• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 16

    ESET me detecta virus imposible de eliminar

    Saludos! Antes que nada me gustaría agradecer a este increíble foro por tantas veces que me ha ayudado a resolver mis problemas! Sin duda el mejor Bueno, mi problema es el siguiente: desde hace unas ...

    1. #1
      Usuario Avatar de alexrayas094
      Registrado
      oct 2010
      Ubicación
      México
      Mensajes
      11

      Malware ESET me detecta virus imposible de eliminar

      Saludos!
      Antes que nada me gustaría agradecer a este increíble foro por tantas veces que me ha ayudado a resolver mis problemas! Sin duda el mejor

      Bueno, mi problema es el siguiente: desde hace unas semanas el eset smart security me detecta una especie de virus que no puede desinfectar, y al tratar de eliminarlo me aparece el siguiente mensaje: "Ha ocurrido un error mientras se realizaba la eliminación". El mensaje de amenaza siempre me aparece inmediatamente después de que el escritorio de windows se ha terminado de cargar. Dice lo siguiente:
      Objeto:
      Memoria operativa= C:\Windows\syswow64\spdg.dll
      Amenaza:
      una variante de Win32/PSW.Tibia.NHC Troyano

      Extrañamente desde que aparece ese mensaje no he podido instalar actualizaciones de Windows Update. Las instalo y cuando reinicio para completar la actualizacion, me aparece el mensaje de que Windows no pudo instalar correctamente las actualizaciones

      Ya analice con Malwarebytes Antimalware y no me detecta este "virus".
      He tratado de buscar en internet algo de información sobre este archivo, pero simplemente no encuentro nada! Y cuando lo analizo en Virus Total la mayoría de los antivirus lo detectan como amenaza. He tratado de eliminarlo manualmente pero tampoco me lo permite.

      Agradecería demasiado si alguno de ustedes tiene idea sobre lo que podría estar ocurriendo en mi computadora!

    2. #2
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: ESET me detecta virus imposible de eliminar

      Hola alexrayas094

      al Foro.

      Consejos para antes de publicar un nuevo mensaje

      Políticas del Foro de InfoSpyware

      Políticas Foro Oficial de HijackThis en español
      --------------------------------------------------


      Realiza lo siguiente:


      Descarga TDSSKiller.zip a tu escritorio.
      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip
      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón

        .
      • TDSSKiller comenzara a analizar el equipo.
      • Si el equipo no está infectado:
      • Mostrara
      • No threats found.
      • Presiona clic sobre el botón "Close"
      • Si el equipo está infectado:
      • Mostrara:
      • Threats detected.
      • Select action for found objects:


      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".
      • Suspicious object, medium risk. Usa siempre la opción "Skip"
      • El programa selecciona de forma automática la acción a tomar.
      • Presiona clic sobre el botón "Continue"
      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.
      • Presiona clic sobre el botón

      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.



      Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware


        Si te pide actualizar "Aceptas".
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Nota Importante: Luego del primer reinicio que realiza el programa Combofix, realiza un reinicio mas.




      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de alexrayas094
      Registrado
      oct 2010
      Ubicación
      México
      Mensajes
      11

