• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 21

    Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

    Mira te pongo el reporte completo TddsKiller; 05:58:48.0996 2104 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48 05:58:49.0027 2104 ============================================================ 05:58:49.0027 2104 Current date / time: 2012/09/03 05:58:49.0027 05:58:49.0027 2104 SystemInfo: 05:58:49.0027 2104 05:58:49.0027 ...

    1. #11
      Usuario Avatar de P.P.P
      Registrado
      ago 2008
      Ubicación
      spy
      Mensajes
      28

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      Mira te pongo el reporte completo TddsKiller;

      05:58:48.0996 2104 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
      05:58:49.0027 2104 ============================================================
      05:58:49.0027 2104 Current date / time: 2012/09/03 05:58:49.0027
      05:58:49.0027 2104 SystemInfo:
      05:58:49.0027 2104
      05:58:49.0027 2104 OS Version: 6.0.6002 ServicePack: 2.0
      05:58:49.0027 2104 Product type: Workstation
      05:58:49.0027 2104 ComputerName: XXXX
      05:58:49.0027 2104 UserName: XXXX
      05:58:49.0027 2104 Windows directory: C:\Windows
      05:58:49.0027 2104 System windows directory: C:\Windows
      05:58:49.0027 2104 Running under WOW64
      05:58:49.0027 2104 Processor architecture: Intel x64
      05:58:49.0027 2104 Number of processors: 4
      05:58:49.0027 2104 Page size: 0x1000
      05:58:49.0027 2104 Boot type: Normal boot
      05:58:49.0027 2104 ============================================================
      05:58:49.0698 2104 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      05:58:49.0698 2104 Drive \Device\Harddisk1\DR1 - Size: 0xF1A0000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      05:58:49.0714 2104 ============================================================
      05:58:49.0714 2104 \Device\Harddisk0\DR0:
      05:58:49.0714 2104 MBR partitions:
      05:58:49.0714 2104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x72AEC6D8
      05:58:49.0714 2104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72AEC717, BlocksNum 0x1C192AA
      05:58:49.0714 2104 \Device\Harddisk1\DR1:
      05:58:49.0729 2104 MBR partitions:
      05:58:49.0729 2104 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x65, BlocksNum 0x78C9B
      05:58:49.0729 2104 ============================================================
      05:58:49.0807 2104 C: <-> \Device\Harddisk0\DR0\Partition1
      05:58:49.0870 2104 D: <-> \Device\Harddisk0\DR0\Partition2
      05:58:49.0870 2104 ============================================================
      05:58:49.0870 2104 Initialize success
      05:58:49.0870 2104 ============================================================
      06:00:16.0965 4216 ============================================================
      06:00:16.0965 4216 Scan started
      06:00:16.0965 4216 Mode: Manual;
      06:00:16.0965 4216 ============================================================
      06:00:17.0776 4216 ================ Scan system memory ========================
      06:00:17.0776 4216 System memory - ok
      06:00:17.0776 4216 ================ Scan services =============================
      06:00:17.0901 4216 [ BD74511F484E43104A90F977D7F108F4 ] 162c91f C:\Windows\system32\drivers\162c91f.sys
      06:00:17.0947 4216 162c91f - ok
      06:00:18.0088 4216 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
      06:00:18.0088 4216 ACDaemon - ok
      06:00:18.0150 4216 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
      06:00:18.0150 4216 ACPI - ok
      06:00:18.0213 4216 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
      06:00:18.0291 4216 adp94xx - ok
      06:00:18.0353 4216 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
      06:00:18.0431 4216 adpahci - ok
      06:00:18.0462 4216 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
      06:00:18.0478 4216 adpu160m - ok
      06:00:18.0509 4216 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
      06:00:18.0509 4216 adpu320 - ok
      06:00:18.0540 4216 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      06:00:18.0540 4216 AeLookupSvc - ok
      06:00:18.0618 4216 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
      06:00:18.0649 4216 AFD - ok
      06:00:18.0665 4216 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
      06:00:18.0681 4216 agp440 - ok
      06:00:18.0727 4216 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
      06:00:18.0727 4216 aic78xx - ok
      06:00:18.0759 4216 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
      06:00:18.0759 4216 ALG - ok
      06:00:18.0774 4216 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
      06:00:18.0790 4216 aliide - ok
      06:00:18.0805 4216 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
      06:00:18.0821 4216 amdide - ok
      06:00:18.0852 4216 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
      06:00:18.0868 4216 AmdK8 - ok
      06:00:18.0946 4216 [ 76A79621E1B0D9E6919B3C422101CBC9 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
      06:00:18.0977 4216 AnyDVD - ok
      06:00:18.0993 4216 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
      06:00:18.0993 4216 Appinfo - ok
      06:00:19.0055 4216 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      06:00:19.0055 4216 Apple Mobile Device - ok
      06:00:19.0071 4216 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
      06:00:19.0086 4216 arc - ok
      06:00:19.0102 4216 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
      06:00:19.0117 4216 arcsas - ok
      06:00:19.0227 4216 [ E82656EBABE84D08BE01A0016A43DCAF ] ASAPIW2K C:\Windows\syswow64\ASAPI64.sys
      06:00:19.0242 4216 ASAPIW2K - ok
      06:00:19.0336 4216 aspnet_state - ok
      06:00:19.0367 4216 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      06:00:19.0367 4216 AsyncMac - ok
      06:00:19.0383 4216 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
      06:00:19.0414 4216 atapi - ok
      06:00:19.0492 4216 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      06:00:19.0492 4216 AudioEndpointBuilder - ok
      06:00:19.0507 4216 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
      06:00:19.0507 4216 AudioSrv - ok
      06:00:19.0570 4216 [ 9F4320BA8E7CE2342517B182A2F2C0E6 ] azvusb C:\Windows\system32\DRIVERS\azvusb.sys
      06:00:19.0570 4216 azvusb - ok
      06:00:19.0679 4216 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
      06:00:19.0695 4216 BFE - ok
      06:00:19.0788 4216 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
      06:00:19.0804 4216 BITS - ok
      06:00:19.0819 4216 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
      06:00:19.0819 4216 blbdrive - ok
      06:00:19.0913 4216 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
      06:00:19.0913 4216 Bonjour Service - ok
      06:00:19.0975 4216 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      06:00:19.0975 4216 bowser - ok
      06:00:19.0991 4216 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
      06:00:19.0991 4216 BrFiltLo - ok
      06:00:20.0007 4216 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
      06:00:20.0022 4216 BrFiltUp - ok
      06:00:20.0053 4216 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
      06:00:20.0053 4216 Browser - ok
      06:00:20.0069 4216 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
      06:00:20.0100 4216 Brserid - ok
      06:00:20.0116 4216 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
      06:00:20.0131 4216 BrSerWdm - ok
      06:00:20.0147 4216 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
      06:00:20.0178 4216 BrUsbMdm - ok
      06:00:20.0194 4216 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
      06:00:20.0194 4216 BrUsbSer - ok
      06:00:20.0209 4216 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
      06:00:20.0209 4216 BTHMODEM - ok
      06:00:20.0256 4216 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      06:00:20.0256 4216 cdfs - ok
      06:00:20.0303 4216 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      06:00:20.0334 4216 cdrom - ok
      06:00:20.0397 4216 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
      06:00:20.0397 4216 CertPropSvc - ok
      06:00:20.0412 4216 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
      06:00:20.0412 4216 circlass - ok
      06:00:20.0490 4216 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
      06:00:20.0521 4216 CLFS - ok
      06:00:20.0599 4216 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      06:00:20.0615 4216 clr_optimization_v2.0.50727_32 - ok
      06:00:20.0693 4216 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      06:00:20.0709 4216 clr_optimization_v2.0.50727_64 - ok
      06:00:20.0787 4216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      06:00:20.0802 4216 clr_optimization_v4.0.30319_32 - ok
      06:00:20.0818 4216 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      06:00:20.0833 4216 clr_optimization_v4.0.30319_64 - ok
      06:00:20.0849 4216 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
      06:00:20.0865 4216 cmdide - ok
      06:00:20.0880 4216 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
      06:00:20.0880 4216 Compbatt - ok
      06:00:20.0896 4216 COMSysApp - ok
      06:00:20.0911 4216 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
      06:00:20.0927 4216 crcdisk - ok
      06:00:20.0989 4216 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
      06:00:20.0989 4216 CryptSvc - ok
      06:00:21.0114 4216 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
      06:00:21.0130 4216 DcomLaunch - ok
      06:00:21.0177 4216 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      06:00:21.0192 4216 DfsC - ok
      06:00:21.0333 4216 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
      06:00:21.0442 4216 DFSR - ok
      06:00:21.0520 4216 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
      06:00:21.0520 4216 Dhcp - ok
      06:00:21.0582 4216 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
      06:00:21.0582 4216 disk - ok
      06:00:21.0645 4216 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      06:00:21.0645 4216 Dnscache - ok
      06:00:21.0707 4216 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
      06:00:21.0707 4216 dot3svc - ok
      06:00:21.0738 4216 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
      06:00:21.0738 4216 DPS - ok
      06:00:21.0769 4216 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      06:00:21.0785 4216 drmkaud - ok
      06:00:21.0879 4216 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      06:00:21.0894 4216 DXGKrnl - ok
      06:00:21.0988 4216 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
      06:00:22.0003 4216 E1G60 - ok
      06:00:22.0097 4216 [ A2D551A61EC9E8A4BC5DF17BC1FEFEAD ] eamon C:\Windows\system32\DRIVERS\eamon.sys
      06:00:22.0113 4216 eamon - ok
      06:00:22.0175 4216 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
      06:00:22.0175 4216 EapHost - ok
      06:00:22.0315 4216 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
      06:00:22.0347 4216 Ecache - ok
      06:00:22.0409 4216 [ F3448EE861344636DA8ED1B3F5E8E1A8 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
      06:00:22.0456 4216 ehdrv - ok
      06:00:22.0518 4216 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      06:00:22.0518 4216 ehRecvr - ok
      06:00:22.0534 4216 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
      06:00:22.0534 4216 ehSched - ok
      06:00:22.0549 4216 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
      06:00:22.0549 4216 ehstart - ok
      06:00:22.0659 4216 [ D881E29C2973427406A1B506F636C971 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
      06:00:22.0659 4216 EhttpSrv - ok
      06:00:22.0752 4216 [ FDDAD27E9A20D0DAC04FACBF67AFBFC1 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
      06:00:22.0768 4216 ekrn - ok
      06:00:22.0861 4216 [ A14D6E3EF78F6D6AC42F98D633F2400A ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
      06:00:22.0877 4216 ElbyCDIO - ok
      06:00:22.0924 4216 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
      06:00:23.0002 4216 elxstor - ok
      06:00:23.0111 4216 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
      06:00:23.0127 4216 EMDMgmt - ok
      06:00:23.0189 4216 [ 9B7E8CF67DE13F71AE8951D0874AF447 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
      06:00:23.0205 4216 epfwwfpr - ok
      06:00:23.0220 4216 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
      06:00:23.0251 4216 ErrDev - ok
      06:00:23.0329 4216 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
      06:00:23.0329 4216 EventSystem - ok
