En mi pc se oyen ruidos

Estado
Cerrado para nuevas respuestas

baykal

Nuevo Miembro
Miembro
Hola !
Desde hace varias semanas se vienen oyendo sonidos en mi pc como si alguien estuviera usando un programa, es un ruido como de un tono, tipo software, creo que podría tener un rootkit, ya que no he instalado nada.

Pongo aquí el analisis del hijackthis, agradeceria mucho si me ayudarais. Un saludo y gracias..::

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:38:17, on 27/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)

FIREFOX: 50.1.0 (x86 es-ES)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Usuari\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKCU\..\Run: [AirDroid 3] C:\Program Files (x86)\AirDroid\AirDroid.exe /start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_Plugin.exe -update plugin
O4 - Global Startup: Kaspersky Software Updater Beta.lnk = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cdpsvc.dll,-100 (CDPSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cdpusersvc.dll,-100 (CDPUserSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: CDPUserSvc_3a5b7 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dcpsvc.dll,-3001 (DcpSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-201 (embeddedmode) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FrameServer.dll,-100 (FrameServer) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\hvhostsvc.dll,-100 (HvHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (irmon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @%SystemRoot%\system32\MessagingService.dll,-100 (MessagingService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MessagingService_3a5b7 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Sincronizar host_3a5b7 (OneSyncSvc_3a5b7) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%SystemRoot%\system32\PhoneserviceRes.dll,-10000 (PhoneSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Datos de contactos_3a5b7 (PimIndexMaintenanceSvc_3a5b7) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\RMapi.dll,-1001 (RmSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\tileobjserver.dll,-1 (tiledatamodelsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBrokerSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_3a5b7 (UnistoreSvc_3a5b7) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_3a5b7 (UserDataSvc_3a5b7) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usocore.dll,-102 (UsoSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvcext.dll,-601 (vmicrdv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvcext.dll,-501 (vmicvss) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\flightsettings.dll,-104 (wisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WpnUserService.dll,-1 (WpnUserService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Servicio de usuario de notificaciones de inserción de Windows_3a5b7 (WpnUserService_3a5b7) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 29317 bytes
 

Kbite

Aprender y compartir
Administrador
Hola baykal.

El log está limpio de malware. Tal vez el "Kaspersky Software Updater Beta" que está en ejecución, y que revisa si existen actualizaciones para el software instalado, tenga algo que ver, deshabilítalo momentáneamente para ver si en su trabajo de búsqueda produce esos sonidos.

No obstante, y para tu tranquilidad te recomiendo seguir estos pasos:

Utiliza esta herramienta con todos los navegadores cerrados: AdwCleaner

Actualiza tu sistema Aquí (Utiliza el I. Explorer)

Borra todas las cookies y limpia el registro con CCleaner

Vete a Inicio- Panel de Control--> Java (si usas Java) y Elimina los temporales de Java.

Borrar archivos temporales--> Desde Inicio, Ejecutar, escribe %TEMP%, pulsa Enter y elimina todo el contenido.

Haz correr en su Modo completo el Malwarebytes Antimalware. (Actualizalo, y al acabar el escaneo elije la opción Eliminar, después guarda el report y lo pegas)

Ademas, haz un Scan Online: ESET Online Scanner o bien uno del listado: Antivirus Online

** Debes usar el Internet Explorer y aceptar los ActiveX

** Le indicas que elimine lo que te detecte.

Nos copias ese reporte, el del Malwarebytes Antimalware junto con el de AdwCleaner. Nos comentas como te van las cosas ahora.

Saludos, Kbite
 

baykal

Nuevo Miembro
Miembro
Hola kbite,

he seguido todos los pasos pero aún oigo el ruido, aunque no tenga ningún programa ni navegador abierto, se sigue oyendo. Creo que tengo un rootkit, además de eso, deshabilito los procesos en segundo plano excepto los necesarios y se sigue oyendo.

Aqui pongo los analisis del malwarebytes, adw cleaner y eset online:

# AdwCleaner v6.043 - Archivo de registro creado 28/01/2017 en 11:16:41
# Actualizado en 27/01/2017 por Malwarebytes
# Base de datos : 2017-01-27.1 [Servidor]
# Sistema Operativo : Windows 10 Home (X64)
# Nombre de usuario : Usuari - USUARIO
# Ejecutado desde : C:\Users\Usuari\Desktop\adwcleaner_6.043.exe
# Modo: Limpiar
# Soporte : https://www.malwarebytes.com/support



***** [ Servicios ] *****



***** [ Carpetas ] *****



***** [ Archivos ] *****

[-] Archivo eliminado: C:\Users\Usuari\AppData\Local\Microsoft\Internet Explorer\DOMStore\OFVIS0N0\internetspeedtracker.dl.myway[1].xml
[-] Archivo eliminado: C:\Users\Usuari\AppData\Local\Microsoft\Internet Explorer\DOMStore\LZYUR9E8\easypdfcombine.dl.myway[1].xml
[-] Archivo eliminado: C:\Users\Usuari\AppData\Local\Microsoft\Internet Explorer\DOMStore\LZYUR9E8\pdfconverterhq.dl.myway[1].xml
[-] Archivo eliminado: C:\Users\Usuari\AppData\Local\Microsoft\Internet Explorer\DOMStore\LZYUR9E8\testonlinespeed.dl.myway[1].xml
[-] Archivo eliminado: C:\Users\Usuari\AppData\Local\Microsoft\Internet Explorer\DOMStore\KBITZL37\filesharefanatic.dl.myway[1].xml
[-] Archivo eliminado: C:\Users\Usuari\AppData\Local\Microsoft\Internet Explorer\DOMStore\KBITZL37\smarterpassword.dl.myway[1].xml
[-] Archivo eliminado: C:\Users\Usuari\AppData\Local\Microsoft\Internet Explorer\DOMStore\71PJ6NOX\atozmanuals.dl.myway[1].xml
[-] Archivo eliminado: C:\Users\Usuari\AppData\Local\Microsoft\Internet Explorer\DOMStore\71PJ6NOX\bringmesports.dl.myway[1].xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Accesos directos ] *****



***** [ Tareas programadas ] *****



***** [ Registro ] *****

[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\atozmanuals.dl.myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bringmesports.dl.myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\easypdfcombine.dl.myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\filesharefanatic.dl.myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\internetspeedtracker.dl.myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pdfconverterhq.dl.myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\smarterpassword.dl.myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\testonlinespeed.dl.myway.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\2345.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\claroyconciso.info
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coches.trovit.es
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\handan.house.qq.com
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao.360.cn
[-] Llave eliminada: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao123.com
[#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\2345.com
[#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\claroyconciso.info
[#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coches.trovit.es
[#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\handan.house.qq.com
[#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao.360.cn
[#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao123.com


***** [ Navegadores ] *****



*************************

:: Llaves "Tracing" eliminadas
:: Se han borrado los ajustes de Winsock

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3954 Bytes] - [28/01/2017 11:16:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [4260 Bytes] - [28/01/2017 11:16:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4100 Bytes] ##########






-------------------------------------------
Malwarebytes Anti-Malware
www.malwarebytes.org

Fecha del análisis: 28/01/2017
Hora del análisis: 11:40
Archivo de registro: malwarebytes.txt
Administrador: Sí

Versión: 2.2.1.1043
Base de datos de malwares: v2017.01.28.06
Base de datos de rootkits: v2016.11.20.01
Licencia: Gratis
Protección contra el malware: Desactivado
Protección contra sitios web maliciosos: Desactivado
Autoprotección: Desactivado

SO: Windows 10
CPU: x64
Sistema de archivos: NTFS
Usuario: Usuari

Tipo de análisis: Análisis de amenazas
Resultado: Completado
Objetos analizados: 352484
Tiempo transcurrido: 3 min, 47 seg

Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Activado
PUM: Activado

Procesos: 0
(No hay elementos maliciosos detectados)

Módulos: 0
(No hay elementos maliciosos detectados)

Claves del registro: 1
PUP.Optional.WinYahoo, HKU\S-1-5-21-1571308697-1146371779-3785356512-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [1a2c245dc6e2f93d61b481c87b8545bb],

Valores del registro: 3
PUP.Optional.Agent, HKU\S-1-5-21-1571308697-1146371779-3785356512-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|urlspace, H:\Wanchun.exe -h, En cuarentena, [ee588100387041f59d3f477cc63afa06]
PUP.Optional.WinYahoo, HKU\S-1-5-21-1571308697-1146371779-3785356512-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://es.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fsvideosft_16_26&param1=1&param2=f[1a2c245dc6e2f93d61b481c87b8545bb]D4&b[1a2c245dc6e2f93d61b481c87b8545bb]DIE&cc[1a2c245dc6e2f93d61b481c87b8545bb]Des&pa[1a2c245dc6e2f93d61b481c87b8545bb]DWincy&cd[1a2c245dc6e2f93d61b481c87b8545bb]D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0B0AzzzytA0FzyyC0A0CtN0D0Tzu0StCyCyEtDtN1L2XzutAtFtBtAtFtCtFtBtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyE0AtCyEyCtB0D0BtGyByByD0CtGyDtCzyzztGtDzy0DtDtG0A0FyCtByD0AzyyCtAyC0E0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEzytD0Fzy0A0BtG0A0F0AtAtGyE0DzyyEtG0BtCtCzztGzztA0BtC0EyByD0ByCzzyDtB2QtN0A0LzuyE&cr[1a2c245dc6e2f93d61b481c87b8545bb]D607058168&a[1a2c245dc6e2f93d61b481c87b8545bb]Dwncy_fsvideosft_16_26&os_ver[1a2c245dc6e2f93d61b481c87b8545bb]D10.0&os[1a2c245dc6e2f93d61b481c87b8545bb]DWindowsEn cuarentenaB10En cuarentenaBHome&p={searchTerms}, %4, %5
Trojan.Downloader.UP, HKU\S-1-5-21-1571308697-1146371779-3785356512-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|urlspace, H:\Wanchun.exe -h, En cuarentena, [192d0f72961277bf48222d1d808330d0]

Datos del registro: 0
(No hay elementos maliciosos detectados)

Carpetas: 2
PUP.Optional.FlowSpirit, C:\Users\Usuari\AppData\Roaming\Spiritsoft\urlspirit, En cuarentena, [4ef8e79a05a3d264786e28ebd1338d73],
PUP.Optional.FlowSpirit, C:\Users\Usuari\AppData\Roaming\Spiritsoft\urlspirit\dump, En cuarentena, [4ef8e79a05a3d264786e28ebd1338d73],

Archivos: 5
PUP.Optional.Agent, H:\Wanchun.exe, En cuarentena, [ee588100387041f59d3f477cc63afa06],
Trojan.Downloader.UP, H:\Wanchun.exe, En cuarentena, [192d0f72961277bf48222d1d808330d0],
PUP.Optional.FlowSpirit, C:\Users\Usuari\AppData\Roaming\Spiritsoft\urlspirit\product.dat, En cuarentena, [4ef8e79a05a3d264786e28ebd1338d73],
PUP.Optional.FlowSpirit, C:\Users\Usuari\AppData\Roaming\Spiritsoft\urlspirit\bd.dat, En cuarentena, [4ef8e79a05a3d264786e28ebd1338d73],
PUP.Optional.FlowSpirit, C:\Users\Usuari\AppData\Roaming\Spiritsoft\urlspirit\tcfg.dat, En cuarentena, [4ef8e79a05a3d264786e28ebd1338d73],

Sectores físicos: 0
(No hay elementos maliciosos detectados)


(end)







H:\Bot Googgle Adsense 2016.rar una variante de MSIL/Ubot.D aplicación potencialmente peligrosa
H:\Usuario\Downloads\Sin confirmar 837840.crdownload Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa
 

Kbite

Aprender y compartir
Administrador
Hola baykal.

Las herramientas utilizadas han eliminado todo lo detectado, te dejo unos antirootkit muy eficaces por si fuese el caso:

Manual TDSSKiller Antirootkits

Malwarebytes Anti-Rootkit

Puedes realizar el análisis desde Modo seguro para que nada esté en ejecución, y de paso ver si en ese modo aún oyes ese ruido, al no haber nada ajeno a Windows ejecutándose, ni el malware, ya deberíamos pensar en que si se sigue oyendo tal vez el causante sea algún componente del hardware del equipo que produzca ese sonido.

Saludos, Kbite
 

baykal

Nuevo Miembro
Miembro
Hola,
Ya he hecho el analisis, lo único que cuando inicio en modo a prueba de errores el audio se desactiva, al menos en mi equipo. Tengo windows 10. Una cosa que he descubierto es que el sonido aparece también cuando no tengo conexión a internet. Y tambien me he dado cuenta que siempre que aparece el ruido se abre un proceso llamado COM surrogate y se suele cerrar, sólo dura lo que dura el sonido, y al darle a detalles y ubicacion del archivo me sale que es el proceso DLLHOST.EXE ubicado en la carpeta system32. Pero a veces no se cierra, y llego a tener hasta 3 procesos com surrogate en segundo plano.

los antirootkits no encontraron nada, copio el del TDSS porque el de malwarebytes no me creó log:

11:26:23.0856 0x0af4 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
11:26:27.0762 0x0af4
============================================================
11:26:27.0762 0x0af4 Current date / time: 2017/01/29 11:26:27.0762
11:26:27.0762 0x0af4 SystemInfo:
11:26:27.0762 0x0af4
11:26:27.0762 0x0af4 OS Version: 10.0.14393 ServicePack: 0.0
11:26:27.0762 0x0af4 Product type: Workstation
11:26:27.0762 0x0af4 ComputerName: USUARIO
11:26:27.0762 0x0af4 UserName: Usuari
11:26:27.0762 0x0af4 Windows directory: C:\Windows
11:26:27.0762 0x0af4 System windows directory: C:\Windows
11:26:27.0762 0x0af4 Running under WOW64
11:26:27.0762 0x0af4 Processor architecture: Intel x64
11:26:27.0762 0x0af4 Number of processors: 4
11:26:27.0762 0x0af4 Page size: 0x1000
11:26:27.0762 0x0af4 Boot type: Safe boot
11:26:27.0762 0x0af4 CodeIntegrityOptions = 0x00000001
11:26:27.0762 0x0af4 ============================================================
11:26:28.0075 0x0af4 KLMD registered as C:\Windows\system32\drivers\57298548.sys
11:26:28.0075 0x0af4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
11:26:28.0169 0x0af4 System UUID: {BE46E365-F80E-F6C8-E731-15D4AC5DC9E0}
11:26:28.0419 0x0af4 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:26:28.0419 0x0af4 ============================================================
11:26:28.0419 0x0af4 \Device\Harddisk0\DR0:
11:26:28.0419 0x0af4 MBR partitions:
11:26:28.0419 0x0af4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
11:26:28.0419 0x0af4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x758FD800
11:26:28.0419 0x0af4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x75A8E800, BlocksNum 0x73379000
11:26:28.0419 0x0af4 ============================================================
11:26:28.0450 0x0af4 C: <-> \Device\Harddisk0\DR0\Partition2
11:26:28.0497 0x0af4 H: <-> \Device\Harddisk0\DR0\Partition3
11:26:28.0497 0x0af4 ============================================================
11:26:28.0497 0x0af4 Initialize success
11:26:28.0497 0x0af4 ============================================================
11:26:55.0872 0x04c0 ============================================================
11:26:55.0872 0x04c0 Scan started
11:26:55.0872 0x04c0 Mode: Manual; SigCheck; TDLFS;
11:26:55.0872 0x04c0 ============================================================
11:26:55.0872 0x04c0 KSN ping started
11:26:55.0903 0x04c0 KSN ping finished: false
11:26:56.0685 0x04c0 ================ Scan system memory ========================
11:26:56.0685 0x04c0 System memory - ok
11:26:56.0685 0x04c0 ================ Scan services =============================
11:26:56.0763 0x04c0 1394ohci - ok
11:26:56.0763 0x04c0 3ware - ok
11:26:56.0763 0x04c0 ACPI - ok
11:26:56.0763 0x04c0 AcpiDev - ok
11:26:56.0763 0x04c0 acpiex - ok
11:26:56.0778 0x04c0 acpipagr - ok
11:26:56.0794 0x04c0 AcpiPmi - ok
11:26:56.0794 0x04c0 acpitime - ok
11:26:56.0872 0x04c0 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:26:56.0981 0x04c0 AdobeARMservice - ok
11:26:57.0028 0x04c0 [ E324D38B6CCF843ED4F6D521908AEE5B, D34DAF5AB7A3C2751C0C3BD3C21E52909E6D182DD202BD3C0B4981535320E64A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:26:57.0044 0x04c0 AdobeFlashPlayerUpdateSvc - ok
11:26:57.0060 0x04c0 ADP80XX - ok
11:26:57.0075 0x04c0 AFD - ok
11:26:57.0075 0x04c0 ahcache - ok
11:26:57.0091 0x04c0 AJRouter - ok
11:26:57.0106 0x04c0 ALG - ok
11:26:57.0106 0x04c0 AmdK8 - ok
11:26:57.0106 0x04c0 AmdPPM - ok
11:26:57.0106 0x04c0 amdsata - ok
11:26:57.0106 0x04c0 amdsbs - ok
11:26:57.0106 0x04c0 amdxata - ok
11:26:57.0106 0x04c0 AppID - ok
11:26:57.0122 0x04c0 AppIDSvc - ok
11:26:57.0122 0x04c0 Appinfo - ok
11:26:57.0122 0x04c0 applockerfltr - ok
11:26:57.0138 0x04c0 AppReadiness - ok
11:26:57.0153 0x04c0 AppXSvc - ok
11:26:57.0169 0x04c0 arcsas - ok
11:26:57.0169 0x04c0 AsyncMac - ok
11:26:57.0169 0x04c0 atapi - ok
11:26:57.0169 0x04c0 AudioEndpointBuilder - ok
11:26:57.0200 0x04c0 Audiosrv - ok
11:26:57.0200 0x04c0 AxInstSV - ok
11:26:57.0200 0x04c0 b06bdrv - ok
11:26:57.0200 0x04c0 BasicDisplay - ok
11:26:57.0200 0x04c0 BasicRender - ok
11:26:57.0216 0x04c0 bcmfn - ok
11:26:57.0216 0x04c0 bcmfn2 - ok
11:26:57.0231 0x04c0 BDESVC - ok
11:26:57.0231 0x04c0 Beep - ok
11:26:57.0247 0x04c0 BFE - ok
11:26:57.0247 0x04c0 BITS - ok
11:26:57.0247 0x04c0 bowser - ok
11:26:57.0247 0x04c0 BrokerInfrastructure - ok
11:26:57.0247 0x04c0 Browser - ok
11:26:57.0247 0x04c0 BthAvrcpTg - ok
11:26:57.0263 0x04c0 BthHFEnum - ok
11:26:57.0263 0x04c0 bthhfhid - ok
11:26:57.0263 0x04c0 BthHFSrv - ok
11:26:57.0263 0x04c0 BTHMODEM - ok
11:26:57.0263 0x04c0 bthserv - ok
11:26:57.0263 0x04c0 buttonconverter - ok
11:26:57.0263 0x04c0 CapImg - ok
11:26:57.0263 0x04c0 cdfs - ok
11:26:57.0278 0x04c0 CDPSvc - ok
11:26:57.0294 0x04c0 CDPUserSvc - ok
11:26:57.0294 0x04c0 cdrom - ok
11:26:57.0310 0x04c0 CertPropSvc - ok
11:26:57.0310 0x04c0 cht4iscsi - ok
11:26:57.0310 0x04c0 cht4vbd - ok
11:26:57.0325 0x04c0 circlass - ok
11:26:57.0325 0x04c0 CLFS - ok
11:26:57.0341 0x04c0 ClipSVC - ok
11:26:57.0341 0x04c0 clreg - ok
11:26:57.0341 0x04c0 CmBatt - ok
11:26:57.0341 0x04c0 CNG - ok
11:26:57.0341 0x04c0 cnghwassist - ok
11:26:57.0356 0x04c0 CompositeBus - ok
11:26:57.0356 0x04c0 COMSysApp - ok
11:26:57.0372 0x04c0 condrv - ok
11:26:57.0372 0x04c0 CoreMessagingRegistrar - ok
11:26:57.0419 0x04c0 [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:26:58.0888 0x04c0 cphs - ok
11:26:58.0903 0x04c0 CryptSvc - ok
11:26:58.0903 0x04c0 dam - ok
11:26:58.0919 0x04c0 DcomLaunch - ok
11:26:58.0919 0x04c0 DcpSvc - ok
11:26:58.0935 0x04c0 defragsvc - ok
11:26:58.0935 0x04c0 DeviceAssociationService - ok
11:26:58.0935 0x04c0 DeviceInstall - ok
11:26:58.0950 0x04c0 DevQueryBroker - ok
11:26:58.0966 0x04c0 Dfsc - ok
11:26:58.0997 0x04c0 Dhcp - ok
11:26:59.0028 0x04c0 diagnosticshub.standardcollector.service - ok
11:26:59.0028 0x04c0 DiagTrack - ok
11:26:59.0028 0x04c0 disk - ok
11:26:59.0060 0x04c0 DmEnrollmentSvc - ok
11:26:59.0060 0x04c0 dmvsc - ok
11:26:59.0060 0x04c0 dmwappushservice - ok
11:26:59.0091 0x04c0 Dnscache - ok
11:26:59.0091 0x04c0 dot3svc - ok
11:26:59.0106 0x04c0 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:26:59.0169 0x04c0 dot4 - ok
