• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 21

    Posible rootkit y doble tilde (Solucionado)

    Resumen del tema: Posible rootkit y doble tilde (Solucionado) - Hola, tengo un virus que ademas de hacer mas lento el ordenador, cada vez que busco una pagina con el buscador me deriva y abre las que el quiere, de publicidad, pornograficas... He conseguido entrar ...

      
    1. #1
      Usuario Avatar de juankipan
      Registrado
      jul 2010
      Ubicación
      españa
      Mensajes
      50

      Malware Posible rootkit y doble tilde (Solucionado)

      Hola, tengo un virus que ademas de hacer mas lento el ordenador, cada vez que busco una pagina con el buscador me deriva y abre las que el quiere, de publicidad, pornograficas... He conseguido entrar en las que selecccionaba escribiendo toda la direccion exacta y saltandome el buscador. Desde los primeros sintomas el ordenador ha ido cargandose de otros virus distintos, entre otros , ya no puedo escribir acentos. He intentado limpiarlo con algunos de los programas que proponeis en vuestra pagina pero no sirve de nada, cada vez tengo mas. Espero que podais decirme como arreglarlo. Gracias.

      Cita Originalmente publicado por juankipan Ver Mensaje
      he intentado solucionarlo con el ad aware, y me ha detectado como 400 posibles ataques, y ahora casi no puedo ni conectarme a vuestra p´´agina. No se qu´´e mas hacer. Puede alquien ayudarme?
      Última edición por juankipan fecha: 18/04/12 a las 04:48:32

    2. #2
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.017

      Re: posible rootkit y doble tilde

      Hola juankipan

      Realiza lo siguiente:

      Descarga,actualiza y realiza un escaneo completo con malwarebytes:Manual de Malwarebytes Anti-Malware 2.0

      -Instala el programa con idioma español.
      -Vete a la pestaña actualizar y actualizas a la ultima version
      -Vete a la pestaña Escáner y realizas un Ánalisis completo.
      -Una vez finalizado, pulsa sobre "Mostrar los Resultados " y "Eliminar Seleccionadas" como se demuestra en esta imagen
      -En el caso de que te pida reiniciar,reinicia.
      -Peganos el reporte del escaneo del malwarebytes despues de reiniciar,esta en la pestaña Registros.


      Descarga Ccleaner:Manual de CCleaner

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad


      Descarga y ejecuta TDSSKiller:Manual de TDSSKiller. siguiendo las instrucciones de su manual.

      Nota importante:Antes de realizar el paso del TDSSKiller es muy importante que desconectes tu pc de internet(apaga el modem o quita el cable)
      -Cuando la Herramienta termine Su trabajo, Reinicia el ordenador y conectate nuevamente a Internet.

      -Después de terminar la búsqueda y eliminación, se generará un reporte en un archivo llamado TDSSKiller.txt, que puedes localizar en la raiz del disco C.



      En modo normal


      Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Haz doble clic al archivo ComboFix.exe para continuar. Es Importante instalar Recovery Console si es solicitado por ComboFix.
      • Cuando termine, generará un registro en C:\ComboFix.txt.
      • *Nota* Mientras ComboFix este trabajando no mover el mouse ya que pararía su proceso.
      • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      En tu próxima respuesta nos traes los reportes de malwarebytes,tdsskiller y Combofix,comentando cómo está funcionando el sistema.

      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de juankipan
      Registrado
      jul 2010
      Ubicación
      españa
      Mensajes
      50

      Re: posible rootkit y doble tilde

      Hola.
      te cuento como va el tema hasta el momento.

      hemos seguido tus instrucciones hasta el Combofix. Al ejecutar este ultimo parece que se ha quedado colgado, pues lleva ejecutandose aproximadamente 2h sin aparente actividad.

      te envio los logs de antimalware y TDSSkiller.

      dejare ejcutandose el combofix hasta mañana, pero mucho me temo que esta fuera de juego.

      Quedo a la espera de tus indicaciones

      Gracias


      Malwarebytes Anti-Malware 1.61.0.1400
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.04.21.04

      Windows XP Service Pack 3 x86 NTFS
      Internet Explorer 8.0.6001.18702
      nines :: ACER-343DF73874 [administrador]

      21/04/2012 17:19:26
      mbam-log-2012-04-21 (17-19-26).txt

      Tipos de Análisis: Análisis Completo
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 248860
      Tiempo transcurrido: 52 minuto(s), 40 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 1
      C:\WINDOWS\system32\hpqwmiex.dll (Rootkit.0Access) -> Se eliminarán al reiniciar.

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 21
      C:\WINDOWS\system32\hpqwmiex.dll (Rootkit.0Access) -> Se eliminarán al reiniciar.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP413\A0067048.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP413\A0067061.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP413\A0067075.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP413\A0067103.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP413\A0067121.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP413\A0067133.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP413\A0067205.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP414\A0068205.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP414\A0068223.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP414\A0068224.dll (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP415\A0068245.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP416\A0068268.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP416\A0068269.dll (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP417\A0068297.ini (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\System Volume Information\_restore{FFBE1AF9-38FE-4B2E-9F59-4139749661B5}\RP417\A0068298.dll (Rootkit.0Access) -> En cuarentena y eliminado con éxito.
      C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini (Rootkit.0Access) -> Se eliminarán al reiniciar.
      C:\Documents and Settings\LocalService\Configuración local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Se eliminarán al reiniciar.
      C:\Documents and Settings\NetworkService\Configuración local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Se eliminarán al reiniciar.
      C:\Documents and Settings\nines\Configuración local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Se eliminarán al reiniciar.
      C:\WINDOWS\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Se eliminarán al reiniciar.

      fin)

    4. #4
      Usuario Avatar de juankipan
      Registrado
      jul 2010
      Ubicación
      españa
      Mensajes
      50