      06:00:23.0392 4216 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
      06:00:23.0423 4216 exfat - ok
      06:00:23.0423 4216 ezSharedSvc - ok
      06:00:23.0501 4216 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
      06:00:23.0563 4216 fastfat - ok
      06:00:23.0579 4216 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      06:00:23.0579 4216 fdc - ok
      06:00:23.0626 4216 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
      06:00:23.0626 4216 fdPHost - ok
      06:00:23.0673 4216 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
      06:00:23.0673 4216 FDResPub - ok
      06:00:23.0688 4216 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      06:00:23.0704 4216 FileInfo - ok
      06:00:23.0719 4216 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      06:00:23.0735 4216 Filetrace - ok
      06:00:23.0751 4216 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      06:00:23.0782 4216 flpydisk - ok
      06:00:23.0829 4216 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      06:00:23.0875 4216 FltMgr - ok
      06:00:24.0031 4216 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
      06:00:24.0047 4216 FontCache - ok
      06:00:24.0172 4216 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      06:00:24.0172 4216 FontCache3.0.0.0 - ok
      06:00:24.0265 4216 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      06:00:24.0281 4216 Fs_Rec - ok
      06:00:24.0312 4216 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
      06:00:24.0343 4216 gagp30kx - ok
      06:00:24.0562 4216 [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
      06:00:24.0562 4216 GameConsoleService - ok
      06:00:24.0609 4216 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
      06:00:24.0624 4216 GEARAspiWDM - ok
      06:00:24.0749 4216 [ 1DD4BB8F2110A8AEB1466A2805AE57BB ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
      06:00:24.0749 4216 getPlusHelper - ok
      06:00:24.0889 4216 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
      06:00:24.0905 4216 gpsvc - ok
      06:00:24.0936 4216 gupdate1c9ec96699fa44c - ok
      06:00:24.0952 4216 gupdatem - ok
      06:00:25.0030 4216 [ 6D0F56D217545E2D0ADDBF301B35260F ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys
      06:00:25.0108 4216 HCW85BDA - ok
      06:00:25.0186 4216 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      06:00:25.0201 4216 HdAudAddService - ok
      06:00:25.0264 4216 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
      06:00:25.0279 4216 HDAudBus - ok
      06:00:25.0326 4216 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
      06:00:25.0342 4216 HidBth - ok
      06:00:25.0373 4216 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
      06:00:25.0389 4216 HidIr - ok
      06:00:25.0467 4216 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
      06:00:25.0467 4216 hidserv - ok
      06:00:25.0513 4216 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      06:00:25.0513 4216 HidUsb - ok
      06:00:25.0545 4216 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
      06:00:25.0545 4216 hkmsvc - ok
      06:00:25.0607 4216 [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
      06:00:25.0623 4216 HP Health Check Service - ok
      06:00:25.0685 4216 [ DEB82AF183F1CD06813D91ED104C645C ] HPBtnSrv c:\hp\HPEZBTN\HPBtnSrv.exe
      06:00:25.0685 4216 HPBtnSrv - ok
      06:00:25.0701 4216 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
      06:00:25.0732 4216 HpCISSs - ok
      06:00:25.0779 4216 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      06:00:25.0841 4216 HTTP - ok
      06:00:25.0857 4216 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
      06:00:25.0857 4216 i2omp - ok
      06:00:25.0872 4216 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
      06:00:25.0888 4216 i8042prt - ok
      06:00:25.0935 4216 [ 5B19DFC29A9563A5DA5CA559BED83AA8 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
      06:00:25.0935 4216 IAANTMON - ok
      06:00:25.0997 4216 [ 8EACF469269FB1509561961A3188F670 ] iaStor C:\Windows\system32\drivers\iastor.sys
      06:00:25.0997 4216 iaStor - ok
      06:00:26.0028 4216 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
      06:00:26.0106 4216 iaStorV - ok
      06:00:26.0184 4216 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      06:00:26.0215 4216 idsvc - ok
      06:00:26.0247 4216 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
      06:00:26.0247 4216 iirsp - ok
      06:00:26.0356 4216 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
      06:00:26.0356 4216 IKEEXT - ok
      06:00:26.0371 4216 IntcAzAudAddService - ok
      06:00:26.0387 4216 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
      06:00:26.0418 4216 intelide - ok
      06:00:26.0418 4216 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      06:00:26.0418 4216 intelppm - ok
      06:00:26.0449 4216 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      06:00:26.0449 4216 IPBusEnum - ok
      06:00:26.0512 4216 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      06:00:26.0527 4216 IpFilterDriver - ok
      06:00:26.0559 4216 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      06:00:26.0559 4216 iphlpsvc - ok
      06:00:26.0574 4216 IpInIp - ok
      06:00:26.0605 4216 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
      06:00:26.0637 4216 IPMIDRV - ok
      06:00:26.0652 4216 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
      06:00:26.0699 4216 IPNAT - ok
      06:00:26.0761 4216 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
      06:00:26.0761 4216 iPod Service - ok
      06:00:26.0793 4216 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
      06:00:26.0808 4216 IRENUM - ok
      06:00:26.0824 4216 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
      06:00:26.0839 4216 isapnp - ok
      06:00:26.0902 4216 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
      06:00:26.0902 4216 iScsiPrt - ok
      06:00:26.0917 4216 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
      06:00:26.0917 4216 iteatapi - ok
      06:00:26.0949 4216 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
      06:00:26.0949 4216 iteraid - ok
      06:00:26.0964 4216 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
      06:00:26.0995 4216 kbdclass - ok
      06:00:27.0058 4216 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
      06:00:27.0073 4216 kbdhid - ok
      06:00:27.0120 4216 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
      06:00:27.0120 4216 KeyIso - ok
      06:00:27.0198 4216 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      06:00:27.0198 4216 KSecDD - ok
      06:00:27.0245 4216 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
      06:00:27.0245 4216 ksthunk - ok
      06:00:27.0307 4216 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
      06:00:27.0307 4216 KtmRm - ok
      06:00:27.0370 4216 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
      06:00:27.0370 4216 LanmanServer - ok
      06:00:27.0495 4216 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      06:00:27.0510 4216 LanmanWorkstation - ok
      06:00:27.0635 4216 [ C48B0F913C944D736A455191ECD8FF45 ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
      06:00:27.0651 4216 Lavasoft Ad-Aware Service - ok
      06:00:27.0713 4216 [ A352CDB69AF6E18D60C0001D540D8478 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
      06:00:27.0713 4216 Lbd - ok
      06:00:27.0775 4216 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
      06:00:27.0775 4216 LightScribeService - ok
      06:00:27.0791 4216 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      06:00:27.0822 4216 lltdio - ok
      06:00:27.0853 4216 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
      06:00:27.0869 4216 lltdsvc - ok
      06:00:27.0885 4216 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
      06:00:27.0885 4216 lmhosts - ok
      06:00:27.0900 4216 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
      06:00:27.0931 4216 LSI_FC - ok
      06:00:27.0947 4216 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
      06:00:27.0978 4216 LSI_SAS - ok
      06:00:27.0994 4216 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
      06:00:28.0009 4216 LSI_SCSI - ok
      06:00:28.0087 4216 [ 639D24E769BDBEC6145E4C1921669B73 ] Ltn_stk7070P_64 C:\Windows\system32\DRIVERS\Ltn_stk7070P_64.sys
      06:00:28.0087 4216 Ltn_stk7070P_64 - ok
      06:00:28.0150 4216 [ E028DF5A96827A87898D4D7EB768E3AB ] Ltn_stkrc_64 C:\Windows\system32\DRIVERS\Ltn_stkrc_64.sys
      06:00:28.0150 4216 Ltn_stkrc_64 - ok
      06:00:28.0181 4216 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
      06:00:28.0181 4216 luafv - ok
      06:00:28.0243 4216 [ 3D44DFF5E7857E0B85A4C54188BA4BB8 ] lxdnCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
      06:00:28.0243 4216 lxdnCATSCustConnectService - ok
      06:00:28.0243 4216 lxdn_device - ok
      06:00:28.0368 4216 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
      06:00:28.0368 4216 McComponentHostService - ok
      06:00:28.0384 4216 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      06:00:28.0399 4216 Mcx2Svc - ok
      06:00:28.0415 4216 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
      06:00:28.0446 4216 megasas - ok
      06:00:28.0493 4216 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
      06:00:28.0524 4216 MegaSR - ok
      06:00:28.0555 4216 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
      06:00:28.0555 4216 MMCSS - ok
      06:00:28.0587 4216 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
      06:00:28.0602 4216 Modem - ok
      06:00:28.0633 4216 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      06:00:28.0633 4216 monitor - ok
      06:00:28.0649 4216 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      06:00:28.0680 4216 mouclass - ok
      06:00:28.0696 4216 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      06:00:28.0711 4216 mouhid - ok
      06:00:28.0727 4216 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
      06:00:28.0789 4216 MountMgr - ok
      06:00:28.0883 4216 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      06:00:28.0883 4216 MozillaMaintenance - ok
      06:00:28.0899 4216 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
      06:00:28.0930 4216 mpio - ok
      06:00:28.0945 4216 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      06:00:28.0977 4216 mpsdrv - ok
      06:00:29.0070 4216 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
      06:00:29.0101 4216 MpsSvc - ok
      06:00:29.0117 4216 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
      06:00:29.0133 4216 Mraid35x - ok
      06:00:29.0179 4216 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      06:00:29.0195 4216 MRxDAV - ok
      06:00:29.0226 4216 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      06:00:29.0226 4216 mrxsmb - ok
      06:00:29.0257 4216 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      06:00:29.0273 4216 mrxsmb10 - ok
      06:00:29.0289 4216 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      06:00:29.0304 4216 mrxsmb20 - ok
      06:00:29.0320 4216 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
      06:00:29.0335 4216 msahci - ok
      06:00:29.0367 4216 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      06:00:29.0398 4216 msdsm - ok
      06:00:29.0429 4216 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
      06:00:29.0429 4216 MSDTC - ok
      06:00:29.0460 4216 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
      06:00:29.0491 4216 Msfs - ok
      06:00:29.0491 4216 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      06:00:29.0491 4216 msisadrv - ok
      06:00:29.0554 4216 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      06:00:29.0554 4216 MSiSCSI - ok
      06:00:29.0554 4216 msiserver - ok
      06:00:29.0601 4216 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      06:00:29.0616 4216 MSKSSRV - ok
      06:00:29.0632 4216 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      06:00:29.0647 4216 MSPCLOCK - ok
      06:00:29.0663 4216 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      06:00:29.0663 4216 MSPQM - ok
      06:00:29.0725 4216 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      06:00:29.0741 4216 MsRPC - ok
      06:00:29.0757 4216 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
      06:00:29.0772 4216 mssmbios - ok
      06:00:29.0788 4216 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      06:00:29.0803 4216 MSTEE - ok
      06:00:29.0803 4216 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
      06:00:29.0835 4216 Mup - ok
      06:00:29.0897 4216 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
      06:00:29.0897 4216 napagent - ok