      Re: ESET me detecta virus imposible de eliminar

      Aqui el reporte de TDSSKiller:
      23:36:31.0731 2848 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
      23:36:32.0167 2848 ============================================================
      23:36:32.0167 2848 Current date / time: 2012/08/16 23:36:32.0167
      23:36:32.0167 2848 SystemInfo:
      23:36:32.0167 2848
      23:36:32.0167 2848 OS Version: 6.1.7601 ServicePack: 1.0
      23:36:32.0167 2848 Product type: Workstation
      23:36:32.0167 2848 ComputerName: ALEX
      23:36:32.0167 2848 UserName: Pako
      23:36:32.0167 2848 Windows directory: C:\Windows
      23:36:32.0167 2848 System windows directory: C:\Windows
      23:36:32.0167 2848 Running under WOW64
      23:36:32.0167 2848 Processor architecture: Intel x64
      23:36:32.0167 2848 Number of processors: 2
      23:36:32.0167 2848 Page size: 0x1000
      23:36:32.0167 2848 Boot type: Normal boot
      23:36:32.0167 2848 ============================================================
      23:36:34.0008 2848 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      23:36:34.0024 2848 ============================================================
      23:36:34.0024 2848 \Device\Harddisk0\DR0:
      23:36:34.0024 2848 MBR partitions:
      23:36:34.0024 2848 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12CE800, BlocksNum 0x32000
      23:36:34.0024 2848 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1300800, BlocksNum 0x2412DAB0
      23:36:34.0024 2848 ============================================================
      23:36:34.0055 2848 C: <-> \Device\Harddisk0\DR0\Partition2
      23:36:34.0055 2848 ============================================================
      23:36:34.0055 2848 Initialize success
      23:36:34.0055 2848 ============================================================
      23:37:00.0403 1112 ============================================================
      23:37:00.0403 1112 Scan started
      23:37:00.0403 1112 Mode: Manual; SigCheck; TDLFS;
      23:37:00.0403 1112 ============================================================
      23:37:01.0870 1112 ================ Scan services =============================
      23:37:02.0073 1112 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
      23:37:02.0275 1112 1394ohci - ok
      23:37:02.0353 1112 [ adc420616c501b45d26c0fd3ef1e54e4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
      23:37:02.0509 1112 ACDaemon - ok
      23:37:02.0556 1112 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
      23:37:02.0587 1112 ACPI - ok
      23:37:02.0634 1112 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
      23:37:02.0775 1112 AcpiPmi - ok
      23:37:02.0899 1112 [ d19c4ee2ac7c47b8f5f84fff1a789d8a ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      23:37:02.0931 1112 AdobeARMservice - ok
      23:37:03.0118 1112 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      23:37:03.0149 1112 AdobeFlashPlayerUpdateSvc - ok
      23:37:03.0211 1112 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
      23:37:03.0336 1112 adp94xx - ok
      23:37:03.0383 1112 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
      23:37:03.0461 1112 adpahci - ok
      23:37:03.0508 1112 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
      23:37:03.0555 1112 adpu320 - ok
      23:37:03.0586 1112 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      23:37:03.0789 1112 AeLookupSvc - ok
      23:37:03.0851 1112 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
      23:37:03.0929 1112 AFD - ok
      23:37:03.0976 1112 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
      23:37:04.0054 1112 agp440 - ok
      23:37:04.0101 1112 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
      23:37:04.0163 1112 ALG - ok
      23:37:04.0194 1112 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
      23:37:04.0241 1112 aliide - ok
      23:37:04.0303 1112 [ 2afbb7ae447a2373e20a22951eefc92e ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
      23:37:04.0397 1112 AMD External Events Utility - ok
      23:37:04.0444 1112 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
      23:37:04.0491 1112 amdide - ok
      23:37:04.0553 1112 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
      23:37:04.0647 1112 AmdK8 - ok
      23:37:04.0818 1112 [ 7b8ee993d033ec437b2d0648e3db034d ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
      23:37:05.0083 1112 amdkmdag - ok
      23:37:05.0130 1112 [ f35e79cadcf770e41802910efe70e245 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
      23:37:05.0161 1112 amdkmdap - ok
      23:37:05.0208 1112 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
      23:37:05.0224 1112 AmdPPM - ok
      23:37:05.0271 1112 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
      23:37:05.0333 1112 amdsata - ok
      23:37:05.0411 1112 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
      23:37:05.0473 1112 amdsbs - ok
      23:37:05.0505 1112 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      23:37:05.0567 1112 amdxata - ok
      23:37:05.0583 1112 [ 08e8a4172c57abd7693a6915cf1e7a99 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
      23:37:05.0629 1112 amd_sata - ok
      23:37:05.0692 1112 [ 9866af4e4ad7f16e810b6c0b8473f9cd ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
      23:37:05.0785 1112 amd_xata - ok
      23:37:05.0848 1112 [ 2672a9dbaa6a8deea7ec8c7892e32a03 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys
      23:37:05.0973 1112 ApfiltrService - ok
      23:37:06.0019 1112 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
      23:37:06.0253 1112 AppID - ok
      23:37:06.0269 1112 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      23:37:06.0363 1112 AppIDSvc - ok
      23:37:06.0409 1112 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
      23:37:06.0487 1112 Appinfo - ok
      23:37:06.0565 1112 [ 20f6f19fe9e753f2780dc2fa083ad597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      23:37:06.0581 1112 Apple Mobile Device - ok
      23:37:06.0643 1112 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys
      23:37:06.0690 1112 arc - ok
      23:37:06.0706 1112 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys
      23:37:06.0721 1112 arcsas - ok
      23:37:06.0768 1112 [ 1ce3822b05a5e229286a15ea39369870 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
      23:37:06.0877 1112 ArcSoftKsUFilter - ok
      23:37:06.0893 1112 ASTSRV - ok
      23:37:06.0924 1112 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      23:37:07.0065 1112 AsyncMac - ok
      23:37:07.0096 1112 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
      23:37:07.0143 1112 atapi - ok
      23:37:07.0236 1112 [ d6cad7e5b05055bb8226bdcb1644da27 ] athr C:\Windows\system32\DRIVERS\athrx.sys
      23:37:07.0439 1112 athr - ok
      23:37:07.0673 1112 [ 7b8ee993d033ec437b2d0648e3db034d ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
      23:37:07.0923 1112 atikmdag - ok
      23:37:07.0985 1112 [ 7c5d273e29dcc5505469b299c6f29163 ] AtiPcie C:\Windows\system32\drivers\AtiPcie.sys
      23:37:08.0063 1112 AtiPcie - ok
      23:37:08.0125 1112 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      23:37:08.0219 1112 AudioEndpointBuilder - ok
      23:37:08.0235 1112 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
      23:37:08.0281 1112 AudioSrv - ok
      23:37:08.0328 1112 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
      23:37:08.0469 1112 AxInstSV - ok
      23:37:08.0547 1112 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
      23:37:08.0640 1112 b06bdrv - ok
      23:37:08.0703 1112 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
      23:37:08.0781 1112 b57nd60a - ok
      23:37:08.0812 1112 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
      23:37:08.0859 1112 BDESVC - ok
      23:37:08.0921 1112 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
      23:37:08.0999 1112 Beep - ok
      23:37:09.0061 1112 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
      23:37:09.0186 1112 BFE - ok
      23:37:09.0233 1112 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll
      23:37:09.0420 1112 BITS - ok
      23:37:09.0451 1112 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
      23:37:09.0529 1112 blbdrive - ok
      23:37:09.0561 1112 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      23:37:09.0639 1112 bowser - ok
      23:37:09.0685 1112 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
      23:37:09.0779 1112 BrFiltLo - ok
      23:37:09.0795 1112 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
      23:37:09.0826 1112 BrFiltUp - ok
      23:37:09.0857 1112 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll
      23:37:09.0919 1112 Browser - ok
      23:37:09.0951 1112 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      23:37:10.0060 1112 Brserid - ok
      23:37:10.0075 1112 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      23:37:10.0122 1112 BrSerWdm - ok
      23:37:10.0169 1112 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      23:37:10.0248 1112 BrUsbMdm - ok
      23:37:10.0279 1112 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      23:37:10.0310 1112 BrUsbSer - ok
      23:37:10.0342 1112 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
      23:37:10.0466 1112 BthEnum - ok
      23:37:10.0513 1112 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
      23:37:10.0576 1112 BTHMODEM - ok
      23:37:10.0622 1112 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
      23:37:10.0654 1112 BthPan - ok
      23:37:10.0716 1112 [ 64c198198501f7560ee41d8d1efa7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
      23:37:10.0825 1112 BTHPORT - ok
      23:37:10.0872 1112 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
      23:37:10.0997 1112 bthserv - ok
      23:37:11.0028 1112 [ f188b7394d81010767b6df3178519a37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
      23:37:11.0122 1112 BTHUSB - ok
      23:37:11.0153 1112 [ 5c849bd7c78791c5cee9f4651d7fe38d ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
      23:37:11.0246 1112 btwavdt - ok
      23:37:11.0387 1112 [ 31da517946ffe416442e864592548f8a ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      23:37:11.0449 1112 btwdins - ok
      23:37:11.0465 1112 [ 3e1991afa851a36dc978b0a1b0535c8b ] btwrchid C:\Windows\system32\drivers\btwrchid.sys
      23:37:11.0558 1112 btwrchid - ok
      23:37:11.0605 1112 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      23:37:11.0699 1112 cdfs - ok
      23:37:11.0746 1112 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      23:37:11.0808 1112 cdrom - ok
      23:37:11.0855 1112 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
      23:37:11.0933 1112 CertPropSvc - ok
      23:37:11.0980 1112 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys
      23:37:12.0026 1112 circlass - ok
      23:37:12.0073 1112 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
      23:37:12.0089 1112 CLFS - ok
      23:37:12.0182 1112 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      23:37:12.0214 1112 clr_optimization_v2.0.50727_32 - ok
      23:37:12.0276 1112 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      23:37:12.0307 1112 clr_optimization_v2.0.50727_64 - ok
      23:37:12.0385 1112 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      23:37:12.0448 1112 clr_optimization_v4.0.30319_32 - ok
      23:37:12.0494 1112 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      23:37:12.0526 1112 clr_optimization_v4.0.30319_64 - ok
      23:37:12.0604 1112 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
      23:37:12.0666 1112 CmBatt - ok
      23:37:12.0697 1112 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
      23:37:12.0744 1112 cmdide - ok
      23:37:12.0775 1112 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
      23:37:12.0838 1112 CNG - ok
      23:37:12.0900 1112 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
      23:37:12.0962 1112 Compbatt - ok
      23:37:12.0994 1112 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
      23:37:13.0056 1112 CompositeBus - ok
      23:37:13.0072 1112 COMSysApp - ok
      23:37:13.0103 1112 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
      23:37:13.0134 1112 crcdisk - ok
      23:37:13.0181 1112 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
      23:37:13.0243 1112 CryptSvc - ok
      23:37:13.0306 1112 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
      23:37:13.0415 1112 DcomLaunch - ok
      23:37:13.0477 1112 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
      23:37:13.0586 1112 defragsvc - ok
      23:37:13.0618 1112 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      23:37:13.0696 1112 DfsC - ok
      23:37:13.0742 1112 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
      23:37:13.0805 1112 Dhcp - ok
      23:37:13.0852 1112 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
      23:37:13.0976 1112 discache - ok
      23:37:14.0023 1112 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys
      23:37:14.0086 1112 Disk - ok
      23:37:14.0117 1112 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      23:37:14.0148 1112 Dnscache - ok
      23:37:14.0195 1112 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
      23:37:14.0257 1112 dot3svc - ok
      23:37:14.0288 1112 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
      23:37:14.0351 1112 DPS - ok
      23:37:14.0382 1112 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      23:37:14.0429 1112 drmkaud - ok
      23:37:14.0476 1112 [ fb9bef3401ee5ecc2603311b9c64f44a ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
      23:37:14.0538 1112 dtsoftbus01 - ok
      23:37:14.0585 1112 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      23:37:14.0632 1112 DXGKrnl - ok
      23:37:14.0694 1112 [ 85e3ed13ec107a20d9b018328e0c9737 ] eamon C:\Windows\system32\DRIVERS\eamon.sys
      23:37:14.0803 1112 eamon - ok
      23:37:14.0850 1112 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
      23:37:14.0928 1112 EapHost - ok
      23:37:15.0053 1112 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys
      23:37:15.0224 1112 ebdrv - ok
      23:37:15.0256 1112 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
      23:37:15.0334 1112 EFS - ok
      23:37:15.0396 1112 [ 518fb66d5e21b2c246f96c1d9153cadc ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
      23:37:15.0474 1112 ehdrv - ok
      23:37:15.0568 1112 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      23:37:15.0677 1112 ehRecvr - ok
      23:37:15.0708 1112 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
      23:37:15.0770 1112 ehSched - ok
      23:37:15.0833 1112 [ 10511409572f32276688faf184e78008 ] EhttpSrv C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
      23:37:15.0942 1112 EhttpSrv - ok
      23:37:15.0989 1112 [ 3543c6195d5ed4eda0316d3e1ba0e6ee ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
      23:37:16.0082 1112 ekrn - ok
      23:37:16.0114 1112 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
      23:37:16.0145 1112 elxstor - ok
      23:37:16.0192 1112 [ 99698ff43533c0fdc75967d48001c25f ] epfw C:\Windows\system32\DRIVERS\epfw.sys
      23:37:16.0285 1112 epfw - ok
      23:37:16.0348 1112 [ be1f150790123e1077cf95990394339d ] Epfwndis C:\Windows\system32\DRIVERS\Epfwndis.sys
      23:37:16.0441 1112 Epfwndis - ok
      23:37:16.0504 1112 [ 6eb1d07c86913ad53ec5afa67b9453fd ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
      23:37:16.0597 1112 epfwwfp - ok
      23:37:16.0628 1112 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
      23:37:16.0675 1112 ErrDev - ok
      23:37:16.0738 1112 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
      23:37:16.0847 1112 EventSystem - ok
      23:37:16.0878 1112 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
      23:37:17.0018 1112 exfat - ok
      23:37:17.0050 1112 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
      23:37:17.0159 1112 fastfat - ok
      23:37:17.0221 1112 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
      23:37:17.0330 1112 Fax - ok
      23:37:17.0362 1112 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys
      23:37:17.0455 1112 fdc - ok
      23:37:17.0486 1112 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
      23:37:17.0580 1112 fdPHost - ok
      23:37:17.0596 1112 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
      23:37:17.0658 1112 FDResPub - ok
      23:37:17.0705 1112 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      23:37:17.0752 1112 FileInfo - ok
      23:37:17.0752 1112 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      23:37:17.0830 1112 Filetrace - ok
      23:37:17.0845 1112 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
      23:37:17.0876 1112 flpydisk - ok
      23:37:17.0923 1112 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      23:37:18.0001 1112 FltMgr - ok
      23:37:18.0048 1112 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
      23:37:18.0142 1112 FontCache - ok
      23:37:18.0204 1112 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      23:37:18.0220 1112 FontCache3.0.0.0 - ok
      23:37:18.0251 1112 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      23:37:18.0298 1112 FsDepends - ok
      23:37:18.0376 1112 [ 8197c85348a33bccfe80dd6e2db53903 ] FSProFilter C:\Windows\system32\Drivers\FSPFltd.sys
      23:37:18.0485 1112 FSProFilter - ok
      23:37:18.0516 1112 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      23:37:18.0563 1112 Fs_Rec - ok
      23:37:18.0625 1112 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      23:37:18.0641 1112 fvevol - ok
      23:37:18.0688 1112 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
      23:37:18.0766 1112 gagp30kx - ok
      23:37:18.0812 1112 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
      23:37:18.0922 1112 gpsvc - ok
      23:37:19.0015 1112 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      23:37:19.0046 1112 gupdate - ok
      23:37:19.0078 1112 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      23:37:19.0109 1112 gupdatem - ok
      23:37:19.0156 1112 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      23:37:19.0218 1112 hcw85cir - ok
      23:37:19.0280 1112 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      23:37:19.0343 1112 HdAudAddService - ok
      23:37:19.0374 1112 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
      23:37:19.0421 1112 HDAudBus - ok
      23:37:19.0452 1112 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
      23:37:19.0561 1112 HidBatt - ok
      23:37:19.0592 1112 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
      23:37:19.0686 1112 HidBth - ok
      23:37:19.0702 1112 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
      23:37:19.0795 1112 HidIr - ok
      23:37:19.0842 1112 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
      23:37:19.0936 1112 hidserv - ok
      23:37:19.0998 1112 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      23:37:20.0060 1112 HidUsb - ok
      23:37:20.0092 1112 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
      23:37:20.0154 1112 hkmsvc - ok
      23:37:20.0201 1112 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      23:37:20.0248 1112 HomeGroupListener - ok
      23:37:20.0294 1112 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      23:37:20.0341 1112 HomeGroupProvider - ok
      23:37:20.0388 1112 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
      23:37:20.0435 1112 HpSAMD - ok
      23:37:20.0482 1112 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      23:37:20.0575 1112 HTTP - ok
      23:37:20.0606 1112 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      23:37:20.0622 1112 hwpolicy - ok