      Re: posible rootkit y doble tilde

      18:42:14.0890 3388 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
      18:42:15.0062 3388 ============================================================
      18:42:15.0062 3388 Current date / time: 2012/04/21 18:42:15.0062
      18:42:15.0062 3388 SystemInfo:
      18:42:15.0062 3388
      18:42:15.0062 3388 OS Version: 5.1.2600 ServicePack: 3.0
      18:42:15.0062 3388 Product type: Workstation
      18:42:15.0062 3388 ComputerName: ACER-343DF73874
      18:42:15.0062 3388 UserName: nines
      18:42:15.0062 3388 Windows directory: C:\WINDOWS
      18:42:15.0062 3388 System windows directory: C:\WINDOWS
      18:42:15.0062 3388 Processor architecture: Intel x86
      18:42:15.0078 3388 Number of processors: 2
      18:42:15.0078 3388 Page size: 0x1000
      18:42:15.0078 3388 Boot type: Normal boot
      18:42:15.0078 3388 ============================================================
      18:42:15.0703 3388 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
      18:42:15.0718 3388 \Device\Harddisk0\DR0:
      18:42:15.0718 3388 MBR partitions:
      18:42:15.0718 3388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC03000, BlocksNum 0x11E16000
      18:42:15.0765 3388 C: <-> \Device\Harddisk0\DR0\Partition0
      18:42:15.0765 3388 Initialize success
      18:42:15.0765 3388 ============================================================
      18:43:26.0125 5160 ============================================================
      18:43:26.0125 5160 Scan started
      18:43:26.0125 5160 Mode: Manual;
      18:43:26.0125 5160 ============================================================
      18:43:27.0359 5160 6to4 - ok
      18:43:27.0406 5160 a016mdm - ok
      18:43:27.0421 5160 a8djusb - ok
      18:43:27.0437 5160 aalogger - ok
      18:43:27.0453 5160 aamqdispatcher - ok
      18:43:27.0484 5160 aawservice - ok
      18:43:27.0500 5160 Abiosdsk - ok
      18:43:27.0562 5160 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
      18:43:27.0562 5160 abp480n5 - ok
      18:43:27.0578 5160 Accelerometer - ok
      18:43:27.0656 5160 ACPI (cf2a07e1751a2d612d7e13aa431ab057) C:\WINDOWS\system32\DRIVERS\ACPI.sys
      18:43:27.0656 5160 ACPI - ok
      18:43:27.0671 5160 ACPIEC (1c905333c0b9f3d7c68ddf25e54b00f9) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
      18:43:27.0671 5160 ACPIEC - ok
      18:43:27.0687 5160 AcronisOSSReinstallSvc - ok
      18:43:27.0843 5160 Ad-Aware Service (fb182ad520910442abf146bb325de79b) C:\Archivos de programa\Ad-Aware Antivirus\AdAwareService.exe
      18:43:27.0875 5160 Ad-Aware Service - ok
      18:43:28.0000 5160 adihdaudaddservice - ok
      18:43:28.0062 5160 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
      18:43:28.0062 5160 adpu160m - ok
      18:43:28.0093 5160 adpu320 - ok
      18:43:28.0125 5160 ADSMService - ok
      18:43:28.0187 5160 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
      18:43:28.0203 5160 aec - ok
      18:43:28.0218 5160 aexnsclient - ok
      18:43:28.0281 5160 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
      18:43:28.0281 5160 AFD - ok
      18:43:28.0296 5160 AFGSp50 - ok
      18:43:28.0312 5160 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
      18:43:28.0328 5160 agp440 - ok
      18:43:28.0343 5160 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
      18:43:28.0343 5160 agpCPQ - ok
      18:43:28.0375 5160 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
      18:43:28.0375 5160 Aha154x - ok
      18:43:28.0390 5160 ahcix86s - ok
      18:43:28.0421 5160 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
      18:43:28.0421 5160 aic78u2 - ok
      18:43:28.0437 5160 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
      18:43:28.0437 5160 aic78xx - ok
      18:43:28.0453 5160 AIRPLUS - ok
      18:43:28.0484 5160 alcan5wn - ok
      18:43:28.0546 5160 Alerter (fedca791a089d4e15084da10f38bce45) C:\WINDOWS\system32\alrsvc.dll
      18:43:28.0562 5160 Alerter - ok
      18:43:28.0687 5160 ALG (764b7a1e6ae2d70416a7932f3b97ac99) C:\WINDOWS\System32\alg.exe
      18:43:28.0687 5160 ALG - ok
      18:43:28.0750 5160 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
      18:43:28.0750 5160 AliIde - ok
      18:43:28.0781 5160 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
      18:43:28.0781 5160 alim1541 - ok
      18:43:28.0796 5160 AlteraByteBlaster - ok
      18:43:28.0843 5160 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
      18:43:28.0843 5160 amdagp - ok
      18:43:28.0859 5160 ami0nt - ok
      18:43:28.0875 5160 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
      18:43:28.0890 5160 amsint - ok
      18:43:28.0906 5160 Angel2 - ok
      18:43:28.0921 5160 aniwzcsdservice - ok
      18:43:28.0937 5160 Anydlc - ok
      18:43:28.0953 5160 APLMp50 - ok
      18:43:28.0984 5160 AppMgmt - ok
      18:43:29.0000 5160 AppnBase - ok
      18:43:29.0109 5160 AR5416 (2774b0607acdad6e76f577ac85fa077d) C:\WINDOWS\system32\DRIVERS\athw.sys
      18:43:29.0187 5160 AR5416 - ok
      18:43:29.0296 5160 aracpi - ok
      18:43:29.0328 5160 asapiw2k - ok
      18:43:29.0390 5160 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
      18:43:29.0390 5160 asc - ok
      18:43:29.0437 5160 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
      18:43:29.0437 5160 asc3350p - ok
      18:43:29.0484 5160 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
      18:43:29.0484 5160 asc3550 - ok
      18:43:29.0500 5160 asctrm - ok
      18:43:29.0609 5160 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
      18:43:29.0609 5160 aspnet_state - ok
      18:43:29.0734 5160 astcc - ok
      18:43:29.0750 5160 aswupdsv - ok
      18:43:29.0812 5160 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      18:43:29.0812 5160 AsyncMac - ok
      18:43:29.0875 5160 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
      18:43:29.0875 5160 atapi - ok
      18:43:29.0890 5160 Atdisk - ok
      18:43:29.0921 5160 ati - ok
      18:43:29.0937 5160 ati2mtaa - ok
      18:43:29.0953 5160 atiavpci - ok
      18:43:29.0968 5160 ATIBTXBAR - ok
      18:43:30.0000 5160 ATIVTUTW - ok
      18:43:30.0015 5160 atixsaudio - ok
      18:43:30.0031 5160 ATKGFNEXSrv - ok
      18:43:30.0046 5160 atksgt - ok
      18:43:30.0093 5160 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      18:43:30.0109 5160 Atmarpc - ok
      18:43:30.0109 5160 ATMsg - ok
      18:43:30.0140 5160 ATWPKT2 - ok
      18:43:30.0203 5160 AudioSrv (a37f6480b06c37db69bbff045cf9f55b) C:\WINDOWS\System32\audiosrv.dll
      18:43:30.0203 5160 AudioSrv - ok
      18:43:30.0359 5160 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
      18:43:30.0375 5160 audstub - ok
      18:43:30.0390 5160 autostore - ok
      18:43:30.0406 5160 avcgbfl - ok
      18:43:30.0421 5160 avg7core - ok
      18:43:30.0437 5160 avgascln - ok
      18:43:30.0468 5160 avgntflt - ok
      18:43:30.0484 5160 avgtdi - ok
      18:43:30.0500 5160 avipbb - ok
      18:43:30.0515 5160 avpnnic - ok
      18:43:30.0640 5160 avsinc - ok
      18:43:30.0656 5160 aw_host - ok
      18:43:30.0687 5160 backupexecnamingservice - ok
      18:43:30.0703 5160 basfipm - ok
      18:43:30.0718 5160 Bcim - ok
      18:43:30.0843 5160 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
      18:43:30.0875 5160 BCM43XX - ok
      18:43:30.0984 5160 BCMModem - ok
      18:43:31.0015 5160 BcmSqlStartupSvc - ok
      18:43:31.0031 5160 BCMWLNPF - ok
      18:43:31.0046 5160 bc_ip_f - ok
      18:43:31.0062 5160 bdss - ok
      18:43:31.0125 5160 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
      18:43:31.0125 5160 Beep - ok
      18:43:31.0218 5160 BITS (8ee9639c01b92490e09638caa1b16c3c) C:\WINDOWS\system32\qmgr.dll
      18:43:31.0234 5160 BITS - ok
      18:43:31.0359 5160 bmuservice - ok
      18:43:31.0390 5160 bocdrive - ok
      18:43:31.0406 5160 BootScreen - ok
      18:43:31.0453 5160 Browser (e28818bd591f8af8fbe9897472b9665e) C:\WINDOWS\System32\browser.dll
      18:43:31.0468 5160 Browser - ok
      18:43:31.0546 5160 bt3cusb - ok
      18:43:31.0593 5160 btcsrusb - ok
      18:43:31.0609 5160 bthidmgr - ok
      18:43:31.0640 5160 btnetfilter - ok
      18:43:31.0671 5160 btwrchid - ok
      18:43:31.0703 5160 BUFADPT - ok
      18:43:31.0718 5160 BVRPMPR5 - ok
      18:43:31.0750 5160 bwcsrv - ok
      18:43:31.0781 5160 C-Dilla - ok
      18:43:31.0812 5160 cachemanxp - ok
      18:43:31.0828 5160 CamAv - ok
      18:43:31.0843 5160 CAMCAUD - ok
      18:43:31.0859 5160 carboncopyscheduler - ok
      18:43:31.0921 5160 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
      18:43:31.0921 5160 cbidf - ok
      18:43:31.0937 5160 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
      18:43:31.0937 5160 cbidf2k - ok
      18:43:31.0984 5160 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
      18:43:31.0984 5160 CCDECODE - ok
      18:43:32.0000 5160 ccevtmgr - ok
      18:43:32.0015 5160 ccproxy - ok
      18:43:32.0031 5160 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
      18:43:32.0031 5160 cd20xrnt - ok
      18:43:32.0078 5160 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
      18:43:32.0093 5160 Cdaudio - ok
      18:43:32.0125 5160 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
      18:43:32.0125 5160 Cdfs - ok
      18:43:32.0203 5160 cdr4_xp - ok
      18:43:32.0250 5160 cdrbsdrv - ok
      18:43:32.0265 5160 cdrbsvsd - ok
      18:43:32.0312 5160 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
      18:43:32.0328 5160 Cdrom - ok
      18:43:32.0328 5160 cebdaldr - ok
      18:43:32.0359 5160 centennialiptransferagent - ok
      18:43:32.0375 5160 cfgwzsvc - ok
      18:43:32.0390 5160 cfsvcs - ok
      18:43:32.0421 5160 Changer - ok
      18:43:32.0437 5160 cimnotify - ok
      18:43:32.0484 5160 CiSvc (b0e3fec4ee7b935a7387fd6ef31ea780) C:\WINDOWS\system32\cisvc.exe
      18:43:32.0484 5160 CiSvc - ok
      18:43:32.0562 5160 citrixwmiservice - ok
      18:43:32.0609 5160 clientservice - ok
      18:43:32.0656 5160 ClipSrv (0c3bf68ab94cefd64b333b326f84510e) C:\WINDOWS\system32\clipsrv.exe
      18:43:32.0671 5160 ClipSrv - ok
      18:43:32.0750 5160 clisvc - ok
      18:43:32.0828 5160 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      18:43:32.0828 5160 clr_optimization_v2.0.50727_32 - ok
      18:43:32.0890 5160 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
      18:43:32.0890 5160 CmBatt - ok
      18:43:32.0968 5160 CmdIde (2f86ab1a85e4ecd37c3a88f45d706548) C:\WINDOWS\system32\DRIVERS\cmdide.sys
      18:43:32.0968 5160 CmdIde - ok
      18:43:33.0046 5160 cobbmservice - ok
      18:43:33.0125 5160 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
      18:43:33.0125 5160 Compbatt - ok
      18:43:33.0140 5160 COMSysApp - ok
      18:43:33.0281 5160 cportclm - ok
      18:43:33.0343 5160 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
      18:43:33.0343 5160 Cpqarray - ok
      18:43:33.0375 5160 cpqdfw - ok
      18:43:33.0406 5160 cpqdmi - ok
      18:43:33.0437 5160 cpqrcmc - ok
      18:43:33.0468 5160 cpqvcagent - ok
      18:43:33.0484 5160 cpucoolserver - ok
      18:43:33.0515 5160 cpuidlep - ok
      18:43:33.0531 5160 cqmghost - ok
      18:43:33.0546 5160 cqmgstor - ok
      18:43:33.0625 5160 CryptSvc (e423c9c1946c656e0e4840210a0a8681) C:\WINDOWS\System32\cryptsvc.dll
      18:43:33.0625 5160 CryptSvc - ok
      18:43:33.0718 5160 crystaloutputfileserver - ok
      18:43:33.0734 5160 CSRBC - ok
      18:43:33.0750 5160 CTAUDFX.DLL - ok
      18:43:33.0765 5160 ctdvda2k - ok
      18:43:33.0796 5160 cwafrmiregistry - ok
      18:43:33.0812 5160 cwcpsvc20 - ok
      18:43:33.0828 5160 CX88ENC - ok
      18:43:33.0843 5160 CYGF32X - ok
      18:43:33.0859 5160 cypresslink - ok
      18:43:33.0890 5160 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
      18:43:33.0890 5160 dac2w2k - ok
      18:43:33.0921 5160 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
      18:43:33.0921 5160 dac960nt - ok
      18:43:33.0937 5160 db2jds - ok
      18:43:33.0953 5160 DC21x4 - ok
      18:43:33.0984 5160 DCamUSBDXGTech - ok
      18:43:34.0000 5160 DCamUSBEMPIA - ok
      18:43:34.0078 5160 DcomLaunch (97869c55f562b777987100ea30ad8108) C:\WINDOWS\system32\rpcss.dll
      18:43:34.0078 5160 DcomLaunch - ok
      18:43:34.0125 5160 deckzpsx - ok
      18:43:34.0140 5160 delldmi - ok
      18:43:34.0234 5160 DELL_A02 - ok
      18:43:34.0281 5160 df5serv (b89cfbe8cb247b57d8c10adaa66b462b) C:\WINDOWS\system32\usbuhci.dll
      18:43:34.0296 5160 df5serv ( Backdoor.Multi.ZAccess.gen ) - infected
      18:43:34.0296 5160 df5serv - detected Backdoor.Multi.ZAccess.gen (0)
      18:43:34.0343 5160 DfwWebAgent - ok
      18:43:34.0406 5160 Dhcp (2ddfb3a5679fa02366686ecb1af622f0) C:\WINDOWS\System32\dhcpcsvc.dll
      18:43:34.0421 5160 Dhcp - ok
      18:43:34.0500 5160 digitizer - ok
      18:43:34.0546 5160 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
      18:43:34.0562 5160 Disk - ok
      18:43:34.0578 5160 DivisCTS - ok
      18:43:34.0656 5160 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
      18:43:34.0656 5160 DKbFltr - ok
      18:43:34.0687 5160 dklogger - ok
      18:43:34.0718 5160 dlaifs_m - ok
      18:43:34.0734 5160 dlapoolm - ok
      18:43:34.0765 5160 dlcc_device - ok
      18:43:34.0906 5160 DLH5X - ok
      18:43:34.0921 5160 DM9102 - ok
      18:43:34.0953 5160 dmadmin - ok
      18:43:35.0046 5160 dmboot (c252a99c0a78b39faa2e2d1d048b1050) C:\WINDOWS\system32\drivers\dmboot.sys
      18:43:35.0078 5160 dmboot - ok
      18:43:35.0218 5160 DMICall - ok
      18:43:35.0296 5160 dmio (33b4d4039cd2cb25351a7bf13b2988d9) C:\WINDOWS\system32\drivers\dmio.sys
      18:43:35.0312 5160 dmio - ok
      18:43:35.0328 5160 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
      18:43:35.0343 5160 dmload - ok
      18:43:35.0359 5160 dmprimer - ok
      18:43:35.0437 5160 dmserver (40d0520ddaa9312c5dddd8c7c99d8325) C:\WINDOWS\System32\dmserver.dll
      18:43:35.0437 5160 dmserver - ok
      18:43:35.0562 5160 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
      18:43:35.0562 5160 DMusic - ok
      18:43:35.0625 5160 Dnscache (2e6d76cab5a402af257a963916fe05e7) C:\WINDOWS\System32\dnsrslvr.dll
      18:43:35.0640 5160 Dnscache - ok
      18:43:35.0718 5160 dntus26 - ok
      18:43:35.0765 5160 dnwhodisp - ok
      18:43:35.0828 5160 Dot3svc (412134c50e2063d882ef1634676e2b25) C:\WINDOWS\System32\dot3svc.dll
      18:43:35.0843 5160 Dot3svc - ok
      18:43:35.0921 5160 dot4ufd - ok
      18:43:35.0968 5160 dot4usb - ok
      18:43:36.0046 5160 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
      18:43:36.0046 5160 dpti2o - ok
      18:43:36.0203 5160 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\ARCHIV~1\LAUNCH~1\DPortIO.sys
      18:43:36.0218 5160 DritekPortIO - ok
      18:43:36.0390 5160 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
      18:43:36.0390 5160 drmkaud - ok
      18:43:36.0406 5160 drvnddm - ok
      18:43:36.0421 5160 DS1410D - ok
      18:43:36.0453 5160 DSDrv4 - ok
      18:43:36.0468 5160 DSI_SiUSBXp_3_1 - ok
      18:43:36.0484 5160 dsproct - ok
      18:43:36.0500 5160 dsunidrv - ok
      18:43:36.0515 5160 DumaNT - ok
      18:43:36.0546 5160 DVDRC - ok
      18:43:36.0562 5160 dvd_2K - ok
      18:43:36.0578 5160 DXEC02 - ok
      18:43:36.0593 5160 DynDNS_Updater_Service - ok
      18:43:36.0640 5160 EapHost (fc3fe3654588e597fff395c305062c46) C:\WINDOWS\System32\eapsvc.dll
      18:43:36.0640 5160 EapHost - ok
      18:43:36.0718 5160 earthlinksafeconnectagent - ok
      18:43:36.0765 5160 EKECioCtl - ok
      18:43:36.0796 5160 EL2000 - ok
      18:43:36.0812 5160 EL90X - ok
      18:43:36.0843 5160 ELacpi - ok
      18:43:36.0859 5160 elaunidr - ok
      18:43:36.0890 5160 eloggersvc6 - ok
      18:43:36.0906 5160 elotouchscreen - ok
      18:43:36.0937 5160 emAudio - ok
      18:43:36.0953 5160 EMCFILT - ok
      18:43:36.0984 5160 emclisrv - ok
      18:43:37.0000 5160 emitray - ok
      18:43:37.0031 5160 emu10k1 - ok
      18:43:37.0046 5160 entertainment - ok
      18:43:37.0078 5160 epfw - ok
      18:43:37.0093 5160 epgspooler - ok
      18:43:37.0109 5160 Epiusb - ok
      18:43:37.0140 5160 epoxusdm - ok
      18:43:37.0156 5160 epson_pm_rpcv2_01 - ok
      18:43:37.0171 5160 epson_pm_rpcv2_02 - ok
      18:43:37.0203 5160 EQDRV5 - ok
      18:43:37.0218 5160 erecoveryservice - ok
      18:43:37.0265 5160 ERSvc (d96623dd7ce1ea9e4de7285d740e14f6) C:\WINDOWS\System32\ersvc.dll
      18:43:37.0281 5160 ERSvc - ok
      18:43:37.0375 5160 etoksrv - ok
      18:43:37.0437 5160 Eventlog (953df7327510df0de048b8e80e504ef9) C:\WINDOWS\system32\services.exe
      18:43:37.0453 5160 Eventlog - ok
      18:43:37.0593 5160 EventSystem (a225dd0d0489bd580781d19524a10b19) C:\WINDOWS\system32\es.dll
      18:43:37.0593 5160 EventSystem - ok
      18:43:37.0640 5160 Exportit - ok
      18:43:37.0656 5160 ezplay - ok
      18:43:37.0687 5160 F700ius - ok
      18:43:37.0718 5160 fallback - ok
      18:43:37.0812 5160 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
      18:43:37.0828 5160 Fastfat - ok
      18:43:37.0843 5160 fasttraksvc - ok
      18:43:37.0921 5160 FastUserSwitchingCompatibility (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
      18:43:37.0937 5160 FastUserSwitchingCompatibility - ok
      18:43:38.0125 5160 Fax (075cfe0213b51ae2d9e37c9b2164b227) C:\WINDOWS\system32\fxssvc.exe
      18:43:38.0140 5160 Fax - ok
      18:43:38.0156 5160 fcdabus - ok
      18:43:38.0234 5160 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
      18:43:38.0234 5160 Fdc - ok
      18:43:38.0375 5160 FETNDISB - ok
      18:43:38.0406 5160 fgdxbus - ok
