01:48:12.0140 2052 SysmonLog - ok 01:48:12.0171 2052 TapiSrv (04a5b8ea326951db27df60a14f2999ff) C:\WINDOWS\System32\tapisrv.dll 01:48:12.0250 2052 TapiSrv - ok 01:48:12.0296 2052 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 01:48:12.0343 2052 Tcpip - ok 01:48:12.0390 2052 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 01:48:12.0468 2052 TDPIPE - ok 01:48:12.0484 2052 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 01:48:12.0546 2052 TDTCP - ok 01:48:12.0562 2052 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 01:48:12.0640 2052 TermDD - ok 01:48:12.0671 2052 TermService (288b20d56d5f0ec4bcc77fbfa5a81740) C:\WINDOWS\System32\termsrv.dll 01:48:12.0750 2052 TermService - ok 01:48:12.0781 2052 Themes (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll 01:48:12.0781 2052 Themes - ok 01:48:12.0828 2052 TlntSvr (65bf170815c0df302be038fd8891c722) C:\WINDOWS\system32\tlntsvr.exe 01:48:12.0906 2052 TlntSvr - ok 01:48:12.0906 2052 TosIde - ok 01:48:12.0921 2052 TrkWks (321761d0d12ee5285ce79ac175cba672) C:\WINDOWS\system32\trkwks.dll 01:48:13.0015 2052 TrkWks - ok 01:48:13.0031 2052 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 01:48:13.0109 2052 Udfs - ok 01:48:13.0109 2052 ultra - ok 01:48:13.0250 2052 UNS (9b229de91d9fbab10cb53f0e1ffab88d) C:\Archivos de programa\Archivos comunes\Intel\Privacy Icon\UNS\UNS.exe 01:48:13.0328 2052 UNS - ok 01:48:13.0437 2052 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 01:48:13.0531 2052 Update - ok 01:48:13.0593 2052 upnphost (7594203f459abdb5fe53c08d6b1bd53b) C:\WINDOWS\System32\upnphost.dll 01:48:13.0687 2052 upnphost - ok 01:48:13.0703 2052 UPS (575bafeb33af057b13a10579d0dc884a) C:\WINDOWS\System32\ups.exe 01:48:13.0765 2052 UPS - ok 01:48:13.0781 2052 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 01:48:13.0859 2052 usbccgp - ok 01:48:13.0875 2052 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 01:48:13.0937 2052 usbehci - ok 01:48:13.0953 2052 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 01:48:14.0031 2052 usbhub - ok 01:48:14.0046 2052 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 01:48:14.0125 2052 usbprint - ok 01:48:14.0140 2052 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 01:48:14.0203 2052 usbscan - ok 01:48:14.0218 2052 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 01:48:14.0296 2052 USBSTOR - ok 01:48:14.0312 2052 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 01:48:14.0375 2052 usbuhci - ok 01:48:14.0390 2052 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 01:48:14.0468 2052 VgaSave - ok 01:48:14.0468 2052 ViaIde - ok 01:48:14.0484 2052 VolSnap (c41ffdc191e6c832e2e53c967eae0a16) C:\WINDOWS\system32\drivers\VolSnap.sys 01:48:14.0546 2052 VolSnap - ok 01:48:14.0593 2052 VSS (60f28de3fae525d026e4d66405b80db8) C:\WINDOWS\System32\vssvc.exe 01:48:14.0687 2052 VSS - ok 01:48:14.0703 2052 W32Time (c71cfacdbfadd819736f61f5738bddc1) C:\WINDOWS\system32\w32time.dll 01:48:14.0781 2052 W32Time - ok 01:48:14.0796 2052 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 01:48:14.0875 2052 Wanarp - ok 01:48:14.0875 2052 WDICA - ok 01:48:14.0890 2052 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 01:48:14.0968 2052 wdmaud - ok 01:48:15.0000 2052 WebClient (340a4fd9017d1ebd1f6dc435282a39dc) C:\WINDOWS\System32\webclnt.dll 01:48:15.0078 2052 WebClient - ok 01:48:15.0140 2052 winmgmt (a5fc75cab140cf6a78e16c3681001872) C:\WINDOWS\system32\wbem\WMIsvc.dll 01:48:15.0218 2052 winmgmt - ok 01:48:15.0265 2052 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 01:48:15.0312 2052 WmdmPmSN - ok 01:48:15.0359 2052 Wmi (c40a0af014d54da0e729066845a2a6dc) C:\WINDOWS\System32\advapi32.dll 01:48:15.0406 2052 Wmi - ok 01:48:15.0421 2052 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 01:48:15.0500 2052 WmiAcpi - ok 01:48:15.0546 2052 WmiApSrv (ca1a5270acc0062b13f62ca5a0cd8da8) C:\WINDOWS\system32\wbem\wmiapsrv.exe 01:48:15.0625 2052 WmiApSrv - ok 01:48:15.0734 2052 WMPNetworkSvc (6782482a8ca4b5b5dab4ef0ad78db08f) C:\Archivos de programa\Windows Media Player\WMPNetwk.exe 01:48:15.0781 2052 WMPNetworkSvc - ok 01:48:15.0812 2052 wscsvc (8cd684fd248dfe208c2f8f5052838a81) C:\WINDOWS\system32\wscsvc.dll 01:48:15.0875 2052 wscsvc - ok 01:48:15.0890 2052 wuauserv (0b8fc4d0f9d6964713e81ad558b50a71) C:\WINDOWS\system32\wuauserv.dll 01:48:15.0968 2052 wuauserv - ok 01:48:16.0000 2052 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 