      23:37:20.0669 1112 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
      23:37:20.0747 1112 i8042prt - ok
      23:37:20.0825 1112 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      23:37:20.0918 1112 iaStorV - ok
      23:37:21.0012 1112 [ 1cf03c69b49acb70c722df92755c0c8c ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      23:37:21.0043 1112 IDriverT ( UnsignedFile.Multi.Generic ) - warning
      23:37:21.0043 1112 IDriverT - detected UnsignedFile.Multi.Generic (1)
      23:37:21.0121 1112 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      23:37:21.0199 1112 idsvc - ok
      23:37:21.0215 1112 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
      23:37:21.0246 1112 iirsp - ok
      23:37:21.0293 1112 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
      23:37:21.0433 1112 IKEEXT - ok
      23:37:21.0589 1112 [ 490947a9aff7ca31ef2e08f5776105eb ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
      23:37:21.0808 1112 IntcAzAudAddService - ok
      23:37:21.0839 1112 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
      23:37:21.0870 1112 intelide - ok
      23:37:21.0901 1112 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
      23:37:21.0948 1112 intelppm - ok
      23:37:21.0995 1112 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      23:37:22.0057 1112 IPBusEnum - ok
      23:37:22.0104 1112 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      23:37:22.0151 1112 IpFilterDriver - ok
      23:37:22.0182 1112 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      23:37:22.0260 1112 iphlpsvc - ok
      23:37:22.0307 1112 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
      23:37:22.0354 1112 IPMIDRV - ok
      23:37:22.0400 1112 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      23:37:22.0510 1112 IPNAT - ok
      23:37:22.0541 1112 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      23:37:22.0634 1112 IRENUM - ok
      23:37:22.0666 1112 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      23:37:22.0712 1112 isapnp - ok
      23:37:22.0759 1112 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
      23:37:22.0868 1112 iScsiPrt - ok
      23:37:22.0900 1112 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
      23:37:22.0915 1112 kbdclass - ok
      23:37:22.0946 1112 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
      23:37:22.0978 1112 kbdhid - ok
      23:37:22.0993 1112 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
      23:37:23.0024 1112 KeyIso - ok
      23:37:23.0056 1112 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      23:37:23.0071 1112 KSecDD - ok
      23:37:23.0134 1112 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      23:37:23.0165 1112 KSecPkg - ok
      23:37:23.0196 1112 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
      23:37:23.0274 1112 ksthunk - ok
      23:37:23.0321 1112 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
      23:37:23.0414 1112 KtmRm - ok
      23:37:23.0461 1112 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll
      23:37:23.0602 1112 LanmanServer - ok
      23:37:23.0633 1112 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      23:37:23.0726 1112 LanmanWorkstation - ok
      23:37:23.0758 1112 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      23:37:23.0898 1112 lltdio - ok
      23:37:23.0929 1112 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
      23:37:24.0038 1112 lltdsvc - ok
      23:37:24.0070 1112 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
      23:37:24.0116 1112 lmhosts - ok
      23:37:24.0163 1112 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
      23:37:24.0210 1112 LSI_FC - ok
      23:37:24.0241 1112 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
      23:37:24.0272 1112 LSI_SAS - ok
      23:37:24.0304 1112 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
      23:37:24.0335 1112 LSI_SAS2 - ok
      23:37:24.0366 1112 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
      23:37:24.0444 1112 LSI_SCSI - ok
      23:37:24.0460 1112 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
      23:37:24.0538 1112 luafv - ok
      23:37:24.0616 1112 [ dc8490812a3b72811ae534f423b4c206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
      23:37:24.0694 1112 MBAMProtector - ok
      23:37:24.0772 1112 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      23:37:24.0818 1112 MBAMService - ok
      23:37:24.0865 1112 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      23:37:24.0943 1112 Mcx2Svc - ok
      23:37:24.0974 1112 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys
      23:37:25.0052 1112 megasas - ok
      23:37:25.0084 1112 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
      23:37:25.0193 1112 MegaSR - ok
      23:37:25.0286 1112 Microsoft SharePoint Workspace Audit Service - ok
      23:37:25.0318 1112 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
      23:37:25.0411 1112 MMCSS - ok
      23:37:25.0427 1112 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
      23:37:25.0489 1112 Modem - ok
      23:37:25.0520 1112 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      23:37:25.0598 1112 monitor - ok
      23:37:25.0614 1112 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      23:37:25.0645 1112 mouclass - ok
      23:37:25.0692 1112 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      23:37:25.0739 1112 mouhid - ok
      23:37:25.0786 1112 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      23:37:25.0848 1112 mountmgr - ok
      23:37:25.0879 1112 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
      23:37:25.0910 1112 mpio - ok
      23:37:25.0957 1112 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      23:37:26.0051 1112 mpsdrv - ok
      23:37:26.0098 1112 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
      23:37:26.0176 1112 MpsSvc - ok
      23:37:26.0207 1112 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      23:37:26.0285 1112 MRxDAV - ok
      23:37:26.0316 1112 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      23:37:26.0394 1112 mrxsmb - ok
      23:37:26.0425 1112 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      23:37:26.0566 1112 mrxsmb10 - ok
      23:37:26.0612 1112 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      23:37:26.0675 1112 mrxsmb20 - ok
      23:37:26.0706 1112 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
      23:37:26.0784 1112 msahci - ok
      23:37:26.0815 1112 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      23:37:26.0909 1112 msdsm - ok
      23:37:26.0940 1112 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
      23:37:26.0987 1112 MSDTC - ok
      23:37:27.0034 1112 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      23:37:27.0112 1112 Msfs - ok
      23:37:27.0127 1112 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      23:37:27.0190 1112 mshidkmdf - ok
      23:37:27.0221 1112 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      23:37:27.0252 1112 msisadrv - ok
      23:37:27.0299 1112 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      23:37:27.0377 1112 MSiSCSI - ok
      23:37:27.0392 1112 msiserver - ok
      23:37:27.0455 1112 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      23:37:27.0533 1112 MSKSSRV - ok
      23:37:27.0548 1112 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      23:37:27.0626 1112 MSPCLOCK - ok
      23:37:27.0642 1112 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      23:37:27.0736 1112 MSPQM - ok
      23:37:27.0767 1112 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      23:37:27.0798 1112 MsRPC - ok
      23:37:27.0845 1112 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
      23:37:27.0876 1112 mssmbios - ok
      23:37:27.0938 1112 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      23:37:28.0032 1112 MSTEE - ok
      23:37:28.0063 1112 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
      23:37:28.0094 1112 MTConfig - ok
      23:37:28.0126 1112 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
      23:37:28.0157 1112 Mup - ok
      23:37:28.0204 1112 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
      23:37:28.0266 1112 napagent - ok
      23:37:28.0313 1112 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      23:37:28.0422 1112 NativeWifiP - ok
      23:37:28.0484 1112 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
      23:37:28.0547 1112 NDIS - ok
      23:37:28.0594 1112 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      23:37:28.0656 1112 NdisCap - ok
      23:37:28.0687 1112 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      23:37:28.0750 1112 NdisTapi - ok
      23:37:28.0781 1112 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      23:37:28.0828 1112 Ndisuio - ok
      23:37:28.0874 1112 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      23:37:28.0952 1112 NdisWan - ok
      23:37:28.0984 1112 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      23:37:29.0077 1112 NDProxy - ok
      23:37:29.0124 1112 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      23:37:29.0202 1112 NetBIOS - ok
      23:37:29.0249 1112 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      23:37:29.0342 1112 NetBT - ok
      23:37:29.0374 1112 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
      23:37:29.0389 1112 Netlogon - ok
      23:37:29.0436 1112 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
      23:37:29.0531 1112 Netman - ok
      23:37:29.0562 1112 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
      23:37:29.0687 1112 netprofm - ok
      23:37:29.0733 1112 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
      23:37:29.0749 1112 NetTcpPortSharing - ok
      23:37:29.0780 1112 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
      23:37:29.0843 1112 nfrd960 - ok
      23:37:29.0889 1112 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
      23:37:29.0999 1112 NlaSvc - ok
      23:37:30.0030 1112 [ 985a3f046dfcd58e26d3a95283bb8f1d ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
      23:37:30.0123 1112 nmwcd - ok
      23:37:30.0155 1112 [ 5eb41a9656388dc21119ccc33f0ee22a ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
      23:37:30.0233 1112 nmwcdc - ok
      23:37:30.0279 1112 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      23:37:30.0357 1112 Npfs - ok
      23:37:30.0389 1112 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
      23:37:30.0498 1112 nsi - ok
      23:37:30.0513 1112 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      23:37:30.0591 1112 nsiproxy - ok
      23:37:30.0669 1112 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      23:37:30.0794 1112 Ntfs - ok
      23:37:30.0810 1112 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
      23:37:30.0888 1112 Null - ok
      23:37:30.0919 1112 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
      23:37:31.0013 1112 nvraid - ok
      23:37:31.0044 1112 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
      23:37:31.0106 1112 nvstor - ok
      23:37:31.0153 1112 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      23:37:31.0215 1112 nv_agp - ok
      23:37:31.0293 1112 [ a3e918d2a03a6e7f9c7748c3d89a2550 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
      23:37:31.0325 1112 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning
      23:37:31.0325 1112 Oasis2Service - detected UnsignedFile.Multi.Generic (1)
      23:37:31.0371 1112 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
      23:37:31.0449 1112 ohci1394 - ok
      23:37:31.0559 1112 [ 4965b005492cba7719e82b71e3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      23:37:31.0590 1112 ose64 - ok
      23:37:31.0793 1112 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      23:37:31.0871 1112 osppsvc - ok
      23:37:31.0917 1112 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      23:37:31.0980 1112 p2pimsvc - ok
      23:37:32.0011 1112 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
      23:37:32.0027 1112 p2psvc - ok
      23:37:32.0073 1112 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys
      23:37:32.0105 1112 Parport - ok
      23:37:32.0151 1112 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
      23:37:32.0214 1112 partmgr - ok
      23:37:32.0245 1112 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
      23:37:32.0307 1112 PcaSvc - ok
      23:37:32.0370 1112 [ bc0018c2d29f655188a0ed3fa94fdb24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
      23:37:32.0463 1112 pccsmcfd - ok
      23:37:32.0495 1112 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
      23:37:32.0510 1112 pci - ok
      23:37:32.0573 1112 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
      23:37:32.0619 1112 pciide - ok
      23:37:32.0651 1112 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
      23:37:32.0729 1112 pcmcia - ok
      23:37:32.0775 1112 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
      23:37:32.0838 1112 pcw - ok
      23:37:32.0853 1112 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      23:37:32.0963 1112 PEAUTH - ok
      23:37:33.0103 1112 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
      23:37:33.0165 1112 PerfHost - ok
      23:37:33.0259 1112 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
      23:37:33.0399 1112 pla - ok
      23:37:33.0462 1112 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      23:37:33.0571 1112 PlugPlay - ok
      23:37:33.0649 1112 [ 627fa58adc043704f9d14ca44340956f ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
      23:37:33.0711 1112 PMBDeviceInfoProvider - ok
      23:37:33.0727 1112 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      23:37:33.0774 1112 PNRPAutoReg - ok
      23:37:33.0805 1112 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      23:37:33.0852 1112 PNRPsvc - ok
      23:37:33.0899 1112 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      23:37:33.0977 1112 PolicyAgent - ok
      23:37:34.0008 1112 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
      23:37:34.0086 1112 Power - ok
      23:37:34.0117 1112 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      23:37:34.0242 1112 PptpMiniport - ok
      23:37:34.0273 1112 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys
      23:37:34.0335 1112 Processor - ok
      23:37:34.0367 1112 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
      23:37:34.0413 1112 ProfSvc - ok
      23:37:34.0429 1112 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
      23:37:34.0460 1112 ProtectedStorage - ok
      23:37:34.0507 1112 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      23:37:34.0632 1112 Psched - ok
      23:37:34.0663 1112 [ 4712cc14e720ecccc0aa16949d18aaf1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
      23:37:34.0741 1112 PxHlpa64 - ok
      23:37:34.0803 1112 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
      23:37:34.0897 1112 ql2300 - ok
      23:37:34.0944 1112 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
      23:37:34.0959 1112 ql40xx - ok
      23:37:35.0006 1112 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
      23:37:35.0037 1112 QWAVE - ok
      23:37:35.0069 1112 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      23:37:35.0178 1112 QWAVEdrv - ok
      23:37:35.0193 1112 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      23:37:35.0271 1112 RasAcd - ok
      23:37:35.0318 1112 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      23:37:35.0365 1112 RasAgileVpn - ok
      23:37:35.0396 1112 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
      23:37:35.0537 1112 RasAuto - ok
      23:37:35.0568 1112 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      23:37:35.0693 1112 Rasl2tp - ok
      23:37:35.0739 1112 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
      23:37:35.0833 1112 RasMan - ok
      23:37:35.0880 1112 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      23:37:35.0973 1112 RasPppoe - ok
      23:37:36.0005 1112 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      23:37:36.0098 1112 RasSstp - ok
      23:37:36.0145 1112 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      23:37:36.0207 1112 rdbss - ok
      23:37:36.0239 1112 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
      23:37:36.0317 1112 rdpbus - ok
      23:37:36.0332 1112 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      23:37:36.0426 1112 RDPCDD - ok
      23:37:36.0441 1112 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      23:37:36.0504 1112 RDPENCDD - ok
      23:37:36.0519 1112 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      23:37:36.0551 1112 RDPREFMP - ok
      23:37:36.0597 1112 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      23:37:36.0707 1112 RDPWD - ok
      23:37:36.0753 1112 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      23:37:36.0785 1112 rdyboost - ok
      23:37:36.0816 1112 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
      23:37:36.0894 1112 RemoteAccess - ok
      23:37:36.0925 1112 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      23:37:37.0019 1112 RemoteRegistry - ok
      23:37:37.0081 1112 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
      23:37:37.0143 1112 RFCOMM - ok
      23:37:37.0190 1112 [ 7b04c9843921ab1f695fb395422c5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
      23:37:37.0299 1112 RimUsb - ok
      23:37:37.0346 1112 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      23:37:37.0440 1112 RpcEptMapper - ok
      23:37:37.0455 1112 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
      23:37:37.0502 1112 RpcLocator - ok
      23:37:37.0627 1112 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
      23:37:37.0705 1112 RpcSs - ok
      23:37:37.0752 1112 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      23:37:37.0908 1112 rspndr - ok
      23:37:37.0970 1112 [ 5aab4808e8ccae8c2ecda5b791260616 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
      23:37:38.0064 1112 RSUSBSTOR - ok
      23:37:38.0111 1112 [ d6d381b76056c668679723938f06f16c ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
      23:37:38.0220 1112 RTHDMIAzAudService - ok
      23:37:38.0282 1112 [ 7ea8d2eb9bbfd2ab8a3117a1e96d3b3a ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
      23:37:38.0376 1112 RTL8167 - ok
      23:37:38.0407 1112 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
      23:37:38.0423 1112 SamSs - ok
      23:37:38.0454 1112 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      23:37:38.0485 1112 sbp2port - ok
      23:37:38.0532 1112 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
      23:37:38.0641 1112 SCardSvr - ok
      23:37:38.0672 1112 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      23:37:38.0719 1112 scfilter - ok
      23:37:38.0766 1112 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
      23:37:38.0875 1112 Schedule - ok
      23:37:38.0906 1112 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
      23:37:38.0953 1112 SCPolicySvc - ok
      23:37:38.0984 1112 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      23:37:39.0047 1112 SDRSVC - ok
      23:37:39.0093 1112 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      23:37:39.0234 1112 secdrv - ok
      23:37:39.0281 1112 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
      23:37:39.0343 1112 seclogon - ok
      23:37:39.0374 1112 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
      23:37:39.0468 1112 SENS - ok
      23:37:39.0483 1112 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
      23:37:39.0546 1112 SensrSvc - ok
      23:37:39.0593 1112 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys
      23:37:39.0671 1112 Serenum - ok