      06:00:29.0959 4216 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      06:00:29.0991 4216 NativeWifiP - ok
      06:00:30.0053 4216 NAVENG - ok
      06:00:30.0053 4216 NAVEX15 - ok
      06:00:30.0131 4216 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
      06:00:30.0162 4216 NDIS - ok
      06:00:30.0162 4216 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      06:00:30.0162 4216 NdisTapi - ok
      06:00:30.0178 4216 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      06:00:30.0193 4216 Ndisuio - ok
      06:00:30.0271 4216 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      06:00:30.0287 4216 NdisWan - ok
      06:00:30.0303 4216 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      06:00:30.0318 4216 NDProxy - ok
      06:00:30.0505 4216 [ C7F5C284B6F46FCAF6910EA4E644700B ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      06:00:30.0505 4216 Nero BackItUp Scheduler 4.0 - ok
      06:00:30.0552 4216 NeroMediaHomeService.4 - ok
      06:00:30.0583 4216 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      06:00:30.0583 4216 NetBIOS - ok
      06:00:30.0646 4216 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
      06:00:30.0646 4216 netbt - ok
      06:00:30.0677 4216 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
      06:00:30.0677 4216 Netlogon - ok
      06:00:30.0724 4216 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
      06:00:30.0739 4216 Netman - ok
      06:00:30.0739 4216 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
      06:00:30.0755 4216 netprofm - ok
      06:00:30.0786 4216 [ 8E6AF418ED39B976B172F1CEA9E6F538 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
      06:00:30.0817 4216 netr28x - ok
      06:00:30.0864 4216 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
      06:00:30.0864 4216 NetTcpPortSharing - ok
      06:00:30.0895 4216 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
      06:00:30.0927 4216 nfrd960 - ok
      06:00:30.0958 4216 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
      06:00:30.0973 4216 NlaSvc - ok
      06:00:31.0020 4216 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      06:00:31.0051 4216 Npfs - ok
      06:00:31.0067 4216 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
      06:00:31.0083 4216 nsi - ok
      06:00:31.0083 4216 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      06:00:31.0083 4216 nsiproxy - ok
      06:00:31.0176 4216 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      06:00:31.0223 4216 Ntfs - ok
      06:00:31.0239 4216 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
      06:00:31.0254 4216 Null - ok
      06:00:31.0566 4216 [ 828E3D31D9E5B81A4927885D3752C996 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
      06:00:31.0863 4216 nvlddmkm - ok
      06:00:31.0878 4216 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
      06:00:31.0894 4216 nvraid - ok
      06:00:31.0909 4216 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
      06:00:31.0941 4216 nvstor - ok
      06:00:31.0987 4216 [ 1C63E34632CEBD6A37B82DC77C4F7575 ] nvsvc C:\Windows\system32\nvvsvc.exe
      06:00:31.0987 4216 nvsvc - ok
      06:00:32.0112 4216 [ 4A5A9DDEF3C7E4E37EB22DE00AE8B9F1 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      06:00:32.0128 4216 nvUpdatusService - ok
      06:00:32.0143 4216 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      06:00:32.0143 4216 nv_agp - ok
      06:00:32.0159 4216 NwlnkFlt - ok
      06:00:32.0159 4216 NwlnkFwd - ok
      06:00:32.0221 4216 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
      06:00:32.0221 4216 ohci1394 - ok
      06:00:32.0284 4216 [ FC6039FC5E0A204A70390DD146F75D03 ] P2PFire C:\Program Files (x86)\P2PHazard2\P2PFire.sys
      06:00:32.0284 4216 P2PFire - ok
      06:00:32.0502 4216 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
      06:00:32.0518 4216 p2pimsvc - ok
      06:00:32.0580 4216 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
      06:00:32.0580 4216 p2psvc - ok
      06:00:32.0658 4216 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
      06:00:32.0689 4216 Parport - ok
      06:00:32.0736 4216 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
      06:00:32.0752 4216 partmgr - ok
      06:00:32.0814 4216 [ 8A0F8A9580D9F2FC512A35D5709088A9 ] pavboot C:\Windows\system32\drivers\pavboot64.sys
      06:00:32.0814 4216 pavboot - ok
      06:00:33.0033 4216 [ 55223EEFABFDB84A926515FEBAB50D9A ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
      06:00:33.0048 4216 pbfilter - ok
      06:00:33.0079 4216 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
      06:00:33.0079 4216 PcaSvc - ok
      06:00:33.0157 4216 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
      06:00:33.0173 4216 pccsmcfd - ok
      06:00:33.0282 4216 PcdrNdisuio - ok
      06:00:33.0376 4216 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
      06:00:33.0407 4216 pci - ok
      06:00:33.0438 4216 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
      06:00:33.0454 4216 pciide - ok
      06:00:33.0454 4216 PCLEPCI - ok
      06:00:33.0469 4216 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
      06:00:33.0547 4216 pcmcia - ok
      06:00:33.0579 4216 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      06:00:33.0594 4216 PEAUTH - ok
      06:00:33.0641 4216 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
      06:00:33.0641 4216 PerfHost - ok
      06:00:33.0703 4216 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
      06:00:33.0813 4216 pla - ok
      06:00:33.0906 4216 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      06:00:33.0922 4216 PlugPlay - ok
      06:00:33.0953 4216 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
      06:00:33.0953 4216 PNRPAutoReg - ok
      06:00:33.0984 4216 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
      06:00:33.0984 4216 PNRPsvc - ok
      06:00:34.0078 4216 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      06:00:34.0078 4216 PolicyAgent - ok
      06:00:34.0156 4216 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      06:00:34.0171 4216 PptpMiniport - ok
      06:00:34.0203 4216 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
      06:00:34.0218 4216 Processor - ok
      06:00:34.0312 4216 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
      06:00:34.0312 4216 ProfSvc - ok
      06:00:34.0343 4216 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
      06:00:34.0343 4216 ProtectedStorage - ok
      06:00:34.0405 4216 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
      06:00:34.0421 4216 PSched - ok
      06:00:34.0577 4216 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
      06:00:34.0639 4216 ql2300 - ok
      06:00:34.0702 4216 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
      06:00:34.0717 4216 ql40xx - ok
      06:00:34.0764 4216 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
      06:00:34.0764 4216 QWAVE - ok
      06:00:34.0780 4216 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      06:00:34.0795 4216 QWAVEdrv - ok
      06:00:34.0811 4216 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      06:00:34.0827 4216 RasAcd - ok
      06:00:34.0842 4216 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
      06:00:34.0842 4216 RasAuto - ok
      06:00:34.0905 4216 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      06:00:34.0905 4216 Rasl2tp - ok
      06:00:34.0967 4216 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
      06:00:34.0967 4216 RasMan - ok
      06:00:35.0029 4216 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      06:00:35.0045 4216 RasPppoe - ok
      06:00:35.0092 4216 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      06:00:35.0139 4216 RasSstp - ok
      06:00:35.0201 4216 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      06:00:35.0232 4216 rdbss - ok
      06:00:35.0248 4216 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      06:00:35.0263 4216 RDPCDD - ok
      06:00:35.0295 4216 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
      06:00:35.0326 4216 rdpdr - ok
      06:00:35.0326 4216 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      06:00:35.0357 4216 RDPENCDD - ok
      06:00:35.0419 4216 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      06:00:35.0435 4216 RDPWD - ok
      06:00:35.0482 4216 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
      06:00:35.0482 4216 RemoteAccess - ok
      06:00:35.0591 4216 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      06:00:35.0591 4216 RemoteRegistry - ok
      06:00:35.0638 4216 RkPavproc1 - ok
      06:00:35.0638 4216 RkPavproc2 - ok
      06:00:35.0653 4216 RkPavproc3 - ok
      06:00:35.0669 4216 RkPavproc4 - ok
      06:00:35.0685 4216 RkPavproc5 - ok
      06:00:35.0716 4216 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
      06:00:35.0716 4216 RpcLocator - ok
      06:00:35.0841 4216 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
      06:00:35.0841 4216 RpcSs - ok
      06:00:35.0856 4216 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      06:00:35.0887 4216 rspndr - ok
      06:00:35.0919 4216 [ 82B66ABF055611024E5DBB9FA556C11D ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
      06:00:35.0934 4216 RTL8169 - ok
      06:00:35.0950 4216 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
      06:00:35.0950 4216 SamSs - ok
      06:00:35.0965 4216 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      06:00:35.0997 4216 sbp2port - ok
      06:00:36.0075 4216 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
      06:00:36.0090 4216 SCardSvr - ok
      06:00:36.0153 4216 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
      06:00:36.0168 4216 Schedule - ok
      06:00:36.0231 4216 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
      06:00:36.0231 4216 SCPolicySvc - ok
      06:00:36.0262 4216 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      06:00:36.0262 4216 SDRSVC - ok
      06:00:36.0277 4216 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      06:00:36.0309 4216 secdrv - ok
      06:00:36.0340 4216 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
      06:00:36.0340 4216 seclogon - ok
      06:00:36.0355 4216 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
      06:00:36.0355 4216 SENS - ok
      06:00:36.0371 4216 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
      06:00:36.0387 4216 Serenum - ok
      06:00:36.0418 4216 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
      06:00:36.0449 4216 Serial - ok
      06:00:36.0465 4216 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
      06:00:36.0496 4216 sermouse - ok
      06:00:36.0652 4216 [ 12B41D84A4D058ADC60853C365DBFCCA ] ServiceLayer C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
      06:00:36.0652 4216 ServiceLayer - ok
      06:00:36.0683 4216 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
      06:00:36.0683 4216 SessionEnv - ok
      06:00:36.0699 4216 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      06:00:36.0714 4216 sffdisk - ok
      06:00:36.0745 4216 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      06:00:36.0745 4216 sffp_mmc - ok
      06:00:36.0761 4216 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      06:00:36.0777 4216 sffp_sd - ok
      06:00:36.0777 4216 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
      06:00:36.0792 4216 sfloppy - ok
      06:00:36.0823 4216 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
      06:00:36.0839 4216 SharedAccess - ok
      06:00:36.0886 4216 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      06:00:36.0886 4216 ShellHWDetection - ok
      06:00:36.0901 4216 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
      06:00:36.0933 4216 SiSRaid2 - ok
      06:00:36.0979 4216 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
      06:00:36.0995 4216 SiSRaid4 - ok
      06:00:37.0167 4216 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
      06:00:37.0182 4216 slsvc - ok
      06:00:37.0463 4216 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
      06:00:37.0479 4216 SLUINotify - ok
      06:00:37.0541 4216 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      06:00:37.0572 4216 Smb - ok
      06:00:37.0603 4216 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      06:00:37.0603 4216 SNMPTRAP - ok
      06:00:37.0681 4216 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys
      06:00:37.0713 4216 speedfan - ok
      06:00:37.0759 4216 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
      06:00:37.0775 4216 spldr - ok
      06:00:37.0837 4216 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
      06:00:37.0853 4216 Spooler - ok
      06:00:37.0931 4216 [ AA90A319BB067E0D149B4C95608C4B05 ] sptd C:\Windows\system32\Drivers\sptd.sys