11:26:59.0200 0x04c0 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
11:26:59.0200 0x04c0 Dot4Print - ok
11:26:59.0216 0x04c0 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:26:59.0216 0x04c0 dot4usb - ok
11:26:59.0216 0x04c0 DPS - ok
11:26:59.0231 0x04c0 drmkaud - ok
11:26:59.0231 0x04c0 DsmSvc - ok
11:26:59.0231 0x04c0 DsSvc - ok
11:26:59.0247 0x04c0 DXGKrnl - ok
11:26:59.0278 0x04c0 [ E75A80FA10A247F1E104ECB813255A45, 565B0706F5CEBB205AB2ED9849D55271EAFE101DCE91E512F1C38D84E5EDD6E7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
11:26:59.0294 0x04c0 eamonm - ok
11:26:59.0294 0x04c0 EapHost - ok
11:26:59.0310 0x04c0 ebdrv - ok
11:26:59.0341 0x04c0 [ A6E666A2C13782E7D012202351DE0FFB, 1FC886F68681FC34738A562C2AD0B294DC614AEE5467ECC8AEADA8AE698B1450 ] eelam C:\Windows\system32\DRIVERS\eelam.sys
11:26:59.0356 0x04c0 eelam - ok
11:26:59.0388 0x04c0 EFS - ok
11:26:59.0403 0x04c0 [ 1A4A59712D426D752FB668342A04A0D8, CAAEC83497139B5F2BB6852C6A1E279D0186A0E5A4AE7F3B823003D2F6E9547F ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
11:26:59.0419 0x04c0 ehdrv - ok
11:26:59.0419 0x04c0 EhStorClass - ok
11:26:59.0435 0x04c0 EhStorTcgDrv - ok
11:26:59.0935 0x04c0 [ 83A9EF0F3F1AA1E474A6D33AD191F2BA, 0E2E3F9A6104B8D3689AEC19256CC644B0BCDADD95BB98F90DBBFD679BE26E96 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
11:26:59.0981 0x04c0 ekrn - ok
11:26:59.0997 0x04c0 embeddedmode - ok
11:27:00.0044 0x04c0 EntAppSvc - ok
11:27:00.0122 0x04c0 [ BE51534D3FF12934DFC2F8B928A7285C, 8B7B3DE54795DDF0D505C7FBCD944DF1E8FD30F798A4B0AD18A10F79984F4BAD ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
11:27:00.0122 0x04c0 epfwwfpr - ok
11:27:00.0138 0x04c0 ErrDev - ok
11:27:00.0153 0x04c0 [ 5C3BF188F182C26974646A13B0CA4715, 5115BDA0CEEF830DDF14AC9B95E328218EFEA35AED337DD936A2D8F275ADBFAF ] Eve C:\Windows\system32\DRIVERS\eve.sys
11:27:00.0185 0x04c0 Eve - ok
11:27:00.0200 0x04c0 EventSystem - ok
11:27:00.0200 0x04c0 exfat - ok
11:27:00.0247 0x04c0 fastfat - ok
11:27:00.0278 0x04c0 Fax - ok
11:27:00.0294 0x04c0 fdc - ok
11:27:00.0310 0x04c0 fdPHost - ok
11:27:00.0310 0x04c0 FDResPub - ok
11:27:00.0372 0x04c0 fhsvc - ok
11:27:00.0403 0x04c0 FileCrypt - ok
11:27:00.0419 0x04c0 FileInfo - ok
11:27:00.0419 0x04c0 Filetrace - ok
11:27:00.0419 0x04c0 flpydisk - ok
11:27:00.0435 0x04c0 FltMgr - ok
11:27:00.0497 0x04c0 FontCache - ok
11:27:00.0591 0x04c0 FontCache3.0.0.0 - ok
11:27:00.0622 0x04c0 FrameServer - ok
11:27:00.0653 0x04c0 FsDepends - ok
11:27:00.0653 0x04c0 Fs_Rec - ok
11:27:00.0685 0x04c0 fvevol - ok
11:27:00.0716 0x04c0 gencounter - ok
11:27:00.0732 0x04c0 genericusbfn - ok
11:27:00.0732 0x04c0 GPIOClx0101 - ok
11:27:00.0747 0x04c0 gpsvc - ok
11:27:00.0747 0x04c0 GpuEnergyDrv - ok
11:27:00.0872 0x04c0 [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:27:00.0903 0x04c0 gupdate - ok
11:27:00.0903 0x04c0 [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:27:00.0903 0x04c0 gupdatem - ok
11:27:00.0919 0x04c0 HDAudBus - ok
11:27:00.0919 0x04c0 HidBatt - ok
11:27:00.0919 0x04c0 HidBth - ok
11:27:00.0919 0x04c0 hidi2c - ok
11:27:00.0919 0x04c0 hidinterrupt - ok
11:27:00.0919 0x04c0 HidIr - ok
11:27:00.0935 0x04c0 hidserv - ok
11:27:00.0982 0x04c0 HidUsb - ok
11:27:00.0982 0x04c0 HomeGroupListener - ok
11:27:00.0997 0x04c0 HomeGroupProvider - ok
11:27:00.0997 0x04c0 HpSAMD - ok
11:27:01.0028 0x04c0 HPSLPSVC - ok
11:27:01.0044 0x04c0 HTTP - ok
11:27:01.0075 0x04c0 HvHost - ok
11:27:01.0107 0x04c0 hvservice - ok
11:27:01.0107 0x04c0 hwpolicy - ok
11:27:01.0107 0x04c0 hyperkbd - ok
11:27:01.0122 0x04c0 i8042prt - ok
11:27:01.0122 0x04c0 iagpio - ok
11:27:01.0122 0x04c0 iai2c - ok
11:27:01.0122 0x04c0 iaLPSS2i_GPIO2 - ok
11:27:01.0122 0x04c0 iaLPSS2i_I2C - ok
11:27:01.0138 0x04c0 iaLPSSi_GPIO - ok
11:27:01.0138 0x04c0 iaLPSSi_I2C - ok
11:27:01.0153 0x04c0 [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
11:27:01.0169 0x04c0 iaStorA - ok
11:27:01.0169 0x04c0 iaStorAV - ok
11:27:01.0232 0x04c0 [ 6241810294275CEA59EBA9733080E5EE, F9A1A505B9279CD660CAAF4F8D21BDC34AC75FD86E881632A378B9BF39A3738E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:27:01.0232 0x04c0 IAStorDataMgrSvc - ok
11:27:01.0232 0x04c0 iaStorV - ok
11:27:01.0247 0x04c0 ibbus - ok
11:27:01.0263 0x04c0 icssvc - ok
11:27:01.0419 0x04c0 [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:27:01.0622 0x04c0 igfx - ok
11:27:01.0653 0x04c0 [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe
11:27:03.0388 0x04c0 igfxCUIService2.0.0.0 - ok
11:27:03.0388 0x04c0 IKEEXT - ok
11:27:03.0403 0x04c0 IndirectKmd - ok
11:27:03.0435 0x04c0 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:27:03.0435 0x04c0 intaud_WaveExtensible - ok
11:27:03.0544 0x04c0 [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:27:03.0700 0x04c0 IntcAzAudAddService - ok
11:27:03.0747 0x04c0 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:27:03.0763 0x04c0 IntcDAud - ok
11:27:03.0810 0x04c0 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:27:03.0857 0x04c0 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:27:03.0903 0x04c0 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
11:27:03.0935 0x04c0 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:27:03.0966 0x04c0 Intel(R) Capability Licensing Service TCP IP Interface - ok
11:27:03.0982 0x04c0 intelide - ok
11:27:03.0982 0x04c0 intelpep - ok
11:27:03.0982 0x04c0 intelppm - ok
11:27:03.0982 0x04c0 iorate - ok
11:27:03.0997 0x04c0 IpFilterDriver - ok
11:27:04.0013 0x04c0 iphlpsvc - ok
11:27:04.0013 0x04c0 IPMIDRV - ok
11:27:04.0013 0x04c0 IPNAT - ok
11:27:04.0013 0x04c0 irda - ok
11:27:04.0028 0x04c0 IRENUM - ok
11:27:04.0028 0x04c0 irmon - ok
11:27:04.0028 0x04c0 isapnp - ok
11:27:04.0028 0x04c0 iScsiPrt - ok
11:27:04.0075 0x04c0 [ E489D12FF435AEEF4A5474C47D329590, 66A01F63EE4F66C0CD5BB9BF20E1722D57CC8252AC126780800806B536F4CEA9 ] ISODrive C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
11:27:04.0075 0x04c0 ISODrive - ok
11:27:04.0122 0x04c0 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:27:04.0138 0x04c0 jhi_service - ok
11:27:04.0153 0x04c0 kbdclass - ok
11:27:04.0169 0x04c0 kbdhid - ok