      23:37:39.0702 1112 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys
      23:37:39.0795 1112 Serial - ok
      23:37:39.0842 1112 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
      23:37:39.0889 1112 sermouse - ok
      23:37:39.0983 1112 [ 7d3903af48e6c1dc2704eafcb608d031 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
      23:37:40.0029 1112 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
      23:37:40.0029 1112 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
      23:37:40.0076 1112 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
      23:37:40.0139 1112 SessionEnv - ok
      23:37:40.0170 1112 [ 286d3889e6ab5589646ff8a63cb928ae ] SFEP C:\Windows\system32\drivers\SFEP.sys
      23:37:40.0248 1112 SFEP - ok
      23:37:40.0279 1112 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      23:37:40.0388 1112 sffdisk - ok
      23:37:40.0404 1112 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      23:37:40.0607 1112 sffp_mmc - ok
      23:37:40.0622 1112 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      23:37:40.0685 1112 sffp_sd - ok
      23:37:40.0731 1112 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
      23:37:40.0778 1112 sfloppy - ok
      23:37:40.0825 1112 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
      23:37:40.0872 1112 SharedAccess - ok
      23:37:40.0919 1112 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      23:37:40.0997 1112 ShellHWDetection - ok
      23:37:41.0028 1112 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
      23:37:41.0106 1112 SiSRaid2 - ok
      23:37:41.0137 1112 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
      23:37:41.0199 1112 SiSRaid4 - ok
      23:37:41.0246 1112 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      23:37:41.0324 1112 Smb - ok
      23:37:41.0371 1112 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      23:37:41.0433 1112 SNMPTRAP - ok
      23:37:41.0511 1112 [ c3e69db0a4e59564230e053232f39ac7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
      23:37:41.0543 1112 SOHCImp - ok
      23:37:41.0574 1112 [ c1cd71c672ea281a424fbcf24ac99553 ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
      23:37:41.0589 1112 SOHDms - ok
      23:37:41.0605 1112 [ f47d75cee1844eef4a9ea6ee768828fb ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
      23:37:41.0621 1112 SOHDs - ok
      23:37:41.0683 1112 [ e2e40c0d24456b6eb440be01af829829 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
      23:37:41.0714 1112 SpfService - ok
      23:37:41.0730 1112 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
      23:37:41.0777 1112 spldr - ok
      23:37:41.0808 1112 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe
      23:37:41.0870 1112 Spooler - ok
      23:37:41.0979 1112 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
      23:37:42.0151 1112 sppsvc - ok
      23:37:42.0198 1112 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      23:37:42.0307 1112 sppuinotify - ok
      23:37:42.0354 1112 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
      23:37:42.0463 1112 srv - ok
      23:37:42.0510 1112 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      23:37:42.0572 1112 srv2 - ok
      23:37:42.0603 1112 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      23:37:42.0650 1112 srvnet - ok
      23:37:42.0681 1112 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      23:37:42.0822 1112 SSDPSRV - ok
      23:37:42.0837 1112 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
      23:37:42.0884 1112 SstpSvc - ok
      23:37:42.0931 1112 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys
      23:37:42.0962 1112 stexstor - ok
      23:37:43.0009 1112 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
      23:37:43.0103 1112 stisvc - ok
      23:37:43.0134 1112 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
      23:37:43.0196 1112 swenum - ok
      23:37:43.0368 1112 [ f577910a133a592234ebaad3f3afa258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      23:37:43.0493 1112 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
      23:37:43.0493 1112 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
      23:37:43.0539 1112 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
      23:37:43.0633 1112 swprv - ok
      23:37:43.0711 1112 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
      23:37:43.0836 1112 SysMain - ok
      23:37:43.0867 1112 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
      23:37:43.0914 1112 TabletInputService - ok
      23:37:43.0929 1112 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
      23:37:44.0023 1112 TapiSrv - ok
      23:37:44.0054 1112 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
      23:37:44.0117 1112 TBS - ok
      23:37:44.0210 1112 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      23:37:44.0351 1112 Tcpip - ok
      23:37:44.0397 1112 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      23:37:44.0475 1112 TCPIP6 - ok
      23:37:44.0522 1112 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      23:37:44.0585 1112 tcpipreg - ok
      23:37:44.0616 1112 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      23:37:44.0709 1112 TDPIPE - ok
      23:37:44.0772 1112 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      23:37:44.0834 1112 TDTCP - ok
      23:37:44.0881 1112 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      23:37:44.0990 1112 tdx - ok
      23:37:45.0037 1112 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
      23:37:45.0099 1112 TermDD - ok
      23:37:45.0146 1112 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
      23:37:45.0224 1112 TermService - ok
      23:37:45.0255 1112 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
      23:37:45.0318 1112 Themes - ok
      23:37:45.0349 1112 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
      23:37:45.0396 1112 THREADORDER - ok
      23:37:45.0443 1112 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
      23:37:45.0567 1112 TrkWks - ok
      23:37:45.0723 1112 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      23:37:45.0817 1112 TrustedInstaller - ok
      23:37:45.0848 1112 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      23:37:45.0926 1112 tssecsrv - ok
      23:37:45.0989 1112 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
      23:37:46.0082 1112 TsUsbFlt - ok
      23:37:46.0129 1112 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      23:37:46.0223 1112 tunnel - ok
      23:37:46.0269 1112 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
      23:37:46.0332 1112 uagp35 - ok
      23:37:46.0394 1112 [ 63f6d08c54d5b3c1b12a6172032055c7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
      23:37:46.0472 1112 uCamMonitor - ok
      23:37:46.0503 1112 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      23:37:46.0581 1112 udfs - ok
      23:37:46.0628 1112 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      23:37:46.0659 1112 UI0Detect - ok
      23:37:46.0691 1112 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      23:37:46.0722 1112 uliagpkx - ok
      23:37:46.0769 1112 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys
      23:37:46.0847 1112 umbus - ok
      23:37:46.0862 1112 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys
      23:37:46.0909 1112 UmPass - ok
      23:37:46.0956 1112 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
      23:37:47.0065 1112 upnphost - ok
      23:37:47.0112 1112 [ afa3a0937b7044a8322d8bc91722c53b ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
      23:37:47.0190 1112 upperdev - ok
      23:37:47.0221 1112 [ aa33fc47ed58c34e6e9261e4f850b7eb ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
      23:37:47.0315 1112 USBAAPL64 - ok
      23:37:47.0346 1112 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      23:37:47.0439 1112 usbccgp - ok
      23:37:47.0486 1112 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      23:37:47.0549 1112 usbcir - ok
      23:37:47.0580 1112 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      23:37:47.0658 1112 usbehci - ok
      23:37:47.0720 1112 [ 2c780746dc44a28fe67004dc58173f05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
      23:37:47.0798 1112 usbfilter - ok
      23:37:47.0861 1112 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      23:37:47.0970 1112 usbhub - ok
      23:37:48.0001 1112 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
      23:37:48.0079 1112 usbohci - ok
      23:37:48.0095 1112 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      23:37:48.0141 1112 usbprint - ok
      23:37:48.0188 1112 [ 4acee387fa8fd39f83564fcd2fc234f2 ] usbser C:\Windows\system32\drivers\usbser.sys
      23:37:48.0235 1112 usbser - ok
      23:37:48.0251 1112 [ b826f3ff5a1975cc9096b4caadde77b6 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
      23:37:48.0297 1112 UsbserFilt - ok
      23:37:48.0344 1112 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      23:37:48.0469 1112 USBSTOR - ok
      23:37:48.0500 1112 [ 81fb2216d3a60d1284455d511797db3d ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
      23:37:48.0531 1112 usbuhci - ok
      23:37:48.0594 1112 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
      23:37:48.0656 1112 usbvideo - ok
      23:37:48.0687 1112 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
      23:37:48.0797 1112 UxSms - ok
      23:37:48.0875 1112 [ 4e7135d6d0127067e4cfee12259f895d ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
      23:37:48.0890 1112 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
      23:37:48.0890 1112 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
      23:37:48.0937 1112 [ cb5b94ee1775fa4cd6b133f1745003c6 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
      23:37:48.0968 1112 VAIO Event Service - ok
      23:37:49.0046 1112 [ 1cf1a4dd7a58c966c9014b83c7229cf3 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
      23:37:49.0093 1112 VAIO Power Management - ok
      23:37:49.0109 1112 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
      23:37:49.0124 1112 VaultSvc - ok
      23:37:49.0187 1112 [ 917fb366b6cf2834cdbf9256d18a8ff0 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
      23:37:49.0202 1112 VCFw - ok
      23:37:49.0280 1112 [ 10e212bfb7eab152a64c1aaec2f7f4e0 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
      23:37:49.0311 1112 VcmIAlzMgr - ok
      23:37:49.0358 1112 [ 7a88cfd3fe99f2c9b95a6e2a08b96e14 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
      23:37:49.0374 1112 VcmINSMgr - ok
      23:37:49.0389 1112 [ 8efaaccc7bfa1e9031efdfb01a1b0d69 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
      23:37:49.0405 1112 VcmXmlIfHelper - ok
      23:37:49.0467 1112 [ 3a4b01c2bdb07dfef29b0b369487503a ] VCSVADHWSer C:\Windows\system32\DRIVERS\vcsvad.sys
      23:37:49.0561 1112 VCSVADHWSer ( UnsignedFile.Multi.Generic ) - warning
      23:37:49.0561 1112 VCSVADHWSer - detected UnsignedFile.Multi.Generic (1)
      23:37:49.0592 1112 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
      23:37:49.0655 1112 vdrvroot - ok
      23:37:49.0701 1112 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
      23:37:49.0811 1112 vds - ok
      23:37:49.0857 1112 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      23:37:49.0904 1112 vga - ok
      23:37:49.0920 1112 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
      23:37:49.0982 1112 VgaSave - ok
      23:37:50.0013 1112 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
      23:37:50.0091 1112 vhdmp - ok
      23:37:50.0107 1112 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
      23:37:50.0169 1112 viaide - ok
      23:37:50.0185 1112 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      23:37:50.0232 1112 volmgr - ok
      23:37:50.0294 1112 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      23:37:50.0341 1112 volmgrx - ok
      23:37:50.0357 1112 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      23:37:50.0450 1112 volsnap - ok
      23:37:50.0481 1112 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
      23:37:50.0528 1112 vsmraid - ok
      23:37:50.0591 1112 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
      23:37:50.0747 1112 VSS - ok
      23:37:50.0825 1112 [ e55a44d8f9f713d5f5d5bbaef2ba0a34 ] VUAgent C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
      23:37:50.0918 1112 VUAgent - ok
      23:37:50.0949 1112 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
      23:37:51.0012 1112 vwifibus - ok
      23:37:51.0043 1112 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
      23:37:51.0105 1112 vwififlt - ok
      23:37:51.0121 1112 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
      23:37:51.0199 1112 vwifimp - ok
      23:37:51.0230 1112 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
      23:37:51.0339 1112 W32Time - ok
      23:37:51.0386 1112 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys
      23:37:51.0433 1112 WacomPen - ok
      23:37:51.0495 1112 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      23:37:51.0605 1112 WANARP - ok
      23:37:51.0605 1112 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      23:37:51.0651 1112 Wanarpv6 - ok
      23:37:51.0726 1112 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
      23:37:51.0807 1112 WatAdminSvc - ok
      23:37:51.0880 1112 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
      23:37:52.0009 1112 wbengine - ok
      23:37:52.0043 1112 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      23:37:52.0089 1112 WbioSrvc - ok
      23:37:52.0127 1112 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
      23:37:52.0189 1112 wcncsvc - ok
      23:37:52.0212 1112 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      23:37:52.0252 1112 WcsPlugInService - ok
      23:37:52.0265 1112 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys
      23:37:52.0281 1112 Wd - ok
      23:37:52.0322 1112 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      23:37:52.0360 1112 Wdf01000 - ok
      23:37:52.0377 1112 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
      23:37:52.0501 1112 WdiServiceHost - ok
      23:37:52.0509 1112 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
      23:37:52.0540 1112 WdiSystemHost - ok
      23:37:52.0585 1112 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
      23:37:52.0692 1112 WebClient - ok
      23:37:52.0735 1112 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
      23:37:52.0847 1112 Wecsvc - ok
      23:37:52.0878 1112 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      23:37:52.0940 1112 wercplsupport - ok
      23:37:52.0972 1112 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
      23:37:53.0034 1112 WerSvc - ok
      23:37:53.0065 1112 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      23:37:53.0128 1112 WfpLwf - ok
      23:37:53.0159 1112 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      23:37:53.0206 1112 WIMMount - ok
      23:37:53.0237 1112 WinDefend - ok
      23:37:53.0237 1112 WinHttpAutoProxySvc - ok
      23:37:53.0299 1112 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      23:37:53.0408 1112 Winmgmt - ok
      23:37:53.0471 1112 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
      23:37:53.0596 1112 WinRM - ok
      23:37:53.0658 1112 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
      23:37:53.0705 1112 WinUsb - ok
      23:37:53.0830 1112 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
      23:37:53.0939 1112 Wlansvc - ok
      23:37:54.0079 1112 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      23:37:54.0126 1112 wlidsvc - ok
      23:37:54.0173 1112 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      23:37:54.0235 1112 WmiAcpi - ok
      23:37:54.0282 1112 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      23:37:54.0344 1112 wmiApSrv - ok
      23:37:54.0376 1112 WMPNetworkSvc - ok
      23:37:54.0407 1112 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
      23:37:54.0469 1112 WPCSvc - ok
      23:37:54.0500 1112 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      23:37:54.0578 1112 WPDBusEnum - ok
      23:37:54.0610 1112 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      23:37:54.0719 1112 ws2ifsl - ok
      23:37:54.0750 1112 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll
      23:37:54.0804 1112 wscsvc - ok
      23:37:54.0810 1112 WSearch - ok
      23:37:54.0928 1112 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
      23:37:55.0032 1112 wuauserv - ok
      23:37:55.0075 1112 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      23:37:55.0145 1112 WudfPf - ok
      23:37:55.0177 1112 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      23:37:55.0268 1112 WUDFRd - ok
      23:37:55.0301 1112 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      23:37:55.0356 1112 wudfsvc - ok
      23:37:55.0393 1112 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
      23:37:55.0465 1112 WwanSvc - ok
      23:37:55.0486 1112 ================ Scan global ===============================
      23:37:55.0517 1112 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
      23:37:55.0561 1112 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
      23:37:55.0583 1112 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
      23:37:55.0615 1112 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
      23:37:55.0667 1112 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
      23:37:55.0680 1112 [Global] - ok
      23:37:55.0680 1112 ================ Scan MBR ==================================
      23:37:55.0699 1112 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
      23:37:56.0222 1112 \Device\Harddisk0\DR0 - ok
      23:37:56.0223 1112 ================ Scan VBR ==================================
      23:37:56.0230 1112 Boot (0x1200) (f434b02d84ad9d4f040746977c1b0e54) \Device\Harddisk0\DR0\Partition1
      23:37:56.0235 1112 \Device\Harddisk0\DR0\Partition1 - ok
      23:37:56.0262 1112 Boot (0x1200) (ca67a7d824f51773809ff8549f85bfda) \Device\Harddisk0\DR0\Partition2
      23:37:56.0264 1112 \Device\Harddisk0\DR0\Partition2 - ok
      23:37:56.0265 1112 ============================================================
      23:37:56.0265 1112 Scan finished
      23:37:56.0265 1112 ============================================================
      23:37:56.0293 1596 Detected object count: 6
      23:37:56.0293 1596 Actual detected object count: 6
      23:38:29.0486 1596 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
      23:38:29.0486 1596 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
      23:38:29.0486 1596 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user
      23:38:29.0486 1596 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      23:38:29.0486 1596 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
      23:38:29.0486 1596 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
      23:38:29.0502 1596 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
      23:38:29.0502 1596 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
      23:38:29.0502 1596 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
      23:38:29.0502 1596 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      23:38:29.0502 1596 VCSVADHWSer ( UnsignedFile.Multi.Generic ) - skipped by user
      23:38:29.0502 1596 VCSVADHWSer ( UnsignedFile.Multi.Generic ) - User select action: Skip
      23:40:06.0736 1004 Deinitialize success
      Tuve dificultades para ejecutar combofix, ya que a la mitad del proceso se congelaba la PC, trate de usarlo en modo seguro y si funciono, pero al reiniciar se volvio a congelar y note que no habia creado ningún reporte, solo una carpeta en C:\ con muchos archivos dentro.