      06:00:37.0931 4216 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: AA90A319BB067E0D149B4C95608C4B05
      06:00:37.0931 4216 sptd ( LockedFile.Multi.Generic ) - warning
      06:00:37.0931 4216 sptd - detected LockedFile.Multi.Generic (1)
      06:00:37.0962 4216 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
      06:00:38.0009 4216 srv - ok
      06:00:38.0071 4216 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      06:00:38.0103 4216 srv2 - ok
      06:00:38.0149 4216 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      06:00:38.0165 4216 srvnet - ok
      06:00:38.0196 4216 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      06:00:38.0212 4216 SSDPSRV - ok
      06:00:38.0227 4216 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
      06:00:38.0227 4216 SstpSvc - ok
      06:00:38.0305 4216 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
      06:00:38.0321 4216 stisvc - ok
      06:00:38.0352 4216 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
      06:00:38.0352 4216 swenum - ok
      06:00:38.0415 4216 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
      06:00:38.0430 4216 swprv - ok
      06:00:38.0446 4216 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
      06:00:38.0477 4216 Symc8xx - ok
      06:00:38.0477 4216 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
      06:00:38.0508 4216 Sym_hi - ok
      06:00:38.0524 4216 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
      06:00:38.0571 4216 Sym_u3 - ok
      06:00:38.0664 4216 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
      06:00:38.0680 4216 SysMain - ok
      06:00:38.0727 4216 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
      06:00:38.0727 4216 TabletInputService - ok
      06:00:38.0789 4216 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
      06:00:38.0789 4216 TapiSrv - ok
      06:00:38.0805 4216 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
      06:00:38.0805 4216 TBS - ok
      06:00:38.0883 4216 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      06:00:38.0929 4216 Tcpip - ok
      06:00:38.0945 4216 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
      06:00:38.0961 4216 Tcpip6 - ok
      06:00:38.0992 4216 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      06:00:39.0007 4216 tcpipreg - ok
      06:00:39.0023 4216 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      06:00:39.0039 4216 TDPIPE - ok
      06:00:39.0054 4216 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      06:00:39.0085 4216 TDTCP - ok
      06:00:39.0179 4216 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      06:00:39.0195 4216 tdx - ok
      06:00:39.0257 4216 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
      06:00:39.0273 4216 TermDD - ok
      06:00:39.0351 4216 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
      06:00:39.0366 4216 TermService - ok
      06:00:39.0382 4216 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
      06:00:39.0382 4216 Themes - ok
      06:00:39.0413 4216 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
      06:00:39.0413 4216 THREADORDER - ok
      06:00:39.0460 4216 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
      06:00:39.0460 4216 TrkWks - ok
      06:00:39.0616 4216 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      06:00:39.0616 4216 TrustedInstaller - ok
      06:00:39.0647 4216 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      06:00:39.0647 4216 tssecsrv - ok
      06:00:39.0663 4216 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
      06:00:39.0678 4216 tunmp - ok
      06:00:39.0709 4216 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      06:00:39.0725 4216 tunnel - ok
      06:00:39.0756 4216 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
      06:00:39.0772 4216 uagp35 - ok
      06:00:39.0819 4216 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      06:00:39.0865 4216 udfs - ok
      06:00:39.0865 4216 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
      06:00:39.0865 4216 UI0Detect - ok
      06:00:39.0912 4216 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      06:00:39.0928 4216 uliagpkx - ok
      06:00:39.0959 4216 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
      06:00:39.0990 4216 uliahci - ok
      06:00:40.0006 4216 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
      06:00:40.0037 4216 UlSata - ok
      06:00:40.0053 4216 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
      06:00:40.0084 4216 ulsata2 - ok
      06:00:40.0099 4216 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
      06:00:40.0115 4216 umbus - ok
      06:00:40.0177 4216 [ 87789A92E09D45A05CD37C3738CB9A53 ] UnlockerDriver5 C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys
      06:00:40.0193 4216 UnlockerDriver5 - ok
      06:00:40.0224 4216 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
      06:00:40.0240 4216 upnphost - ok
      06:00:40.0240 4216 upperdev - ok
      06:00:40.0287 4216 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
      06:00:40.0287 4216 USBAAPL64 - ok
      06:00:40.0302 4216 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      06:00:40.0349 4216 usbccgp - ok
      06:00:40.0365 4216 [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
      06:00:40.0365 4216 usbcir - ok
      06:00:40.0427 4216 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      06:00:40.0443 4216 usbehci - ok
      06:00:40.0505 4216 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      06:00:40.0567 4216 usbhub - ok
      06:00:40.0599 4216 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
      06:00:40.0630 4216 usbohci - ok
      06:00:40.0677 4216 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      06:00:40.0708 4216 usbprint - ok
      06:00:40.0770 4216 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
      06:00:40.0786 4216 usbscan - ok
      06:00:40.0848 4216 [ 5A8D98330F21E69D19459ED65847111D ] usbser C:\Windows\system32\DRIVERS\usbser.sys
      06:00:40.0848 4216 usbser - ok
      06:00:40.0879 4216 UsbserFilt - ok
      06:00:40.0942 4216 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      06:00:40.0957 4216 USBSTOR - ok
      06:00:40.0973 4216 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
      06:00:41.0004 4216 usbuhci - ok
      06:00:41.0113 4216 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
      06:00:41.0113 4216 UxSms - ok
      06:00:41.0176 4216 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
      06:00:41.0191 4216 vds - ok
      06:00:41.0207 4216 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      06:00:41.0254 4216 vga - ok
      06:00:41.0269 4216 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
      06:00:41.0301 4216 VgaSave - ok
      06:00:41.0332 4216 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
      06:00:41.0347 4216 viaide - ok
      06:00:41.0379 4216 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
      06:00:41.0410 4216 volmgr - ok
      06:00:41.0488 4216 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      06:00:41.0519 4216 volmgrx - ok
      06:00:41.0581 4216 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
      06:00:41.0628 4216 volsnap - ok
      06:00:41.0644 4216 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
      06:00:41.0644 4216 vsmraid - ok
      06:00:41.0737 4216 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
      06:00:41.0784 4216 VSS - ok
      06:00:41.0878 4216 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
      06:00:41.0878 4216 W32Time - ok
      06:00:41.0909 4216 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
      06:00:41.0909 4216 WacomPen - ok
      06:00:41.0971 4216 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
      06:00:42.0003 4216 Wanarp - ok
      06:00:42.0003 4216 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      06:00:42.0003 4216 Wanarpv6 - ok
      06:00:42.0081 4216 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
      06:00:42.0096 4216 wcncsvc - ok
      06:00:42.0143 4216 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      06:00:42.0143 4216 WcsPlugInService - ok
      06:00:42.0174 4216 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
      06:00:42.0190 4216 Wd - ok
      06:00:42.0237 4216 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      06:00:42.0268 4216 Wdf01000 - ok
      06:00:42.0268 4216 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
      06:00:42.0283 4216 WdiServiceHost - ok
      06:00:42.0283 4216 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
      06:00:42.0283 4216 WdiSystemHost - ok
      06:00:42.0346 4216 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
      06:00:42.0361 4216 WebClient - ok
      06:00:42.0408 4216 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
      06:00:42.0408 4216 Wecsvc - ok
      06:00:42.0439 4216 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      06:00:42.0439 4216 wercplsupport - ok
      06:00:42.0502 4216 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
      06:00:42.0502 4216 WerSvc - ok
      06:00:42.0517 4216 WinDefend - ok
      06:00:42.0533 4216 WinHttpAutoProxySvc - ok
      06:00:42.0673 4216 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      06:00:42.0673 4216 Winmgmt - ok
      06:00:42.0767 4216 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
      06:00:42.0829 4216 WinRM - ok
      06:00:42.0923 4216 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
      06:00:42.0954 4216 Wlansvc - ok
      06:00:43.0079 4216 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      06:00:43.0095 4216 wlidsvc - ok
      06:00:43.0126 4216 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      06:00:43.0141 4216 WmiAcpi - ok
      06:00:43.0204 4216 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      06:00:43.0204 4216 wmiApSrv - ok
      06:00:43.0219 4216 WMPNetworkSvc - ok
      06:00:43.0251 4216 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
      06:00:43.0266 4216 WPCSvc - ok
      06:00:43.0297 4216 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      06:00:43.0297 4216 WPDBusEnum - ok
      06:00:43.0344 4216 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
      06:00:43.0360 4216 WpdUsb - ok
      06:00:43.0500 4216 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
      06:00:43.0531 4216 WPFFontCache_v0400 - ok
      06:00:43.0563 4216 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      06:00:43.0578 4216 ws2ifsl - ok
      06:00:43.0687 4216 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
      06:00:43.0703 4216 wscsvc - ok
      06:00:43.0703 4216 WSearch - ok
      06:00:43.0797 4216 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
      06:00:43.0843 4216 wuauserv - ok
      06:00:43.0875 4216 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      06:00:43.0890 4216 WUDFRd - ok
      06:00:43.0921 4216 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      06:00:43.0921 4216 wudfsvc - ok
      06:00:43.0937 4216 ================ Scan global ===============================
      06:00:43.0984 4216 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
      06:00:44.0062 4216 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
      06:00:44.0077 4216 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
      06:00:44.0171 4216 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
      06:00:44.0171 4216 [Global] - ok
      06:00:44.0187 4216 ================ Scan MBR ==================================
      06:00:44.0187 4216 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
      06:00:44.0421 4216 \Device\Harddisk0\DR0 - ok
      06:00:44.0421 4216 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
      06:00:44.0436 4216 \Device\Harddisk1\DR1 - ok
      06:00:44.0436 4216 ================ Scan VBR ==================================
      06:00:44.0436 4216 [ 409F8B705D2CB1FC238AD050948F05F0 ] \Device\Harddisk0\DR0\Partition1
      06:00:44.0436 4216 \Device\Harddisk0\DR0\Partition1 - ok
      06:00:44.0452 4216 [ 5AB1014D3307DDD9B9A4993B0A5EE436 ] \Device\Harddisk0\DR0\Partition2
      06:00:44.0452 4216 \Device\Harddisk0\DR0\Partition2 - ok
      06:00:44.0452 4216 [ 6132ED741C9A0628DB158A2DBA41C1C9 ] \Device\Harddisk1\DR1\Partition1
      06:00:44.0452 4216 \Device\Harddisk1\DR1\Partition1 - ok
      06:00:44.0452 4216 ============================================================
      06:00:44.0452 4216 Scan finished
      06:00:44.0452 4216 ============================================================
      06:00:44.0467 0844 Detected object count: 1
      06:00:44.0467 0844 Actual detected object count: 1
      06:03:59.0992 0844 sptd ( LockedFile.Multi.Generic ) - skipped by user
      06:03:59.0992 0844 sptd ( LockedFile.Multi.Generic ) - User select action: Skip