      18:43:38.0484 5160 Fips (e5e61f2c07344e91dbfb7eafde549ab4) C:\WINDOWS\system32\drivers\Fips.sys
      18:43:38.0484 5160 Fips - ok
      18:43:38.0500 5160 flashpnt - ok
      18:43:38.0531 5160 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
      18:43:38.0546 5160 Flpydisk - ok
      18:43:38.0578 5160 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
      18:43:38.0593 5160 FltMgr - ok
      18:43:38.0718 5160 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
      18:43:38.0718 5160 FontCache3.0.0.0 - ok
      18:43:38.0828 5160 forcewarewebinterface - ok
      18:43:38.0859 5160 freepops - ok
      18:43:38.0875 5160 FreeTdi - ok
      18:43:38.0890 5160 fsaa - ok
      18:43:38.0906 5160 fsaua - ok
      18:43:38.0937 5160 fsdfwd - ok
      18:43:38.0953 5160 fsma - ok
      18:43:39.0000 5160 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
      18:43:39.0000 5160 fssfltr - ok
      18:43:39.0296 5160 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe
      18:43:39.0328 5160 fsssvc - ok
      18:43:39.0453 5160 FsVga - ok
      18:43:39.0531 5160 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
      18:43:39.0531 5160 Fs_Rec - ok
      18:43:39.0609 5160 Ftdisk (cc5f3af5711a1c7c8fa1d43bb16b401a) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      18:43:39.0609 5160 Ftdisk - ok
      18:43:39.0640 5160 gameenum - ok
      18:43:39.0671 5160 gbpoll - ok
      18:43:39.0734 5160 GearAspiWDM (5dc17164f66380cbfefd895c18467773) C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
      18:43:39.0734 5160 GearAspiWDM - ok
      18:43:39.0765 5160 gemserv - ok
      18:43:39.0781 5160 genmcmn - ok
      18:43:39.0812 5160 ghostsec - ok
      18:43:39.0843 5160 googledesktopmanager - ok
      18:43:40.0000 5160 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
      18:43:40.0015 5160 GoogleDesktopManager-051210-111108 - ok
      18:43:40.0140 5160 GoToAssist - ok
      18:43:40.0156 5160 gotomypc - ok
      18:43:40.0187 5160 govsrv - ok
      18:43:40.0250 5160 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
      18:43:40.0250 5160 Gpc - ok
      18:43:40.0281 5160 hcmon - ok
      18:43:40.0312 5160 hdaudaddservice - ok
      18:43:40.0390 5160 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
      18:43:40.0390 5160 HDAudBus - ok
      18:43:40.0421 5160 HECI - ok
      18:43:40.0500 5160 helpsvc (6b5e1788abf15177a20c6c76c11382bb) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
      18:43:40.0500 5160 helpsvc - ok
      18:43:40.0515 5160 hibernation - ok
      18:43:40.0546 5160 HidServ - ok
      18:43:40.0734 5160 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
      18:43:40.0750 5160 HidUsb - ok
      18:43:40.0812 5160 hkmsvc (8f80b5fb68e1e767d872cb9a8cad5b5d) C:\WINDOWS\System32\kmsvc.dll
      18:43:40.0812 5160 hkmsvc - ok
      18:43:40.0906 5160 houdiniserver - ok
      18:43:40.0953 5160 hpdj - ok
      18:43:41.0015 5160 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
      18:43:41.0015 5160 hpn - ok
      18:43:41.0046 5160 hpqwmiex - ok
      18:43:41.0109 5160 HSFHWALI (37dfff181a2c81ca8af5a5dd9cf9fd54) C:\WINDOWS\system32\ati.dll
      18:43:41.0125 5160 HSFHWALI - ok
      18:43:41.0218 5160 hsfhwbs2 - ok
      18:43:41.0250 5160 HssDrv - ok
      18:43:41.0328 5160 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
      18:43:41.0343 5160 HTTP - ok
      18:43:41.0468 5160 HTTPFilter (0406b351908a8c143b6b6bb8834d4920) C:\WINDOWS\System32\w3ssl.dll
      18:43:41.0484 5160 HTTPFilter - ok
      18:43:41.0546 5160 Huawei - ok
      18:43:41.0593 5160 hwdatacard - ok
      18:43:41.0609 5160 HWIONT - ok
      18:43:41.0718 5160 HWSCtrl - ok
      18:43:41.0828 5160 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
      18:43:41.0828 5160 i2omgmt - ok
      18:43:41.0859 5160 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
      18:43:41.0875 5160 i2omp - ok
      18:43:42.0062 5160 i8042prt (4a2490a66e8271901e89dd5fb79748ae) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      18:43:42.0062 5160 i8042prt - ok
      18:43:42.0234 5160 IAANTMON (cb686f44bf955ea02520710a56874fa4) C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTMon.exe
      18:43:42.0250 5160 IAANTMON - ok
      18:43:42.0375 5160 iaimfp2 - ok
      18:43:42.0406 5160 iaimtv1 - ok
      18:43:42.0437 5160 iaimtv4 - ok
      18:43:42.0468 5160 iAimTV5 - ok
      18:43:42.0828 5160 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
      18:43:43.0203 5160 ialm - ok
      18:43:43.0343 5160 iap - ok
      18:43:43.0359 5160 IASJet - ok
      18:43:43.0453 5160 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\WINDOWS\system32\drivers\iaStor.sys
      18:43:43.0453 5160 iaStor - ok
      18:43:43.0468 5160 ibmfilter - ok
      18:43:43.0484 5160 IBM_LLC2 - ok
      18:43:43.0500 5160 icepack - ok
      18:43:43.0531 5160 ichaud - ok
      18:43:43.0546 5160 iclarityqosservice - ok
      18:43:43.0562 5160 icollectservice - ok
      18:43:43.0578 5160 icraplus - ok
      18:43:43.0750 5160 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      18:43:43.0765 5160 idsvc - ok
      18:43:43.0890 5160 IFP700 - ok
      18:43:43.0906 5160 ikfilesec - ok
      18:43:43.0921 5160 iksysflt - ok
      18:43:43.0968 5160 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
      18:43:43.0984 5160 Imapi - ok
      18:43:44.0046 5160 ImapiService (e50abd04ca0c015017722014d1d9251e) C:\WINDOWS\system32\imapi.exe
      18:43:44.0046 5160 ImapiService - ok
      18:43:44.0156 5160 imonnt - ok
      18:43:44.0171 5160 imountsrv - ok
      18:43:44.0203 5160 incdfs - ok
      18:43:44.0218 5160 incdsrv - ok
      18:43:44.0234 5160 infrastructure - ok
      18:43:44.0312 5160 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
      18:43:44.0312 5160 ini910u - ok
      18:43:44.0328 5160 int15.sys - ok
      18:43:44.0687 5160 IntcAzAudAddService (662b65eeb8d070bd1162a7b63859afcf) C:\WINDOWS\system32\drivers\RtkHDAud.sys
      18:43:44.0875 5160 IntcAzAudAddService - ok
      18:43:45.0062 5160 IntelC51 - ok
      18:43:45.0140 5160 IntelIde (cdc98c84965ac816b3f76ec388e24078) C:\WINDOWS\system32\DRIVERS\intelide.sys
      18:43:45.0140 5160 IntelIde - ok
      18:43:45.0171 5160 intelppm (49a060498c09db18c3ea9939789005ab) C:\WINDOWS\system32\DRIVERS\intelppm.sys
      18:43:45.0187 5160 intelppm - ok
      18:43:45.0203 5160 interactivelogon - ok
      18:43:45.0218 5160 iolodmv - ok
      18:43:45.0250 5160 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
      18:43:45.0250 5160 Ip6Fw - ok
      18:43:45.0265 5160 iPassP - ok
      18:43:45.0281 5160 IPFilter - ok
      18:43:45.0312 5160 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      18:43:45.0312 5160 IpFilterDriver - ok
      18:43:45.0328 5160 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
      18:43:45.0343 5160 IpInIp - ok
      18:43:45.0390 5160 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
      18:43:45.0390 5160 IpNat - ok
      18:43:45.0406 5160 ipodservice - ok
      18:43:45.0437 5160 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
      18:43:45.0453 5160 IPSec - ok
      18:43:45.0562 5160 irda - ok
      18:43:45.0593 5160 ireike - ok
      18:43:45.0640 5160 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
      18:43:45.0640 5160 IRENUM - ok
      18:43:45.0656 5160 ISAMSvc - ok
      18:43:45.0734 5160 isapnp (0f3d281b0410fe5d482aada37d20524b) C:\WINDOWS\system32\DRIVERS\isapnp.sys
      18:43:45.0734 5160 isapnp - ok
      18:43:45.0750 5160 ithsgt - ok
      18:43:45.0906 5160 iviaspi - ok
      18:43:45.0921 5160 IWCA - ok
      18:43:46.0046 5160 JavaQuickStarterService (44ffba62f0f426b581759c49aafec2e2) C:\Archivos de programa\Java\jre6\bin\jqs.exe
      18:43:46.0046 5160 JavaQuickStarterService - ok
      18:43:46.0093 5160 JiaoIO - ok
      18:43:46.0109 5160 JRAID - ok
      18:43:46.0140 5160 jsdaemon - ok
      18:43:46.0156 5160 jukebox3 - ok
      18:43:46.0203 5160 Kbdclass (188ddd286bc0daea6984858c6a4d7bbf) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      18:43:46.0203 5160 Kbdclass - ok
      18:43:46.0281 5160 kbdhid (72efebecf76eb1dccc5ba9ea746d90e8) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
      18:43:46.0281 5160 kbdhid - ok
      18:43:46.0421 5160 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
      18:43:46.0421 5160 kmixer - ok
      18:43:46.0453 5160 KMWDFilter - ok
      18:43:46.0468 5160 KMW_SYS - ok
      18:43:46.0515 5160 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
      18:43:46.0531 5160 KSecDD - ok
      18:43:46.0562 5160 kwatchsvc - ok
      18:43:46.0609 5160 L1e (fa46f5d09edf93e0c71fe6500fe3f4ae) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
      18:43:46.0625 5160 L1e - ok
      18:43:46.0687 5160 LanmanServer (ccfc469efd7ecddc8fc887bae7b8563f) C:\WINDOWS\System32\srvsvc.dll
      18:43:46.0703 5160 LanmanServer - ok
      18:43:46.0828 5160 lanmanworkstation (3db7b764f5066587dae58a71ae51292e) C:\WINDOWS\System32\wkssvc.dll
      18:43:46.0859 5160 lanmanworkstation - ok
      18:43:46.0921 5160 lbrtfdc - ok
      18:43:46.0968 5160 lhidflt2 - ok
      18:43:46.0984 5160 LHidKe - ok
      18:43:47.0015 5160 lkcitadelserver - ok
      18:43:47.0031 5160 lkclassads - ok
      18:43:47.0046 5160 lktimesync - ok
      18:43:47.0062 5160 lmab_device - ok
      18:43:47.0109 5160 LmHosts (01af2112ff79aa613b6621a75c4e9277) C:\WINDOWS\System32\lmhsvc.dll
      18:43:47.0109 5160 LmHosts - ok
      18:43:47.0125 5160 LMIRfsClientNP - ok
      18:43:47.0140 5160 logmein - ok
      18:43:47.0171 5160 LPDSVC - ok
      18:43:47.0187 5160 lvcomser - ok
      18:43:47.0203 5160 lvhidsvc - ok
      18:43:47.0218 5160 lvtuner - ok
      18:43:47.0250 5160 LXARScan - ok
      18:43:47.0265 5160 lxbs_device - ok
      18:43:47.0281 5160 lxcccustomerconnect - ok
      18:43:47.0312 5160 lxcd_device - ok
      18:43:47.0328 5160 lxct_device - ok
      18:43:47.0406 5160 M3000Srv (b47da7eb985a6676623f378642e417b6) C:\WINDOWS\system32\Drivers\M3000KNT.sys
      18:43:47.0406 5160 M3000Srv - ok
      18:43:47.0484 5160 Maplom - ok
      18:43:47.0500 5160 McciCMService - ok
      18:43:47.0546 5160 mcmscsvc - ok
      18:43:47.0562 5160 mctskshd.exe - ok
      18:43:47.0718 5160 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\mdm.exe
      18:43:47.0734 5160 MDM - ok
      18:43:47.0843 5160 mediamaxxlservice - ok
      18:43:47.0859 5160 MegaSR - ok
      18:43:47.0890 5160 MEMSWEEP2 - ok
      18:43:47.0906 5160 meraksmtp - ok
      18:43:47.0968 5160 Messenger (047e70b04b288439245ddc8dd1a31982) C:\WINDOWS\System32\msgsvc.dll
      18:43:47.0968 5160 Messenger - ok
      18:43:48.0093 5160 mfesmfk - ok
      18:43:48.0109 5160 mgactrl - ok
      18:43:48.0125 5160 mi-raysat_3dsMax2008_32 - ok
      18:43:48.0156 5160 mi-raysat_3dsmax8 - ok
      18:43:48.0312 5160 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe
      18:43:48.0312 5160 Microsoft Office Groove Audit Service - ok
      18:43:48.0390 5160 milshieldcleaner - ok
      18:43:48.0437 5160 MKEMUSB - ok
      18:43:48.0500 5160 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
      18:43:48.0500 5160 mnmdd - ok
      18:43:48.0562 5160 mnmsrvc (85ada209695a677c9d60962cde10696b) C:\WINDOWS\system32\mnmsrvc.exe
      18:43:48.0562 5160 mnmsrvc - ok
      18:43:48.0640 5160 mnsframework - ok
      18:43:48.0718 5160 Modem (9024556e739b8469d2b8f5f0e4c9bc9f) C:\WINDOWS\system32\drivers\Modem.sys
      18:43:48.0718 5160 Modem - ok
      18:43:48.0734 5160 modemcsa - ok
      18:43:48.0812 5160 Mouclass (6fd36b4994a2363659a65c9f970cfdb7) C:\WINDOWS\system32\DRIVERS\mouclass.sys
      18:43:48.0812 5160 Mouclass - ok
      18:43:48.0890 5160 mouhid (8ee532e516b2d23d686cfc1cc0a15c25) C:\WINDOWS\system32\DRIVERS\mouhid.sys
      18:43:48.0890 5160 mouhid - ok
      18:43:49.0078 5160 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
      18:43:49.0078 5160 MountMgr - ok
      18:43:49.0093 5160 mozybackup - ok
      18:43:49.0109 5160 mpfirewl - ok
      18:43:49.0140 5160 MQAC - ok
      18:43:49.0156 5160 mr7910 - ok
      18:43:49.0203 5160 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
      18:43:49.0203 5160 mraid35x - ok
      18:43:49.0234 5160 MREMPR5 - ok
      18:43:49.0250 5160 MRESP50a64 - ok
      18:43:49.0281 5160 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      18:43:49.0281 5160 MRxDAV - ok
      18:43:49.0359 5160 MRxSmb (fb2fccc70f7174c7bf64f48e96d3adf4) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      18:43:49.0375 5160 MRxSmb - ok
      18:43:49.0484 5160 mscsptisrv - ok
      18:43:49.0546 5160 MSDTC (975bd2762bf355a572597cc54d97ba93) C:\WINDOWS\system32\msdtc.exe
      18:43:49.0546 5160 MSDTC - ok
      18:43:49.0609 5160 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
      18:43:49.0609 5160 Msfs - ok
      18:43:49.0625 5160 msftpsvc - ok
      18:43:49.0656 5160 MSIServer - ok
      18:43:49.0718 5160 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
      18:43:49.0718 5160 MSKSSRV - ok
      18:43:49.0734 5160 MSMQTriggers - ok
      18:43:49.0765 5160 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      18:43:49.0765 5160 MSPCLOCK - ok
      18:43:49.0781 5160 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
      18:43:49.0796 5160 MSPQM - ok
      18:43:49.0859 5160 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      18:43:49.0859 5160 mssmbios - ok
      18:43:49.0984 5160 mssql$microsoftbcm - ok
      18:43:50.0000 5160 mssqlserveradhelper - ok
      18:43:50.0062 5160 mstdfrgs - ok
      18:43:50.0125 5160 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
      18:43:50.0125 5160 MSTEE - ok
      18:43:50.0140 5160 MTDVC2 - ok
      18:43:50.0203 5160 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
      18:43:50.0203 5160 Mup - ok
      18:43:50.0218 5160 mvserver - ok
      18:43:50.0250 5160 mvwebserver - ok
      18:43:50.0265 5160 MxlW2k - ok
      18:43:50.0281 5160 MXOFX - ok
      18:43:50.0312 5160 mysql - ok
      18:43:50.0328 5160 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
      18:43:50.0328 5160 NABTSFEC - ok
      18:43:50.0343 5160 naimagent32 - ok
      18:43:50.0375 5160 nalntservice - ok
      18:43:50.0531 5160 NanoServiceMain (a830e59f98827943686e90bf79fc96fa) C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe
      18:43:50.0546 5160 NanoServiceMain - ok
      18:43:50.0718 5160 napagent (fd578fcc03bbd76af1e62202e6670d29) C:\WINDOWS\System32\qagentrt.dll
      18:43:50.0734 5160 napagent - ok
      18:43:50.0750 5160 NCPro - ok
      18:43:50.0765 5160 Ncrc710 - ok
      18:43:50.0781 5160 ncupdatesvc - ok
      18:43:50.0875 5160 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
      18:43:50.0875 5160 NDIS - ok
      18:43:51.0000 5160 ndiscm - ok
      18:43:51.0062 5160 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
      18:43:51.0078 5160 NdisIP - ok
      18:43:51.0140 5160 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      18:43:51.0140 5160 NdisTapi - ok
      18:43:51.0171 5160 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      18:43:51.0171 5160 Ndisuio - ok
      18:43:51.0218 5160 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      18:43:51.0218 5160 NdisWan - ok
      18:43:51.0265 5160 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
      18:43:51.0265 5160 NDProxy - ok
      18:43:51.0406 5160 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
      18:43:51.0406 5160 NetBIOS - ok
      18:43:51.0437 5160 NetBT (4b6dfe589905785a3c0d528af02c8ec2) C:\WINDOWS\system32\DRIVERS\netbt.sys
      18:43:51.0453 5160 NetBT ( Virus.Win32.ZAccess.g ) - infected
      18:43:51.0453 5160 NetBT - detected Virus.Win32.ZAccess.g (0)
      18:43:51.0515 5160 NetDDE (96b009e5b163850cf94dc333ed2bee93) C:\WINDOWS\system32\netdde.exe
      18:43:51.0515 5160 NetDDE - ok
      18:43:51.0531 5160 NetDDEdsdm (96b009e5b163850cf94dc333ed2bee93) C:\WINDOWS\system32\netdde.exe
      18:43:51.0531 5160 NetDDEdsdm - ok
      18:43:51.0718 5160 Netlogon (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
      18:43:51.0718 5160 Netlogon - ok
      18:43:51.0750 5160 Netman (a48884c9359ee9f1fc8f3f0d93fb1d95) C:\WINDOWS\System32\netman.dll
      18:43:51.0750 5160 Netman - ok
      18:43:51.0765 5160 NetPipeActivator - ok
      18:43:51.0906 5160 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      18:43:51.0906 5160 NetTcpPortSharing - ok
      18:43:51.0921 5160 NETw3v32 - ok
      18:43:51.0937 5160 NETw4v32 - ok
      18:43:51.0968 5160 NetwareWorkstation - ok
      18:43:51.0984 5160 netwg311 - ok
      18:43:52.0000 5160 nhcDriverDevice - ok
      18:43:52.0031 5160 nic1394 - ok
      18:43:52.0046 5160 nicser_wmp11 - ok
      18:43:52.0062 5160 nidomainservice - ok
      18:43:52.0093 5160 nimdbgk - ok
      18:43:52.0109 5160 niorbk - ok
      18:43:52.0125 5160 NIPALK - ok
      18:43:52.0140 5160 nisum - ok
      18:43:52.0171 5160 ni_nic - ok
      18:43:52.0234 5160 Nla (5e11d375c92a0dda7ac4d487fc4e1978) C:\WINDOWS\System32\mswsock.dll
      18:43:52.0234 5160 Nla - ok
      18:43:52.0359 5160 nmraapache - ok
      18:43:52.0375 5160 NMSCFG - ok
      18:43:52.0390 5160 nmwcdcm - ok
      18:43:52.0421 5160 NOWMEMDF - ok
      18:43:52.0437 5160 npapimon - ok
      18:43:52.0453 5160 NPDriver - ok
      18:43:52.0515 5160 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
      18:43:52.0531 5160 NPF - ok
      18:43:52.0703 5160 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
      18:43:52.0703 5160 Npfs - ok
      18:43:52.0734 5160 npkcrypt - ok
      18:43:52.0750 5160 npkcusb - ok
      18:43:52.0781 5160 NPPTNT - ok
      18:43:52.0796 5160 Nsynas32 - ok