11:27:04.0169 0x04c0 kdnic - ok
11:27:04.0169 0x04c0 KeyIso - ok
11:27:04.0169 0x04c0 KSecDD - ok
11:27:04.0185 0x04c0 KSecPkg - ok
11:27:04.0185 0x04c0 ksthunk - ok
11:27:04.0200 0x04c0 KtmRm - ok
11:27:04.0216 0x04c0 LanmanServer - ok
11:27:04.0232 0x04c0 LanmanWorkstation - ok
11:27:04.0247 0x04c0 lfsvc - ok
11:27:04.0247 0x04c0 LicenseManager - ok
11:27:04.0247 0x04c0 lltdio - ok
11:27:04.0247 0x04c0 lltdsvc - ok
11:27:04.0263 0x04c0 lmhosts - ok
11:27:04.0294 0x04c0 [ 08E2B577DB95156F9A658C988EE71F5D, D229FFD97EE9478169D2418A722FD2AD6AD10108FF1B0156BE9A1ADF38B5633A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:27:04.0294 0x04c0 LMS - ok
11:27:04.0310 0x04c0 LSI_SAS - ok
11:27:04.0310 0x04c0 LSI_SAS2i - ok
11:27:04.0310 0x04c0 LSI_SAS3i - ok
11:27:04.0310 0x04c0 LSI_SSS - ok
11:27:04.0341 0x04c0 LSM - ok
11:27:04.0341 0x04c0 luafv - ok
11:27:04.0341 0x04c0 MapsBroker - ok
11:27:04.0450 0x04c0 [ 9A5728733FC3B2BD46A82D39CC49B24E, 1E12D4E539FE2885B8652A2C846FE2DF8C1B049FA54467A830AF70E860E65644 ] MaxthonUpdateSvc C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
11:27:04.0497 0x04c0 MaxthonUpdateSvc - ok
11:27:04.0513 0x04c0 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:27:04.0513 0x04c0 MBAMProtector - ok
11:27:04.0560 0x04c0 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
11:27:04.0575 0x04c0 MBAMService - ok
11:27:04.0591 0x04c0 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
11:27:04.0607 0x04c0 MBAMWebAccessControl - ok
11:27:04.0607 0x04c0 megasas - ok
11:27:04.0638 0x04c0 megasas2i - ok
11:27:04.0638 0x04c0 megasr - ok
11:27:04.0653 0x04c0 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
11:27:04.0669 0x04c0 MEIx64 - ok
11:27:04.0685 0x04c0 MessagingService - ok
11:27:04.0700 0x04c0 mlx4_bus - ok
11:27:04.0700 0x04c0 MMCSS - ok
11:27:04.0700 0x04c0 Modem - ok
11:27:04.0716 0x04c0 monitor - ok
11:27:04.0716 0x04c0 mouclass - ok
11:27:04.0716 0x04c0 mouhid - ok
11:27:04.0716 0x04c0 mountmgr - ok
11:27:04.0716 0x04c0 mpsdrv - ok
11:27:04.0716 0x04c0 MpsSvc - ok
11:27:04.0732 0x04c0 MR:)AV - ok
11:27:04.0747 0x04c0 mrxsmb - ok
11:27:04.0747 0x04c0 mrxsmb10 - ok
11:27:04.0763 0x04c0 mrxsmb20 - ok
11:27:04.0763 0x04c0 MsBridge - ok
11:27:04.0778 0x04c0 MSDTC - ok
11:27:04.0778 0x04c0 Msfs - ok
11:27:04.0778 0x04c0 msgpiowin32 - ok
11:27:04.0778 0x04c0 mshidkmdf - ok
11:27:04.0778 0x04c0 mshidumdf - ok
11:27:04.0778 0x04c0 msisadrv - ok
11:27:04.0794 0x04c0 MSiSCSI - ok
11:27:04.0794 0x04c0 msiserver - ok
11:27:04.0794 0x04c0 MSKSSRV - ok
11:27:04.0810 0x04c0 MsLldp - ok
11:27:04.0810 0x04c0 MSPCLOCK - ok
11:27:04.0810 0x04c0 MSPQM - ok
11:27:04.0810 0x04c0 MsRPC - ok
11:27:04.0810 0x04c0 mssmbios - ok
11:27:04.0810 0x04c0 MSTEE - ok
11:27:04.0810 0x04c0 MTConfig - ok
11:27:04.0810 0x04c0 Mup - ok
11:27:04.0810 0x04c0 mvumis - ok
11:27:04.0825 0x04c0 NativeWifiP - ok
11:27:04.0825 0x04c0 NcaSvc - ok
11:27:04.0841 0x04c0 NcbService - ok
11:27:04.0841 0x04c0 NcdAutoSetup - ok
11:27:04.0857 0x04c0 ndfltr - ok
11:27:04.0872 0x04c0 NDIS - ok
11:27:04.0872 0x04c0 NdisCap - ok
11:27:04.0888 0x04c0 NdisImPlatform - ok
11:27:04.0888 0x04c0 NdisTapi - ok
11:27:04.0888 0x04c0 Ndisuio - ok
11:27:04.0888 0x04c0 NdisVirtualBus - ok
11:27:04.0903 0x04c0 NdisWan - ok
11:27:04.0903 0x04c0 ndiswanlegacy - ok
11:27:04.0903 0x04c0 ndproxy - ok
11:27:04.0903 0x04c0 Ndu - ok
11:27:04.0919 0x04c0 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
11:27:04.0950 0x04c0 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:27:04.0950 0x04c0 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:27:04.0950 0x04c0 NetAdapterCx - ok
11:27:04.0966 0x04c0 NetBIOS - ok
11:27:04.0966 0x04c0 NetBT - ok
11:27:04.0966 0x04c0 Netlogon - ok
11:27:04.0966 0x04c0 Netman - ok
11:27:04.0966 0x04c0 netprofm - ok
11:27:04.0997 0x04c0 NetSetupSvc - ok
11:27:05.0028 0x04c0 NetTcpPortSharing - ok
11:27:05.0028 0x04c0 NgcCtnrSvc - ok
11:27:05.0044 0x04c0 NgcSvc - ok
11:27:05.0060 0x04c0 NlaSvc - ok
11:27:05.0060 0x04c0 Npfs - ok
11:27:05.0060 0x04c0 npsvctrig - ok
11:27:05.0060 0x04c0 nsi - ok
11:27:05.0060 0x04c0 nsiproxy - ok
11:27:05.0075 0x04c0 NTFS - ok
11:27:05.0075 0x04c0 Null - ok
11:27:05.0075 0x04c0 nvraid - ok
11:27:05.0075 0x04c0 nvstor - ok
11:27:05.0107 0x04c0 OneSyncSvc - ok
11:27:05.0107 0x04c0 p2pimsvc - ok
11:27:05.0107 0x04c0 p2psvc - ok
11:27:05.0107 0x04c0 Parport - ok
11:27:05.0122 0x04c0 partmgr - ok
11:27:05.0153 0x04c0 PcaSvc - ok
11:27:05.0169 0x04c0 pci - ok
11:27:05.0185 0x04c0 pciide - ok
11:27:05.0185 0x04c0 pcmcia - ok
11:27:05.0185 0x04c0 pcw - ok
11:27:05.0185 0x04c0 pdc - ok
11:27:05.0185 0x04c0 PEAUTH - ok
11:27:05.0185 0x04c0 percsas2i - ok
11:27:05.0185 0x04c0 percsas3i - ok
11:27:05.0216 0x04c0 PerfHost - ok
11:27:05.0232 0x04c0 PhoneSvc - ok
11:27:05.0232 0x04c0 PimIndexMaintenanceSvc - ok
11:27:05.0263 0x04c0 pla - ok
11:27:05.0263 0x04c0 PlugPlay - ok
11:27:05.0278 0x04c0 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
11:27:05.0325 0x04c0 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:27:05.0325 0x04c0 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:27:05.0325 0x04c0 PNRPAutoReg - ok
11:27:05.0325 0x04c0 PNRPsvc - ok
11:27:05.0341 0x04c0 PolicyAgent - ok
11:27:05.0341 0x04c0 Power - ok
11:27:05.0341 0x04c0 PptpMiniport - ok
11:27:05.0419 0x04c0 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:27:05.0607 0x04c0 PrintNotify - ok
11:27:05.0607 0x04c0 Processor - ok
11:27:05.0622 0x04c0 ProfSvc - ok
11:27:05.0622 0x04c0 Psched - ok
11:27:05.0653 0x04c0 [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
11:27:05.0653 0x04c0 PSKMAD - ok
11:27:05.0685 0x04c0 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:27:05.0685 0x04c0 PxHlpa64 - ok
11:27:05.0685 0x04c0 QWAVE - ok
11:27:05.0685 0x04c0 QWAVEdrv - ok
11:27:05.0685 0x04c0 RasAcd - ok
11:27:05.0700 0x04c0 RasAgileVpn - ok
11:27:05.0700 0x04c0 RasAuto - ok
11:27:05.0700 0x04c0 Rasl2tp - ok
11:27:05.0732 0x04c0 RasMan - ok
11:27:05.0732 0x04c0 RasPppoe - ok
11:27:05.0732 0x04c0 RasSstp - ok
11:27:05.0732 0x04c0 rdbss - ok
11:27:05.0732 0x04c0 rdpbus - ok
11:27:05.0732 0x04c0 RDPDR - ok
11:27:05.0763 0x04c0 RdpVideoMiniport - ok
11:27:05.0763 0x04c0 rdyboost - ok