      Dime que ves en los 2 reportes por favor, al final crees que ha podido eliminarse este troyano? o troyanos? , seguramente venia por parte de java como te comente.

      En Nod32 pone que hay 2 Troyanos en cuarentena, Java/Exploit.Agent.AH Troyano y Win64/Sirefef.AP Troyano.

      El Pc voy a usarlo hoy y te digo. Lo que me da miedo de meterme en webs y que si no se ha solucionado el problema, se vayan quedando con mi nombre de usuario y contraseña. Meterme en el correo ni pensarlo de momento desde este Pc.

    2. #12
      Ex-Colaborador Avatar de Fer21021
      Registrado
      abr 2008
      Ubicación
      Argentina
      Mensajes
      6.216

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      Hola,

      La infección Sirefef no parece estar en tu sistema, pero si otras, te abras dado cuenta por el reporte de Malwarebytes.



      ---------------------------------

      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • ------------------------------------------------
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.


      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.



      Saludos.
      »» »» »».......Persevera y triunfarás........«« «« ««

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de P.P.P
      Registrado
      ago 2008
      Ubicación
      spy
      Mensajes
      28

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      En el analisis o no se que hace el programa este, me dice que la papelera de reciclaje c: esta dañada, que si deseo vaciar la papelera de reciclaje para esta unidad? Pero la papelera esta vacia, que hago le doy a si o no.

    4. #14
      Usuario Avatar de P.P.P
      Registrado
      ago 2008
      Ubicación
      spy
      Mensajes
      28

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      A ver si me podes echar una mano.

      No hice el anterior analisis con el ComboFix por esto de la papelera de reciclaje que me decia y como no se me respondio apague el pc, y ahora cuando inicio el Pc me salta este anuncio de la papelera otra vez.

      Le doy a si, o omito este paso?

      Y el windows defender me deshabilita el nod32 en cada reinicio, saltandome este mensaje:

      "No se pudo iniciar la aplicación 0x800106ba. Un problema hizo que se detuviera el servicio de este programa...." A continuación me pide que busque información de cómo iniciar un servicio manualmente.
      Última edición por Fer21021 fecha: 05/09/12 a las 07:23:26

    5. #15
      Ex-Colaborador Avatar de Fer21021
      Registrado
      abr 2008
      Ubicación
      Argentina
      Mensajes
      6.216

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      Buenas,


      Dale que si, continua con la ejecución de ComboFix.

      Sino puedes en el modo normal lo haces en modo a prueba de fallos.


      Saludos.
      »» »» »».......Persevera y triunfarás........«« «« ««

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #16
      Usuario Avatar de P.P.P
      Registrado
      ago 2008
      Ubicación
      spy
      Mensajes
      28

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      Ya pude pasar el programa este, me sale lo siguiente:

      ComboFix 12-08-30.05 - XXXX 05/09/2012 20:15:18.1.4 - x64
      Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.34.3082.18.4094.2118 [GMT 2:00]
      Running from: c:\users\XXXX\Desktop\ComboFix.exe
      AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
      SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      - REDUCED FUNCTIONALITY MODE -
      .
      ADS - Windows: deleted 48 bytes in 1 streams.
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\XXXX\AppData\Roaming\Desktopicon
      c:\users\XXXX\AppData\Roaming\Desktopicon\eBay.ico
      c:\users\XXXX\AppData\Roaming\Desktopicon\uninst.exe
      c:\users\XXXX\AppData\Roaming\inst.exe
      c:\windows\struct~.ini
      c:\windows\SysWow64\nsis_loader.dll
      c:\windows\SysWow64\URTTemp
      c:\windows\SysWow64\URTTemp\regtlib.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-05 to 2012-09-05 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-05 18:16 . 2012-09-05 18:16 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-09-01 22:35 . 2012-09-01 22:35 85440 ----a-w- c:\windows\system32\drivers\162c91f.sys
      2012-08-30 22:00 . 2012-08-30 22:00 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
      2012-08-27 14:33 . 2012-09-04 18:33 -------- d-----w- c:\users\UpdatusUser
      2012-08-27 14:32 . 2012-08-27 14:32 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
      2012-08-27 14:31 . 2012-03-06 23:08 68928 ----a-w- c:\windows\system32\OpenCL.dll
      2012-08-27 14:29 . 2012-08-27 14:29 -------- d-----w- c:\programdata\NVIDIA Corporation
      2012-08-27 14:29 . 2012-08-27 14:32 -------- d-----w- c:\program files\NVIDIA Corporation
      2012-08-15 06:43 . 2012-05-11 16:34 788480 ----a-w- c:\windows\system32\localspl.dll
      2012-08-15 06:43 . 2012-05-11 15:57 623616 ----a-w- c:\windows\SysWow64\localspl.dll
      2012-08-15 06:43 . 2012-06-29 16:20 648192 ----a-w- c:\windows\system32\netapi32.dll
      2012-08-06 19:36 . 2012-08-06 20:17 -------- d-----w- c:\program files (x86)\McAfee Security Scan
      2012-08-06 19:36 . 2012-08-06 19:36 -------- d-----w- c:\programdata\McAfee
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-26 09:05 . 2012-06-29 21:39 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-08-26 09:05 . 2011-12-30 19:19 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-08-23 08:26 . 2012-09-04 18:20 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8135C314-FD83-474D-A4B9-8BB17ED13568}\mpengine.dll
      2012-08-16 01:02 . 2006-11-02 12:35 62134624 ----a-w- c:\windows\system32\mrt.exe
      2012-07-24 18:39 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
      2012-07-21 01:46 . 2012-07-21 01:46 161792 ----a-w- c:\windows\SysWow64\msls31.dll
      2012-07-21 01:46 . 2012-07-21 01:46 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
      2012-07-21 01:46 . 2012-07-21 01:46 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
      2012-07-21 01:46 . 2012-07-21 01:46 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
      2012-07-21 01:46 . 2012-07-21 01:46 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
      2012-07-21 01:46 . 2012-07-21 01:46 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
      2012-07-21 01:46 . 2012-07-21 01:46 367104 ----a-w- c:\windows\SysWow64\html.iec
      2012-07-21 01:46 . 2012-07-21 01:46 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
      2012-07-21 01:46 . 2012-07-21 01:46 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-07-21 01:46 . 2012-07-21 01:46 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
      2012-07-21 01:46 . 2012-07-21 01:46 152064 ----a-w- c:\windows\SysWow64\wextract.exe
      2012-07-21 01:46 . 2012-07-21 01:46 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
      2012-07-21 01:46 . 2012-07-21 01:46 11776 ----a-w- c:\windows\SysWow64\mshta.exe
      2012-07-21 01:46 . 2012-07-21 01:46 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
      2012-07-21 01:46 . 2012-07-21 01:46 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
      2012-07-21 01:46 . 2012-07-21 01:46 101888 ----a-w- c:\windows\SysWow64\admparse.dll
      2012-07-21 01:46 . 2012-07-21 01:46 222208 ----a-w- c:\windows\system32\msls31.dll
      2012-07-21 01:46 . 2012-07-21 01:46 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
      2012-07-21 01:46 . 2012-07-21 01:46 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
      2012-07-21 01:46 . 2012-07-21 01:46 49664 ----a-w- c:\windows\system32\imgutil.dll
      2012-07-21 01:46 . 2012-07-21 01:46 267776 ----a-w- c:\windows\system32\ieaksie.dll
      2012-07-21 01:46 . 2012-07-21 01:46 197120 ----a-w- c:\windows\system32\msrating.dll
      2012-07-21 01:46 . 2012-07-21 01:46 163840 ----a-w- c:\windows\system32\ieakui.dll
      2012-07-21 01:46 . 2012-07-21 01:46 145920 ----a-w- c:\windows\system32\iepeers.dll
      2012-07-21 01:46 . 2012-07-21 01:46 136192 ----a-w- c:\windows\system32\advpack.dll
      2012-07-21 01:46 . 2012-07-21 01:46 12288 ----a-w- c:\windows\system32\mshta.exe
      2012-07-21 01:46 . 2012-07-21 01:46 114176 ----a-w- c:\windows\system32\admparse.dll
      2012-07-21 01:46 . 2012-07-21 01:46 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
      2012-07-21 01:46 . 2012-07-21 01:46 76800 ----a-w- c:\windows\system32\tdc.ocx
      2012-07-21 01:46 . 2012-07-21 01:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
      2012-07-21 01:46 . 2012-07-21 01:46 160256 ----a-w- c:\windows\system32\ieakeng.dll
      2012-07-21 01:46 . 2012-07-21 01:46 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
      2012-07-21 01:46 . 2012-07-21 01:46 111616 ----a-w- c:\windows\system32\iesysprep.dll
      2012-07-21 01:46 . 2012-07-21 01:46 10752 ----a-w- c:\windows\system32\msfeedssync.exe
      2012-07-21 01:46 . 2012-07-21 01:46 89088 ----a-w- c:\windows\system32\ie4uinit.exe
      2012-07-21 01:46 . 2012-07-21 01:46 85504 ----a-w- c:\windows\system32\iesetup.dll
      2012-07-21 01:46 . 2012-07-21 01:46 82432 ----a-w- c:\windows\system32\icardie.dll
      2012-07-21 01:46 . 2012-07-21 01:46 534528 ----a-w- c:\windows\system32\ieapfltr.dll
      2012-07-21 01:46 . 2012-07-21 01:46 452608 ----a-w- c:\windows\system32\dxtmsft.dll
      2012-07-21 01:46 . 2012-07-21 01:46 448512 ----a-w- c:\windows\system32\html.iec
      2012-07-21 01:46 . 2012-07-21 01:46 403248 ----a-w- c:\windows\system32\iedkcs32.dll
      2012-07-21 01:46 . 2012-07-21 01:46 39936 ----a-w- c:\windows\system32\iernonce.dll
      2012-07-21 01:46 . 2012-07-21 01:46 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
      2012-07-21 01:46 . 2012-07-21 01:46 30720 ----a-w- c:\windows\system32\licmgr10.dll
      2012-07-21 01:46 . 2012-07-21 01:46 282112 ----a-w- c:\windows\system32\dxtrans.dll
      2012-07-21 01:46 . 2012-07-21 01:46 249344 ----a-w- c:\windows\system32\webcheck.dll
      2012-07-21 01:46 . 2012-07-21 01:46 103936 ----a-w- c:\windows\system32\inseng.dll
      2012-07-21 01:46 . 2012-07-21 01:46 697344 ----a-w- c:\windows\system32\msfeeds.dll
      2012-07-21 01:46 . 2012-07-21 01:46 603648 ----a-w- c:\windows\system32\vbscript.dll
      2012-07-21 01:46 . 2012-07-21 01:46 165888 ----a-w- c:\windows\system32\iexpress.exe
      2012-07-21 01:46 . 2012-07-21 01:46 160256 ----a-w- c:\windows\system32\wextract.exe
      2012-07-21 01:46 . 2012-07-21 01:46 65024 ----a-w- c:\windows\system32\pngfilt.dll
      2012-07-21 01:46 . 2012-07-21 01:46 149504 ----a-w- c:\windows\system32\occache.dll
      2012-07-21 01:44 . 2012-07-21 01:44 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
      2012-07-21 01:44 . 2012-07-21 01:44 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
      2012-07-21 01:44 . 2012-07-21 01:44 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
      2012-07-21 01:44 . 2012-07-21 01:44 377344 ----a-w- c:\windows\system32\mfmp4src.dll
      2012-07-21 01:44 . 2012-07-21 01:44 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
      2012-07-21 01:44 . 2012-07-21 01:44 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
      2012-07-21 01:44 . 2012-07-21 01:44 3548672 ----a-w- c:\windows\system32\mf.dll
      2012-07-21 01:44 . 2012-07-21 01:44 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
      2012-07-21 01:44 . 2012-07-21 01:44 34304 ----a-w- c:\windows\system32\mfpmp.exe
      2012-07-21 01:44 . 2012-07-21 01:44 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
      2012-07-21 01:44 . 2012-07-21 01:44 195072 ----a-w- c:\windows\system32\mfps.dll
      2012-07-21 01:44 . 2012-07-21 01:44 2873344 ----a-w- c:\windows\SysWow64\mf.dll
      2012-07-21 01:44 . 2012-07-21 01:44 98816 ----a-w- c:\windows\SysWow64\mfps.dll
      2012-07-21 01:44 . 2012-07-21 01:44 278528 ----a-w- c:\windows\system32\mfplat.dll
      2012-07-21 01:44 . 2012-07-21 01:44 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
      2012-07-21 01:44 . 2012-07-21 01:44 748544 ----a-w- c:\windows\system32\stobject.dll
      2012-07-21 01:44 . 2012-07-21 01:44 586240 ----a-w- c:\windows\SysWow64\stobject.dll
      2012-07-21 01:44 . 2012-07-21 01:44 1204224 ----a-w- c:\windows\system32\shdocvw.dll
      2012-07-21 01:43 . 2012-07-21 01:43 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
      2012-07-21 01:43 . 2012-07-21 01:43 566272 ----a-w- c:\windows\system32\d3d10level9.dll
      2012-07-21 01:43 . 2012-07-21 01:43 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
      2012-07-21 01:43 . 2012-07-21 01:43 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
      2012-07-21 01:43 . 2012-07-21 01:43 625152 ----a-w- c:\windows\system32\dxgi.dll
      2012-07-21 01:43 . 2012-07-21 01:43 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
      2012-07-21 01:43 . 2012-07-21 01:43 47104 ----a-w- c:\windows\system32\cdd.dll
      2012-07-21 01:43 . 2012-07-21 01:43 366592 ----a-w- c:\windows\system32\winspool.drv
      2012-07-21 01:43 . 2012-07-21 01:43 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
      2012-07-21 01:43 . 2012-07-21 01:43 287232 ----a-w- c:\windows\system32\d3d10core.dll
      2012-07-21 01:43 . 2012-07-21 01:43 258048 ----a-w- c:\windows\SysWow64\winspool.drv
      2012-07-21 01:43 . 2012-07-21 01:43 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
      2012-07-21 01:43 . 2012-07-21 01:43 1268224 ----a-w- c:\windows\system32\d3d10.dll
      2012-07-21 01:43 . 2012-07-21 01:43 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
      2012-07-21 01:43 . 2012-07-21 01:43 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
      2012-07-21 01:43 . 2012-07-21 01:43 1461760 ----a-w- c:\windows\system32\OpcServices.dll
      2012-07-21 01:43 . 2012-07-21 01:43 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
      2012-07-21 01:43 . 2012-07-21 01:43 3068416 ----a-w- c:\windows\system32\xpsservices.dll
      2012-07-21 01:43 . 2012-07-21 01:43 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
      2012-07-21 01:43 . 2012-07-21 01:43 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
      2012-07-21 01:42 . 2012-07-21 01:42 369664 ----a-w- c:\windows\SysWow64\WMPhoto.dll
      2012-07-21 01:42 . 2012-07-21 01:42 519680 ----a-w- c:\windows\SysWow64\d3d11.dll
      2012-07-21 01:42 . 2012-07-21 01:42 449024 ----a-w- c:\windows\system32\WMPhoto.dll
      2012-07-21 01:42 . 2012-07-21 01:42 328192 ----a-w- c:\windows\system32\dxdiag.exe
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
      "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
      "AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-08-01 222592]
      "PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
      "RemoTerm.exe"="c:\program files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe" [2010-02-24 220944]
      "Facebook Update"="c:\users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
      "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
      "Spotify Web Helper"="c:\users\XXXX\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-21 1193176]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
      "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
      "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
      "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2007-02-15 119296]
      "HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-02 75008]
      "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
      "FaxCenterServer"="c:\program files (x86)\Lexmark Fax Solutions\fm3032.exe" [2007-12-17 320168]
      "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
      "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
      "UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2006-09-07 15360]
      "NokiaMusic FastStart"="c:\program files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe" [2011-10-21 2193000]
      "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-07-12 74752]
      "SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-3-27 113664]
      Buscar actualizaciones.lnk - c:\program files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe [2009-4-17 238864]
      McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
      Software Kodak EasyShare.lnk - c:\program files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      R1 162c91f;syshost.exe;c:\windows\system32\drivers\162c91f.sys [2012-09-01 85440]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
      getPlusHelper REG_MULTI_SZ getPlusHelper
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      Themes
      ezSharedSvc
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-258622934-2799181398-629544736-1000Core.job
      - c:\users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-29 22:32]
      .
      2012-09-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-258622934-2799181398-629544736-1000UA.job
      - c:\users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-29 22:32]
      .
      2012-09-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258622934-2799181398-629544736-1000Core.job
      - c:\users\XXXX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 19:11]
      .
      2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258622934-2799181398-629544736-1000UA.job
      - c:\users\XXXX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 19:11]
      .
      2012-09-04 c:\windows\Tasks\NeroLiveEpgUpdate-XXXX1_XXXX.job
      - c:\program files (x86)\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-11 178712]
      "lxdnmon.exe"="c:\program files (x86)\Lexmark 2600 Series\lxdnmon.exe" [2007-12-17 660136]
      "lxdnamon"="c:\program files (x86)\Lexmark 2600 Series\lxdnamon.exe" [2007-12-17 16040]
      "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2716216]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "LoadAppInit_DLLs"=0x0
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.es/
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_es&c=84&bd=Pavilion&pf=cndt
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      IE: &AOL Toolbar Buscar - c:\programdata\AOL\ieToolbar\resources\es-ES\local\search.html
      IE: &D&escargue &con BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
      IE: &D&escargue todo con BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
      IE: &D&escargue todos los vídeos con BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddVideo.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
      IE: Save Flash - c:\program files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
      IE: ʹÓÃUUSee¼ÓËÙ²¥·Å - c:\program files (x86)\uusee\geturltoplay.htm
      IE: ʹÓÃUUSeeÏÂÔØ - c:\program files (x86)\uusee\geturltodown.htm
      IE: {{998A88A0-A355-809B-831C-B83A80000991} - http://www.henkuai.com/?from=iebannel
      TCP: DhcpNameServer = 8x.5x.6x.25x 8x.5x.6x.25x
      FF - ProfilePath - c:\users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\keqbt39j.default\
      .
      - - - - ORPHANS REMOVED - - - -
      .
      HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
      HKLM-Run-OsdMaestro - c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
      AddRemove-eBay Icon - c:\users\XXXX\AppData\Roaming\Desktopicon\uninst.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
      @="Shockwave Flash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
      @Denied: (A 2) (Everyone)
      @=""
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
      @="FlashBroker"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
      "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
      c:\hp\HPEZBTN\HPBtnSrv.exe
      c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
      c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
      c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      c:\program files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe
      c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
      c:\program files (x86)\iTunes\iTunes.exe
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
      c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
      c:\program files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
      c:\program files (x86)\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
      c:\hp\kbd\kbd.exe
      c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      .
      **************************************************************************
      .
      Completion time: 2012-09-05 20:25:21 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-09-05 18:25
      .
      Pre-Run: 37.220.020.224 bytes libres
      Post-Run: 37.306.150.912 bytes libres
      .
      - - End Of File - - 66BDA7EF970DC4FA549ECAD15B4D925A




      Que es lo que ves amigo.