      18:43:52.0812 5160 NTACCESS - ok
      18:43:52.0843 5160 ntcharge - ok
      18:43:52.0921 5160 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
      18:43:52.0937 5160 Ntfs - ok
      18:43:53.0062 5160 NTIDrvr - ok
      18:43:53.0078 5160 ntiopnp - ok
      18:43:53.0125 5160 NtLmSsp (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
      18:43:53.0125 5160 NtLmSsp - ok
      18:43:53.0203 5160 NtmsSvc (d60c40d71a4d874c903255e4827afa0c) C:\WINDOWS\system32\ntmssvc.dll
      18:43:53.0218 5160 NtmsSvc - ok
      18:43:53.0343 5160 ntservice1 - ok
      18:43:53.0421 5160 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
      18:43:53.0421 5160 Null - ok
      18:43:53.0437 5160 nvax - ok
      18:43:53.0453 5160 nvcap - ok
      18:43:53.0468 5160 NVENET - ok
      18:43:53.0500 5160 nvenetfd - ok
      18:43:53.0515 5160 nvnforce - ok
      18:43:53.0546 5160 NVR0Dev - ok
      18:43:53.0562 5160 NWDHCP - ok
      18:43:53.0578 5160 NWHOST - ok
      18:43:53.0609 5160 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      18:43:53.0625 5160 NwlnkFlt - ok
      18:43:53.0640 5160 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      18:43:53.0640 5160 NwlnkFwd - ok
      18:43:53.0656 5160 nwlnknb - ok
      18:43:53.0671 5160 NWSAP - ok
      18:43:53.0703 5160 NWUSBPort - ok
      18:43:53.0718 5160 NxSysMon - ok
      18:43:53.0890 5160 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE
      18:43:53.0906 5160 odserv - ok
      18:43:54.0015 5160 OEM02Afx - ok
      18:43:54.0046 5160 olcamsrv - ok
      18:43:54.0062 5160 omnidrv - ok
      18:43:54.0093 5160 omniserv - ok
      18:43:54.0109 5160 ooclevercacheagent - ok
      18:43:54.0140 5160 oracledbconsoleorcl - ok
      18:43:54.0156 5160 oracleoradb10g_home1isql*plus - ok
      18:43:54.0187 5160 OracleOraHome92ClientCache - ok
      18:43:54.0203 5160 oraclesnmppeermasteragent - ok
      18:43:54.0218 5160 oraclewebassistant - ok
      18:43:54.0250 5160 oracle_load_balancer_60_client-forms6i - ok
      18:43:54.0265 5160 oracle_load_balancer_60_client-forms6ip14 - ok
      18:43:54.0296 5160 oracle_load_balancer_60_server-forms6i - ok
      18:43:54.0328 5160 oracle_load_balancer_60_server-forms6ip9 - ok
      18:43:54.0421 5160 ose (5a432a042dae460abe7199b758e8606c) C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
      18:43:54.0421 5160 ose - ok
      18:43:54.0546 5160 outpostfirewall - ok
      18:43:54.0562 5160 ovt519 - ok
      18:43:54.0593 5160 owstimer - ok
      18:43:54.0609 5160 p1131vid - ok
      18:43:54.0625 5160 paamsrv - ok
      18:43:54.0765 5160 papyjoy - ok
      18:43:54.0843 5160 Parport (e7855cbd8bd1fda085a3f92cff7906e2) C:\WINDOWS\system32\drivers\Parport.sys
      18:43:54.0843 5160 Parport - ok
      18:43:54.0921 5160 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
      18:43:54.0921 5160 PartMgr - ok
      18:43:54.0953 5160 ParVdm (fad44d704ecd7d39ad01415b8bb34204) C:\WINDOWS\system32\drivers\ParVdm.sys
      18:43:54.0968 5160 ParVdm - ok
      18:43:54.0984 5160 pcctlcom - ok
      18:43:55.0015 5160 PCDCODEC - ok
      18:43:55.0062 5160 pchost - ok
      18:43:55.0109 5160 PCI (f11bc84ae6c7b003b5e0c8eeb4a1f444) C:\WINDOWS\system32\DRIVERS\pci.sys
      18:43:55.0109 5160 PCI - ok
      18:43:55.0125 5160 pcidrv - ok
      18:43:55.0156 5160 PCIDump - ok
      18:43:55.0171 5160 PCIIde (33d63f0a9021acb4d75d83b646b93a30) C:\WINDOWS\system32\DRIVERS\pciide.sys
      18:43:55.0171 5160 PCIIde - ok
      18:43:55.0203 5160 Pcmcia (f50c27cca56dc97b3a45e7f0059bd2ba) C:\WINDOWS\system32\drivers\Pcmcia.sys
      18:43:55.0203 5160 Pcmcia - ok
      18:43:55.0218 5160 pcnet - ok
      18:43:55.0234 5160 pcscnsrv - ok
      18:43:55.0265 5160 PCTINDIS5 - ok
      18:43:55.0281 5160 PDCOMP - ok
      18:43:55.0312 5160 pdfcreatormessages - ok
      18:43:55.0328 5160 PDFRAME - ok
      18:43:55.0343 5160 pdiddcci - ok
      18:43:55.0375 5160 pdlndint - ok
      18:43:55.0390 5160 pdlndsdl - ok
      18:43:55.0406 5160 pdlndtdl - ok
      18:43:55.0437 5160 pdlnepkt - ok
      18:43:55.0453 5160 pdlnshay - ok
      18:43:55.0468 5160 pdlnsv25 - ok
      18:43:55.0484 5160 pdlnsx25 - ok
      18:43:55.0515 5160 PDRELI - ok
      18:43:55.0531 5160 PDRFRAME - ok
      18:43:55.0562 5160 pdscheduler - ok
      18:43:55.0578 5160 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
      18:43:55.0578 5160 perc2 - ok
      18:43:55.0609 5160 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
      18:43:55.0609 5160 perc2hib - ok
      18:43:55.0656 5160 persfw - ok
      18:43:55.0671 5160 PEVSystemStart - ok
      18:43:55.0703 5160 pgpserv - ok
      18:43:55.0718 5160 phc600 - ok
      18:43:55.0734 5160 PID_PEPI - ok
      18:43:55.0750 5160 pinnaclesys.mediaserver - ok
      18:43:55.0781 5160 pivot - ok
      18:43:55.0828 5160 PlugPlay (953df7327510df0de048b8e80e504ef9) C:\WINDOWS\system32\services.exe
      18:43:55.0843 5160 PlugPlay - ok
      18:43:55.0953 5160 pnkbstrb - ok
      18:43:55.0984 5160 point32 - ok
      18:43:56.0000 5160 PolicyAgent (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
      18:43:56.0015 5160 PolicyAgent - ok
      18:43:56.0062 5160 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
      18:43:56.0078 5160 PptpMiniport - ok
      18:43:56.0093 5160 prism_a02 - ok
      18:43:56.0109 5160 procexp100 - ok
      18:43:56.0140 5160 ProtectedStorage (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
      18:43:56.0140 5160 ProtectedStorage - ok
      18:43:56.0156 5160 protexislicensing - ok
      18:43:56.0171 5160 prtg4service - ok
      18:43:56.0203 5160 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
      18:43:56.0203 5160 PSched - ok
      18:43:56.0218 5160 PSDFilter - ok
      18:43:56.0281 5160 PSINAflt (b66042e21d32fcdf193b3b80516da1b3) C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
      18:43:56.0296 5160 PSINAflt - ok
      18:43:56.0359 5160 PSINFile (5bab5fb4cb1963f643a1a8b4d816cf8f) C:\WINDOWS\system32\DRIVERS\PSINFile.sys
      18:43:56.0359 5160 PSINFile - ok
      18:43:56.0500 5160 PSINKNC (16066810f5dae092db226c6662feedc9) C:\WINDOWS\system32\DRIVERS\psinknc.sys
      18:43:56.0500 5160 PSINKNC - ok
      18:43:56.0515 5160 PSINProc (87b2fe6d7b427947541360f48c302054) C:\WINDOWS\system32\DRIVERS\PSINProc.sys
      18:43:56.0531 5160 PSINProc - ok
      18:43:56.0546 5160 PSINProt (72ce5f32ff8260a38127953555e29d66) C:\WINDOWS\system32\DRIVERS\PSINProt.sys
      18:43:56.0546 5160 PSINProt - ok
      18:43:56.0562 5160 PTDCBus - ok
      18:43:56.0593 5160 PTDCMdm - ok
      18:43:56.0656 5160 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
      18:43:56.0656 5160 Ptilink - ok
      18:43:56.0671 5160 Ptserlp - ok
      18:43:56.0703 5160 pvservice - ok
      18:43:56.0718 5160 pxfhbus - ok
      18:43:56.0734 5160 pxfhmdfl - ok
      18:43:56.0765 5160 pxfhmdm - ok
      18:43:56.0953 5160 qcusbser (9ccf89372c5a04e97cd89b58ae697796) C:\WINDOWS\system32\DRIVERS\qcusbser.sys
      18:43:56.0968 5160 qcusbser - ok
      18:43:56.0984 5160 qhwscsvc - ok
      18:43:57.0015 5160 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
      18:43:57.0015 5160 ql1080 - ok
      18:43:57.0031 5160 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
      18:43:57.0031 5160 Ql10wnt - ok
      18:43:57.0078 5160 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
      18:43:57.0078 5160 ql12160 - ok
      18:43:57.0093 5160 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
      18:43:57.0109 5160 ql1240 - ok
      18:43:57.0125 5160 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
      18:43:57.0125 5160 ql1280 - ok
      18:43:57.0156 5160 ql2100 - ok
      18:43:57.0171 5160 queuemgr - ok
      18:43:57.0187 5160 QWAVE - ok
      18:43:57.0218 5160 R300 - ok
      18:43:57.0234 5160 racsvc - ok
      18:43:57.0250 5160 radclock - ok
      18:43:57.0265 5160 rampartsvc - ok
      18:43:57.0312 5160 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
      18:43:57.0343 5160 RasAcd - ok
      18:43:57.0390 5160 RasAuto (8345c6f52f38a95b950b9b3d064ae3ee) C:\WINDOWS\System32\rasauto.dll
      18:43:57.0406 5160 RasAuto - ok
      18:43:57.0531 5160 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      18:43:57.0531 5160 Rasl2tp - ok
      18:43:57.0578 5160 RasMan (b279f6a9ea3acb5844c103ed2db65b44) C:\WINDOWS\System32\rasmans.dll
      18:43:57.0578 5160 RasMan - ok
      18:43:57.0593 5160 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      18:43:57.0609 5160 RasPppoe - ok
      18:43:57.0640 5160 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
      18:43:57.0640 5160 Raspti - ok
      18:43:57.0656 5160 raysatxsi5_0server - ok
      18:43:57.0671 5160 rbfilter - ok
      18:43:57.0765 5160 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
      18:43:57.0765 5160 Rdbss - ok
      18:43:57.0796 5160 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      18:43:57.0796 5160 RDPCDD - ok
      18:43:57.0984 5160 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
      18:43:57.0984 5160 rdpdr - ok
      18:43:58.0046 5160 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
      18:43:58.0062 5160 RDPWD - ok
      18:43:58.0093 5160 RDSessMgr (6193e6b05336c277ea4db39afa46bc23) C:\WINDOWS\system32\sessmgr.exe
      18:43:58.0109 5160 RDSessMgr - ok
      18:43:58.0281 5160 redbook (20950948970a0ea329b4254052bcf093) C:\WINDOWS\system32\DRIVERS\redbook.sys
      18:43:58.0281 5160 redbook - ok
      18:43:58.0343 5160 RemoteAccess (1b7481d377bd7997452352f82f4cffed) C:\WINDOWS\System32\mprdim.dll
      18:43:58.0343 5160 RemoteAccess - ok
      18:43:58.0421 5160 retrolauncher - ok
      18:43:58.0468 5160 revudfservice - ok
      18:43:58.0484 5160 rfcomm - ok
      18:43:58.0515 5160 rimmptsk - ok
      18:43:58.0531 5160 RimSerPort - ok
      18:43:58.0546 5160 rimsptsk - ok
      18:43:58.0578 5160 riomsc - ok
      18:43:58.0593 5160 RioS30 - ok
      18:43:58.0609 5160 RIOXDRV - ok
      18:43:58.0640 5160 RMCAST - ok
      18:43:58.0656 5160 RMSvc - ok
      18:43:58.0671 5160 rnadirmultiplexor - ok
      18:43:58.0703 5160 ROB_V - ok
      18:43:58.0718 5160 ROOTUSB - ok
      18:43:58.0734 5160 roxmediadb9 - ok
      18:43:58.0765 5160 roxupnprenderer - ok
      18:43:58.0812 5160 RpcLocator (9fccbdbaa0cf915aac0132de1c9566b3) C:\WINDOWS\system32\locator.exe
      18:43:58.0812 5160 RpcLocator - ok
      18:43:58.0906 5160 rpcnet - ok
      18:43:59.0000 5160 RpcSs (97869c55f562b777987100ea30ad8108) C:\WINDOWS\System32\rpcss.dll
      18:43:59.0000 5160 RpcSs - ok
      18:43:59.0093 5160 RR2Ctrl - ok
      18:43:59.0156 5160 rslinxng - ok
      18:43:59.0171 5160 rspndr - ok
      18:43:59.0234 5160 RSUSBSTOR (030442f08aec1a5d7cf035cc514374b9) C:\WINDOWS\system32\Drivers\RTS5121.sys
      18:43:59.0250 5160 RSUSBSTOR - ok
      18:43:59.0312 5160 RSVP (5e38212c2c00dc342e2281d2f6bfb746) C:\WINDOWS\system32\rsvp.exe
      18:43:59.0312 5160 RSVP - ok
      18:43:59.0437 5160 RS_Service (38494041f19f6cd005b711f5e08fae08) C:\Archivos de programa\Acer\Acer VCM\RS_Service.exe
      18:43:59.0453 5160 RS_Service - ok
      18:43:59.0562 5160 rt2500usb - ok
      18:43:59.0593 5160 rtl8139 - ok
      18:43:59.0609 5160 rtl8187Se - ok
      18:43:59.0625 5160 Rts516xIR - ok
      18:43:59.0656 5160 RVIEG01 - ok
      18:43:59.0671 5160 rxmssync - ok
      18:43:59.0687 5160 s116mdm - ok
      18:43:59.0734 5160 s117mdfl - ok
      18:43:59.0765 5160 s117mgmt - ok
      18:43:59.0781 5160 s217bus - ok
      18:43:59.0796 5160 s217mgmt - ok
      18:43:59.0828 5160 s217unic - ok
      18:43:59.0843 5160 s24trans - ok
      18:43:59.0875 5160 s3twistr - ok
      18:43:59.0890 5160 s716nd5 - ok
      18:43:59.0906 5160 s7oppitx - ok
      18:43:59.0937 5160 SABSVC - ok
      18:43:59.0968 5160 SamSs (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
      18:43:59.0968 5160 SamSs - ok
      18:44:00.0093 5160 SANDRA - ok
      18:44:00.0109 5160 sansaservice - ok
      18:44:00.0156 5160 SAVRKBootTasks (e5c587c0668f83e799d1c43bc53e5e37) C:\WINDOWS\system32\SAVRKBootTasks.sys
      18:44:00.0171 5160 SAVRKBootTasks - ok
      18:44:00.0390 5160 SBAMSvc (c7d53053541a448febb1373abbaf79ef) C:\Archivos de programa\Ad-Aware Antivirus\Engine\SBAMSvc.exe
      18:44:00.0515 5160 SBAMSvc - ok
      18:44:00.0687 5160 sbaphd (65a36563c0207824c8240662043c5304) C:\WINDOWS\system32\drivers\sbaphd.sys
      18:44:00.0687 5160 sbaphd - ok
      18:44:00.0718 5160 sbapifs (3d6ba67c758735918e323d4d6f64449a) C:\WINDOWS\system32\drivers\sbapifs.sys
      18:44:00.0718 5160 sbapifs - ok
      18:44:00.0812 5160 SbFw (eb4a2b5faa3decd33ed682a5569e287f) C:\WINDOWS\system32\drivers\SbFw.sys
      18:44:00.0828 5160 SbFw - ok
      18:44:00.0968 5160 SBFWIMCL (f27b38d70b7621378161d6f48be04d2c) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
      18:44:00.0968 5160 SBFWIMCL - ok
      18:44:00.0984 5160 SBFWIMCLMP (f27b38d70b7621378161d6f48be04d2c) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
      18:44:00.0984 5160 SBFWIMCLMP - ok
      18:44:01.0187 5160 sbhips (53e5e7dc26bb920b97f258bbd52abfdc) C:\WINDOWS\system32\drivers\sbhips.sys
      18:44:01.0203 5160 sbhips - ok
      18:44:01.0234 5160 sbp2port - ok
      18:44:01.0375 5160 SBRE (0505da5d357f18a5d42fc5dede6bc9a0) C:\WINDOWS\system32\drivers\SBREDrv.sys
      18:44:01.0375 5160 SBRE - ok
      18:44:01.0468 5160 SbTis (44062a740434b7c3946096d615aaa91c) C:\WINDOWS\system32\drivers\sbtis.sys
      18:44:01.0484 5160 SbTis - ok
      18:44:01.0500 5160 scanexplicit - ok
      18:44:01.0546 5160 SCardSvr (a50e4dd0e2a9df762807c84153b4953a) C:\WINDOWS\System32\SCardSvr.exe
      18:44:01.0562 5160 SCardSvr - ok
      18:44:01.0687 5160 Schedule (51be25c404d3dd344c6079de715e4977) C:\WINDOWS\system32\schedsvc.dll
      18:44:01.0687 5160 Schedule - ok
      18:44:01.0703 5160 SE26mdfl - ok
      18:44:01.0718 5160 SE2Bmdm - ok
      18:44:01.0750 5160 SE2Bmgmt - ok
      18:44:01.0765 5160 se2Bunic - ok
      18:44:01.0796 5160 SE2Cmdfl - ok
      18:44:01.0812 5160 SE2Cmgmt - ok
      18:44:01.0828 5160 SE2Dbus - ok
      18:44:01.0859 5160 SE2Dmgmt - ok
      18:44:01.0875 5160 se2Eunic - ok
      18:44:01.0906 5160 se44mdfl - ok
      18:44:01.0921 5160 se44mgmt - ok
      18:44:01.0937 5160 se45mgmt - ok
      18:44:01.0968 5160 se45nd5 - ok
      18:44:01.0984 5160 se45unic - ok
      18:44:02.0000 5160 se58bus - ok
      18:44:02.0031 5160 se58nd5 - ok
      18:44:02.0046 5160 se59mdfl - ok
      18:44:02.0078 5160 se59unic - ok
      18:44:02.0125 5160 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
      18:44:02.0125 5160 Secdrv - ok
      18:44:02.0171 5160 seclogon (b62c489373a1e1b949fc0faa90f3b47a) C:\WINDOWS\System32\seclogon.dll
      18:44:02.0171 5160 seclogon - ok
      18:44:02.0234 5160 SENS (a95a27c874b0931a6f8f656924f4a14a) C:\WINDOWS\system32\sens.dll
      18:44:02.0250 5160 SENS - ok
      18:44:02.0343 5160 sentinelprotectionserver - ok
      18:44:02.0359 5160 SeratoUsb - ok
      18:44:02.0421 5160 Serial (f41b42b92ae9c1191858c3f80cc24a9c) C:\WINDOWS\system32\drivers\Serial.sys
      18:44:02.0421 5160 Serial - ok
      18:44:02.0437 5160 sermouse - ok
      18:44:02.0453 5160 service - ok
      18:44:02.0500 5160 servidor - ok
      18:44:02.0515 5160 sf - ok
      18:44:02.0546 5160 sfcure01 - ok
      18:44:02.0562 5160 sffdisk - ok
      18:44:02.0593 5160 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
      18:44:02.0593 5160 Sfloppy - ok
      18:44:02.0609 5160 sfman - ok
      18:44:02.0640 5160 sfsync04 - ok
      18:44:02.0656 5160 sfvfs02 - ok
      18:44:02.0734 5160 SharedAccess (4a4ef3ee166fad4a04b1d767ad986329) C:\WINDOWS\System32\ipnathlp.dll
      18:44:02.0750 5160 SharedAccess - ok
      18:44:02.0859 5160 shdserv - ok
      18:44:02.0937 5160 ShellHWDetection (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
      18:44:02.0937 5160 ShellHWDetection - ok
      18:44:02.0953 5160 Shockprf - ok
      18:44:02.0984 5160 Si3114r5 - ok
      18:44:03.0000 5160 Si3132 - ok
      18:44:03.0015 5160 sifilter - ok
      18:44:03.0046 5160 sigfilt - ok
      18:44:03.0062 5160 SilverLink - ok
      18:44:03.0093 5160 Simbad - ok
      18:44:03.0109 5160 sis162u - ok
      18:44:03.0125 5160 SiS300i - ok
      18:44:03.0187 5160 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
      18:44:03.0187 5160 sisagp - ok
      18:44:03.0203 5160 siskp - ok
      18:44:03.0218 5160 SISNICXP - ok
      18:44:03.0250 5160 sisperf - ok
      18:44:03.0265 5160 sit_flt - ok
      18:44:03.0281 5160 sit_prt - ok
      18:44:03.0312 5160 slave - ok
      18:44:03.0343 5160 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
      18:44:03.0343 5160 SLIP - ok
      18:44:03.0375 5160 SlNtHal - ok
      18:44:03.0390 5160 slssvc - ok
      18:44:03.0406 5160 SMCB000 - ok
      18:44:03.0437 5160 smcirda - ok
      18:44:03.0453 5160 smrt - ok
      18:44:03.0484 5160 smtpd32 - ok
      18:44:03.0500 5160 sndsrvc - ok
      18:44:03.0515 5160 Sntnlusb - ok
      18:44:03.0546 5160 softfax - ok
      18:44:03.0562 5160 sonicatheaterinstallerservice - ok
      18:44:03.0593 5160 sonywbms - ok
      18:44:03.0609 5160 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
      18:44:03.0625 5160 Sparrow - ok
      18:44:03.0640 5160 spbbcdrv - ok
      18:44:03.0656 5160 spkrmon - ok
      18:44:03.0703 5160 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
      18:44:03.0718 5160 splitter - ok
      18:44:03.0890 5160 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
      18:44:03.0890 5160 Spooler - ok
      18:44:03.0906 5160 SprintRcAppSvc - ok
      18:44:03.0937 5160 sprtsvc_ddoctorv2 - ok