11:27:05.0778 0x04c0 ReFSv1 - ok
11:27:05.0794 0x04c0 RemoteAccess - ok
11:27:05.0794 0x04c0 RemoteRegistry - ok
11:27:05.0810 0x04c0 [ 069124A087F128992DEE72B7A2E6A2AF, 5F16C6CEE7301757A278F20A4973A23F38D97988FB2C2901C0C2AAF72F86889B ] REN2CAP_DRIVER C:\Windows\system32\drivers\ren2cap.sys
11:27:05.0825 0x04c0 REN2CAP_DRIVER - ok
11:27:05.0841 0x04c0 RetailDemo - ok
11:27:05.0841 0x04c0 RmSvc - ok
11:27:05.0841 0x04c0 RpcEptMapper - ok
11:27:05.0841 0x04c0 RpcLocator - ok
11:27:05.0857 0x04c0 RpcSs - ok
11:27:05.0872 0x04c0 rspndr - ok
11:27:05.0872 0x04c0 rt640x64 - ok
11:27:05.0888 0x04c0 s3cap - ok
11:27:05.0903 0x04c0 SamSs - ok
11:27:05.0903 0x04c0 sbp2port - ok
11:27:05.0919 0x04c0 SCardSvr - ok
11:27:05.0935 0x04c0 ScDeviceEnum - ok
11:27:05.0935 0x04c0 scfilter - ok
11:27:05.0935 0x04c0 Schedule - ok
11:27:05.0950 0x04c0 scmbus - ok
11:27:05.0950 0x04c0 scmdisk0101 - ok
11:27:05.0950 0x04c0 SCPolicySvc - ok
11:27:05.0966 0x04c0 sdbus - ok
11:27:05.0966 0x04c0 SDRSVC - ok
11:27:05.0966 0x04c0 sdstor - ok
11:27:05.0982 0x04c0 seclogon - ok
11:27:05.0997 0x04c0 SENS - ok
11:27:05.0997 0x04c0 SensorDataService - ok
11:27:05.0997 0x04c0 SensorService - ok
11:27:05.0997 0x04c0 SensrSvc - ok
11:27:05.0997 0x04c0 SerCx - ok
11:27:06.0013 0x04c0 SerCx2 - ok
11:27:06.0013 0x04c0 Serenum - ok
11:27:06.0013 0x04c0 Serial - ok
11:27:06.0013 0x04c0 sermouse - ok
11:27:06.0013 0x04c0 SessionEnv - ok
11:27:06.0013 0x04c0 sfloppy - ok
11:27:06.0044 0x04c0 SharedAccess - ok
11:27:06.0060 0x04c0 ShellHWDetection - ok
11:27:06.0075 0x04c0 shpamsvc - ok
11:27:06.0075 0x04c0 SiSRaid2 - ok
11:27:06.0075 0x04c0 SiSRaid4 - ok
11:27:06.0091 0x04c0 smphost - ok
11:27:06.0091 0x04c0 SmsRouter - ok
11:27:06.0107 0x04c0 SNMPTRAP - ok
11:27:06.0122 0x04c0 spaceport - ok
11:27:06.0122 0x04c0 SpbCx - ok
11:27:06.0138 0x04c0 Spooler - ok
11:27:06.0169 0x04c0 sppsvc - ok
11:27:06.0169 0x04c0 srv - ok
11:27:06.0185 0x04c0 srv2 - ok
11:27:06.0185 0x04c0 srvnet - ok
11:27:06.0185 0x04c0 SSDPSRV - ok
11:27:06.0200 0x04c0 SstpSvc - ok
11:27:06.0200 0x04c0 StateRepository - ok
11:27:06.0263 0x04c0 [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:27:06.0278 0x04c0 Steam Client Service - ok
11:27:06.0278 0x04c0 stexstor - ok
11:27:06.0278 0x04c0 stisvc - ok
11:27:06.0278 0x04c0 storahci - ok
11:27:06.0278 0x04c0 storflt - ok
11:27:06.0278 0x04c0 stornvme - ok
11:27:06.0294 0x04c0 storqosflt - ok
11:27:06.0294 0x04c0 StorSvc - ok
11:27:06.0294 0x04c0 storufs - ok
11:27:06.0294 0x04c0 storvsc - ok
11:27:06.0294 0x04c0 svsvc - ok
11:27:06.0294 0x04c0 swenum - ok
11:27:06.0294 0x04c0 swprv - ok
11:27:06.0310 0x04c0 Synth3dVsc - ok
11:27:06.0310 0x04c0 SysMain - ok
11:27:06.0325 0x04c0 SystemEventsBroker - ok
11:27:06.0341 0x04c0 TabletInputService - ok
11:27:06.0372 0x04c0 [ 5B4A09AB34D0205C616C4D247AD29F57, B1DBDD5E2149114E1DCC56DAB00876AAE1FBFC5D4063D3F5A59D8C66918EF693 ] tap-tb-0901 C:\Windows\system32\DRIVERS\tap-tb-0901.sys
11:27:06.0372 0x04c0 tap-tb-0901 - ok
11:27:06.0403 0x04c0 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
11:27:06.0419 0x04c0 tap0901 - ok
11:27:06.0435 0x04c0 [ 6B7E47195E2BB728601BDF817E9305A0, 5DC5B7EF8CC769A83B8DB68838D46F519A8B295C9F1548A4A6DC2E9B16DC76BC ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
11:27:06.0435 0x04c0 taphss6 - ok
11:27:06.0435 0x04c0 TapiSrv - ok
11:27:06.0450 0x04c0 Tcpip - ok
11:27:06.0450 0x04c0 Tcpip6 - ok
11:27:06.0450 0x04c0 tcpipreg - ok
11:27:06.0450 0x04c0 tdx - ok
11:27:06.0450 0x04c0 terminpt - ok
11:27:06.0450 0x04c0 TermService - ok
11:27:06.0466 0x04c0 Themes - ok
11:27:06.0466 0x04c0 TieringEngineService - ok
11:27:06.0466 0x04c0 tiledatamodelsvc - ok
11:27:06.0466 0x04c0 TimeBrokerSvc - ok
11:27:06.0466 0x04c0 TPM - ok
11:27:06.0482 0x04c0 TrkWks - ok
11:27:06.0497 0x04c0 TrustedInstaller - ok
11:27:06.0497 0x04c0 tsusbflt - ok
11:27:06.0497 0x04c0 TsUsbGD - ok
11:27:06.0513 0x04c0 tunnel - ok
11:27:06.0513 0x04c0 tzautoupdate - ok
11:27:06.0513 0x04c0 UASPStor - ok
11:27:06.0513 0x04c0 UcmCx0101 - ok
11:27:06.0513 0x04c0 UcmTcpciCx0101 - ok
11:27:06.0513 0x04c0 UcmUcsi - ok
11:27:06.0513 0x04c0 Ucx01000 - ok
11:27:06.0513 0x04c0 UdeCx - ok
11:27:06.0513 0x04c0 udfs - ok
11:27:06.0528 0x04c0 UEFI - ok
11:27:06.0528 0x04c0 Ufx01000 - ok
11:27:06.0528 0x04c0 UfxChipidea - ok
11:27:06.0528 0x04c0 ufxsynopsys - ok
11:27:06.0528 0x04c0 UI0Detect - ok
11:27:06.0528 0x04c0 umbus - ok
11:27:06.0528 0x04c0 UmPass - ok
11:27:06.0544 0x04c0 UmRdpService - ok
11:27:06.0544 0x04c0 UnistoreSvc - ok
11:27:06.0544 0x04c0 upnphost - ok
11:27:06.0544 0x04c0 UrsChipidea - ok
11:27:06.0544 0x04c0 UrsCx01000 - ok
11:27:06.0544 0x04c0 UrsSynopsys - ok
11:27:06.0560 0x04c0 usbccgp - ok
11:27:06.0560 0x04c0 usbcir - ok
11:27:06.0560 0x04c0 usbehci - ok
11:27:06.0560 0x04c0 usbhub - ok
11:27:06.0560 0x04c0 USBHUB3 - ok
11:27:06.0560 0x04c0 usbohci - ok
11:27:06.0560 0x04c0 usbprint - ok
11:27:06.0591 0x04c0 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:27:06.0607 0x04c0 usbscan - ok
11:27:06.0607 0x04c0 usbser - ok
11:27:06.0607 0x04c0 USBSTOR - ok
11:27:06.0607 0x04c0 usbuhci - ok
11:27:06.0607 0x04c0 USBXHCI - ok
11:27:06.0622 0x04c0 UserDataSvc - ok
11:27:06.0638 0x04c0 UserManager - ok
11:27:06.0638 0x04c0 UsoSvc - ok
11:27:06.0653 0x04c0 VaultSvc - ok
11:27:06.0669 0x04c0 [ 8CD776EB77695524CCE594AAC3A71569, AEF6F9B0E5F67E87819EB0E9FA5220EEF247A160A2BF8511CEDC8D12A9D4D941 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:27:06.0669 0x04c0 VBoxNetAdp - ok
11:27:06.0669 0x04c0 vdrvroot - ok
11:27:06.0685 0x04c0 vds - ok
11:27:06.0700 0x04c0 VerifierExt - ok
11:27:06.0700 0x04c0 vhdmp - ok
11:27:06.0700 0x04c0 vhf - ok
11:27:06.0700 0x04c0 vmbus - ok
11:27:06.0700 0x04c0 VMBusHID - ok
11:27:06.0700 0x04c0 vmgid - ok
11:27:06.0700 0x04c0 vmicguestinterface - ok
11:27:06.0700 0x04c0 vmicheartbeat - ok
11:27:06.0716 0x04c0 vmickvpexchange - ok
11:27:06.0716 0x04c0 vmicrdv - ok
11:27:06.0716 0x04c0 vmicshutdown - ok
11:27:06.0716 0x04c0 vmictimesync - ok
11:27:06.0716 0x04c0 vmicvmsession - ok
11:27:06.0716 0x04c0 vmicvss - ok
11:27:06.0716 0x04c0 volmgr - ok
11:27:06.0716 0x04c0 volmgrx - ok