    7. #17
      Ex-Colaborador Avatar de Fer21021
      Registrado
      abr 2008
      Ubicación
      Argentina
      Mensajes
      6.216

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      Buenas,

      Solo queda por eliminar una cosita.


      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR

      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      File::
      c:\windows\system32\drivers\162c91f.sys
      
      
      Driver::
      162c91f
      
      DDS::
      mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_es&c=84&bd=Pavilion&pf=cndt
      IE: &AOL Toolbar Buscar - c:\programdata\AOL\ieToolbar\resources\es-ES\local\search.html
      IE: Save Flash - c:\program files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
      IE: ʹÓÃUUSee¼ÓËÙ²¥·Å - c:\program files (x86)\uusee\geturltoplay.htm
      IE: ʹÓÃUUSeeÏÂÔØ - c:\program files (x86)\uusee\geturltodown.htm
      IE: {{998A88A0-A355-809B-831C-B83A80000991} - http://www.henkuai.com/?from=iebannel
      
      
      ClearJavaCache::
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?




      Saludos.
      »» »» »».......Persevera y triunfarás........«« «« ««

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de P.P.P
      Registrado
      ago 2008
      Ubicación
      spy
      Mensajes
      28

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      Mira ahora me sale esto amigo:

      ComboFix 12-08-30.05 - XXXX 06/09/2012 22:18:47.2.4 - x64
      Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.34.3082.18.4094.2138 [GMT 2:00]
      Running from: c:\users\XXXX\Desktop\ComboFix.exe
      Command switches used :: c:\users\XXXX\Desktop\CFScript.txt
      AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
      SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      FILE ::
      "c:\windows\system32\drivers\162c91f.sys"
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\uusee\geturltodown.htm
      c:\program files (x86)\uusee\geturltoplay.htm
      c:\programdata\Amazon.ico
      c:\programdata\AOL\ieToolbar\resources\es-ES\local\search.html
      c:\programdata\QuickStores.ico
      c:\users\XXXX\AppData\Roaming\dvdae
      c:\users\XXXX\AppData\Roaming\dvdae\dvdae.config
      c:\users\XXXX\AppData\Roaming\dvdae\dvdae.lic
      c:\users\XXXX\AppData\Roaming\FFSJ
      c:\users\XXXX\AppData\Roaming\FFSJ\FFSJ.cfg
      c:\windows\system32\drivers\162c91f.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      -------\Service_162c91f
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-06 to 2012-09-06 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-06 20:32 . 2012-09-06 20:32 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
      2012-09-06 20:32 . 2012-09-06 20:32 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-08-30 22:00 . 2012-08-30 22:00 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
      2012-08-27 14:33 . 2012-09-04 18:33 -------- d-----w- c:\users\UpdatusUser
      2012-08-27 14:32 . 2012-08-27 14:32 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
      2012-08-27 14:31 . 2012-03-06 23:08 68928 ----a-w- c:\windows\system32\OpenCL.dll
      2012-08-27 14:29 . 2012-08-27 14:29 -------- d-----w- c:\programdata\NVIDIA Corporation
      2012-08-27 14:29 . 2012-08-27 14:32 -------- d-----w- c:\program files\NVIDIA Corporation
      2012-08-15 06:43 . 2012-05-11 16:34 788480 ----a-w- c:\windows\system32\localspl.dll
      2012-08-15 06:43 . 2012-05-11 15:57 623616 ----a-w- c:\windows\SysWow64\localspl.dll
      2012-08-15 06:43 . 2012-06-29 16:20 648192 ----a-w- c:\windows\system32\netapi32.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-26 09:05 . 2012-06-29 21:39 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-08-26 09:05 . 2011-12-30 19:19 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-08-23 08:26 . 2012-09-06 18:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E470F71F-3BC1-4E81-AE6F-349C516C19C1}\mpengine.dll
      2012-08-16 01:02 . 2006-11-02 12:35 62134624 ----a-w- c:\windows\system32\mrt.exe
      2012-07-24 18:39 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
      2012-07-21 01:46 . 2012-07-21 01:46 161792 ----a-w- c:\windows\SysWow64\msls31.dll
      2012-07-21 01:46 . 2012-07-21 01:46 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
      2012-07-21 01:46 . 2012-07-21 01:46 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
      2012-07-21 01:46 . 2012-07-21 01:46 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
      2012-07-21 01:46 . 2012-07-21 01:46 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
      2012-07-21 01:46 . 2012-07-21 01:46 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
      2012-07-21 01:46 . 2012-07-21 01:46 367104 ----a-w- c:\windows\SysWow64\html.iec
      2012-07-21 01:46 . 2012-07-21 01:46 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
      2012-07-21 01:46 . 2012-07-21 01:46 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-07-21 01:46 . 2012-07-21 01:46 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
      2012-07-21 01:46 . 2012-07-21 01:46 152064 ----a-w- c:\windows\SysWow64\wextract.exe
      2012-07-21 01:46 . 2012-07-21 01:46 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
      2012-07-21 01:46 . 2012-07-21 01:46 11776 ----a-w- c:\windows\SysWow64\mshta.exe
      2012-07-21 01:46 . 2012-07-21 01:46 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
      2012-07-21 01:46 . 2012-07-21 01:46 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
      2012-07-21 01:46 . 2012-07-21 01:46 101888 ----a-w- c:\windows\SysWow64\admparse.dll
      2012-07-21 01:46 . 2012-07-21 01:46 222208 ----a-w- c:\windows\system32\msls31.dll
      2012-07-21 01:46 . 2012-07-21 01:46 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
      2012-07-21 01:46 . 2012-07-21 01:46 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
      2012-07-21 01:46 . 2012-07-21 01:46 49664 ----a-w- c:\windows\system32\imgutil.dll
      2012-07-21 01:46 . 2012-07-21 01:46 267776 ----a-w- c:\windows\system32\ieaksie.dll
      2012-07-21 01:46 . 2012-07-21 01:46 197120 ----a-w- c:\windows\system32\msrating.dll
      2012-07-21 01:46 . 2012-07-21 01:46 163840 ----a-w- c:\windows\system32\ieakui.dll
      2012-07-21 01:46 . 2012-07-21 01:46 145920 ----a-w- c:\windows\system32\iepeers.dll
      2012-07-21 01:46 . 2012-07-21 01:46 136192 ----a-w- c:\windows\system32\advpack.dll
      2012-07-21 01:46 . 2012-07-21 01:46 12288 ----a-w- c:\windows\system32\mshta.exe
      2012-07-21 01:46 . 2012-07-21 01:46 114176 ----a-w- c:\windows\system32\admparse.dll
      2012-07-21 01:46 . 2012-07-21 01:46 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
      2012-07-21 01:46 . 2012-07-21 01:46 76800 ----a-w- c:\windows\system32\tdc.ocx
      2012-07-21 01:46 . 2012-07-21 01:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
      2012-07-21 01:46 . 2012-07-21 01:46 160256 ----a-w- c:\windows\system32\ieakeng.dll
      2012-07-21 01:46 . 2012-07-21 01:46 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
      2012-07-21 01:46 . 2012-07-21 01:46 111616 ----a-w- c:\windows\system32\iesysprep.dll
      2012-07-21 01:46 . 2012-07-21 01:46 10752 ----a-w- c:\windows\system32\msfeedssync.exe
      2012-07-21 01:46 . 2012-07-21 01:46 89088 ----a-w- c:\windows\system32\ie4uinit.exe
      2012-07-21 01:46 . 2012-07-21 01:46 85504 ----a-w- c:\windows\system32\iesetup.dll
      2012-07-21 01:46 . 2012-07-21 01:46 82432 ----a-w- c:\windows\system32\icardie.dll
      2012-07-21 01:46 . 2012-07-21 01:46 534528 ----a-w- c:\windows\system32\ieapfltr.dll
      2012-07-21 01:46 . 2012-07-21 01:46 452608 ----a-w- c:\windows\system32\dxtmsft.dll
      2012-07-21 01:46 . 2012-07-21 01:46 448512 ----a-w- c:\windows\system32\html.iec
      2012-07-21 01:46 . 2012-07-21 01:46 403248 ----a-w- c:\windows\system32\iedkcs32.dll
      2012-07-21 01:46 . 2012-07-21 01:46 39936 ----a-w- c:\windows\system32\iernonce.dll
      2012-07-21 01:46 . 2012-07-21 01:46 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
      2012-07-21 01:46 . 2012-07-21 01:46 30720 ----a-w- c:\windows\system32\licmgr10.dll
      2012-07-21 01:46 . 2012-07-21 01:46 282112 ----a-w- c:\windows\system32\dxtrans.dll
      2012-07-21 01:46 . 2012-07-21 01:46 249344 ----a-w- c:\windows\system32\webcheck.dll
      2012-07-21 01:46 . 2012-07-21 01:46 103936 ----a-w- c:\windows\system32\inseng.dll
      2012-07-21 01:46 . 2012-07-21 01:46 697344 ----a-w- c:\windows\system32\msfeeds.dll
      2012-07-21 01:46 . 2012-07-21 01:46 603648 ----a-w- c:\windows\system32\vbscript.dll
      2012-07-21 01:46 . 2012-07-21 01:46 165888 ----a-w- c:\windows\system32\iexpress.exe
      2012-07-21 01:46 . 2012-07-21 01:46 160256 ----a-w- c:\windows\system32\wextract.exe
      2012-07-21 01:46 . 2012-07-21 01:46 65024 ----a-w- c:\windows\system32\pngfilt.dll
      2012-07-21 01:46 . 2012-07-21 01:46 149504 ----a-w- c:\windows\system32\occache.dll
      2012-07-21 01:44 . 2012-07-21 01:44 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
      2012-07-21 01:44 . 2012-07-21 01:44 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
      2012-07-21 01:44 . 2012-07-21 01:44 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
      2012-07-21 01:44 . 2012-07-21 01:44 377344 ----a-w- c:\windows\system32\mfmp4src.dll
      2012-07-21 01:44 . 2012-07-21 01:44 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
      2012-07-21 01:44 . 2012-07-21 01:44 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
      2012-07-21 01:44 . 2012-07-21 01:44 3548672 ----a-w- c:\windows\system32\mf.dll
      2012-07-21 01:44 . 2012-07-21 01:44 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
      2012-07-21 01:44 . 2012-07-21 01:44 34304 ----a-w- c:\windows\system32\mfpmp.exe
      2012-07-21 01:44 . 2012-07-21 01:44 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
      2012-07-21 01:44 . 2012-07-21 01:44 195072 ----a-w- c:\windows\system32\mfps.dll
      2012-07-21 01:44 . 2012-07-21 01:44 2873344 ----a-w- c:\windows\SysWow64\mf.dll
      2012-07-21 01:44 . 2012-07-21 01:44 98816 ----a-w- c:\windows\SysWow64\mfps.dll
      2012-07-21 01:44 . 2012-07-21 01:44 278528 ----a-w- c:\windows\system32\mfplat.dll
      2012-07-21 01:44 . 2012-07-21 01:44 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
      2012-07-21 01:44 . 2012-07-21 01:44 748544 ----a-w- c:\windows\system32\stobject.dll
      2012-07-21 01:44 . 2012-07-21 01:44 586240 ----a-w- c:\windows\SysWow64\stobject.dll
      2012-07-21 01:44 . 2012-07-21 01:44 1204224 ----a-w- c:\windows\system32\shdocvw.dll