      18:44:03.0953 5160 sprtsvc_dellsupportcenter - ok
      18:44:03.0984 5160 sqlserveragent - ok
      18:44:04.0000 5160 SQTECH905C - ok
      18:44:04.0109 5160 sr (ccb3065c3ee63a4515fe84af9e78d1dd) C:\WINDOWS\system32\DRIVERS\sr.sys
      18:44:04.0109 5160 sr - ok
      18:44:04.0187 5160 srservice (0f30eec6013fcf76693405ec4a7df899) C:\WINDOWS\system32\srsvc.dll
      18:44:04.0203 5160 srservice - ok
      18:44:04.0343 5160 srtspx - ok
      18:44:04.0406 5160 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
      18:44:04.0421 5160 Srv - ok
      18:44:04.0453 5160 sscdmdfl - ok
      18:44:04.0500 5160 SSDPSRV (b622a432ef02895de4aa38ac8b85fa4c) C:\WINDOWS\System32\ssdpsrv.dll
      18:44:04.0515 5160 SSDPSRV - ok
      18:44:04.0531 5160 sshrmd - ok
      18:44:04.0562 5160 ssisvr32 - ok
      18:44:04.0578 5160 ssm_bus - ok
      18:44:04.0609 5160 ssscsisv - ok
      18:44:04.0625 5160 sstpsvc - ok
      18:44:04.0640 5160 ss_mdfl - ok
      18:44:04.0671 5160 stacsv - ok
      18:44:04.0687 5160 starwindservice - ok
      18:44:04.0703 5160 StickyMesger - ok
      18:44:04.0796 5160 stisvc (7226422c95fdf8aa6092ee964912b0df) C:\WINDOWS\system32\wiaservc.dll
      18:44:04.0812 5160 stisvc - ok
      18:44:04.0921 5160 StkASSrv - ok
      18:44:05.0000 5160 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
      18:44:05.0000 5160 streamip - ok
      18:44:05.0015 5160 streamloadservice - ok
      18:44:05.0031 5160 Subsonic - ok
      18:44:05.0062 5160 SunkFilt - ok
      18:44:05.0078 5160 suservice - ok
      18:44:05.0109 5160 svv - ok
      18:44:05.0156 5160 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
      18:44:05.0171 5160 swenum - ok
      18:44:05.0234 5160 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
      18:44:05.0234 5160 swmidi - ok
      18:44:05.0265 5160 swmsflt - ok
      18:44:05.0406 5160 SWNC8U51 - ok
      18:44:05.0437 5160 SwPrv - ok
      18:44:05.0468 5160 SWUMX20 - ok
      18:44:05.0484 5160 symantecantibotshim - ok
      18:44:05.0515 5160 symappcore - ok
      18:44:05.0593 5160 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
      18:44:05.0593 5160 symc810 - ok
      18:44:05.0750 5160 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
      18:44:05.0765 5160 symc8xx - ok
      18:44:05.0796 5160 SymIMMP - ok
      18:44:05.0812 5160 symmpi - ok
      18:44:05.0859 5160 symndis - ok
      18:44:05.0890 5160 symtdi - ok
      18:44:05.0921 5160 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
      18:44:05.0921 5160 sym_hi - ok
      18:44:05.0953 5160 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
      18:44:05.0953 5160 sym_u3 - ok
      18:44:06.0015 5160 SynTP (5c3e900f41426a372de60675afc8aa07) C:\WINDOWS\system32\DRIVERS\SynTP.sys
      18:44:06.0015 5160 SynTP - ok
      18:44:06.0078 5160 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
      18:44:06.0078 5160 sysaudio - ok
      18:44:06.0093 5160 syslogd - ok
      18:44:06.0109 5160 sysmgmthp - ok
      18:44:06.0156 5160 SysmonLog (f1f6ee807f0112aae2259b253b6ddf89) C:\WINDOWS\system32\smlogsvc.exe
      18:44:06.0171 5160 SysmonLog - ok
      18:44:06.0281 5160 sysplant - ok
      18:44:06.0343 5160 TapiSrv (04a5b8ea326951db27df60a14f2999ff) C:\WINDOWS\System32\tapisrv.dll
      18:44:06.0359 5160 TapiSrv - ok
      18:44:06.0375 5160 tappsrv - ok
      18:44:06.0390 5160 tapvpn - ok
      18:44:06.0468 5160 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
      18:44:06.0484 5160 Tcpip - ok
      18:44:06.0625 5160 TCtrlIO - ok
      18:44:06.0796 5160 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
      18:44:06.0812 5160 TDPIPE - ok
      18:44:07.0015 5160 tdrpman174 - ok
      18:44:07.0078 5160 tdsmapi - ok
      18:44:07.0562 5160 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
      18:44:07.0593 5160 TDTCP - ok
      18:44:07.0890 5160 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
      18:44:07.0921 5160 TermDD - ok
      18:44:08.0156 5160 TermService (288b20d56d5f0ec4bcc77fbfa5a81740) C:\WINDOWS\System32\termsrv.dll
      18:44:08.0187 5160 TermService - ok
      18:44:08.0453 5160 tfsndres - ok
      18:44:08.0562 5160 Themes (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
      18:44:08.0578 5160 Themes - ok
      18:44:08.0843 5160 tifmsony - ok
      18:44:08.0937 5160 TMBMServer - ok
      18:44:09.0078 5160 tmesrv3 - ok
      18:44:09.0109 5160 TMHIDSRV - ok
      18:44:09.0140 5160 tm_cfw - ok
      18:44:09.0187 5160 tnbrlds - ok
      18:44:09.0218 5160 tng-dts - ok
      18:44:09.0250 5160 tomcatcws3 - ok
      18:44:09.0281 5160 toshidpt - ok
      18:44:09.0328 5160 TosIde (95744b77c159ed63774097ddb2e78cb2) C:\WINDOWS\system32\DRIVERS\toside.sys
      18:44:09.0328 5160 TosIde - ok
      18:44:09.0343 5160 TPECioCtl - ok
      18:44:09.0375 5160 tphkdrv - ok
      18:44:09.0390 5160 TPM - ok
      18:44:09.0421 5160 transarcafsdaemon - ok
      18:44:09.0500 5160 TrkWks (321761d0d12ee5285ce79ac175cba672) C:\WINDOWS\system32\trkwks.dll
      18:44:09.0500 5160 TrkWks - ok
      18:44:09.0625 5160 trufos - ok
      18:44:09.0656 5160 tunnelguardservice - ok
      18:44:09.0671 5160 tzontservice - ok
      18:44:09.0687 5160 U81xobex - ok
      18:44:09.0703 5160 UCTblHid - ok
      18:44:09.0781 5160 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
      18:44:09.0781 5160 Udfs - ok
      18:44:09.0906 5160 UlSata - ok
      18:44:09.0953 5160 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
      18:44:09.0953 5160 ultra - ok
      18:44:09.0984 5160 ultra66 - ok
      18:44:10.0093 5160 umxfwhlp - ok
      18:44:10.0140 5160 UNDPX2A - ok
      18:44:10.0171 5160 unrealircd - ok
      18:44:10.0250 5160 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
      18:44:10.0265 5160 Update - ok
      18:44:10.0390 5160 upnphost (7594203f459abdb5fe53c08d6b1bd53b) C:\WINDOWS\System32\upnphost.dll
      18:44:10.0406 5160 upnphost - ok
      18:44:10.0500 5160 UPS (575bafeb33af057b13a10579d0dc884a) C:\WINDOWS\System32\ups.exe
      18:44:10.0515 5160 UPS - ok
      18:44:10.0531 5160 USB11LDR - ok
      18:44:10.0578 5160 usbatapi2000 - ok
      18:44:10.0609 5160 usbaudio - ok
      18:44:10.0671 5160 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
      18:44:10.0671 5160 usbccgp - ok
      18:44:10.0703 5160 USBCCID - ok
      18:44:10.0734 5160 UsbDiag - ok
      18:44:10.0812 5160 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
      18:44:10.0812 5160 usbehci - ok
      18:44:10.0953 5160 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
      18:44:10.0953 5160 usbhub - ok
      18:44:11.0000 5160 USBMN1X1 - ok
      18:44:11.0046 5160 usbohci - ok
      18:44:11.0125 5160 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
      18:44:11.0125 5160 usbscan - ok
      18:44:11.0187 5160 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      18:44:11.0203 5160 USBSTOR - ok
      18:44:11.0390 5160 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      18:44:11.0390 5160 usbuhci - ok
      18:44:11.0437 5160 USBVCD - ok
      18:44:11.0515 5160 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
      18:44:11.0515 5160 usbvideo - ok
      18:44:11.0546 5160 useraccess7 - ok
      18:44:11.0578 5160 usnjsvc - ok
      18:44:11.0609 5160 usnsvc - ok
      18:44:11.0640 5160 V0070VID - ok
      18:44:11.0671 5160 V0080Dev - ok
      18:44:11.0718 5160 vaiomediaplatform-integratedserver-upnp - ok
      18:44:11.0750 5160 VAIOMediaPlatform-VideoServer-HTTP - ok
      18:44:11.0796 5160 VCAM - ok
      18:44:11.0828 5160 venturi2 - ok
      18:44:11.0859 5160 vetmsgnt - ok
      18:44:11.0906 5160 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
      18:44:11.0906 5160 VgaSave - ok
      18:44:11.0968 5160 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
      18:44:11.0968 5160 viaagp - ok
      18:44:12.0046 5160 viaagp1 - ok
      18:44:12.0156 5160 viagfx - ok
      18:44:12.0218 5160 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
      18:44:12.0218 5160 ViaIde - ok
      18:44:12.0250 5160 viairda - ok
      18:44:12.0281 5160 viaudio - ok
      18:44:12.0312 5160 videoacceleratorengine - ok
      18:44:12.0359 5160 vmm - ok
      18:44:12.0390 5160 vmnetuserif - ok
      18:44:12.0421 5160 vmount2 - ok
      18:44:12.0453 5160 vmsprog - ok
      18:44:12.0484 5160 vncmirror - ok
      18:44:12.0531 5160 VolSnap (c41ffdc191e6c832e2e53c967eae0a16) C:\WINDOWS\system32\drivers\VolSnap.sys
      18:44:12.0546 5160 VolSnap - ok
      18:44:12.0562 5160 vpcvmm - ok
      18:44:12.0609 5160 vpnva - ok
      18:44:12.0640 5160 vproeventmonitor - ok
      18:44:12.0656 5160 VRFIL - ok
      18:44:12.0671 5160 vsapint - ok
      18:44:12.0703 5160 vsbus - ok
      18:44:12.0765 5160 VSS (60f28de3fae525d026e4d66405b80db8) C:\WINDOWS\System32\vssvc.exe
      18:44:12.0781 5160 VSS - ok
      18:44:12.0875 5160 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
      18:44:12.0906 5160 vToolbarUpdater10.2.0 - ok
      18:44:13.0031 5160 vvdsvc - ok
      18:44:13.0046 5160 VX1000 - ok
      18:44:13.0062 5160 vxd - ok
      18:44:13.0093 5160 vzfw - ok
      18:44:13.0109 5160 w22n51 - ok
      18:44:13.0125 5160 w300mdm - ok
      18:44:13.0203 5160 W32Time (c71cfacdbfadd819736f61f5738bddc1) C:\WINDOWS\system32\w32time.dll
      18:44:13.0203 5160 W32Time - ok
      18:44:13.0250 5160 w550mdm - ok
      18:44:13.0281 5160 w550mgmt - ok
      18:44:13.0312 5160 W700bus - ok
      18:44:13.0359 5160 W700mdfl - ok
      18:44:13.0390 5160 w800mgmt - ok
      18:44:13.0421 5160 w800obex - ok
      18:44:13.0453 5160 w810mdfl - ok
      18:44:13.0484 5160 wacomvhid - ok
      18:44:13.0562 5160 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
      18:44:13.0562 5160 Wanarp - ok
      18:44:13.0593 5160 wap3gx - ok
      18:44:13.0625 5160 WaveFDE - ok
      18:44:13.0671 5160 WavxDMgr - ok
      18:44:13.0703 5160 WBHWDOCT - ok
      18:44:13.0781 5160 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
      18:44:13.0796 5160 Wdf01000 - ok
      18:44:13.0921 5160 WDICA - ok
      18:44:14.0015 5160 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
      18:44:14.0015 5160 wdmaud - ok
      18:44:14.0093 5160 WebClient (340a4fd9017d1ebd1f6dc435282a39dc) C:\WINDOWS\System32\webclnt.dll
      18:44:14.0093 5160 WebClient - ok
      18:44:14.0218 5160 webcompserver - ok
      18:44:14.0265 5160 WimFltr - ok
      18:44:14.0296 5160 winachsx - ok
      18:44:14.0343 5160 windrvNT - ok
      18:44:14.0375 5160 WinHttpAutoProxySvc - ok
      18:44:14.0531 5160 winmgmt (a5fc75cab140cf6a78e16c3681001872) C:\WINDOWS\system32\wbem\WMIsvc.dll
      18:44:14.0531 5160 winmgmt - ok
      18:44:14.0671 5160 winpower - ok
      18:44:14.0703 5160 winpppoverethernet - ok
      18:44:14.0781 5160 WLAN_USB - ok
      18:44:14.0812 5160 wlidsvc - ok
      18:44:14.0843 5160 WmaCVideo32 - ok
      18:44:14.0875 5160 wmconnectcds - ok
      18:44:14.0953 5160 WmdmPmSN (57cf215b0250de0c4ae36abc8ae31be4) C:\WINDOWS\system32\mspmsnsv.dll
      18:44:14.0968 5160 WmdmPmSN - ok
      18:44:15.0140 5160 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
      18:44:15.0140 5160 WmiAcpi - ok
      18:44:15.0265 5160 WmiApSrv (ca1a5270acc0062b13f62ca5a0cd8da8) C:\WINDOWS\system32\wbem\wmiapsrv.exe
      18:44:15.0281 5160 WmiApSrv - ok
      18:44:15.0406 5160 WMIService - ok
      18:44:15.0437 5160 wmp54gssvc - ok
      18:44:15.0468 5160 wmp54gsvc - ok
      18:44:15.0515 5160 wmpnetworksvc - ok
      18:44:15.0546 5160 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
      18:44:15.0562 5160 WS2IFSL - ok
      18:44:15.0593 5160 wscsvc - ok
      18:44:15.0625 5160 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
      18:44:15.0625 5160 WSTCODEC - ok
      18:44:15.0656 5160 wtwservice - ok
      18:44:15.0703 5160 wuauserv (0b8fc4d0f9d6964713e81ad558b50a71) C:\WINDOWS\system32\wuauserv.dll
      18:44:15.0718 5160 wuauserv - ok
      18:44:15.0828 5160 wudfsvc - ok
      18:44:15.0921 5160 WZCSVC (d2caf9ff9da12f0cc6398c6e331015e4) C:\WINDOWS\System32\wzcsvc.dll
      18:44:15.0937 5160 WZCSVC - ok
      18:44:16.0078 5160 x10nets - ok
      18:44:16.0093 5160 xcomm - ok
      18:44:16.0125 5160 XDva004 - ok
      18:44:16.0156 5160 xfactorae1 - ok
      18:44:16.0203 5160 xmlprov (14fdadcf05a37582399daf1da1de1c7b) C:\WINDOWS\System32\xmlprov.dll
      18:44:16.0218 5160 xmlprov - ok
      18:44:16.0250 5160 xpadminserver - ok
      18:44:16.0281 5160 Xponaut_WBD - ok
      18:44:16.0328 5160 xusb21 - ok
      18:44:16.0515 5160 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe
      18:44:16.0546 5160 YahooAUService - ok
      18:44:16.0671 5160 yukonwlh - ok
      18:44:16.0703 5160 z800bus - ok
      18:44:16.0750 5160 z800mdfl - ok
      18:44:16.0781 5160 ZDCNDIS5 - ok
      18:44:16.0812 5160 zebrceb - ok
      18:44:16.0843 5160 zenos1 - ok
      18:44:16.0875 5160 zpaction - ok
      18:44:16.0890 5160 zpcollector - ok
      18:44:16.0906 5160 zpsc - ok
      18:44:16.0937 5160 ZTEusbnmea - ok
      18:44:16.0953 5160 zumbus - ok
      18:44:16.0984 5160 zunenetworksvc - ok
      18:44:17.0000 5160 ZY202_XP - ok
      18:44:17.0046 5160 {85ccb53b-23d8-4e73-b1b7-9ddb71827d9b} - ok
      18:44:17.0109 5160 MBR (0x1B8) (7c733682f68536c7604cc415181ad466) \Device\Harddisk0\DR0
      18:44:24.0906 5160 \Device\Harddisk0\DR0 - ok
      18:44:24.0921 5160 Boot (0x1200) (90187a4c2a17a33fb39d28d4b3306edb) \Device\Harddisk0\DR0\Partition0
      18:44:24.0937 5160 \Device\Harddisk0\DR0\Partition0 - ok
      18:44:24.0937 5160 ============================================================
      18:44:24.0937 5160 Scan finished
      18:44:24.0937 5160 ============================================================
      18:44:24.0953 0808 Detected object count: 2
      18:44:24.0953 0808 Actual detected object count: 2
      23:51:36.0390 0808 C:\WINDOWS\system32\usbuhci.dll - copied to quarantine
      23:51:36.0390 0808 HKLM\SYSTEM\ControlSet001\services\df5serv - will be deleted on reboot
      23:51:36.0406 0808 C:\WINDOWS\system32\usbuhci.dll - will be deleted on reboot
      23:51:36.0406 0808 df5serv ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete
      23:51:36.0531 0808 C:\WINDOWS\system32\DRIVERS\netbt.sys - copied to quarantine
      23:51:36.0562 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\@ - copied to quarantine
      23:51:36.0625 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\L\eaqmnime - copied to quarantine
      23:51:36.0640 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\loader.tlb - copied to quarantine
      23:51:36.0656 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@00000001 - copied to quarantine
      23:51:36.0687 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@000000c0 - copied to quarantine
      23:51:36.0718 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@000000cb - copied to quarantine
      23:51:36.0750 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@000000cf - copied to quarantine
      23:51:36.0796 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@80000000 - copied to quarantine
      23:51:36.0828 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@800000c0 - copied to quarantine
      23:51:36.0859 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@800000cb - copied to quarantine
      23:51:36.0890 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@800000cf - copied to quarantine
      23:51:37.0000 0808 C:\WINDOWS\assembly\GAC_MSIL\desktop.ini - copied to quarantine
      23:51:37.0015 0808 C:\WINDOWS\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb - copied to quarantine
      23:51:37.0031 0808 C:\Documents and Settings\nines\Configuración local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb - copied to quarantine
      23:51:37.0078 0808 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\netbt.sys) error 1813
      23:51:38.0703 0808 Backup copy found, using it..
      23:51:38.0750 0808 C:\WINDOWS\system32\DRIVERS\netbt.sys - will be cured on reboot
      23:51:42.0609 0808 C:\WINDOWS\$NtUninstallKB38514$\1363091076 - will be deleted on reboot
      23:51:42.0609 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\@ - will be deleted on reboot
      23:51:42.0625 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\loader.tlb - will be deleted on reboot
      23:51:42.0625 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@00000001 - will be deleted on reboot
      23:51:42.0625 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@000000c0 - will be deleted on reboot
      23:51:42.0625 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@000000cb - will be deleted on reboot
      23:51:42.0625 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@000000cf - will be deleted on reboot
      23:51:42.0625 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@80000000 - will be deleted on reboot
      23:51:42.0640 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@800000c0 - will be deleted on reboot
      23:51:42.0640 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@800000cb - will be deleted on reboot
      23:51:42.0640 0808 C:\WINDOWS\$NtUninstallKB38514$\3049380940\U\@800000cf - will be deleted on reboot
      23:51:42.0640 0808 C:\WINDOWS\assembly\GAC_MSIL\desktop.ini - will be deleted on reboot
      23:51:42.0640 0808 C:\WINDOWS\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb - will be deleted on reboot
      23:51:42.0640 0808 C:\Documents and Settings\nines\Configuración local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb - will be deleted on reboot
      23:51:42.0640 0808 NetBT ( Virus.Win32.ZAccess.g ) - User select action: Cure
      23:52:15.0859 5148 Deinitialize success