11:27:06.0732 0x04c0 volsnap - ok
11:27:06.0732 0x04c0 volume - ok
11:27:06.0732 0x04c0 vpci - ok
11:27:06.0732 0x04c0 vsmraid - ok
11:27:06.0732 0x04c0 VSS - ok
11:27:06.0732 0x04c0 VSTXRAID - ok
11:27:06.0732 0x04c0 vwifibus - ok
11:27:06.0732 0x04c0 vwififlt - ok
11:27:06.0747 0x04c0 W32Time - ok
11:27:06.0747 0x04c0 WacomPen - ok
11:27:06.0763 0x04c0 WalletService - ok
11:27:06.0763 0x04c0 wanarp - ok
11:27:06.0763 0x04c0 wanarpv6 - ok
11:27:06.0763 0x04c0 wbengine - ok
11:27:06.0778 0x04c0 WbioSrvc - ok
11:27:06.0778 0x04c0 wcifs - ok
11:27:06.0778 0x04c0 Wcmsvc - ok
11:27:06.0778 0x04c0 wcncsvc - ok
11:27:06.0794 0x04c0 wcnfs - ok
11:27:06.0794 0x04c0 WdBoot - ok
11:27:06.0794 0x04c0 Wdf01000 - ok
11:27:06.0794 0x04c0 WdFilter - ok
11:27:06.0794 0x04c0 WdiServiceHost - ok
11:27:06.0794 0x04c0 WdiSystemHost - ok
11:27:06.0794 0x04c0 wdiwifi - ok
11:27:06.0794 0x04c0 WdNisDrv - ok
11:27:06.0810 0x04c0 WdNisSvc - ok
11:27:06.0810 0x04c0 WebClient - ok
11:27:06.0825 0x04c0 Wecsvc - ok
11:27:06.0825 0x04c0 WEPHOSTSVC - ok
11:27:06.0825 0x04c0 wercplsupport - ok
11:27:06.0825 0x04c0 WerSvc - ok
11:27:06.0825 0x04c0 WFPLWFS - ok
11:27:06.0825 0x04c0 WiaRpc - ok
11:27:06.0825 0x04c0 WIMMount - ok
11:27:06.0825 0x04c0 WinDefend - ok
11:27:06.0857 0x04c0 WindowsTrustedRT - ok
11:27:06.0872 0x04c0 WindowsTrustedRTProxy - ok
11:27:06.0872 0x04c0 WinHttpAutoProxySvc - ok
11:27:06.0872 0x04c0 WinMad - ok
11:27:06.0903 0x04c0 Winmgmt - ok
11:27:06.0903 0x04c0 WinRM - ok
11:27:06.0903 0x04c0 WINUSB - ok
11:27:06.0903 0x04c0 WinVerbs - ok
11:27:06.0919 0x04c0 wisvc - ok
11:27:06.0919 0x04c0 WlanSvc - ok
11:27:06.0919 0x04c0 wlidsvc - ok
11:27:06.0919 0x04c0 WmiAcpi - ok
11:27:06.0935 0x04c0 wmiApSrv - ok
11:27:06.0950 0x04c0 WMPNetworkSvc - ok
11:27:06.0950 0x04c0 Wof - ok
11:27:06.0966 0x04c0 workfolderssvc - ok
11:27:06.0966 0x04c0 WPDBusEnum - ok
11:27:06.0966 0x04c0 WpdUpFltr - ok
11:27:06.0966 0x04c0 WpnService - ok
11:27:06.0966 0x04c0 WpnUserService - ok
11:27:06.0966 0x04c0 ws2ifsl - ok
11:27:06.0982 0x04c0 wscsvc - ok
11:27:06.0982 0x04c0 WSearch - ok
11:27:06.0997 0x04c0 wuauserv - ok
11:27:06.0997 0x04c0 WudfPf - ok
11:27:06.0997 0x04c0 WUDFRd - ok
11:27:06.0997 0x04c0 wudfsvc - ok
11:27:07.0013 0x04c0 WUDFWpdFs - ok
11:27:07.0013 0x04c0 WwanSvc - ok
11:27:07.0013 0x04c0 XblAuthManager - ok
11:27:07.0028 0x04c0 XblGameSave - ok
11:27:07.0028 0x04c0 xboxgip - ok
11:27:07.0028 0x04c0 XboxNetApiSvc - ok
11:27:07.0044 0x04c0 xinputhid - ok
11:27:07.0060 0x04c0 ================ Scan global ===============================
11:27:07.0107 0x04c0 [ Global ] - ok
11:27:07.0107 0x04c0 ================ Scan MBR ==================================
11:27:07.0138 0x04c0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:27:07.0372 0x04c0 \Device\Harddisk0\DR0 - ok
11:27:07.0372 0x04c0 ================ Scan VBR ==================================
11:27:07.0372 0x04c0 [ 0ED782E48706B9C68859F34321C102F1 ] \Device\Harddisk0\DR0\Partition1
11:27:07.0372 0x04c0 \Device\Harddisk0\DR0\Partition1 - ok
11:27:07.0372 0x04c0 [ B4652D761670F90A57BE0203EED57409 ] \Device\Harddisk0\DR0\Partition2
11:27:07.0372 0x04c0 \Device\Harddisk0\DR0\Partition2 - ok
11:27:07.0372 0x04c0 [ 830B2111926697ED9DDB3500F976C9FD ] \Device\Harddisk0\DR0\Partition3
11:27:07.0372 0x04c0 \Device\Harddisk0\DR0\Partition3 - ok
11:27:07.0372 0x04c0 ================ Scan generic autorun ======================
11:27:07.0669 0x04c0 [ 47D99FEC44A9E082B2D761AB5A938CA8, FF8CAD5CD331A7DAFAA616C530F500E74663EC86BB832032D2EFD3F77EBF75FF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:27:07.0950 0x04c0 RTHDVCPL - ok
11:27:08.0013 0x04c0 [ E6A3062BDB2E18EBDEB69CF7F7A3A070, 48AB0CCA0230DCBB47CCC765659E390A4A42AC7303A27B835B9FBB1168AC7BF1 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:27:08.0044 0x04c0 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:27:08.0044 0x04c0 IAStorIcon ( UnsignedFile.Multi.Generic ) - warning
11:27:08.0107 0x04c0 [ 3AC269FDBF84B8BE16D5EBAD1F373550, 9EEEFB96D7940816C681968ABA15F7E05DFF4D5D29B93BF5E9D5D3F8475C0DF2 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
11:27:08.0107 0x04c0 IMSS - ok
11:27:08.0138 0x04c0 [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:27:08.0153 0x04c0 SunJavaUpdateSched - ok
11:27:08.0185 0x04c0 OneDriveSetup - ok
11:27:08.0185 0x04c0 OneDriveSetup - ok
11:27:08.0372 0x04c0 [ FB0A5F4C19592332BCE8498EEF361EBB, 17BABB84F0F8C217E37912F60E7DB9C0F682132D32DCC85A99C3FC0A8D3AE5A3 ] C:\Program Files (x86)\AirDroid\AirDroid.exe
11:27:08.0622 0x04c0 AirDroid 3 - detected UnsignedFile.Multi.Generic ( 1 )
11:27:08.0622 0x04c0 AirDroid 3 ( UnsignedFile.Multi.Generic ) - warning
11:27:08.0810 0x04c0 [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
11:27:09.0013 0x04c0 CCleaner Monitoring - ok
11:27:09.0122 0x04c0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
11:27:09.0138 0x04c0 AV detected via SS2: ESET NOD32 Antivirus 9.0.408.1, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 9.0.407.0 ), 0x41000 ( enabled : updated )
11:27:09.0169 0x04c0 Win FW state via NFP2: disabled ( not trusted )
11:27:09.0169 0x04c0 ============================================================
11:27:09.0169 0x04c0 Scan finished
11:27:09.0169 0x04c0 ============================================================
11:27:09.0169 0x04e0 Detected object count: 5
11:27:09.0169 0x04e0 Actual detected object count: 5
11:29:44.0625 0x04e0 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:44.0625 0x04e0 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:44.0625 0x04e0 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:44.0625 0x04e0 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:44.0640 0x04e0 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:44.0640 0x04e0 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:44.0640 0x04e0 IAStorIcon ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:44.0640 0x04e0 IAStorIcon ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:44.0640 0x04e0 AirDroid 3 ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:44.0640 0x04e0 AirDroid 3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:30:32.0922 0x0adc Deinitialize success
 