      2012-07-21 01:43 . 2012-07-21 01:43 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
      2012-07-21 01:43 . 2012-07-21 01:43 566272 ----a-w- c:\windows\system32\d3d10level9.dll
      2012-07-21 01:43 . 2012-07-21 01:43 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
      2012-07-21 01:43 . 2012-07-21 01:43 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
      2012-07-21 01:43 . 2012-07-21 01:43 625152 ----a-w- c:\windows\system32\dxgi.dll
      2012-07-21 01:43 . 2012-07-21 01:43 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
      2012-07-21 01:43 . 2012-07-21 01:43 47104 ----a-w- c:\windows\system32\cdd.dll
      2012-07-21 01:43 . 2012-07-21 01:43 366592 ----a-w- c:\windows\system32\winspool.drv
      2012-07-21 01:43 . 2012-07-21 01:43 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
      2012-07-21 01:43 . 2012-07-21 01:43 287232 ----a-w- c:\windows\system32\d3d10core.dll
      2012-07-21 01:43 . 2012-07-21 01:43 258048 ----a-w- c:\windows\SysWow64\winspool.drv
      2012-07-21 01:43 . 2012-07-21 01:43 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
      2012-07-21 01:43 . 2012-07-21 01:43 1268224 ----a-w- c:\windows\system32\d3d10.dll
      2012-07-21 01:43 . 2012-07-21 01:43 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
      2012-07-21 01:43 . 2012-07-21 01:43 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
      2012-07-21 01:43 . 2012-07-21 01:43 1461760 ----a-w- c:\windows\system32\OpcServices.dll
      2012-07-21 01:43 . 2012-07-21 01:43 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
      2012-07-21 01:43 . 2012-07-21 01:43 3068416 ----a-w- c:\windows\system32\xpsservices.dll
      2012-07-21 01:43 . 2012-07-21 01:43 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
      2012-07-21 01:43 . 2012-07-21 01:43 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
      2012-07-21 01:42 . 2012-07-21 01:42 369664 ----a-w- c:\windows\SysWow64\WMPhoto.dll
      2012-07-21 01:42 . 2012-07-21 01:42 519680 ----a-w- c:\windows\SysWow64\d3d11.dll
      2012-07-21 01:42 . 2012-07-21 01:42 449024 ----a-w- c:\windows\system32\WMPhoto.dll
      2012-07-21 01:42 . 2012-07-21 01:42 328192 ----a-w- c:\windows\system32\dxdiag.exe
      .
      .
      ((((((((((((((((((((((((((((( [email protected]_18.19.03 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2009-03-27 14:54 . 2012-09-06 20:36 19226 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-258622934-2799181398-629544736-1000_UserData.bin
      - 2012-09-05 18:18 . 2012-09-05 18:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
      + 2012-09-06 20:34 . 2012-09-06 20:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
      - 2012-09-05 18:18 . 2012-09-05 18:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
      + 2012-09-06 20:34 . 2012-09-06 20:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
      + 2008-01-21 02:23 . 2012-09-06 18:16 102928 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
      - 2008-01-21 02:23 . 2012-09-05 18:20 102928 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
      + 2006-11-02 15:45 . 2012-09-06 20:36 148622 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
      + 2012-07-21 18:29 . 2012-09-06 20:33 385400 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
      - 2012-07-21 18:29 . 2012-09-05 18:16 385400 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
      + 2012-09-02 23:10 . 2012-09-06 20:33 1048992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
      - 2012-09-02 23:10 . 2012-09-05 18:17 1048992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
      + 2012-07-21 18:30 . 2012-09-06 20:33 16494792 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-258622934-2799181398-629544736-1000-8192.dat
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
      "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
      "AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-08-01 222592]
      "PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
      "RemoTerm.exe"="c:\program files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe" [2010-02-24 220944]
      "Facebook Update"="c:\users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
      "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
      "Spotify Web Helper"="c:\users\XXXX\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-21 1193176]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
      "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
      "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
      "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2007-02-15 119296]
      "HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-02 75008]
      "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
      "FaxCenterServer"="c:\program files (x86)\Lexmark Fax Solutions\fm3032.exe" [2007-12-17 320168]
      "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
      "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
      "UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2006-09-07 15360]
      "NokiaMusic FastStart"="c:\program files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe" [2011-10-21 2193000]
      "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-07-12 74752]
      "SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-3-27 113664]
      Buscar actualizaciones.lnk - c:\program files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe [2009-4-17 238864]
      McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
      Software Kodak EasyShare.lnk - c:\program files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
      getPlusHelper REG_MULTI_SZ getPlusHelper
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      Themes
      ezSharedSvc
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-258622934-2799181398-629544736-1000Core.job
      - c:\users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-29 22:32]
      .
      2012-09-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-258622934-2799181398-629544736-1000UA.job
      - c:\users\XXXX\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-29 22:32]
      .
      2012-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258622934-2799181398-629544736-1000Core.job
      - c:\users\XXXX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 19:11]
      .
      2012-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258622934-2799181398-629544736-1000UA.job
      - c:\users\XXXX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 19:11]
      .
      2012-09-05 c:\windows\Tasks\NeroLiveEpgUpdate-XXXX1_XXXX.job
      - c:\program files (x86)\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [BU]
      "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-11 178712]
      "lxdnmon.exe"="c:\program files (x86)\Lexmark 2600 Series\lxdnmon.exe" [2007-12-17 660136]
      "lxdnamon"="c:\program files (x86)\Lexmark 2600 Series\lxdnamon.exe" [2007-12-17 16040]
      "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2716216]
      "combofix"="c:\combofix\CF186.3XE" [2008-01-21 363008]
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.es/
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      IE: &D&escargue &con BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
      IE: &D&escargue todo con BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
      IE: &D&escargue todos los vídeos con BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddVideo.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
      IE: {{998A88A0-A355-809B-831C-B83A80000991} - http://www.henkuai.com/?from=iebannel
      TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
      CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
      FF - ProfilePath - c:\users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\keqbt39j.default\
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
      @="Shockwave Flash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
      @Denied: (A 2) (Everyone)
      @=""
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
      @="FlashBroker"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
      "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
      c:\hp\HPEZBTN\HPBtnSrv.exe
      c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
      c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
      c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      c:\program files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe
      c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
      c:\program files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
      c:\program files (x86)\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
      c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      .
      **************************************************************************
      .
      Completion time: 2012-09-06 22:43:01 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-09-06 20:43
      ComboFix2.txt 2012-09-05 18:25
      .
      Pre-Run: 41.892.712.448 bytes libres
      Post-Run: 41.476.988.928 bytes libres
      .
      - - End Of File - - 6C2038BB1BD9623801279A988B359171




      Que es lo que se ve, se solucionaron/ eliminaron ambos troyanos?

    9. #19
      Ex-Colaborador Avatar de Fer21021
      Registrado
      abr 2008
      Ubicación
      Argentina
      Mensajes
      6.216

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      ComboFix, ya se encargo de eliminar las infecciones.


      Desinstala ComboFix de la siguiente manera:

      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /Uninstall como muestra la imagen debajo:

      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")



      Me confirmas que se haya desinstalado, y si podemos dar el tema por finalizado.


      Saludos.
      »» »» »».......Persevera y triunfarás........«« «« ««

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #20
      Usuario Avatar de P.P.P
      Registrado
      ago 2008
      Ubicación
      spy
      Mensajes
      28

      Re: Infectado con, Sirefef.AP troyano junto con PWS: Win32/Fareit.gen!E?

      Ya desinstale el programa.
      Al final se eliminaron los 2 troyanos? Explicame un poco Fer21021, porque yo fui haciendo lo que vos me decias.
      El Sirefef.Ap vi que se elimino con el Malware-Bites, creo, pero el Win32/Fareit.gen! o el Java/Exploit.Agent.Ah Troyano, que esta en cuarentena en el Nod32, que ocurre con estos 2 troyanos? Explicame un poco, y decime si no voy a volver a tener problemas, la verdad que no me quedo muy claro.
      Como se si no me quedo algun troyano en el equipo?

      Un saludo y gracias por las molestias.