    4. #4
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: ESET me detecta virus imposible de eliminar

      Hola:


      Prueba lo siguiente:


      Herramientas necesarias.

      • Un ordenador limpio con conexión a Internet.
      • Un USB.


      Desde el ordenador limpio:.

      • Descargue FRST64.exe a su escritorio.
      • Copie Frst64.exe a su unidad USB.



      Desde el equipo Infectado:

      Ingresa en las opciones de reparación del sistema.

      Para acceder a las Opciones de Recuperación del Sistema de las opciones de inicio avanzadas:

      • Reinicie el equipo.
      • Tan pronto como se carga el BIOS comienze a apretar la tecla F8 hasta que aparezcan las opciones avanzadas de arranque.
      • Selecciona Reparar el Equipo y presione enter.
      • Espere a que cargue, seleccione el idioma y configuración de teclado, clic en siguiente.
      • Seleccione el sistema operativo que desee reparar y haga clic en siguiente.
      • Seleccione su cuenta de usuario haga clic en siguiente.



      En el menú de Opciones de Recuperación del Sistema vera las siguientes opciones


      • Reparación de inicio.
      • Restaurar sistema.
      • Restauración de imagen del sistema.
      • Diagnóstico de memoria de Windows.
      • Símbolo del sistema.



      • Seleccione el Símbolo del Sistema.
      • Conecta el Usb.
      • En la ventana de Comandos, escriba notepad.exe.
      • En la parte superior vaya a Archivo>>> Abrir.
      • Seleccione "Equipo" para encontrar la letra de su Unidad USB, cierre el Bloc de Notas.