01:48:16.0031 2052 WudfPf - ok 01:48:16.0046 2052 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 01:48:16.0062 2052 WudfRd - ok 01:48:16.0093 2052 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 01:48:16.0109 2052 WudfSvc - ok 01:48:16.0156 2052 WZCSVC (d2caf9ff9da12f0cc6398c6e331015e4) C:\WINDOWS\System32\wzcsvc.dll 01:48:16.0250 2052 WZCSVC - ok 01:48:16.0265 2052 xmlprov (14fdadcf05a37582399daf1da1de1c7b) C:\WINDOWS\System32\xmlprov.dll 01:48:16.0343 2052 xmlprov - ok 01:48:16.0359 2052 MBR (0x1B8) (792f61657fece3d17a9122b4ee282847) \Device\Harddisk0\DR0 01:48:16.0593 2052 \Device\Harddisk0\DR0 - ok 01:48:16.0609 2052 Boot (0x1200) (5c7cad6c0ff329cf8fdb37d314fa466b) \Device\Harddisk0\DR0\Partition0 01:48:16.0609 2052 \Device\Harddisk0\DR0\Partition0 - ok 01:48:16.0625 2052 Boot (0x1200) (b87c7a17aff02b75446e7502669063e3) \Device\Harddisk0\DR0\Partition1 01:48:16.0625 2052 \Device\Harddisk0\DR0\Partition1 - ok 01:48:16.0625 2052 ============================================================ 01:48:16.0625 2052 Scan finished 01:48:16.0625 2052 ============================================================ 01:48:16.0750 3024 Detected object count: 8 01:48:16.0750 3024 Actual detected object count: 8 01:51:38.0234 3024 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine 01:51:38.0375 3024 Backup copy found, using it.. 01:51:38.0656 3024 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot 01:51:38.0656 3024 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure 01:51:38.0656 3024 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user 01:51:38.0656 3024 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:51:38.0656 3024 cvintdrv ( UnsignedFile.Multi.Generic ) - skipped by user 01:51:38.0656 3024 cvintdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:51:38.0656 3024 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 01:51:38.0656 3024 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:51:38.0656 3024 NILM License Manager ( UnsignedFile.Multi.Generic ) - skipped by user 01:51:38.0656 3024 NILM License Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:51:38.0656 3024 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 01:51:38.0656 3024 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:51:38.0656 3024 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user 01:51:38.0656 3024 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:51:38.0656 3024 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user 01:51:38.0656 3024 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:52:03.0453 2680 Deinitialize success
  6. Hello, Thanks for your answer. I attach the report as follows: David RogueKiller V7.3.3 [04/22/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Casa [Admin rights] Mode: Scan -- Date: 04/23/2012 22:56:12 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 1 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [FAKED] acpi.sys : c:\windows\system32\drivers\acpi.sys --> CANNOT FIX ¤¤¤ Driver: [LOADED] ¤¤¤ IRP[iRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([iNLINE] atapi.sys @ 0xB9710852) ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost #[iPv6] 127.0.0.1 fr.a2dfp.net 127.0.0.1 m.fr.a2dfp.net 127.0.0.1 ad.a8.net 127.0.0.1 asy.a8ww.net 127.0.0.1 abcstats.com 127.0.0.1 a.abv.bg 127.0.0.1 adserver.abv.bg 127.0.0.1 adv.abv.bg 127.0.0.1 bimg.abv.bg 127.0.0.1 ca.abv.bg 127.0.0.1 www2.a-counter.kiev.ua 127.0.0.1 track.acclaimnetwork.com 127.0.0.1 accuserveadsystem.com 127.0.0.1 www.accuserveadsystem.com 127.0.0.1 achmedia.com 127.0.0.1 aconti.net 127.0.0.1 secure.aconti.net 127.0.0.1 www.aconti.net #[Dialer.Aconti] [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST380815AS +++++ --- User --- [MBR] c11311e3c09c71569f13acd4020c4bee [bSP] f83b504241d914579053c94390d1cd68 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 40154 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 82236735 | Size: 36138 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
  7. Hello, I have problem with google. It does'nt open with windows internet explorer (7 and 8) nither with google chrone. I have scaned the pc with: Malwarebyte Anti-ware, Spybot and SuperAntispyware. This programs find some malware, i removed it, but the problem continue. I have attached the next two files after runing DDS. attach.txt dds.txt Many thanks, David
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.