Kbite

Aprender y compartir
Administrador
Hola baykal.

Esta es la información sobre el archivo COM surrogate, y verás que no se trata de ningún virus si no de un fallo del sistema:

El Com Surrogate, es el código de incidente que se presenta cuando los paquetes de codecs no funcionan de forma indicada o el programa que usas para cambiar los datos de los archivos de audio no es compatible con la versión del sistema operativo.
El error COM Surrogate se produce a partir de Windows Vista y sucesores debido a que se incorpora una característica de seguridad conocida como DEP (Data Execution Prevention). A veces tenemos que prescindir de ella si queremos utilizar ciertos programas. A continuación os explicamos cómo solucionar el DEP (Data Execution Prevention).


Si tienes instalado algún paquete de codecs lo desinstalas. Lo mismo de tener algún programa de reproducción o multimedia. En estos casos se recomienda Desactivar DEP (Prevencion de ejecucion de datos) en Windows 10:
  • Clic derecho sobre Este equipo / Propiedades.
  • En el panel izquierdo clic en Configuración Avanzada del Sistema / pestaña Opciones avanzadas / en el apartado Rendimiento clic en botón Configuración.
  • Pestaña Prevención de Ejecución de Datos (DEP) / aquí "activamos" la opción Activar DEP para todos los programas y servicios excepto los que seleccione.
  • Clic en botón Agregar ...
  • Si el sistema operativo es de 32 bits añadiremos: C:\Windows\System32\dllhost.exe
  • Si el sistema operativo es de 64 bits añadiremos: C:\Windows\SysWOW64\dllhost.exe
  • Aplicar y Aceptar todas las ventanas.
Aunque si es algo reciente tal vez una "Restauración del sistema"" a un punto anterior al problema sería suficiente para solucionar ese inconveniente.

Sobre el no tener sonido en Modo seguro es lo normal ya que en ese modo se deshabilitan los servicios que no son fundamentales para Windows, por ejemplo los drivers del hardware, incluidos los controladores del sonido, así que eso es completamente normal.

Prueba y nos cuentas como te van las cosas. Saludos, Kbite
 

baykal

Nuevo Miembro
Miembro
Hola kbite,
He desinstalado el gomplayer y el vlcplayer y se sigue oyendo el ruido. He averiguado como poder escuchar el sonido en modo a prueba de errores, y he reiniciado y también se sigue oyendo el sonido en modo seguro.
Creo que lo único que me queda es recuperar windows con la opción de restablecer este PC, ya que veo además bastantes fallos en mi panel de control. Por ejemplo al hacer click en herramientas adminsitrativas me dice que la ubicación no está disponible y no puedo acceder. Así que creo que acabaré antes reinstalando windows, y dando a la opción mantener mis archivos. Supongo que todos los programas que tengo instalados se me borraran, pero como son tantos errores los que estoy viendo en mi sistema operativo, no veo otra opción.
Saludos
 

Kbite

Aprender y compartir
Administrador
Hola baykal.

Si tienes distintos errores del sistema la recuperación de Windows 10 es una buena opción para solucionarlos, aunque perderás los programas instalados excepto los descargados desde la tienda de Microsoft.

Tus archivos serán conservados, aunque por precaución sería conveniente hacer copia de seguridad de ellos, nunca se sabe lo que puede ocurrir durante este tipo de procesos, la copia se puede hacer en disco externo, pendrive o en la nube, Dropbox, One Drive o Google Drive.

Saludos, Kbite
 

baykal

Nuevo Miembro
Miembro
Hola kbite,

Al final eso es lo que voy a hacer, restaurar el sistema operativo para reparar todos los fallos

Muchas gracias por la ayuda y saludos
 
Estado
Cerrado para nuevas respuestas
Arriba Pie