      • Una vez dentro de la Ventana de Comandos escribe tal cual x:frst64.exe donde x debe ser reemplazada por la letra de Su unidad Usb.
      • Presionas Enter.


      Deberá ver algo similar a lo que muestra la imagen:


      • La herramienta comenzará a correr.
      • Cuando la herramienta se abra le mostrara la ventana Disclaimer, haga clic en Sí.


      Luego abrirá la ventana del programa:



      • Pulse el botón Scan.

      Al finalizar el escaneo se creara un reporte Frst.txt en el USB. Conecte de nuevo el USB en el ordenador limpio, abra el archivo (Frst.txt) copie y pegue su contenido en su próxima respuesta.

      Cualquier duda nos consultas.

      Para tu seguridad imprime los pasos.

      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de alexrayas094
      Registrado
      oct 2010
      Ubicación
      México
      Mensajes
      11

      Re: ESET me detecta virus imposible de eliminar

      Saludos!
      Ya pude ejecutar el ComboFix y este es el log:


      ComboFix 12-08-17.01 - Pako 17/08/2012 2:58.2.2 - x64 NETWORK
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.2811.1740 [GMT -5:00]
      Running from: c:\users\Pako\Desktop\ComboFix.exe
      AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
      FW: Cortafuegos personal de ESET *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
      SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      ADS - Windows: deleted 0 bytes in 1 streams.
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      ---- Previous Run -------
      .
      C:\LOG1751.tmp
      C:\LOG4159.tmp
      .
      -- Previous Run --
      .
      Infected copy of c:\windows\SysWow64\ws2_32.dll was found and disinfected
      Restored copy from - c:\windows\SysWow64\dfgh.old
      .
      --------
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-07-17 to 2012-08-17 )))))))))))))))))))))))))))))))
      .
      .
      2012-08-17 08:07 . 2012-08-17 08:07 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-08-17 08:07 . 2012-08-17 08:07 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
      2012-08-17 08:07 . 2012-08-17 08:07 -------- d-----w- c:\users\Alex\AppData\Local\temp
      2012-08-16 04:51 . 2012-08-16 04:51 -------- d-----w- c:\users\Pako\AppData\Roaming\Malwarebytes
      2012-08-16 04:50 . 2012-08-16 04:50 -------- d-----w- c:\programdata\Malwarebytes
      2012-08-16 04:50 . 2012-08-16 04:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-08-16 04:50 . 2012-07-03 18:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-07-30 20:32 . 2012-07-30 20:45 -------- d-----w- c:\users\Pako\AppData\Roaming\Charles
      2012-07-30 20:24 . 2012-07-30 20:25 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
      2012-07-30 20:12 . 2012-07-30 20:13 -------- d-----w- c:\program files (x86)\Charles
      2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-15 05:40 . 2012-07-16 08:26 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-08-15 05:40 . 2011-05-17 03:33 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-06-12 03:08 . 2012-07-13 02:59 3148800 ----a-w- c:\windows\system32\win32k.sys
      2012-06-09 05:43 . 2012-07-12 04:04 14172672 ----a-w- c:\windows\system32\shell32.dll
      2012-06-06 06:06 . 2012-07-12 04:04 2004480 ----a-w- c:\windows\system32\msxml6.dll
      2012-06-06 06:06 . 2012-07-12 04:04 1881600 ----a-w- c:\windows\system32\msxml3.dll
      2012-06-06 06:02 . 2012-07-12 04:03 1133568 ----a-w- c:\windows\system32\cdosys.dll
      2012-06-06 05:05 . 2012-07-12 04:04 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
      2012-06-06 05:05 . 2012-07-12 04:04 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
      2012-06-06 05:03 . 2012-07-12 04:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
      2012-06-04 17:15 . 2012-02-29 05:16 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
      2012-06-02 22:19 . 2012-06-22 15:15 38424 ----a-w- c:\windows\system32\wups.dll
      2012-06-02 22:19 . 2012-06-22 15:15 2428952 ----a-w- c:\windows\system32\wuaueng.dll
      2012-06-02 22:19 . 2012-06-22 15:15 57880 ----a-w- c:\windows\system32\wuauclt.exe
      2012-06-02 22:19 . 2012-06-22 15:15 44056 ----a-w- c:\windows\system32\wups2.dll
      2012-06-02 22:19 . 2012-06-22 15:15 701976 ----a-w- c:\windows\system32\wuapi.dll
      2012-06-02 22:15 . 2012-06-22 15:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
      2012-06-02 22:15 . 2012-06-22 15:15 99840 ----a-w- c:\windows\system32\wudriver.dll
      2012-06-02 20:19 . 2012-06-22 15:14 186752 ----a-w- c:\windows\system32\wuwebv.dll
      2012-06-02 20:15 . 2012-06-22 15:14 36864 ----a-w- c:\windows\system32\wuapp.exe
      2012-06-02 05:50 . 2012-07-12 04:03 458704 ----a-w- c:\windows\system32\drivers\cng.sys
      2012-06-02 05:48 . 2012-07-12 04:03 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
      2012-06-02 05:48 . 2012-07-12 04:03 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
      2012-06-02 05:45 . 2012-07-12 04:03 340992 ----a-w- c:\windows\system32\schannel.dll
      2012-06-02 05:44 . 2012-07-12 04:03 307200 ----a-w- c:\windows\system32\ncrypt.dll
      2012-06-02 04:40 . 2012-07-12 04:03 22016 ----a-w- c:\windows\SysWow64\secur32.dll
      2012-06-02 04:40 . 2012-07-12 04:03 225280 ----a-w- c:\windows\SysWow64\schannel.dll
      2012-06-02 04:39 . 2012-07-12 04:03 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
      2012-06-02 04:34 . 2012-07-12 04:03 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "rkfree"="c:\program files (x86)\RKFree\rkfree.exe" [2012-07-06 70656]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-07-15 89080]
      "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-01-22 597792]
      "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792]
      "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-06-04 296056]
      "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableLUA"= 0 (0x0)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "mixer2"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
      R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
      R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-07-07 202752]
      R2 ASTSRV;Nalpeiron Licensing Service;c:\windows\system32\ASTSRV.EXE [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
      R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 44944]
      R2 gupdate;Google Update Servicio (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
      R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
      R2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2011-03-14 47616]
      R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
      R2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-05-25 252416]
      R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
      R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-03-18 852336]
      R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-20 529776]
      R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-20 386416]
      R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
      R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-07-07 6402560]
      R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-07-07 188928]
      R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 19968]
      R3 gupdatem;Google Update Servicio (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
      R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
      R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
      R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
      R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-02-24 108400]
      R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-02-24 422768]
      R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-02-24 67952]
      R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-02-08 302448]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
      R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-03-25 574320]
      R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-20 115568]
      R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-10 21504]
      R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-06-01 1250160]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-22 1255736]
      S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2010-07-01 73856]
      S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2010-07-01 28800]
      S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-08 254528]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-22 242720]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-04-07 346144]
      S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-03-09 12032]
      S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
      S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - PXHLPA64
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 05:40]
      .
      2012-08-17 c:\windows\Tasks\AutoKMS.job
      - c:\windows\AutoKMS.exe [2011-02-28 07:29]
      .
      2012-08-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005Core.job
      - c:\users\Pako\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 03:42]
      .
      2012-08-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005UA.job
      - c:\users\Pako\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 03:42]
      .
      2012-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-29 02:47]
      .
      2012-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-29 02:47]
      .
      2012-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005Core.job
      - c:\users\Pako\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-30 05:34]
      .
      2012-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005UA.job
      - c:\users\Pako\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-30 05:34]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-07 10134560]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
      "mylbx"="c:\program files\My Lockbox\mylbx.exe" [2012-07-25 2211688]
      "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2716216]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "LoadAppInit_DLLs"=0x0
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
      mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
      IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
      IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
      TCP: DhcpNameServer = 192.168.1.254
      .
      - - - - ORPHANS REMOVED - - - -
      .
      HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
      "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=2000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\S-1-5-21-1692231011-497412647-1251571358-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="WindowsLiveMail.Email.1"
      .
      [HKEY_USERS\S-1-5-21-1692231011-497412647-1251571358-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="WindowsLiveMail.VCard.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
      @Denied: (A) (Everyone)
      "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
      @Denied: (A) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
      "Key"="ActionsPane3"
      "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-08-17 03:12:59
      ComboFix-quarantined-files.txt 2012-08-17 08:12
      .
      Pre-Run: 189,155,856,384 bytes libres
      Post-Run: 188,688,445,440 bytes libres
      .
      - - End Of File - - B30A5359FE34C353860666BAE56E0FE5


      Se puede saber algo con esto? Es muy grave lo que tiene mi PC?
      Lo más pronto que pueda hago lo otro que me dijiste. Pronto te tendré noticias:) Gracias por la ayuda
      Salu2!

    6. #6
      Usuario Avatar de alexrayas094
      Registrado
      oct 2010
      Ubicación
      México
      Mensajes
      11

      Re: ESET me detecta virus imposible de eliminar

      Aqui esta el reporte del FRST:

      Scan result of Farbar Recovery Scan Tool Version: 19-08-2012
      Ran by SYSTEM at 20-08-2012 01:23:44
      Running from I:\
      Windows 7 Home Premium (X64) OS Language: English(US)
      The current controlset is ControlSet001

      ========================== Registry (Whitelisted) =============

      HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10134560 2010-04-06] (Realtek Semiconductor)
      HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [221480 2010-05-16] (Alps Electric Co., Ltd.)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
      HKLM\...\Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe /a [2211688 2012-07-24] (FSPro Labs)
      HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [2716216 2009-11-16] (ESET)
      HKLM-x32\...\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup [89080 2010-07-15] (Sony Electronics Corporation)
      HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2010-01-21] (Sony Corporation)
      HKLM-x32\...\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
      HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [402432 2010-07-22] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [801792 2012-02-27] (Yuna Software)
      HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot [296056 2012-06-04] (RealNetworks, Inc.)
      HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation)
      HKU\Alex\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
      HKU\boinc_master\...\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe [1475584 2010-11-20] (Microsoft Corporation)
      HKU\Default\...\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe [1475584 2010-11-20] (Microsoft Corporation)
      HKU\Default User\...\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe [1475584 2010-11-20] (Microsoft Corporation)
      HKU\Pako\...\Run: [rkfree] "C:\Program Files (x86)\RKFree\rkfree.exe" /b [70656 2012-07-06] (Logixoft)
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