    5. #5
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.017

      Re: posible rootkit y doble tilde

      Hola de nuevo,

      Sustituye el paso de Combofix por Yorkit De Panda Security.

      Nos traes el reporte y cómo está funcionando el sistema

      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de juankipan
      Registrado
      jul 2010
      Ubicación
      españa
      Mensajes
      50

      Re: posible rootkit y doble tilde

      hola

      te envio el log de yorkit.
      Sobre el funcionamiento... creo que no va fino, tarda bastante en iniciar aplicaciones.

      salu2

      bueno pues parece que el report es laaaaargo . te lo mando por fasciculos

      2012-04-22 11:00:21: ****************************************************
      2012-04-22 11:00:21: Starting UP ... v 0.0.0.220
      2012-04-22 11:00:21: ****************************************************
      2012-04-22 11:00:22: Stop TPSRV returns: 2
      2012-04-22 11:00:37: Listing processes...
      2012-04-22 11:00:37: :[System Process]:0
      2012-04-22 11:00:37: :System:4
      2012-04-22 11:00:37: :smss.exe:1360
      2012-04-22 11:00:37: :csrss.exe:1424
      2012-04-22 11:00:37: :winlogon.exe:1448
      2012-04-22 11:00:37: :services.exe:1496
      2012-04-22 11:00:37: :lsass.exe:1508
      2012-04-22 11:00:37: :svchost.exe:1728
      2012-04-22 11:00:37: :svchost.exe:1800
      2012-04-22 11:00:37: :svchost.exe:1844
      2012-04-22 11:00:37: :svchost.exe:2000
      2012-04-22 11:00:37: :svchost.exe:156
      2012-04-22 11:00:37: :spoolsv.exe:672
      2012-04-22 11:00:37: :svchost.exe:784
      2012-04-22 11:00:37: :explorer.exe:808
      2012-04-22 11:00:37: :AdAwareService.exe:900
      2012-04-22 11:00:37: :IAANTmon.exe:2548
      2012-04-22 11:00:37: :jqs.exe:2860
      2012-04-22 11:00:37: :mdm.exe:3248
      2012-04-22 11:00:37: :PSANHost.exe:3616
      2012-04-22 11:00:37: :RS_Service.exe:2588
      2012-04-22 11:00:37: :PSUNMain.exe:3016
      2012-04-22 11:00:37: :GrooveMonitor.exe:3400
      2012-04-22 11:00:37: :vprot.exe:3408
      2012-04-22 11:00:37: :ctfmon.exe:4028
      2012-04-22 11:00:37: :svchost.exe:4284
      2012-04-22 11:00:37: :ToolbarUpdater.exe:5512
      2012-04-22 11:00:37: :YahooAUService.exe:6140
      2012-04-22 11:00:37: :wmiapsrv.exe:5120
      2012-04-22 11:00:37: :yorkyt.exe:3144
      2012-04-22 11:00:37: :wmiprvse.exe:4300
      2012-04-22 11:00:37:
      2012-04-22 11:00:37: Setting restore point
      2012-04-22 11:00:43: Determining autonomous or dropped mode...
      2012-04-22 11:00:43: Autonomus mode
      2012-04-22 11:00:44: Installing drivers...
      2012-04-22 11:00:45: Checking that it installed...
      2012-04-22 11:00:45: Driver is installed...
      2012-04-22 11:00:45: cmd.exe /c start "E:\Logs NI\yorkyt.exe"
      2012-04-22 11:00:51: Restarting...
      2012-04-22 11:06:32: ****************************************************
      2012-04-22 11:06:58: Starting UP ... v 0.0.0.220
      2012-04-22 11:06:58: ****************************************************
      2012-04-22 11:07:11: Stop TPSRV returns: 2
      2012-04-22 11:07:26: Listing processes...
      2012-04-22 11:07:26: :[System Process]:0
      2012-04-22 11:07:26: :System:4
      2012-04-22 11:07:26: :smss.exe:1512
      2012-04-22 11:07:26: :csrss.exe:1576
      2012-04-22 11:07:26: :winlogon.exe:1604
      2012-04-22 11:07:26: :services.exe:1652
      2012-04-22 11:07:26: :lsass.exe:1668
      2012-04-22 11:07:26: :svchost.exe:1888
      2012-04-22 11:07:26: :svchost.exe:1960
      2012-04-22 11:07:26: :svchost.exe:392
      2012-04-22 11:07:26: :svchost.exe:612
      2012-04-22 11:07:26: :svchost.exe:792
      2012-04-22 11:07:26: :spoolsv.exe:1184
      2012-04-22 11:07:26: :explorer.exe:1916
      2012-04-22 11:07:26: :svchost.exe:1052
      2012-04-22 11:07:26: :AdAwareService.exe:1476
      2012-04-22 11:07:26: :IAANTmon.exe:2412
      2012-04-22 11:07:26: :yorkyt.exe:2924
      2012-04-22 11:07:26: :jqs.exe:2980
      2012-04-22 11:07:26: :mdm.exe:3528
      2012-04-22 11:07:26: :PSANHost.exe:3996
      2012-04-22 11:07:26: :RS_Service.exe:572
      2012-04-22 11:07:26: :SBAMSvc.exe:1884
      2012-04-22 11:07:26: :Argente Utilities.exe:2872
      2012-04-22 11:07:26: :PSUNMain.exe:3644
      2012-04-22 11:07:26: :reader_sl.exe:1740
      2012-04-22 11:07:26: :AdobeARM.exe:1088
      2012-04-22 11:07:26: :svchost.exe:624
      2012-04-22 11:07:26: :GrooveMonitor.exe:4320
      2012-04-22 11:07:26: :vprot.exe:4796
      2012-04-22 11:07:26: :ToolbarUpdater.exe:4808
      2012-04-22 11:07:26: :adawarebp.exe:5168
      2012-04-22 11:07:26: :YahooAUService.exe:5684
      2012-04-22 11:07:26: :SweetIM.exe:6008
      2012-04-22 11:07:27: :ctfmon.exe:4340
      2012-04-22 11:07:27: :msnmsgr.exe:300
      2012-04-22 11:07:27: :wuauclt.exe:4140
      2012-04-22 11:07:27: :wscntfy.exe:5852
      2012-04-22 11:07:27: :AcerVCM.exe:4664
      2012-04-22 11:07:27: :AdAware.exe:1232
      2012-04-22 11:07:27: :YahooMessenger.exe:460
      2012-04-22 11:07:27: :ONENOTEM.EXE:5396
      2012-04-22 11:07:27: :soffice.exe:5068
      2012-04-22 11:07:27: :soffice.bin:4116
      2012-04-22 11:07:27: :wmiapsrv.exe:4276
      2012-04-22 11:07:27: :wmiprvse.exe:4696
      2012-04-22 11:07:27: :wmiprvse.exe:5328
      2012-04-22 11:07:27: :PSANToManager.exe:5496
      2012-04-22 11:07:27: :svchost.exe:4876
      2012-04-22 11:07:27: :PSANToManager.exe:4308
      2012-04-22 11:07:27:
      2012-04-22 11:07:27: RUN mode
      2012-04-22 11:07:27: Determining autonomous or dropped mode...
      2012-04-22 11:07:27: Autonomus mode
      2012-04-22 11:07:28: Waiting for Explorer.exe...
      2012-04-22 11:07:58: Launching parsers...
      2012-04-22 11:08:31: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\KDCOM.DLL KDCOM.DLL
      2012-04-22 11:08:32: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\BOOTVID.DLL BOOTVID.DLL
      2012-04-22 11:08:32: ... Failed to identify driver B41CB3AA2E0AAE024B4FB316FE440BE4, using metod 2...
      2012-04-22 11:08:32: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOT.SYS
      2012-04-22 11:08:32: ... Failed to identify driver 12DCA4373B9B0B3CFE505B0025BEB952, using metod 2...
      2012-04-22 11:08:32: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTD.SYS
      2012-04-22 11:08:32: ... Failed to identify driver 718FB269AF435683E8ADBD5D2B36CF1A, using metod 2...
      2012-04-22 11:08:32: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTK.SYS
      2012-04-22 11:08:33: ... Failed to identify driver C91F0B434B6F95A7EEC71361D166DFBF, using metod 2...
      2012-04-22 11:08:33: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTI.SYS
      2012-04-22 11:08:33: ... Failed to identify driver F0B3EFFD3D114C5ABC75BA81302AFCFF, using metod 2...
      2012-04-22 11:08:33: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTS.SYS
      2012-04-22 11:08:33: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS ACPI.SYS
      2012-04-22 11:08:34: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS WMILIB.SYS
      2012-04-22 11:08:34: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS PCI.SYS
      2012-04-22 11:08:34: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS ISAPNP.SYS
      2012-04-22 11:08:34: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS COMPBATT.SYS
      2012-04-22 11:08:34: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\BATTC.SYS BATTC.SYS
      2012-04-22 11:08:34: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS PCIIDE.SYS
      2012-04-22 11:08:35: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PCIIDEX.SYS PCIIDEX.SYS
      2012-04-22 11:08:35: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\MOUNTMGR.SYS MOUNTMGR.SYS
      2012-04-22 11:08:35: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS FTDISK.SYS
      2012-04-22 11:08:35: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PARTMGR.SYS PARTMGR.SYS
      2012-04-22 11:08:35: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\ACPIEC.SYS ACPIEC.SYS
      2012-04-22 11:08:35: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\OPRGHDLR.SYS OPRGHDLR.SYS
      2012-04-22 11:08:35: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS VOLSNAP.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS ATAPI.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS IASTOR.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS SCSIDISK.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS CLASSPNP.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS FLTMGR.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\SR.SYS SR.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\KSECDD.SYS KSECDD.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\NTFS.SYS NTFS.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\NDIS.SYS NDIS.SYS
      2012-04-22 11:08:36: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\MUP.SYS MUP.SYS
      2012-04-22 11:08:36: ... Failed to identify driver 998242A4EDE6992396A90585CC121F2C, using metod 2...
      2012-04-22 11:08:37: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTF.SYS
      2012-04-22 11:08:37: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS INTELPPM.SYS
      2012-04-22 11:08:37: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS VIDEOPRT.SYS
      2012-04-22 11:08:37: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\IGXPMP32.SYS IGXPMP32.SYS
      2012-04-22 11:08:37: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS HDAUDBUS.SYS
      2012-04-22 11:08:37: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\BCMWL5.SYS BCMWL5.SYS
      2012-04-22 11:08:37: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\L1E51X86.SYS L1E51X86.SYS
      2012-04-22 11:08:38: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS USBPORT.SYS
      2012-04-22 11:08:38: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS USBUHCI.SYS
      2012-04-22 11:08:38: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS USBEHCI.SYS
      2012-04-22 11:08:38: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS CMBATT.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS I8042PRT.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\DKBFLTR.SYS DKBFLTR.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS KBDCLASS.SYS
      2012-04-22 11:08:39: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS USBD.SYS
      2012-04-22 11:08:39: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\WDFLDR.SYS WDFLDR.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS SYNTP.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WDF01000.SYS WDF01000.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS MOUCLASS.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WMIACPI.SYS WMIACPI.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS AUDSTUB.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS RASL2TP.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS NDISTAPI.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS NDISWAN.SYS
      2012-04-22 11:08:39: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS RASPPPOE.SYS
      2012-04-22 11:08:40: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS TDI.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS RASPPTP.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS PSCHED.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS MSGPC.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS PTILINK.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS RASPTI.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS TERMDD.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SBFWIM.SYS SBFWIM.SYS
      2012-04-22 11:08:40: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\KS.SYS KS.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS SWENUM.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS UPDATE.SYS
      2012-04-22 11:08:40: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS SMBIOS.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS NDPROXY.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS USBHUB.SYS
      2012-04-22 11:08:41: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DRMK.SYS DRMK.SYS
      2012-04-22 11:08:41: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PORTCLS.SYS PORTCLS.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RTKHDAUD.SYS RTKHDAUD.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS FDC.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FLPYDISK.SYS FLOPPY.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SFLOPPY.SYS SFLOPPY.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\I2OMGMT.SYS I2OFLTR.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS CDROM.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\CDAUDIO.SYS CDAUDIO.SYS
      2012-04-22 11:08:41: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\SAVRKBOOTTASKS.SYS BOOTTASKSDRIVER.SYS
      2012-04-22 11:08:41: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS FS_REC.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS NULL.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS BEEP.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SBREDRV.SYS SBRE.SYS
      2012-04-22 11:08:42: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\HIDPARSE.SYS HIDPARSE.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS KBDHID.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS VGA.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS VIDEOSIM.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS RDPCDD.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS MSFS.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS NPFS.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS RASACD.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS IPSEC.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS TCPIP.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SBFW.SYS SBFW.SYS
      2012-04-22 11:08:42: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS WANARP.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SBTIS.SYS SBTIS.SYS
      2012-04-22 11:08:43: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\STREAM.SYS STREAM.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\M3000KNT.SYS VDCAP03C.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS NETBT.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS USBSTOR.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS WS2IFSL.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS AFD.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS NETBIOS.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SBAPHD.SYS SBAPHD.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS REDBOOK.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS RDBSS.SYS
      2012-04-22 11:08:43: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PSINKNC.SYS PSINKNC.SYS
      2012-04-22 11:08:44: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS MRXSMB.SYS
      2012-04-22 11:08:44: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS IMAPI.SYS
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\ARCHIV~1\LAUNCH~1\DPORTIO.SYS DPORTIO.SYS
      2012-04-22 11:08:44: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS FIPS.SYS
      2012-04-22 11:08:44: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FASTFAT.SYS FASTFAT.SYS
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS IASTOR.SYS
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS DXAPI.SYS
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\WATCHDOG.SYS WATCHDOG.SYS
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\WIN32K.SYS WIN32K.SYS
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS DXGTHK.SYS
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DXG.SYS DXG.SYS
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\IGXPRD32.DLL IGXPRD32.DLL
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\IGXPGD32.DLL IGXPGD32.DLL
      2012-04-22 11:08:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\VGA.DLL VGA.DLL
      2012-04-22 11:08:45: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\IGXPDV32.DLL IGXPDV32.DLL
      2012-04-22 11:08:45: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\IGXPDX32.DLL IGXPDX32.DLL
      2012-04-22 11:08:45: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\ATMFD.DLL ATMFD.DLL
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SBAPIFS.SYS SBAPIFSM.SYS
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PSINAFLT.SYS PSINAFLT.SYS
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PSINPROT.SYS PSINPROT.SYS
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PSINFILE.SYS PSINFILE.SYS
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PSINPROC.SYS PSINPROC.SYS
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FSSFLTR_TDI.SYS FSSFLTR_TDI.SYS
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS NDISUIO.SYS
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS WDMAUD.SYS
      2012-04-22 11:08:45: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS SYSAUDIO.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS SPLITTER.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS AEC.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS SWMIDI.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS DMUSIC.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS KMIXER.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS DRMKAUD.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS MRXDAV.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS PARPORT.SYS
      2012-04-22 11:08:46: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS SERIAL.SYS
      2012-04-22 11:08:47: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS SRV.SYS
      2012-04-22 11:08:47: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SBHIPS.SYS SBHIPS.SYS
      2012-04-22 11:08:47: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS HTTP.SYS
      2012-04-22 11:08:47: ... Failed to identify driver B3C157A66ECDBCD3570E2DA139225589, using metod 2...
      2012-04-22 11:08:47: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PRSBDRVR.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntdll.dll NTDLL.DLL
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\intelppm.sys INTELPPM.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\igxpmp32.sys IGXPMP32.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\videoprt.sys VIDEOPRT.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\hdaudbus.sys HDAUDBUS.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\BCMWL5.SYS BCMWL5.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\l1e51x86.sys L1E51X86.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbuhci.sys USBUHCI.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbport.sys USBPORT.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbehci.sys USBEHCI.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\CmBatt.sys CMBATT.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\i8042prt.sys I8042PRT.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\DKbFltr.SYS DKBFLTR.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\kbdclass.sys KBDCLASS.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\SynTP.sys SYNTP.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbd.sys USBD.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\wdfldr.sys WDFLDR.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\wdf01000.sys WDF01000.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mouclass.sys MOUCLASS.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\wmiacpi.sys WMIACPI.SYS
      2012-04-22 11:08:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\audstub.sys AUDSTUB.SYS
      2012-04-22 11:08:48: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rasl2tp.sys RASL2TP.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ndistapi.sys NDISTAPI.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ndiswan.sys NDISWAN.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\raspppoe.sys RASPPPOE.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\raspptp.sys RASPPTP.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\tdi.sys TDI.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\psched.sys PSCHED.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\msgpc.sys MSGPC.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ptilink.sys PTILINK.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\raspti.sys RASPTI.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\termdd.sys TERMDD.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\SbFwIm.sys SBFWIM.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\swenum.sys SWENUM.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ks.sys KS.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\update.sys UPDATE.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mssmbios.sys SMBIOS.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ndproxy.sys NDPROXY.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbhub.sys USBHUB.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\RtkHDAud.sys RTKHDAUD.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\portcls.sys PORTCLS.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\drmk.sys DRMK.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\fdc.sys FDC.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\flpydisk.sys FLOPPY.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\sfloppy.sys SFLOPPY.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\i2omgmt.sys I2OFLTR.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\cdrom.sys CDROM.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\cdaudio.sys CDAUDIO.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\SAVRKBootTasks.sys BOOTTASKSDRIVER.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\fs_rec.sys FS_REC.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\null.sys NULL.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\beep.sys BEEP.SYS
      2012-04-22 11:08:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\SBREDrv.sys SBRE.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\kbdhid.sys KBDHID.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\hidparse.sys HIDPARSE.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\vga.sys VGA.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mnmdd.sys VIDEOSIM.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rdpcdd.sys RDPCDD.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\msfs.sys MSFS.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\npfs.sys NPFS.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rasacd.sys RASACD.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ipsec.sys IPSEC.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\tcpip.sys TCPIP.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\SbFw.sys SBFW.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\wanarp.sys WANARP.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\sbtis.sys SBTIS.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\M3000KNT.sys VDCAP03C.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\stream.sys STREAM.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\netbt.sys NETBT.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\USBSTOR.SYS USBSTOR.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ws2ifsl.sys WS2IFSL.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\afd.sys AFD.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\netbios.sys NETBIOS.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\sbaphd.sys SBAPHD.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\redbook.sys REDBOOK.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rdbss.sys RDBSS.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\PSINKNC.sys PSINKNC.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mrxsmb.sys MRXSMB.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\imapi.sys IMAPI.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\Archivos de programa\Launch Manager\DPortIO.sys DPORTIO.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\fips.sys FIPS.SYS
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\smss.exe SMSS.EXE
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\autochk.exe AUTOCHK.EXE
      2012-04-22 11:08:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\fastfat.sys FASTFAT.SYS
      2012-04-22 11:08:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sfcfiles.dll SFCFILES.DLL
      2012-04-22 11:08:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\advapi32.dll ADVAPI32.DLL
      2012-04-22 11:08:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\comdlg32.dll COMDLG32.DLL
      2012-04-22 11:08:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\gdi32.dll GDI32
      2012-04-22 11:08:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\imagehlp.dll IMAGEHLP.DLL
      2012-04-22 11:08:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kernel32.dll KERNEL32
      2012-04-22 11:08:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lz32.dll LZ32.DLL
      2012-04-22 11:08:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ole32.dll OLE32.DLL
      2012-04-22 11:08:51: ... Failed to identify driver 5FDCC3E4E1E9A89978BCA525E8AD7171, using metod 2...
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oleaut32.dll
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olecli32.dll OLECLI32.DLL
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olecnv32.dll OLECNV32.DLL
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olesvr32.dll OLESVR32.DLL
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olethk32.dll OLETHK32.DLL
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rpcrt4.dll RPCRT4.DLL
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shell32.dll SHELL32.DLL
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\url.dll URL.DLL
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\urlmon.dll URLMON.DLL
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\user32.dll USER32
      2012-04-22 11:08:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\version.dll VERSION.DLL
      2012-04-22 11:08:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wininet.dll WININET.DLL
      2012-04-22 11:08:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wldap32.dll WLDAP32.DLL
      2012-04-22 11:08:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\comctl32.dll COMCTL32.DLL
      2012-04-22 11:08:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shlwapi.dll SHLWAPI.DLL
      2012-04-22 11:08:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcrt.dll MSVCRT.DLL
      2012-04-22 11:08:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mpr.dll MPR.DLL
      2012-04-22 11:08:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntvdm.exe NTVDM.EXE
      2012-04-22 11:08:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wow32.dll WOW32.DLL
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\secur32.dll SECURITY.DLL
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\iertutil.dll IERTUTIL.DLL
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ieframe.dll IEFRAME.DLL
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\normaliz.dll NORMALIZ.DLL
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\apphelp.dll APPHELP
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\userenv.dll USERENV.DLL
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\iaStor.sys IASTOR.SYS
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\win32k.sys WIN32K.SYS
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\dxapi.sys DXAPI.SYS
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\watchdog.sys WATCHDOG.SYS
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\csrss.exe CSRSS.EXE
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\csrsrv.dll CSRSRV.DLL
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\basesrv.dll BASESRV
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winsrv.dll WINSRV.DLL
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lpk.dll LANGUAGEPACK
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\usp10.dll UNISCRIBE
      2012-04-22 11:08:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\dxg.sys DXG.SYS
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\dxgthk.sys DXGTHK.SYS
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\igxprd32.dll IGXPRD32.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\igxpgd32.dll IGXPGD32.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\vga.dll VGA.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\igxpdv32.dll IGXPDV32.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\igxpdx32.dll IGXPDX32.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winlogon.exe WINLOGON.EXE
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\authz.dll AUTHZ.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\crypt32.dll CRYPT32.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msasn1.dll MSASN1.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nddeapi.dll NDDEAPI.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\profmap.dll USERENV.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netapi32.dll NETAPI32.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\psapi.dll PSAPI
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\regapi.dll REGAPI.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\setupapi.dll SETUPAPI.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winsta.dll WINSTA.DLL
      2012-04-22 11:08:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wintrust.dll WINTRUST.DLL
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ws2_32.dll WS2_32.DLL
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ws2help.dll WS2HELP.DLL
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\imm32.dll IMM32
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kbdus.dll KBDUS.DLL
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msctfime.ime MSCTFIME.IME
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kbdsp.dll KBDSP.DLL
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kbdes.dll KBDES.DLL
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msgina.dll MSGINA.DLL
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\odbc32.dll ODBC32
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sxs.dll SXS.DLL
      2012-04-22 11:08:56: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll COMCTL32.DLL
      2012-04-22 11:08:57: ... Failed to identify driver 5A5CFF37F1BD0F86B9BDAAD7A9445882, using metod 2...
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\WindowsShell.Manifest
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\odbcint.dll ODBCINT
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shsvcs.dll SHSVCS.DLL
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sfc.dll SFC.DLL
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sfc_os.dll SFC.DLL
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\services.exe SERVICES.EXE
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lsass.exe LSASS.EXE
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ncobjapi.dll NCOBJAPI.DLL
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcp60.dll MSVCP60.DLL
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\scesrv.dll SCESRV
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lsasrv.dll LSASRV.DLL
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\umpnpmgr.dll UMPNPMGR.DLL
      2012-04-22 11:08:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntdsapi.dll NTDSAPI.DLL
      2012-04-22 11:08:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shimeng.dll SHIMENGINEDLL(IAT)
      2012-04-22 11:08:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dnsapi.dll DNSAPI
      2012-04-22 11:08:58: ... Failed to identify driver 0A75CCEA148F2F7E36A435BFE0191E43, using metod 2...
      2012-04-22 11:08:58: Looking at \Device\HarddiskVolume2\WINDOWS\AppPatch\AcAdProc.dll J%PRODUCTNAME
      2012-04-22 11:08:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\samlib.dll SAMLIB.DLL
      2012-04-22 11:08:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\samsrv.dll SAMSRV.DLL
      2012-04-22 11:08:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cryptdll.dll CRYPTDLL.DLL
      2012-04-22 11:08:58: ... Failed to identify driver 28939C536BAD03758B799DCC2237EEDA, using metod 2...
      2012-04-22 11:08:58: Looking at \Device\HarddiskVolume2\WINDOWS\AppPatch\AcGenral.dll J%PRODUCTNAME
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winmm.dll WINMM.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msacm32.dll MSFLTR32.ACM
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\uxtheme.dll UXTHEME.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msapsspc.dll MSAPSSPC.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcrt40.dll MSVCRT40.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\schannel.dll SCHANNEL.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\digest.dll DIGEST.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msnsspc.dll MSNSSPC.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msprivs.dll MSPRIV.DLL
      2012-04-22 11:08:59: ... Failed to identify driver 5D76C3FB736514E1D7C88791E7322784, using metod 2...
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\WindowsLogon.manifest
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kerberos.dll KERBEROS.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msv1_0.dll MSV1_0.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\iphlpapi.dll IPHLPAPI.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netlogon.dll NETLOGON.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\w32time.dll W32TIME.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wdigest.dll WDIGEST.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rsaenh.dll RSAENH.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\atmfd.dll ATMFD.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\MSCTF.dll MSCTF.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winscard.dll WINSCARD.DLL
      2012-04-22 11:08:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wtsapi32.dll WTSAPI32.DLL
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\scecli.dll SCECLI
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\sbapifs.sys SBAPIFSM.SYS
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\PSINAflt.sys PSINAFLT.SYS
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\PSINProt.sys PSINPROT.SYS
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\logonui.exe LOGONUI.EXE
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\duser.dll DUSER.DLL
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msimg32.dll GDIEXT
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oleacc.dll OLEACC.DLL
      2012-04-22 11:09:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rpcss.dll RPCSS.DLL
      2012-04-22 11:09:00: ... Failed to identify driver 3312677026A2808C5CEA78F5E5876095, using metod 2...
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\clbcatq.dll
      2012-04-22 11:09:01: ... Failed to identify driver 93F4E612C695E81512110956454E6E25, using metod 2...
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\comres.dll
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shgina.dll SHGINA.DLL
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\PSINFile.sys PSINFILE.SYS
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\PSINProc.sys PSINPROC.SYS
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\svchost.exe SVCHOST.EXE
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntmarta.dll NTMARTA.DLL
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\eventlog.dll EVENTLOG.DLL
      2012-04-22 11:09:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\xpsp2res.dll XPSP2RES.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mswsock.dll MSWSOCK.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hnetcfg.dll HNETCFG.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wshtcpip.dll WSHTCPIP.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winrnr.dll WINRNR
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasadhlp.dll RASADHLP.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\fssfltr_tdi.sys FSSFLTR_TDI.SYS
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ndisuio.sys NDISUIO.SYS
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dhcpcsvc.dll DHCPCSVC.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dnsrslvr.dll DNSRSLVR.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\Resources\Themes\Luna\luna.msstyles LUNA.MST
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cscdll.dll CSCDLL.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dimsntfy.dll DIMSNTFY.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wlnotify.dll WLNOTIFY.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winspool.drv WINSPOOL.DRV
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lmhsvc.dll LMHSVC.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wzcsvc.dll WZCSVC.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rtutils.dll RTUTILS.DLL
      2012-04-22 11:09:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmi.dll WMI.DLL
      2012-04-22 11:09:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\eapolqec.dll EAPOLQEC.DLL
      2012-04-22 11:09:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\atl.dll ATL.DLL
      2012-04-22 11:09:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\qutil.dll QUTIL.DLL
      2012-04-22 11:09:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dot3api.dll DOT3API.DLL
      2012-04-22 11:09:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\esent.dll ESENT.DLL
      2012-04-22 11:09:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rastls.dll RASTLS.DLL
      2012-04-22 11:09:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cryptui.dll CRYPTUI.DLL
      2012-04-22 11:09:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mprapi.dll MPRAPI.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\activeds.dll ADS
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\adsldpc.dll ADSLDPC
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasapi32.dll RASAPI32.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasman.dll RASMAN.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tapi32.dll TAPI32.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\riched20.dll RICHED20.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\raschap.dll RASCHAP.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\schedsvc.dll SCHEDSVC.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msidle.dll MSIDLE.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spoolsv.exe SPOOLSV.EXE
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\audiosrv.dll AUDIOSRV.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cscui.dll CSCUI.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\powrprof.dll POWRPROF.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dpcdll.dll DPCDLL.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wkssvc.dll WKSSVC.DLL
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wdmaud.drv WDMAUD.DRV
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\wdmaud.sys WDMAUD.SYS
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\sysaudio.sys SYSAUDIO.SYS
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\splitter.sys SPLITTER.SYS
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\userinit.exe USERINIT.EXE
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\aec.sys AEC.SYS
      2012-04-22 11:09:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\swmidi.sys SWMIDI.SYS
      2012-04-22 11:09:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\DMusic.sys DMUSIC.SYS
      2012-04-22 11:09:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\kmixer.sys KMIXER.SYS
      2012-04-22 11:09:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\drmkaud.sys DRMKAUD.SYS
      2012-04-22 11:09:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msacm32.drv MSACM32.ACM
      2012-04-22 11:09:05: ... Failed to identify driver CE96B94D6F90A243A4D5E891FC5EF4C1, using metod 2...
      2012-04-22 11:09:06: Looking at \Device\HarddiskVolume2\Documents and Settings\nines\Datos de programa\Acazuz\duuh.exe
      2012-04-22 11:09:06: Looking at \Device\HarddiskVolume2\WINDOWS\system32\midimap.dll MIDIMAP.DLL
      2012-04-22 11:09:06: Looking at \Device\HarddiskVolume2\WINDOWS\explorer.exe EXPLORER.EXE
      2012-04-22 11:09:06: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mlang.dll MLANG.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\browseui.dll BROWSEUI.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\xmlprovi.dll XMLPROVI.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wzcsapi.dll WZCSAPI.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shdocvw.dll SHDOCVW.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll GROOVESHELLEXTENSIONS.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\GrooveUtil.dll GROOVEUTIL.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll MSVCR80.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\GrooveNew.dll GROOVENEW.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll ATL80.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\desk.cpl DESK.CPL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\themeui.dll THEMEUI.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\actxprxy.dll ACTXPRXY.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll GROOVESYSTEMSERVICES.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msxml3.dll MSXML3.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msxml3r.dll MSXML3R.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mrxdav.sys MRXDAV.SYS
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\webclnt.dll DAVSVC.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\parport.sys PARPORT.SYS
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\serial.sys SERIAL.SYS
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\AdAwareService.exe AD-AWAREANTIVIRUSSERVICE.EXE
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cryptsvc.dll CRYPTSVC.DLL
      2012-04-22 11:09:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cmd.exe CMD.EXE
      2012-04-22 11:09:08: Looking at \Device\HarddiskVolume2\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTmon.exe IAANTMON.EXE
      2012-04-22 11:09:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\certcli.dll CERTCLI
      2012-04-22 11:09:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ersvc.dll ERSVC.DLL
      2012-04-22 11:09:08: Looking at \Device\HarddiskVolume2\Archivos de programa\Intel\Intel Matrix Storage Manager\ISDI.dll ISDI.DLL
      2012-04-22 11:09:08: ... Failed to identify driver A225DD0D0489BD580781D19524A10B19, using metod 2...
      2012-04-22 11:09:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\es.dll
      2012-04-22 11:09:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ati.dll ATI.DLL
      2012-04-22 11:09:08: Looking at \Device\HarddiskVolume2\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll PCHSVC.DLL
      2012-04-22 11:09:08: ... Failed to identify driver E938F820CDA025F9BF22C10BAF6A4796, using metod 2...
      2012-04-22 11:09:09: Looking at \Device\Harddisk1\DP(1)0-0+4\Logs NI\yorkyt.exe
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\Archivos de programa\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll PLUGINRAID.DLL
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\Archivos de programa\Java\jre6\bin\jqs.exe JQS.EXE
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msi.dll MSI.DLL
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wsock32.dll WSOCK32.DLL
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemprox.dll WBEMPROX.DLL
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\MSIMTF.dll MSIMTF.DLL
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\Archivos de programa\Java\jre6\bin\msvcr71.dll MSVCR71.DLL
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemcomn.dll WBEMCOMN.DLL
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msutb.dll MSUTB.DLL
      2012-04-22 11:09:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pdh.dll PDH.DLL
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\WINDOWS\system32\odbcbcp.dll ODBCBCP
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\WINDOWS\system32\srvsvc.dll SRVSVC.DLL
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\mdm.exe MDM.EXE
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntshrui.dll NTSHRUI.DLL
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\3082\MDMUI.DLL MDMUI.DLL
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemdisp.dll WBEMDISP.DLL
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\WINDOWS\system32\netmsg.dll NETMSG.DLL
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\WINDOWS\system32\linkinfo.dll LINKINFO.DLL
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\pdm.dll PDM.DLL
      2012-04-22 11:09 Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe PSANHOST.EXE
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msdbg2.dll MSDBG2.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmiutils.dll WMIUTILS.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\srv.sys SRV.SYS
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\msdbg2.dll MSDBG2.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll MSVCP80.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netfxperf.dll NETFXPERF.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mscoree.dll MSCOREE.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll PERFCOUNTER.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spoolss.dll SPOOLSS.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\localspl.dll LOCALSPL.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\csm.dll CSM.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModLive.dll PSANMODLIVE.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\verclsid.exe VERCLSID.EXE
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ipsecsvc.dll IPSECSVC.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cnbjmon.dll CNBJMON.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\Archivos de programa\Acer\Acer VCM\RS_Service.exe RS_SERVICE.EXE
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCGP.dll PSNCGP.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mdimon.dll MSPCORE.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oakley.dll OAKLEY.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winipsec.dll WINIPSEC.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fxsmon.dll FXSMON.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pstorsvc.dll PROTECTEDSTORAGESERVER
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fxsevent.dll FXSEVENT.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCCfgMgr.dll PSNCCFGMGR.DLL
      2012-04-22 11:09:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\psbase.dll PSBASE.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MSCORWKS.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pjlmon.dll PJLMON.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCCfgStore.dll PSNCCFGSTORE.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msonpmon.dll MSPCORE.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dssenh.dll DSSENH.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\webcheck.dll WEBCHECK.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tcpmon.dll TCPMON.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCSA.dll PSNCSA.DLL
      2012-04-22 11:09:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\usbmon.dll DYNAMON.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll MSPCORE.DLL

    7. #7
      Usuario Avatar de juankipan
      Registrado
      jul 2010
      Ubicación
      españa
      Mensajes
      50

      Re: posible rootkit y doble tilde

      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCNotifMgr.dll PSNCNOTIFMGR.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll CORPERFMONEXT.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll PRINTFILTERPIPELINEPRXY.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll ASPNET_PERF.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANMSrvc.dll PSANMSRVC.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll MSPCORE.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCIPC.dll PSNCIPC.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\SBAMSvc.exe SBAMSVC.EXE
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\win32spl.dll WIN32SPL.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netshell.dll NETSHELL.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netrap.dll NETRAP.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCUpdMgr.dll PSNCUPDM.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\inetpp.dll INETPP.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\credui.dll CREDUI.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\SpursDownload.dll SPURSDOW.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModScheduler.dll PSANMODS.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dot3dlg.dll DOT3DLG.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\onex.dll ONEX.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\eappcfg.dll EAPPCFG.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\eappprxy.dll EAPPPRXY.DLL
      2012-04-22 11:09:13: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModBLA.dll PSANMODBLA.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winhttp.dll WINHTTP.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\stobject.dll STOBJECT.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\query.dll QUERY.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\batmeter.dll BATMETER.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModRep.dll PSANMODREP.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fxsperf.dll FXSPERF.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNEvts.dll PSNEVTS.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\SBTE.dll THREATEN.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANAlManager.dll PSANALMANAGER.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNXml.dll PSNANOXM.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNFiles.dll PSNFILES.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCrypt.dll PSNCRYPT.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\sbap.dll SBAPME.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\Argente Utilities.exe ARGENTEUTILITIES.EXE
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\SBArva.dll ARVADLL.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModAV.dll PSANMODAV.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUNMain.exe PSUNMAIN.EXE
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSBoot.dll PSBOOT.DLL
      2012-04-22 11:09:14: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\mimepp.dll MIMEPP.DLL
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mmcshext.dll MMCSHEXT.DLL
      2012-04-22 11:09:15: ... Failed to identify driver 0869B7123100D25E56BBAC81D5770BF8, using metod 2...
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Datos de programa\Panda Security URL Filtering\Panda_URL_Filtering.exe
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\SbHips.dll SBHIPS.DLL
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hhsetup.dll HHSETUP.DLL
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANLiveMan.dll PSANLIVEMAN.DLL
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\OLMAPI32.DLL MAPI32.DLL
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Archivos de programa\Adobe\Reader 9.0\Reader\reader_sl.exe ACROSPEEDLAUNCH.EXE
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll GDIPLUS
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModADM.dll PSANMODADM.DLL
      2012-04-22 11:09:15: ... Failed to identify driver ABC4E6C22B9FC9C7057ED0BE3541CE2F, using metod 2...
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Datos de programa\Panda Security URL Filtering\Panda_URL_Filtering.dll
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModProactive.dll PSANMODPROACTIVE.DLL
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe ADOBEARM.EXE
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\putsig.dll PUTSIG.DLL
      2012-04-22 11:09:15: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll GDIPLUS
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\seclogon.dll SECLOGON.EXE
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sensapi.dll SENSAPI.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModShield.dll PSANMODSHIELD.DLL
      2012-04-22 11:09:16: ... Failed to identify driver 115526815415F6A514830E37691BC59F, using metod 2...
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\lua5.1.dll
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\termsrv.dll TERMSRV.EXE
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe GROOVEMONITOR.EXE
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sens.dll SENS.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wiaservc.dll WIASERVC.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\icaapi.dll ICAAPI.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oledlg.dll OLEDLG.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModCtrlCfg.dll PSANMODCTRLCFG.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUNUtils.dll PSUNUTILS.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cfgmgr32.dll CFGMGR32.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mstlsapi.dll MSTLSAPI.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mscms.dll MSCMS.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\srsvc.dll SERVICE.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNReg.dll PSNREG.DLL
      2012-04-22 11:09:16: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\USP10.DLL UNISCRIBE
      2012-04-22 11:09:17: Looking at \Device\HarddiskVolume2\Archivos de programa\AVG Secure Search\vprot.exe VPROTECT.EXE
      2012-04-22 11:09:17: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tapisrv.dll TAPISRV.EXE
      2012-04-22 11:09:17: Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe TOOLBARU.EXE
      2012-04-22 11:09:17: Looking at \Device\HarddiskVolume2\Archivos de programa\Adobe\Reader 9.0\Reader\AcroRd32.exe ACRORD32.EXE
      2012-04-22 11:09:17: Looking at \Device\HarddiskVolume2\WINDOWS\system32\trkwks.dll TRKWKS.DLL
      2012-04-22 11:09:17: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModRol.dll PSANMODR.DLL
      2012-04-22 11:09:17: ... Failed to identify driver C5F1D82D9CC8979971CC748FCB2EE7CA, using metod 2...
      2012-04-22 11:09:17: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Datos de programa\Ad-Aware Browsing Protection\adawarebp.exe
      2012-04-22 11:09:17: ... Failed to identify driver 79A47D74DE9A2A4CD55ED026E8152501, using metod 2...
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUNTraybar.dll LPRODUCTNAME
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wiavusd.dll WIAVUSD.DLL
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmisvc.dll WMISVC.DLL
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shfolder.dll SHFOLDER.DLL
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL MSOXMLMF.DLL
      2012-04-22 11:09:18: ... Failed to identify driver 8A4D564076F8739C8C0C2B9A461F9408, using metod 2...
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Datos de programa\Ad-Aware Browsing Protection\adawarebp.dll
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\vssapi.dll VSSAPI.DLL
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe YAHOOAUSERVICE.EXE
      2012-04-22 11:09:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msftedit.dll MSFTEDIT.DLL
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wuauserv.dll WUAUSERV.DLL
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\AdAwareLauncher.exe AD-AWAREANTIVIRUSLAUNCHER.EXE
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fxssvc.exe FXSSVC.EXE
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dsound.dll DSOUND.DLL
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModStats.dll PSANMODSTATS.DLL
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\rtl120.bpl RTL120.BPL
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\SweetIM.exe SWEETIM.EXE
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ksuser.dll KSUSER.DLL
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wuaueng.dll WUAUENG.DLL
      2012-04-22 11:09:19: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModAdiag.dll PSANMODADIAG.DLL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fxstiff.dll FXSTIFF.DLL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cabinet.dll CABINET.DLL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\Archivos de programa\Acer\WR_PopUp\ProductReg.exe PRODUCTR.EXE
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\vipre.dll VIPRE.DLL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\mgUpdateSupport.dll MGUPDATESUPPORT.DLL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mspatcha.dll MSPATCHA.DLL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fxsapi.dll FXSAPI.DLL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\Extras\Plugins\Argente09\Argente09.lmd COMMANDLINE.DLL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\vcl120.bpl VCL120.BPL
      2012-04-22 11:09:20: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNCSysInfo.dll PSNCSYSINFO.DLL
      2012-04-22 11:09:21: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\Extras\Plugins\Argente04\Argente04.lmd FTP.LMD
      2012-04-22 11:09:21: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\mgsimcommon.dll MGSIMCOMMON.DLL
      2012-04-22 11:09:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\browser.dll BROWSER.DLL
      2012-04-22 11:09:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ctfmon.exe CTFMON.EXE
      2012-04-22 11:09:21: ... Failed to identify driver 512AC117E9363175BEE9B349B5A771B0, using metod 2...
      2012-04-22 11:09:21: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\Extras\Plugins\Argente06\Argente06.lmd
      2012-04-22 11:09:22: ... Failed to identify driver 7FA818F532EFFD80CF7C1C54676E5A0D, using metod 2...
      2012-04-22 11:09:22: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\lua51.dll LUA5.1.DLL
      2012-04-22 11:09:22: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModUSBVac.dll PSANMODUSBVAC.DLL
      2012-04-22 11:09:22: Looking at \Device\HarddiskVolume2\WINDOWS\ime\SPTIP.dll SPTIP.DLL
      2012-04-22 11:09:22: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\Extras\Plugins\Argente03\Argente03.lmd WINAPI.DLL
      2012-04-22 11:09:22: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\vclx120.bpl VCLX120.BPL
      2012-04-22 11:09:22: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\USBVacineDLL.dll USBVACINEDLL.DLL
      2012-04-22 11:09:23: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\mgcommon.dll MGCOMMON.DLL
      2012-04-22 11:09:23: ... Failed to identify driver 58D3BD316504EE65D980B6A9B122612F, using metod 2...
      2012-04-22 11:09:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\comsvcs.dll
      2012-04-22 11:09:24: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\Extras\Plugins\Argente02\Argente02.lmd WOW64.LMD
      2012-04-22 11:09:24: ... Failed to identify driver 77A68AEDDF7A396AB14096966D42DFCA, using metod 2...
      2012-04-22 11:09:24: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUNCtrl.bpl LPRODUCTNAME
      2012-04-22 11:09:25: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANModBrowser.dll PSANMODBROWSER.DLL
      2012-04-22 11:09:25: ... Failed to identify driver 45534830D03DC909CFF9340A7A22B798, using metod 2...
      2012-04-22 11:09:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\colbact.dll
      2012-04-22 11:09:26: Looking at \Device\HarddiskVolume2\Archivos de programa\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll TOOLBAR.DLL
      2012-04-22 11:09:26: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\borlndmm.dll BORLNDMM.DLL
      2012-04-22 11:09:26: ... Failed to identify driver 444AA336EC72E85F93A3D4E56049BB52, using metod 2...
      2012-04-22 11:09:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mtxclu.dll
      2012-04-22 11:09:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fxst30.dll FXST30.DLL
      2012-04-22 11:09:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fxsroute.dll FXSROUTE.DLL
      2012-04-22 11:09:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\clusapi.dll CLUSAPI
      2012-04-22 11:09:27: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\msvcr71.dll MSVCR71.DLL
      2012-04-22 11:09:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\resutils.dll RESUTILS
      2012-04-22 11:09:28: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\psenkrnl.dll PSENKRNL.DLL
      2012-04-22 11:09:28: Looking at \Device\HarddiskVolume2\WINDOWS\system32\unimdm.tsp UNIMDM.TSP
      2012-04-22 11:09:28: ... Failed to identify driver 28BC28A3EDC621F7C954EA8F88FE6E2D, using metod 2...
      2012-04-22 11:09:29: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\cc3290mt.dll
      2012-04-22 11:09:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\uniplat.dll UNIPLAT.DLL
      2012-04-22 11:09:30: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\Definitions\vcore.dll VIPRE.DLL
      2012-04-22 11:09:30: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\msvcp71.dll MSVCP71.DLL
      2012-04-22 11:09:30: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\mgcommunication.dll MGCOMMUNICATION.DLL
      2012-04-22 11:09:30: Looking at \Device\HarddiskVolume2\Archivos de programa\Argente Utilities\Extras\Plugins\Argente00\Argente00.apo SHAPE.APO
      2012-04-22 11:09:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wscsvc.dll WSCSVC.DLL
      2012-04-22 11:09:30: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\Definitions\remediation.dll REMEDIATION.DLL
      2012-04-22 11:09:30: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pkssigcv.dll PKSSIGCV.DLL
      2012-04-22 11:09:30: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\mghooking.dll MGHOOKING.DLL
      2012-04-22 11:09:31: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kmddsp.tsp KMDDSP.TSP
      2012-04-22 11:09:31: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\msnmsgr.exe MSNMSGR.EXE
      2012-04-22 11:09:31: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\psenlc.dll PSENLC.DLL
      2012-04-22 11:09:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ndptsp.tsp NDPROXY.TSP
      2012-04-22 11:09:32: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\psenplgb.dll PSENPLGB.DLL
      2012-04-22 11:09:32: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\mgxml_wrapper.dll MGXML_WRAPPER.DLL
      2012-04-22 11:09:32: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSENMgrb.dll PSENMGRB.DLL
      2012-04-22 11:09:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemcore.dll WBEMCORE.DLL
      2012-04-22 11:09:33: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANLang.dll PSANLANG.DLL
      2012-04-22 11:09:33: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\mgconfig.dll MGCONFIG.DLL
      2012-04-22 11:09:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\esscli.dll ESSCLI.DLL
      2012-04-22 11:09:33: ... Failed to identify driver D1B01B7933F26211E80EAC667A909E1B, using metod 2...
      2012-04-22 11:09:34: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\Engine\Definitions\patchw32.dll
      2012-04-22 11:09:34: Looking at \Device\HarddiskVolume2\Archivos de programa\SweetIM\Messenger\mgAdaptersProxy.dll MGADAPTERSPROXY.DLL
      2012-04-22 11:09:34: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\fastprox.dll FASTPROX.DLL
      2012-04-22 11:09:34: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\psenagent.dll PSENAGENT.DLL
      2012-04-22 11:09:34: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksdisk.dll PKSDISK.DLL
      2012-04-22 11:09:34: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wups.dll WUPS.DLL
      2012-04-22 11:09:34: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drprov.dll DRPROV.DLL
      2012-04-22 11:09:35: ... Failed to identify driver 877FAF74263DA5198B3697D8533D9F2E, using metod 2...
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pskutil.dll
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wups2.dll WUPS2.DLL
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntlanman.dll NTLANMAN.DLL
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ipconf.tsp IPCONF.TSP
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netui0.dll NETUI0.DLL
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netui1.dll NETUI1.DLL
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\h323.tsp H323.TSP
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pskcmp.dll PSKCMP.DLL
      2012-04-22 11:09:35: Looking at \Device\HarddiskVolume2\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSO.DLL MSO.DLL
      2012-04-22 11:09:36: ... Failed to identify driver FCBC487EEC611670A846D370729C3EA6, using metod 2...
      2012-04-22 11:09:36: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pskalloc.dll
      2012-04-22 11:09:36: Looking at \Device\HarddiskVolume2\WINDOWS\system32\davclnt.dll DAVCLNT.DLL
      2012-04-22 11:09:36: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pskvfile.dll PSKVFILE.DLL
      2012-04-22 11:09:36: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemsvc.dll WBEMSVC.DLL
      2012-04-22 11:09:36: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksplg.dll PKSPLG.DLL
      2012-04-22 11:09:36: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUNResources.dll PSUNRESOURCES.DLL
      2012-04-22 11:09:37: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\repdrvfs.dll REPDRVFS.DLL
      2012-04-22 11:09:37: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wuauclt.exe WUAUCLT.EXE
      2012-04-22 11:09:37: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\uccapi.dll UCCAPI.DLL
      2012-04-22 11:09:38: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hidphone.tsp HIDPHONE.TSP
      2012-04-22 11:09:38: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hid.dll HID.DLL
      2012-04-22 11:09:38: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksproc.dll PKSPROC.DLL
      2012-04-22 11:09:38: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfdisk.dll PERFDISK.DLL
      2012-04-22 11:09:38: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\vvpltfrm.dll VVPLTFRM.DLL
      2012-04-22 11:09:38: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmiprvsd.dll WMIPRVSD.DLL
      2012-04-22 11:09:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfnet.dll PERFNET.DLL
      2012-04-22 11:09:39: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUNConfigStore.dll PSUNCONFIGSTOREDLL
      2012-04-22 11:09:39: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksdtl.dll PKSDTL.DLL
      2012-04-22 11:09:39: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\wldcore.dll WLDCORE.DLL
      2012-04-22 11:09:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfos.dll PERFOS.DLL
      2012-04-22 11:09:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemess.dll WBEMESS.DLL
      2012-04-22 11:09:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfproc.dll PERFPROC.DLL
      2012-04-22 11:09:39: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksdtlt.dll PKSDTLT.DLL
      2012-04-22 11:09:40: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\GrooveMisc.dll GROOVEMISC.DLL
      2012-04-22 11:09:40: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\msidcrl40.dll MSIDCRL.DLL
      2012-04-22 11:09:40: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksdtr.dll PKSDTR.DLL
      2012-04-22 11:09:40: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\wldlog.dll WLDLOG.DLL
      2012-04-22 11:09:40: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pschdprf.dll PSCHDPRF.DLL
      2012-04-22 11:09:40: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pkscomctrl.dll PKSCOMCTRL.DLL
      2012-04-22 11:09:40: Looking at \Device\HarddiskVolume2\WINDOWS\system32\traffic.dll TRAFFIC.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\uxcore.dll UXCORE.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksformat.dll PKSFORMAT.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\uxcontacts.dll UXCONTACTS.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rsvpperf.dll RSVPPERF.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\uxcontacts.dll UXCONTACTS.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msisip.dll MSISIP.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wuapi.dll WUAPI.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tapiperf.dll TAPIPERF.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksboot.dll PKSBOOT.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wshext.dll WSHEXT.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\uxcalendar.dll UXCALENDAR.DLL
      2012-04-22 11:09:41: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\uxcalendar.dll UXCALENDAR.DLL
      2012-04-22 11:09:42: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSENPrx.dll PSENPRX.DLL
      2012-04-22 11:09:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfctrs.dll PERFCTRS.DLL
      2012-04-22 11:09:42: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Silverlight\xapauthenticodesip.dll XAPAUTHENTICODESIP.DLL
      2012-04-22 11:09:42: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\liveNatTrav.dll LIVENATTRAV.DLL
      2012-04-22 11:09:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfts.dll PERFTS.DLL
      2012-04-22 11:09:42: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSENRAM.dll PSENRAM.DLL
      2012-04-22 11:09:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wscntfy.exe WSCNTFY.EXE
      2012-04-22 11:09:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\utildll.dll UTILDLL.DLL
      2012-04-22 11:09:43: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\ncprov.dll NCOBJAPI.DLL
      2012-04-22 11:09:43: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSENSRF.dll PSENSRF.DLL
      2012-04-22 11:09:43: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\livetransport.dll LIVETRANSPORT.DLL
      2012-04-22 11:09:43: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmiaprpl.dll WMIAPRPL.DLL
      2012-04-22 11:09:43: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cryptnet.dll CRYPTNET.DLL
      2012-04-22 11:09:43: Looking at \Device\HarddiskVolume2\Archivos de programa\Acer\Acer VCM\AcerVCM.exe ACERVCM.EXE
      2012-04-22 11:09:44: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemcons.dll WBEMCONS
      2012-04-22 11:09:44: Looking at \Device\HarddiskVolume2\WINDOWS\system32\loadperf.dll LODCTR.DLL
      2012-04-22 11:09:44: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSNMuid.dll PSNMUID.DLL
      2012-04-22 11:09:44: Looking at \Device\HarddiskVolume2\Archivos de programa\Windows Live\Messenger\PresenceIM.dll PRESENCEIM.DLL
      2012-04-22 11:09:44: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\putczip.dll PUTCZIP.DLL
      2012-04-22 11:09:44: Looking at \Device\HarddiskVolume2\Archivos de programa\Ad-Aware Antivirus\AdAware.exe AD-AWAREANTIVIRUS.EXE
      2012-04-22 11:09:44: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\pksaccess.dll PKSACCESS.DLL
      2012-04-22 11:09:44: ... Failed to identify driver 6575DFC84A64C4EB5494CE7279E2536D, using metod 2...
      2012-04-22 11:09:44: Looking at \Device\HarddiskVolume2\Archivos de programa\Acer\Acer VCM\LanguageDll\AcerVCM-es.dll
      2012-04-22 11:09:44: ... Failed to identify driver C1CF9F3B71E02F06F761021A466518A3, using metod 2...
      2012-04-22 11:09:45: Looking at \Device\HarddiskVolume2\Archivos de programa\OpenOffice.org 3\program\quickstart.exe
      2012-04-22 11:09:45: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\psenobsr.dll PSENOBSR.DLL
      2012-04-22 11:09:45: ... Failed to identify driver B2A71BBFFB31A196DE001CF94EB8D3B4, using metod 2...
      2012-04-22 11:09:49: Looking at \Device\HarddiskVolume2\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe
      2012-04-22 11:09:49: Looking at \Device\HarddiskVolume2\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE ONENOTEM.EXE
      2012-04-22 11:09:49: Looking at \Device\HarddiskVolume2\Archivos de programa\Panda Security\Panda Cloud Antivirus\psenhash.dll PSENHASH.DLL
      2012-04-22 11:09:49: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll MSVCR90.DLL
      2012-04-22 11:09:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dbghelp.dll DBGHELP.DLL
      2012-04-22 11:09:49: ... Failed to identify driver A0609BDC6F6FB484897C9D93EDB72F2B, using metod 2...

    8. #8
      Usuario Avatar de juankipan
      Registrado
      jul 2010
      Ubicación
      españa
      Mensajes
      50

      Re: posible rootkit y doble tilde

      BUFFFFFF creo que va a ser una mision imposible. cada trozo que intento mandar ne dice que tengo mas de 25 imagenes ¿?¿?y que lo coririja. para hacerlo tendria que mendar el log en 400 trozos.

      Hay alguna forma de hacertelo llegar mas sencilla?

      gracias por tu paciencia

    9. #9
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.017

      Re: posible rootkit y doble tilde

      Hola de nuevo,

      Si tienes que mandarlo en 400 trozos mejor dejarlo así

      Realiza lo siguiente:

      Realiza un análisis completo con Eset Nod32

      1- Lo ejecutas.

      2-Marcas las casillas de Eliminar las amenazas detectadas y analizar archivos.

      3- Haces clic en Configuración adicional y ahi marcas las casillas:

      - Analizar en busca de aplicaciones potencialmente indeseables.

      - Analizar en busca de aplicaciones potencialmente peligrosas.

      - Activar la tecnolgía Anti-Stealth.



      4- Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Cuando acabe haz clic en Finalizar

      5- Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log

      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de juankipan
      Registrado
      jul 2010
      Ubicación
      españa
      Mensajes
      50

      Re: posible rootkit y doble tilde

      Gracias,después de seguir tus ibstrucciones, ésto es lo que está en el log:
      ESETSmartInstaller@High as CAB hook log:
      OnlineScanner.ocx - registred OK
      # version=7
      # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
      # OnlineScanner.ocx=1.0.0.6583
      # api_version=3.0.2
      # EOSSerial=f99a4c52e255134fb746fa77dbaaf493
      # end=finished
      # remove_checked=true
      # archives_checked=false
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2012-04-22 05:18:00
      # local_time=2012-04-22 07:18:00 (+0100, Hora de verano romance)
      # country="Spain"
      # lang=1033
      # osver=5.1.2600 NT Service Pack 3
      # compatibility_mode=1538 16774102 20 3 3880029 163656941 0 0
      # compatibility_mode=8192 67108863 100 0 330 330 0 0
      # scanned=69762
      # found=17
      # cleaned=17
      # scan_time=4033
      C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\I1X6F01T\main[1].htm JS/Kryptik.MB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\Documents and Settings\nines\Configuración local\Datos de programa\Babylon\Setup\Setup.exe Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\Documents and Settings\nines\Configuración local\temp\hj8ol0.exe a variant of Win32/Kryptik.ADSQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\Documents and Settings\nines\Datos de programa\Acazuz\duuh.exe a variant of Win32/Kryptik.ADSQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\Documents and Settings\nines\Escritorio\MyBabylonTB.exe Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\svc0000\tsk0000.dta Win32/Sirefef.DA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\zafs0000\tsk0003.dta a variant of Win32/Sirefef.CR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\zafs0000\tsk0004.dta Win32/Agent.TMK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\zafs0000\tsk0006.dta Win32/Redirector.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\zafs0000\tsk0007.dta a variant of Win32/Sirefef.CP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\zafs0000\tsk0008.dta a variant of Win32/Sirefef.EN trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\zafs0000\tsk0009.dta a variant of Win32/Sirefef.CP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\zafs0000\tsk0010.dta a variant of Win32/Sirefef.CP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\rtkt0000\zafs0000\tsk0011.dta a variant of Win32/Sirefef.EF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\TDSSKiller_Quarantine\21.04.2012_18.42.15\zaea0000\svc0000\tsk0000.dta probably a variant of Win32/Sirefef.ER trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\WINDOWS\system32\DBBK\CE96B94D6F90A243A4D5E891FC5EF4C1 a variant of Win32/Kryptik.ADSQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\WINDOWS\system32\drivers\etc\hosts Win32/Qhost trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

    Página 1 de 3 123 ÚltimoÚltimo