      ==================== Services (Whitelisted) ======

      2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
      2 ASTSRV; C:\Windows\SysWow64\ASTSRV.EXE [57344 2008-05-19] (Nalpeiron Ltd.)
      3 EhttpSrv; "C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe" [23296 2009-11-16] (ESET)
      2 ekrn; "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" [735960 2009-11-16] (ESET)
      2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation)
      2 Oasis2Service; "C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" [47616 2011-03-14] ()
      2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" [252416 2010-05-25] (Sony Corporation)
      3 SpfService; "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe" [302448 2010-02-08] (Sony Corporation)
      2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
      3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2010-04-08] (Sony Corporation)
      3 VUAgent; "C:\Program Files\Sony\VAIO Update 5\VUAgent.exe" [1250160 2010-05-31] (Sony Corporation)

      ========================== Drivers (Whitelisted) =============

      3 ArcSoftKsUFilter; C:\Windows\System32\Drivers\ArcSoftKsUFilter.sys [19968 2008-04-24] (ArcSoft, Inc.)
      1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [254528 2011-07-07] (DT Soft Ltd)
      2 eamon; C:\Windows\System32\Drivers\eamon.sys [145336 2009-11-16] (ESET)
      1 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [136584 2009-11-16] (ESET)
      2 epfw; C:\Windows\System32\Drivers\epfw.sys [169080 2009-11-16] (ESET)
      3 Epfwndis; C:\Windows\System32\Drivers\Epfwndis.sys [33608 2009-06-19] (ESET)
      2 epfwwfp; C:\Windows\System32\Drivers\epfwwfp.sys [44944 2009-11-16] (ESET)
      0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs)
      3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation)
      3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-10] (Avnex)
      3 catchme; \??\C:\ComboFix\catchme.sys [x]
      2 IAStorDataMgrSvc; [x]
      2 MSSQL$DDNI; [x]

      ========================== NetSvcs (Whitelisted) ===========


      ============ One Month Created Files and Folders ==============

      2012-08-20 01:23 - 2012-08-20 01:23 - 00000000 ____D C:\FRST
      2012-08-19 22:13 - 2012-08-19 22:13 - 01443955 ____A (Farbar) C:\Users\Pako\Downloads\FRST64.exe
      2012-08-17 03:10 - 2012-08-17 03:10 - 343383441 ____A C:\Windows\MEMORY.DMP
      2012-08-17 03:10 - 2012-08-17 03:10 - 00450192 ____A C:\Windows\Minidump\081712-27783-01.dmp
      2012-08-17 03:10 - 2012-08-17 03:10 - 00000000 ____D C:\Windows\Minidump
      2012-08-17 00:13 - 2012-08-17 00:13 - 00020602 ____A C:\ComboFix.txt
      2012-08-16 22:02 - 2012-08-17 00:13 - 00000000 ____D C:\Qoobox
      2012-08-16 22:02 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
      2012-08-16 22:02 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
      2012-08-16 22:02 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
      2012-08-16 22:02 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
      2012-08-16 22:02 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
      2012-08-16 22:02 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
      2012-08-16 22:02 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
      2012-08-16 22:02 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
      2012-08-16 21:24 - 2012-08-17 00:10 - 00000000 ____D C:\Windows\erdnt
      2012-08-16 20:53 - 2012-08-16 21:24 - 04732214 ____R (Swearware) C:\Users\Pako\Desktop\ComboFix.exe
      2012-08-16 20:36 - 2012-08-16 20:36 - 00000000 ____D C:\Users\Pako\Desktop\tdsskiller
      2012-08-15 20:51 - 2012-08-15 20:51 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Malwarebytes
      2012-08-15 20:50 - 2012-08-15 20:50 - 00001069 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      2012-08-15 20:50 - 2012-08-15 20:50 - 00000000 ____D C:\Users\All Users\Malwarebytes
      2012-08-15 20:50 - 2012-08-15 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2012-08-15 20:50 - 2012-07-03 10:46 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
      2012-08-01 21:12 - 2012-08-19 20:46 - 00005799 ____A C:\Windows\AutoKMS.log
      2012-08-01 21:12 - 2012-08-01 21:12 - 00338248 ____A C:\Users\Pako\AppData\Local\GDIPFONTCACHEV1.DAT
      2012-08-01 21:11 - 2012-08-17 03:09 - 00004136 ____A C:\Windows\PFRO.log
      2012-08-01 21:11 - 2012-08-01 21:12 - 05418104 ____A C:\Windows\System32\FNTCACHE.DAT
      2012-08-01 17:06 - 2012-08-19 20:46 - 00001008 ____A C:\Windows\setupact.log
      2012-08-01 17:06 - 2012-08-01 17:06 - 00000000 ____A C:\Windows\setuperr.log
      2012-07-30 13:47 - 2012-07-30 13:47 - 00020106 ____A C:\Users\Pako\Downloads\Costo CP.xlsx
      2012-07-30 13:47 - 2012-07-30 13:47 - 00012475 ____A C:\Users\Pako\Downloads\Costo Héroe.xlsx
      2012-07-30 12:32 - 2012-07-30 12:45 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Charles
      2012-07-30 12:24 - 2012-07-30 12:25 - 00773968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
      2012-07-30 12:12 - 2012-07-30 12:13 - 00000000 ____D C:\Program Files (x86)\Charles
      2012-07-29 23:16 - 2012-07-30 14:40 - 00026087 ____A C:\Users\Pako\Downloads\ID e Items Ruleta Marvel Avengers Alliance.xlsx
      2012-07-25 14:32 - 2012-07-25 14:32 - 00000000 ____D C:\Users\Pako\Documents\My Cheat Tables

      ============ 3 Months Modified Files ========================

      2012-08-19 22:15 - 2010-12-30 00:15 - 00703824 ____A C:\Windows\System32\perfh00A.dat
      2012-08-19 22:15 - 2010-12-30 00:15 - 00137822 ____A C:\Windows\System32\perfc00A.dat
      2012-08-19 22:15 - 2009-07-13 21:13 - 01555882 ____A C:\Windows\System32\PerfStringBackup.INI
      2012-08-19 22:13 - 2012-08-19 22:13 - 01443955 ____A (Farbar) C:\Users\Pako\Downloads\FRST64.exe
      2012-08-19 20:54 - 2009-07-13 20:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2012-08-19 20:54 - 2009-07-13 20:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2012-08-19 20:46 - 2012-08-01 21:12 - 00005799 ____A C:\Windows\AutoKMS.log
      2012-08-19 20:46 - 2012-08-01 17:06 - 00001008 ____A C:\Windows\setupact.log
      2012-08-19 20:46 - 2011-08-28 18:47 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
      2012-08-19 20:46 - 2011-02-27 23:29 - 00000198 ____A C:\Windows\Tasks\AutoKMS.job
      2012-08-19 20:46 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
      2012-08-19 20:43 - 2010-09-23 18:11 - 01093816 ____A C:\Windows\WindowsUpdate.log
      2012-08-19 20:42 - 2012-07-16 00:26 - 00000838 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
      2012-08-19 20:42 - 2012-07-11 19:42 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005UA.job
      2012-08-19 20:42 - 2012-07-11 19:42 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005Core.job
      2012-08-19 20:42 - 2011-08-28 18:47 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
      2012-08-19 20:42 - 2010-12-30 00:24 - 00001042 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005UA.job
      2012-08-19 20:42 - 2010-12-30 00:24 - 00000990 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005Core.job
      2012-08-17 03:10 - 2012-08-17 03:10 - 343383441 ____A C:\Windows\MEMORY.DMP
      2012-08-17 03:10 - 2012-08-17 03:10 - 00450192 ____A C:\Windows\Minidump\081712-27783-01.dmp
      2012-08-17 03:09 - 2012-08-01 21:11 - 00004136 ____A C:\Windows\PFRO.log
      2012-08-17 00:13 - 2012-08-17 00:13 - 00020602 ____A C:\ComboFix.txt
      2012-08-17 00:07 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini
      2012-08-16 21:24 - 2012-08-16 20:53 - 04732214 ____R (Swearware) C:\Users\Pako\Desktop\ComboFix.exe
      2012-08-15 20:50 - 2012-08-15 20:50 - 00001069 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      2012-08-14 21:40 - 2012-07-16 00:26 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2012-08-14 21:40 - 2011-05-16 19:33 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2012-08-14 20:27 - 2010-12-30 00:29 - 00002445 ____A C:\Users\Pako\Desktop\Google Chrome.lnk
      2012-08-01 21:12 - 2012-08-01 21:12 - 00338248 ____A C:\Users\Pako\AppData\Local\GDIPFONTCACHEV1.DAT
      2012-08-01 21:12 - 2012-08-01 21:11 - 05418104 ____A C:\Windows\System32\FNTCACHE.DAT
      2012-08-01 17:06 - 2012-08-01 17:06 - 00000000 ____A C:\Windows\setuperr.log
      2012-08-01 14:37 - 2011-01-01 01:15 - 00001724 ____A C:\Users\Public\Desktop\Defraggler.lnk
      2012-08-01 14:28 - 2011-01-01 01:14 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
      2012-07-30 14:40 - 2012-07-29 23:16 - 00026087 ____A C:\Users\Pako\Downloads\ID e Items Ruleta Marvel Avengers Alliance.xlsx
      2012-07-30 13:47 - 2012-07-30 13:47 - 00020106 ____A C:\Users\Pako\Downloads\Costo CP.xlsx
      2012-07-30 13:47 - 2012-07-30 13:47 - 00012475 ____A C:\Users\Pako\Downloads\Costo Héroe.xlsx
      2012-07-30 12:25 - 2012-07-30 12:24 - 00773968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
      2012-07-03 10:46 - 2012-08-15 20:50 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
      2012-06-27 21:57 - 2012-06-27 21:57 - 00227824 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
      2012-06-27 21:57 - 2012-06-27 21:57 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
      2012-06-27 21:57 - 2012-06-27 21:57 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
      2012-06-21 18:25 - 2009-07-13 21:08 - 00032524 ____A C:\Windows\Tasks\SCHEDLGU.TXT
      2012-06-11 19:08 - 2012-07-12 18:59 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
      2012-06-11 13:56 - 2012-06-11 13:56 - 00000931 ____A C:\Users\Public\Desktop\Zello.lnk
      2012-06-08 21:43 - 2012-07-11 20:04 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
      2012-06-08 20:41 - 2012-07-11 20:04 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2012-06-05 22:06 - 2012-07-11 20:04 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
      2012-06-05 22:06 - 2012-07-11 20:04 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
      2012-06-05 22:02 - 2012-07-11 20:03 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
      2012-06-05 21:05 - 2012-07-11 20:04 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2012-06-05 21:05 - 2012-07-11 20:04 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
      2012-06-05 21:03 - 2012-07-11 20:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
      2012-06-04 09:17 - 2012-06-04 09:17 - 00001072 ____A C:\Users\Public\Desktop\RealPlayer.lnk
      2012-06-04 09:16 - 2012-02-28 21:17 - 00198832 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
      2012-06-04 09:15 - 2012-02-28 21:16 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
      2012-06-04 09:15 - 2012-02-28 21:16 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
      2012-06-04 09:15 - 2012-02-28 21:16 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
      2012-06-04 09:15 - 2012-02-28 21:16 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
      2012-06-02 14:19 - 2012-06-22 07:15 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
      2012-06-02 14:19 - 2012-06-22 07:15 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
      2012-06-02 14:19 - 2012-06-22 07:15 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
      2012-06-02 14:19 - 2012-06-22 07:15 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
      2012-06-02 14:19 - 2012-06-22 07:15 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
      2012-06-02 14:15 - 2012-06-22 07:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
      2012-06-02 14:15 - 2012-06-22 07:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
      2012-06-02 12:19 - 2012-06-22 07:14 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
      2012-06-02 12:15 - 2012-06-22 07:14 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
      2012-06-01 21:50 - 2012-07-11 20:03 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
      2012-06-01 21:48 - 2012-07-11 20:03 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
      2012-06-01 21:48 - 2012-07-11 20:03 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
      2012-06-01 21:45 - 2012-07-11 20:03 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
      2012-06-01 21:44 - 2012-07-11 20:03 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
      2012-06-01 20:40 - 2012-07-11 20:03 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2012-06-01 20:40 - 2012-07-11 20:03 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2012-06-01 20:39 - 2012-07-11 20:03 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2012-06-01 20:34 - 2012-07-11 20:03 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll


      ========================= Known DLLs (Whitelisted) ============


      ========================= Bamital & volsnap Check ============

      C:\Windows\System32\winlogon.exe => MD5 is legit
      C:\Windows\System32\wininit.exe => MD5 is legit
      C:\Windows\SysWOW64\wininit.exe => MD5 is legit
      C:\Windows\explorer.exe => MD5 is legit
      C:\Windows\SysWOW64\explorer.exe => MD5 is legit
      C:\Windows\System32\svchost.exe => MD5 is legit
      C:\Windows\SysWOW64\svchost.exe => MD5 is legit
      C:\Windows\System32\services.exe => MD5 is legit
      C:\Windows\System32\User32.dll => MD5 is legit
      C:\Windows\SysWOW64\User32.dll => MD5 is legit
      C:\Windows\System32\userinit.exe => MD5 is legit
      C:\Windows\SysWOW64\userinit.exe => MD5 is legit
      C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

      ==================== EXE ASSOCIATION =====================

      HKLM\...\.exe: exefile => OK
      HKLM\...\exefile\DefaultIcon: %1 => OK
      HKLM\...\exefile\open\command: "%1" %* => OK

      ========================= Memory info ======================

      Percentage of memory in use: 19%
      Total physical RAM: 2810.9 MB
      Available physical RAM: 2261.55 MB
      Total Pagefile: 2809.05 MB
      Available Pagefile: 2258.4 MB
      Total Virtual: 8192 MB
      Available Virtual: 8191.9 MB

      ======================= Partitions =========================

      1 Drive c: () (Fixed) (Total:288.59 GB) (Free:177.02 GB) NTFS
      2 Drive e: (Recovery) (Fixed) (Total:9.4 GB) (Free:0.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
      6 Drive i: () (Removable) (Total:1.86 GB) (Free:1.28 GB) FAT32
      7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
      8 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

      Disk ### Status Size Free Dyn Gpt
      -------- ------------- ------- ------- --- ---
      Disk 0 Online 298 GB 1024 KB
      Disk 1 No Media 0 B 0 B
      Disk 2 No Media 0 B 0 B
      Disk 3 Online 1912 MB 0 B

      Partitions of Disk 0:
      ===============

      Partition ### Type Size Offset
      ------------- ---------------- ------- -------
      Partition 1 Recovery 9 GB 1024 KB
      Partition 2 Primary 100 MB 9 GB
      Partition 3 Primary 288 GB 9 GB

      ==================================================================================

      Disk: 0
      Partition 1
      Type : 27
      Hidden: Yes
      Active: No

      Volume ### Ltr Label Fs Type Size Status Info
      ---------- --- ----------- ----- ---------- ------- --------- --------
      * Volume 3 E Recovery NTFS Partition 9 GB Healthy Hidden

      ==================================================================================

      Disk: 0
      Partition 2
      Type : 07
      Hidden: No
      Active: Yes

      Volume ### Ltr Label Fs Type Size Status Info
      ---------- --- ----------- ----- ---------- ------- --------- --------
      * Volume 1 Y System Rese NTFS Partition 100 MB Healthy

      ==================================================================================

      Disk: 0
      Partition 3
      Type : 07
      Hidden: No
      Active: No

      Volume ### Ltr Label Fs Type Size Status Info
      ---------- --- ----------- ----- ---------- ------- --------- --------
      * Volume 2 C NTFS Partition 288 GB Healthy

      ==================================================================================

      Partitions of Disk 3:
      ===============

      Partition ### Type Size Offset
      ------------- ---------------- ------- -------
      Partition 1 Primary 1911 MB 31 KB

      ==================================================================================

      Disk: 3
      Partition 1
      Type : 0C
      Hidden: No
      Active: Yes

      Volume ### Ltr Label Fs Type Size Status Info
      ---------- --- ----------- ----- ---------- ------- --------- --------
      * Volume 6 I FAT32 Removable 1911 MB Healthy

      ==================================================================================

      Last Boot: 2012-07-30 21:22

      ======================= End Of Log ==========================


      Salu2!

    7. #7
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: ESET me detecta virus imposible de eliminar

      Hola:


      Realiza lo siguiente:



      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR

      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      ClearJavaCache:: 
      
      Folder::
      c:\program files (x86)\RKFree
      c:\users\Pako\AppData\Local\Facebook\Update
      
      Registry::
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "rkfree"=-
      
      AtJob:
      c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005Core.job
      c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1692231011-497412647-1251571358-1005UA.job
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de alexrayas094
      Registrado
      oct 2010
      Ubicación
      México
      Mensajes
      11

      Re: ESET me detecta virus imposible de eliminar

      Hubo un problema a la ahora del reporte y esto es lo que salio:


      ComboFix 12-09-04.02 - Pako 04/09/2012 20:05:16.3.2 - x64 NETWORK
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.2811.1748 [GMT -5:00]
      Running from: C:\Users\Pako\Desktop\ComboFix.exe
      Command switches used :: C:\Users\Pako\Desktop\CFScript.txt
      AV: ESET Smart Security 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
      FW: Cortafuegos personal de ESET *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
      SP: ESET Smart Security 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point

      ADS - Windows: deleted 0 bytes in 1 streams.

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


      c:\program files (x86)\RKFree
      c:\program files (x86)\RKFree\rkfree.exe
      c:\users\Pako\AppData\Local\Facebook\Update
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
      c:\users\Pako\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
      c:\users\Pako\AppData\Local\Facebook\Update\FacebookUpdate.exe


      ((((((((((((((((((((((((( Files Created from 2012-08-05 to 2012-09-05 )))))))))))))))))))))))))))))))


      2012-09-05 01:12:04 . 2012-09-05 01:12:04 -------- d-----w- C:\Users\Default\AppData\Local\temp
      2012-09-05 01:12:04 . 2012-09-05 01:12:04 -------- d-----w- C:\Users\boinc_master\AppData\Local\temp
      2012-09-05 01:12:04 . 2012-09-05 01:12:04 -------- d-----w- C:\Users\Alex\AppData\Local\temp
      2012-08-20 09:23:38 . 2012-08-20 09:23:44 -------- d-----w- C:\FRST
      2012-08-16 04:51:18 . 2012-08-16 04:51:18 -------- d-----w- C:\Users\Pako\AppData\Roaming\Malwarebytes
      2012-08-16 04:50:53 . 2012-08-16 04:50:53 -------- d-----w- C:\ProgramData\Malwarebytes
      2012-08-16 04:50:52 . 2012-08-16 04:50:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2012-08-16 04:50:52 . 2012-07-03 18:46:44 24904 ----a-w- C:\Windows\system32\drivers\mbam.sys
      .


      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

      2012-08-15 05:40:34 . 2012-07-16 08:26:44 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2012-08-15 05:40:34 . 2011-05-17 03:33:11 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-07-30 20:25:00 . 2012-07-30 20:24:55 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
      2012-06-12 03:08:36 . 2012-07-13 02:59:44 3148800 ----a-w- C:\Windows\system32\win32k.sys
      2012-06-09 05:43:10 . 2012-07-12 04:04:09 14172672 ----a-w- C:\Windows\system32\shell32.dll



      Creo que falta algo cierto?
      El ComboFix se ejecuto bien, pero a la hora del reporte creo que algo fallo, no estoy seguro si esta incompleto, pero esto me salió. Necesito correr el ComboFix de nuevo?

      Sobre la pc, ha estado un poco mejor, pero hay veces que de la nada se queda congelada y tengo que apagarla.
      He realizado análisis y no me ha detectado ningun virus.

    9. #9
      Usuario Avatar de alexrayas094
      Registrado
      oct 2010
      Ubicación
      México
      Mensajes
      11

      Re: ESET me detecta virus imposible de eliminar

      Lo que no me gusta PARA NADA es que no se instalan ningunas de las actualizaciones de Windows Update.
      Las descarga correctamente, pero al momento de reiniciar e instalarlas siempre dice que hay error en las configuraciones de Windows y despues "Revirtiendo los cambios".
      Después de vuelve a reiniciar Windows y en efecto: ninguna actualización ha sido instalada.

      Lo que también me llama mucho la atención es que el ComboFix sólo me funciona en Modo Seguro. De otro modo se queda pegado y ya no reacciona.

      Lo que se me hace bastante extraño es que ya no me han detectado ningún virus.

      Será muy grave lo que tiene mi PC? Creen que sea necesario un formateo? :/

      Ya no puedo estar agusto en la computadora porque no pasa ni media hora (en caso de tener mucha suerte) cuando de la nada se congela y tengo que apagarla forzosamente, porque no reacciona de ninguna manera (la he dejado asi por horas aver si en algún momento reacciona, pero nada).

      Sólo en Modo Seguro puedo estar sin ningún problema. También en Modo Seguro con funciones de red no me ha sucedido nada.

      Ya no se que hacer porque he hecho todo lo que me han pedido, y parece que mi máquina no se deja ayudar :(

    10. #10
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: ESET me detecta virus imposible de eliminar

      Hola alexrayas094:


      Lo que pasa es que dejas pasar mucho tiempo entre respuestas, así no avanzamos ya que los malwares se multiplican en cada reinicio.


      El reporte de Combofix esta incompleto y si no corre bien en Modo Normal es por que algo lo bloquea.


      Probemos con otra herramienta:

      Descarga OTL By OldTimer


      >>> Para Ejecutar OTL

      • Cerrar todos programas que tengas abiertos y hacer doble clic en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, solo debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Cita.
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.




      • Presionar el botón >>
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del ambis en tu próxima respuesta.


      Sobre las actualizaciones:

      • Descarga >>> ServiceRepair.exe (Adjunta al final de la guia)

      • Lo ejecutas >>> Reinicias >>> Verifica si funciona Windows Update.

      • Nos comentas.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo