• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 27

    Imposible eliminar virus doble tilde ´´

    He leido creo que todos los post que hay sobre este virus y no consigo eliminarlo, he problado el DTkill, Malwarebytes, OTM y Panda cloud y aunque me han detectado y eliminado varios virus continuo ...

    1. #1
      Usuario Avatar de YoNkor
      Registrado
      abr 2012
      Ubicación
      Sebastopol
      Mensajes
      14

      Imposible eliminar virus doble tilde ´´

      He leido creo que todos los post que hay sobre este virus y no consigo eliminarlo, he problado el DTkill, Malwarebytes, OTM y Panda cloud y aunque me han detectado y eliminado varios virus continuo sin poder solucionarlo. Originariamente entro con el "security platinum" que no consigo explicarme todavia como se ejecuto, en fin... gracias de antemano por la ayuda. Malwarebytes no detecta nada...

      Si HKCU:Run DAEMON Tools Lite "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
      Si HKCU:Run SpybotSD TeaTimer C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
      Si HKCU:Run msnmsgr "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
      Si HKCU:Run GoogleDriveSync "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
      Si HKLM:Run SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      Si HKLM:Run AdobeCS5ServiceManager "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
      Si HKLM:Run Adobe Reader Speed Launcher "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
      Si HKLM:Run Adobe ARM "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      Si HKLM:Run HP Software Update C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
      Si HKLM:Run LWS C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
      Si HKLM:Run AdobeCS4ServiceManager "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
      Si HKLM:Run QuickTime Task "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      Si HKLM:Run NeroFilterCheck C:\Windows\system32\NeroCheck.exe
      Si HKLM:Run CloneCDTray "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
      Si HKLM:Run SunJavaUpdateSched "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      Si HKLM:Run AdobeAAMUpdater-1.0 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      Si Startup Common Adobe Gamma Loader.lnk C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      Si Startup Common HP Digital Imaging Monitor.lnk C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

      Dtkill:
      //////////////////// DT-Kill 3.0.2 By InfoSpyware ////////////////////

      Ejecutado Desde: C:\Users\Concha\Desktop\DT-kill.exe
      Fecha: 10/09/2012 | Hora: 13:49:50
      Sistema Operativo: Windows 7 De X64 Bits
      Modo De Arranque: Modo Normal
      Usuario: Concha | (Administrador)


      ============================ Malwares Eliminados ============================


      ============================ Startup ============================

      HKLM64 - Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      HKLM - Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      HKLM - Run: [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
      HKLM - Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
      HKLM - Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      HKLM - Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
      HKLM - Run: [] -
      HKLM - Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
      HKLM - Run: [AdobeCS4ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
      HKLM - Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      HKLM - Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe
      HKLM - Run: [CloneCDTray] - "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
      HKLM - Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

      HKCU - Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
      HKCU - Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
      HKCU - Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
      HKCU - Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe


      ============================ Scan Suplementario ============================

      C:\ProgramData\.zreglib
      C:\ProgramData\0C1D1739028F94C4C52AD1B4F875EF60
      C:\ProgramData\Adobe
      C:\ProgramData\ALM
      C:\ProgramData\Apple
      C:\ProgramData\Apple Computer
      C:\ProgramData\Application Data
      C:\ProgramData\AVG2012
      C:\ProgramData\Babylon
      C:\ProgramData\Battle.net
      C:\ProgramData\Blizzard Entertainment
      C:\ProgramData\Common Files
      C:\ProgramData\DAEMON Tools Lite
      C:\ProgramData\Datos de programa
      C:\ProgramData\Desktop
      C:\ProgramData\Documentos
      C:\ProgramData\Documents
      C:\ProgramData\Escritorio
      C:\ProgramData\Favorites
      C:\ProgramData\Favoritos
      C:\ProgramData\FLEXnet
      C:\ProgramData\HP
      C:\ProgramData\HP Product Assistant
      C:\ProgramData\hpzinstall.log
      C:\ProgramData\id Software
      C:\ProgramData\InstallMate
      C:\ProgramData\LogiShrd
      C:\ProgramData\Logitech
      C:\ProgramData\Malwarebytes
      C:\ProgramData\McAfee
      C:\ProgramData\Menú Inicio
      C:\ProgramData\MFAData
      C:\ProgramData\Microsoft
      C:\ProgramData\Microsoft Help
      C:\ProgramData\Minnetonka Audio Software
      C:\ProgramData\Mozilla
      C:\ProgramData\Nero
      C:\ProgramData\PACE Anti-Piracy
      C:\ProgramData\Panda Security
      C:\ProgramData\Panda Software
      C:\ProgramData\Plantillas
      C:\ProgramData\Premium
      C:\ProgramData\regid.1986-12.com.adobe
      C:\ProgramData\Skype
      C:\ProgramData\Spybot - Search & Destroy
      C:\ProgramData\Start Menu
      C:\ProgramData\Sun
      C:\ProgramData\Templates
      C:\ProgramData\WEBREG
      C:\Users\Concha\AppData\Roaming\.minecraft
      C:\Users\Concha\AppData\Roaming\Adobe
      C:\Users\Concha\AppData\Roaming\Adobe BMP Format CS5 Prefs
      C:\Users\Concha\AppData\Roaming\Apple Computer
      C:\Users\Concha\AppData\Roaming\Babylon
      C:\Users\Concha\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      C:\Users\Concha\AppData\Roaming\Crayon Physics Deluxe
      C:\Users\Concha\AppData\Roaming\DAEMON Tools Lite
      C:\Users\Concha\AppData\Roaming\FileZilla
      C:\Users\Concha\AppData\Roaming\FotoPrix
      C:\Users\Concha\AppData\Roaming\HP
      C:\Users\Concha\AppData\Roaming\HpUpdate
      C:\Users\Concha\AppData\Roaming\Identities
      C:\Users\Concha\AppData\Roaming\InstallShield
      C:\Users\Concha\AppData\Roaming\Leadertech
      C:\Users\Concha\AppData\Roaming\Macromedia
      C:\Users\Concha\AppData\Roaming\Malwarebytes
      C:\Users\Concha\AppData\Roaming\Media Center Programs
      C:\Users\Concha\AppData\Roaming\Megaupload
      C:\Users\Concha\AppData\Roaming\Microsoft
      C:\Users\Concha\AppData\Roaming\Mozilla
      C:\Users\Concha\AppData\Roaming\MPQEditor.ini
      C:\Users\Concha\AppData\Roaming\Nero
      C:\Users\Concha\AppData\Roaming\PACE Anti-Piracy
      C:\Users\Concha\AppData\Roaming\Skype
      C:\Users\Concha\AppData\Roaming\Spotify
      C:\Users\Concha\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      C:\Users\Concha\AppData\Roaming\Unity
      C:\Users\Concha\AppData\Roaming\uTorrent
      C:\Users\Concha\AppData\Roaming\vlc
      C:\Users\Concha\AppData\Roaming\WinRAR
      C:\Users\Concha\AppData\Roaming\WTablet
      C:\Users\Concha\AppData\Roaming\WTouch
      C:\Users\Concha\AppData\Roaming\Youtube Downloader HD
      C:\Users\Concha\AppData\Local\Temp\Cookies
      C:\Users\Concha\AppData\Local\Temp\_MEI26802
      C:\Users\Concha\AppData\Local\Temp\~DFD03D4BFF101F81BA.TMP


      ============================ 10/09/2012 - 13:50:50 ============================
      Última edición por Dany3j fecha: 11/09/12 a las 09:20:26

    2. #2
      Developer Avatar de Dany3j
      Registrado
      mar 2011
      Ubicación
      China
      Mensajes
      6.652

      Re: Imposible eliminar virus doble tilde ´´

      Hola.

      Realiza lo siguiente:


      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
        • *Nota* No vuelvas a utilizar ComboFix ni ningun otro programa antivirus hasta que no te de una respuesta.

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      El reporte generado, se encuentra en C:\ComboFix.txt . Abrilo, seleccionas Todo y lo copias y pegas en Tu próxima respuesta.

      Me tope con un gato negro y tuve que desviarme por el camino largo.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de YoNkor
      Registrado
      abr 2012
      Ubicación
      Sebastopol
      Mensajes
      14

      Re: Imposible eliminar virus doble tilde ´´

      Hola de nuevo y gracias por la rápida respuesta, he pasado el comboFix y al intentar ejecutar cualquier programa un mensaje de error me dice: "Intento de operación ilegal en una clave del Registro que estaba marcada para su eliminación" Ahora estoy en el portatil pues me es imposible abrir firefox o explorer. Adjunto los resultados de Combofix:

      ComboFix 12-09-09.02 - Concha 10/09/2012 14:52:06.1.2 - x64
      Microsoft Windows 7 Professional 6.1.7601.1.1252.34.3082.18.3839.2441 [GMT 2:00]
      Running from: c:\users\Concha\Desktop\ComboFix.exe
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      ADS - Windows: deleted 24 bytes in 1 streams.
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\Concha\AppData\Local\Temp\_MEI26962\_ctypes.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\_elementtree.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\_hashlib.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\_socket.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\_ssl.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\pyexpat.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\pysqlite2._sqlite.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\python26.dll
      c:\users\Concha\AppData\Local\Temp\_MEI26962\pythoncom26.dll
      c:\users\Concha\AppData\Local\Temp\_MEI26962\PyWinTypes26.dll
      c:\users\Concha\AppData\Local\Temp\_MEI26962\select.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\unicodedata.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\win32api.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\win32com.shell.shell.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\win32crypt.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\win32event.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\win32file.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\win32inet.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\win32pdh.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\win32process.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\windows._cacheinvalidation.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wx._controls_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wx._core_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wx._gdi_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wx._html2.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wx._misc_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wx._windows_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wx._wizard.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wxbase293u_net_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wxbase293u_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wxmsw293u_adv_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wxmsw293u_core_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wxmsw293u_html_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI26962\wxmsw293u_webview_vc.dll
      c:\users\Concha\AppData\Roaming\WTouch
      c:\users\Concha\AppData\Roaming\WTouch\WTouch.xml
      c:\windows\SysWow64\UCQSgpE.exe
      c:\windows\SysWow64\winrar
      c:\windows\SysWow64\winrar\Default Temp.SFX
      c:\windows\SysWow64\winrar\Default.SFX
      c:\windows\SysWow64\winrar\Descript.ion
      c:\windows\SysWow64\winrar\File_Id.diz
      c:\windows\SysWow64\winrar\Formats\7z.fmt
      c:\windows\SysWow64\winrar\Formats\7zxa.dll
      c:\windows\SysWow64\winrar\Formats\ace.fmt
      c:\windows\SysWow64\winrar\Formats\arj.fmt
      c:\windows\SysWow64\winrar\Formats\bz2.fmt
      c:\windows\SysWow64\winrar\Formats\cab.fmt
      c:\windows\SysWow64\winrar\Formats\gz.fmt
      c:\windows\SysWow64\winrar\Formats\iso.fmt
      c:\windows\SysWow64\winrar\Formats\lzh.fmt
      c:\windows\SysWow64\winrar\Formats\tar.fmt
      c:\windows\SysWow64\winrar\Formats\UNACEV2.DLL
      c:\windows\SysWow64\winrar\Formats\uue.fmt
      c:\windows\SysWow64\winrar\Formats\z.fmt
      c:\windows\SysWow64\winrar\License.txt
      c:\windows\SysWow64\winrar\Order.htm
      c:\windows\SysWow64\winrar\Rar.exe
      c:\windows\SysWow64\winrar\rar.lng
      c:\windows\SysWow64\winrar\Rar.txt
      c:\windows\SysWow64\winrar\RarExt.dll
      c:\windows\SysWow64\winrar\rarext.lng
      c:\windows\SysWow64\winrar\RarExt64.dll
      c:\windows\SysWow64\winrar\RarExtLoader.exe
      c:\windows\SysWow64\winrar\RarFiles.lst
      c:\windows\SysWow64\winrar\rarnew.dat
      c:\windows\SysWow64\winrar\rarreg.key
      c:\windows\SysWow64\winrar\ReadMe.txt
      c:\windows\SysWow64\winrar\TechNote.txt
      c:\windows\SysWow64\winrar\Uninstall.exe
      c:\windows\SysWow64\winrar\Uninstall.lst
      c:\windows\SysWow64\winrar\UnRAR.exe
      c:\windows\SysWow64\winrar\UnrarSrc.txt
      c:\windows\SysWow64\winrar\WhatsNew.txt
      c:\windows\SysWow64\winrar\WinCon.SFX
      c:\windows\SysWow64\winrar\Winrar
      c:\windows\SysWow64\winrar\WinRAR.cnt
      c:\windows\SysWow64\winrar\WinRAR.exe
      c:\windows\SysWow64\winrar\winrar.GID
      c:\windows\SysWow64\winrar\WinRAR.hlp
      c:\windows\SysWow64\winrar\winrar.lng
      c:\windows\SysWow64\winrar\Zip.SFX
      c:\windows\SysWow64\winrar\zipnew.dat
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-10 to 2012-09-10 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-10 11:33 . 2012-09-10 11:33 59392 ----a-w- c:\windows\system32\UCQSgpE.exe
      2012-09-08 01:11 . 2012-09-08 01:11 -------- d-----w- C:\_DT-Kill
      2012-09-08 01:07 . 2012-09-08 01:07 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
      2012-09-07 21:23 . 2012-09-07 21:23 -------- d-----w- c:\users\Concha\AppData\Roaming\Malwarebytes
      2012-09-07 21:23 . 2012-09-07 21:23 -------- d-----w- c:\programdata\Malwarebytes
      2012-09-07 21:05 . 2012-09-07 21:06 -------- d-----w- c:\programdata\0C1D1739028F94C4C52AD1B4F875EF60
      2012-09-07 11:03 . 2012-09-10 11:52 -------- d-s---w- c:\users\Concha\Google Drive
      2012-09-07 05:53 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C591351-5390-4B77-B2F5-B16E261A46CE}\mpengine.dll
      2012-09-01 21:58 . 2012-09-01 21:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
      2012-08-23 12:58 . 2012-08-23 12:58 -------- d-----w- c:\program files (x86)\Oracle
      2012-08-23 11:44 . 2012-08-23 11:44 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-08-23 11:44 . 2012-08-23 11:44 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-08-21 19:21 . 2012-09-10 10:47 -------- d-----w- c:\users\Concha\AppData\Roaming\.minecraft
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-23 11:44 . 2011-09-08 11:52 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-08-17 20:53 . 2011-05-20 07:29 62134624 ----a-w- c:\windows\system32\MRT.exe
      2012-07-03 09:10 . 2012-07-03 09:10 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-07-03 09:10 . 2011-07-21 04:28 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
      "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
      "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-07-20 12218904]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
      "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
      "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
      "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
      "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
      "CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-10-11 110592]
      HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      R2 gupdate;Servicio de Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-24 136176]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
      R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-24 136176]
      R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2010-05-14 271712]
      R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
      R3 netr28ux;Controlador de la Tarjeta de LAN inalámbrica USB RT2870 para Vista;c:\windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
      R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x]
      R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-04-09 19936]
      R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-04-09 13280]
      R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [2009-06-26 417792]
      R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
      R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-27 18216]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-20 1255736]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-20 254528]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 203776]
      S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
      S2 NMSAccess64;NMSAccess64;c:\windows\SysWOW64\NMSAccess64.exe [2009-01-12 82872]
      S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
      S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-11-24 5556520]
      S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
      S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-11-24 127784]
      S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 9085952]
      S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 299520]
      S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-05-17 1847296]
      S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
      S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2010-05-14 329952]
      S3 LVUVC64;Logitech Webcam C160(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2010-05-14 6465760]
      S3 RTL8167;Controlador NT de Realtek 8167;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
      hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-24 09:35]
      .
      2012-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-24 09:35]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
      2012-07-20 13:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
      2012-07-20 13:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
      2012-07-20 13:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
      2012-07-20 13:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "LoadAppInit_DLLs"=0x0
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
      FF - ProfilePath - c:\users\Concha\AppData\Roaming\Mozilla\Firefox\Profiles\17b3hhb0.default\
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.es/
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109730&tt=290312_29
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      FF - user.js: extensions.BabylonToolbar_i.id - 8ad64180000000000000061d1a0c173a
      FF - user.js: extensions.BabylonToolbar_i.hardId - 8ad64180000000000000061d1a0c173a
      FF - user.js: extensions.BabylonToolbar_i.instlDay - 15430
      FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:01
      FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
      FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.10"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
      c:\program files (x86)\Bonjour\mDNSResponder.exe
      c:\program files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
      .
      **************************************************************************
      .
      Completion time: 2012-09-10 15:04:53 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-09-10 13:04
      .
      Pre-Run: 10.120.732.672 bytes libres
      Post-Run: 9.979.826.176 bytes libres
      .
      - - End Of File - - F14D84F232F8A86BA67F50FFA4EE922C

    4. #4
      Developer Avatar de Dany3j
      Registrado
      mar 2011
      Ubicación
      China
      Mensajes
      6.652

      Re: Imposible eliminar virus doble tilde ´´

      Reinicia el ordenador y coméntame como va el problema.

      Me tope con un gato negro y tuve que desviarme por el camino largo.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de YoNkor
      Registrado
      abr 2012
      Ubicación
      Sebastopol
      Mensajes
      14

      Re: Imposible eliminar virus doble tilde ´´

      Vuelven a funcionar los programas, jeje, pero el problema de la doble tilde persiste :(

    6. #6
      Developer Avatar de Dany3j
      Registrado
      mar 2011
      Ubicación
      China
      Mensajes
      6.652

      Re: Imposible eliminar virus doble tilde ´´

      Realiza lo siguiente:

      Descarga TDSSKiller.zip a tu escritorio.
      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip
      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón

        .
      • TDSSKiller comenzara a analizar el equipo.
      • Si el equipo no está infectado:
      • Mostrara
      • No threats found.
      • Presiona clic sobre el botón "Close"
      • Si el equipo está infectado:
      • Mostrara:
      • Threats detected.
      • Select action for found objects:


      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".
      • Suspicious object, medium risk. Usa siempre la opción "Skip"
      • El programa selecciona de forma automática la acción a tomar.
      • Presiona clic sobre el botón "Continue"
      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.
      • Presiona clic sobre el botón

      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.

      Me tope con un gato negro y tuve que desviarme por el camino largo.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de YoNkor
      Registrado
      abr 2012
      Ubicación
      Sebastopol
      Mensajes
      14

      Re: Imposible eliminar virus doble tilde ´´

      Nada... Parece que sigue sin encontrar nada... Gracias de nuevo por tu tiempo.

      15:52:04.0989 2504 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
      15:52:04.0989 2504 ============================================================
      15:52:04.0999 2504 Current date / time: 2012/09/10 15:52:04.0989
      15:52:04.0999 2504 SystemInfo:
      15:52:04.0999 2504
      15:52:04.0999 2504 OS Version: 6.1.7601 ServicePack: 1.0
      15:52:04.0999 2504 Product type: Workstation
      15:52:04.0999 2504 ComputerName: CONCHA-PC
      15:52:04.0999 2504 UserName: Concha
      15:52:04.0999 2504 Windows directory: C:\Windows
      15:52:04.0999 2504 System windows directory: C:\Windows
      15:52:04.0999 2504 Running under WOW64
      15:52:04.0999 2504 Processor architecture: Intel x64
      15:52:04.0999 2504 Number of processors: 2
      15:52:04.0999 2504 Page size: 0x1000
      15:52:04.0999 2504 Boot type: Normal boot
      15:52:04.0999 2504 ============================================================
      15:52:05.0889 2504 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xCF0156, SectorsPerTrack: 0x4, TracksPerCylinder: 0x12, Type 'K0', Flags 0x00000040
      15:52:05.0889 2504 ============================================================
      15:52:05.0889 2504 \Device\Harddisk0\DR0:
      15:52:05.0889 2504 MBR partitions:
      15:52:05.0889 2504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
      15:52:05.0889 2504 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x79F9DCC
      15:52:05.0889 2504 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7A2C5F0, BlocksNum 0x32959A40
      15:52:05.0889 2504 ============================================================
      15:52:05.0909 2504 D: <-> \Device\Harddisk0\DR0\Partition3
      15:52:05.0929 2504 C: <-> \Device\Harddisk0\DR0\Partition2
      15:52:05.0929 2504 ============================================================
      15:52:05.0929 2504 Initialize success
      15:52:05.0929 2504 ============================================================
      15:52:28.0703 2212 ============================================================
      15:52:28.0703 2212 Scan started
      15:52:28.0703 2212 Mode: Manual; SigCheck; TDLFS;
      15:52:28.0703 2212 ============================================================
      15:52:28.0906 2212 ================ Scan system memory ========================
      15:52:28.0906 2212 System memory - ok
      15:52:28.0906 2212 ================ Scan services =============================
      15:52:29.0327 2212 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
      15:52:29.0405 2212 1394ohci - ok
      15:52:29.0421 2212 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
      15:52:29.0436 2212 ACPI - ok
      15:52:29.0452 2212 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
      15:52:29.0499 2212 AcpiPmi - ok
      15:52:29.0545 2212 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
      15:52:29.0561 2212 adp94xx - ok
      15:52:29.0561 2212 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
      15:52:29.0577 2212 adpahci - ok
      15:52:29.0592 2212 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
      15:52:29.0608 2212 adpu320 - ok
      15:52:29.0623 2212 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      15:52:29.0733 2212 AeLookupSvc - ok
      15:52:29.0779 2212 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
      15:52:29.0826 2212 AFD - ok
      15:52:29.0857 2212 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
      15:52:29.0873 2212 agp440 - ok
      15:52:29.0889 2212 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
      15:52:29.0920 2212 ALG - ok
      15:52:29.0935 2212 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
      15:52:29.0951 2212 aliide - ok
      15:52:29.0998 2212 [ 5EBA5E837D6635AEA999BAE47E186C6F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
      15:52:30.0045 2212 AMD External Events Utility - ok
      15:52:30.0060 2212 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
      15:52:30.0076 2212 amdide - ok
      15:52:30.0091 2212 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
      15:52:30.0138 2212 AmdK8 - ok
      15:52:30.0279 2212 [ DCC8177244FE79C61C4E73C65E63922A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
      15:52:30.0466 2212 amdkmdag - ok
      15:52:30.0497 2212 [ 7FE67D107329DC2CF89136A8E19BCEB7 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
      15:52:30.0544 2212 amdkmdap - ok
      15:52:30.0560 2212 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
      15:52:30.0591 2212 AmdPPM - ok
      15:52:30.0638 2212 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
      15:52:30.0638 2212 amdsata - ok
      15:52:30.0669 2212 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
      15:52:30.0669 2212 amdsbs - ok
      15:52:30.0684 2212 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      15:52:30.0684 2212 amdxata - ok
      15:52:30.0731 2212 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
      15:52:30.0840 2212 AppID - ok
      15:52:30.0872 2212 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      15:52:30.0903 2212 AppIDSvc - ok
      15:52:30.0934 2212 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
      15:52:30.0965 2212 Appinfo - ok
      15:52:30.0996 2212 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
      15:52:31.0028 2212 AppMgmt - ok
      15:52:31.0059 2212 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
      15:52:31.0074 2212 arc - ok
      15:52:31.0074 2212 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
      15:52:31.0090 2212 arcsas - ok
      15:52:31.0106 2212 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      15:52:31.0168 2212 AsyncMac - ok
      15:52:31.0199 2212 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
      15:52:31.0199 2212 atapi - ok
      15:52:31.0246 2212 [ 36322190763845975E0D001E90687BF2 ] athur C:\Windows\system32\DRIVERS\athurx.sys
      15:52:31.0324 2212 athur - ok
      15:52:31.0464 2212 [ DCC8177244FE79C61C4E73C65E63922A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
      15:52:31.0558 2212 atikmdag - ok
      15:52:31.0605 2212 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      15:52:31.0667 2212 AudioEndpointBuilder - ok
      15:52:31.0683 2212 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
      15:52:31.0714 2212 AudioSrv - ok
      15:52:31.0745 2212 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
      15:52:31.0823 2212 AxInstSV - ok
      15:52:31.0854 2212 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
      15:52:31.0886 2212 b06bdrv - ok
      15:52:31.0917 2212 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
      15:52:31.0948 2212 b57nd60a - ok
      15:52:31.0964 2212 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
      15:52:31.0995 2212 BDESVC - ok
      15:52:31.0995 2212 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
      15:52:32.0026 2212 Beep - ok
      15:52:32.0073 2212 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
      15:52:32.0104 2212 BFE - ok
      15:52:32.0182 2212 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
      15:52:32.0229 2212 BITS - ok
      15:52:32.0244 2212 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
      15:52:32.0260 2212 blbdrive - ok
      15:52:32.0385 2212 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      15:52:32.0416 2212 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
      15:52:32.0416 2212 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
      15:52:32.0494 2212 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      15:52:32.0525 2212 bowser - ok
      15:52:32.0525 2212 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
      15:52:32.0572 2212 BrFiltLo - ok
      15:52:32.0588 2212 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
      15:52:32.0603 2212 BrFiltUp - ok
      15:52:32.0619 2212 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
      15:52:32.0666 2212 BridgeMP - ok
      15:52:32.0681 2212 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
      15:52:32.0712 2212 Browser - ok
      15:52:32.0728 2212 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      15:52:32.0759 2212 Brserid - ok
      15:52:32.0759 2212 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      15:52:32.0775 2212 BrSerWdm - ok
      15:52:32.0790 2212 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      15:52:32.0806 2212 BrUsbMdm - ok
      15:52:32.0806 2212 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      15:52:32.0822 2212 BrUsbSer - ok
      15:52:32.0822 2212 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
      15:52:32.0853 2212 BTHMODEM - ok
      15:52:32.0884 2212 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
      15:52:32.0931 2212 bthserv - ok
      15:52:32.0931 2212 catchme - ok
      15:52:32.0962 2212 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      15:52:32.0993 2212 cdfs - ok
      15:52:33.0040 2212 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
      15:52:33.0056 2212 cdrom - ok
      15:52:33.0087 2212 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
      15:52:33.0118 2212 CertPropSvc - ok
      15:52:33.0149 2212 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
      15:52:33.0165 2212 circlass - ok
      15:52:33.0196 2212 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
      15:52:33.0212 2212 CLFS - ok
      15:52:33.0258 2212 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      15:52:33.0258 2212 clr_optimization_v2.0.50727_32 - ok
      15:52:33.0383 2212 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      15:52:33.0383 2212 clr_optimization_v2.0.50727_64 - ok
      15:52:33.0414 2212 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      15:52:33.0430 2212 CmBatt - ok
      15:52:33.0446 2212 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
      15:52:33.0461 2212 cmdide - ok
      15:52:33.0492 2212 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
      15:52:33.0508 2212 CNG - ok
      15:52:33.0524 2212 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      15:52:33.0524 2212 Compbatt - ok
      15:52:33.0539 2212 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
      15:52:33.0570 2212 CompositeBus - ok
      15:52:33.0586 2212 COMSysApp - ok
      15:52:33.0602 2212 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
      15:52:33.0617 2212 crcdisk - ok
      15:52:33.0648 2212 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
      15:52:33.0680 2212 CryptSvc - ok
      15:52:33.0711 2212 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
      15:52:33.0758 2212 CSC - ok
      15:52:33.0773 2212 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
      15:52:33.0804 2212 CscService - ok
      15:52:33.0820 2212 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
      15:52:33.0867 2212 DcomLaunch - ok
      15:52:33.0898 2212 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
      15:52:33.0945 2212 defragsvc - ok
      15:52:33.0976 2212 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      15:52:34.0023 2212 DfsC - ok
      15:52:34.0054 2212 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
      15:52:34.0085 2212 Dhcp - ok
      15:52:34.0101 2212 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
      15:52:34.0148 2212 discache - ok
      15:52:34.0163 2212 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
      15:52:34.0163 2212 Disk - ok
      15:52:34.0194 2212 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      15:52:34.0241 2212 Dnscache - ok
      15:52:34.0272 2212 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
      15:52:34.0304 2212 dot3svc - ok
      15:52:34.0350 2212 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
      15:52:34.0382 2212 Dot4 - ok
      15:52:34.0428 2212 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
      15:52:34.0460 2212 Dot4Print - ok
      15:52:34.0460 2212 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
      15:52:34.0491 2212 dot4usb - ok
      15:52:34.0506 2212 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
      15:52:34.0553 2212 DPS - ok
      15:52:34.0569 2212 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      15:52:34.0600 2212 drmkaud - ok
      15:52:34.0616 2212 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
      15:52:34.0631 2212 dtsoftbus01 - ok
      15:52:34.0678 2212 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      15:52:34.0694 2212 DXGKrnl - ok
      15:52:34.0725 2212 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
      15:52:34.0772 2212 EapHost - ok
      15:52:34.0834 2212 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
      15:52:34.0928 2212 ebdrv - ok
      15:52:34.0959 2212 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
      15:52:34.0990 2212 EFS - ok
      15:52:35.0021 2212 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      15:52:35.0068 2212 ehRecvr - ok
      15:52:35.0068 2212 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
      15:52:35.0099 2212 ehSched - ok
      15:52:35.0146 2212 [ 9387A484D31209D7FC3F795A787294DB ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
      15:52:35.0146 2212 ElbyCDFL - ok
      15:52:35.0177 2212 [ 702D5606CF2199E0EDEA6F0E0D27CD10 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
      15:52:35.0177 2212 ElbyCDIO - ok
      15:52:35.0208 2212 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
      15:52:35.0240 2212 elxstor - ok
      15:52:35.0255 2212 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
      15:52:35.0286 2212 ErrDev - ok
      15:52:35.0318 2212 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
      15:52:35.0364 2212 EventSystem - ok
      15:52:35.0380 2212 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
      15:52:35.0411 2212 exfat - ok
      15:52:35.0427 2212 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
      15:52:35.0458 2212 fastfat - ok
      15:52:35.0505 2212 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
      15:52:35.0552 2212 Fax - ok
      15:52:35.0552 2212 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      15:52:35.0583 2212 fdc - ok
      15:52:35.0598 2212 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
      15:52:35.0630 2212 fdPHost - ok
      15:52:35.0645 2212 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
      15:52:35.0692 2212 FDResPub - ok
      15:52:35.0708 2212 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      15:52:35.0708 2212 FileInfo - ok
      15:52:35.0723 2212 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      15:52:35.0754 2212 Filetrace - ok
      15:52:35.0801 2212 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      15:52:35.0817 2212 FLEXnet Licensing Service - ok
      15:52:35.0832 2212 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      15:52:35.0832 2212 flpydisk - ok
      15:52:35.0864 2212 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      15:52:35.0879 2212 FltMgr - ok
      15:52:35.0926 2212 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
      15:52:35.0973 2212 FontCache - ok
      15:52:36.0020 2212 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      15:52:36.0035 2212 FontCache3.0.0.0 - ok
      15:52:36.0035 2212 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      15:52:36.0051 2212 FsDepends - ok
      15:52:36.0066 2212 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      15:52:36.0082 2212 Fs_Rec - ok
      15:52:36.0113 2212 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      15:52:36.0129 2212 fvevol - ok
      15:52:36.0144 2212 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
      15:52:36.0160 2212 gagp30kx - ok
      15:52:36.0176 2212 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
      15:52:36.0222 2212 gpsvc - ok
      15:52:36.0300 2212 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      15:52:36.0300 2212 gupdate - ok
      15:52:36.0316 2212 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      15:52:36.0316 2212 gupdatem - ok
      15:52:36.0332 2212 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      15:52:36.0347 2212 hcw85cir - ok
      15:52:36.0394 2212 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      15:52:36.0410 2212 HdAudAddService - ok
      15:52:36.0425 2212 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
      15:52:36.0441 2212 HDAudBus - ok
      15:52:36.0456 2212 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
      15:52:36.0488 2212 HidBatt - ok
      15:52:36.0503 2212 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
      15:52:36.0534 2212 HidBth - ok
      15:52:36.0550 2212 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
      15:52:36.0566 2212 HidIr - ok
      15:52:36.0581 2212 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
      15:52:36.0628 2212 hidserv - ok
      15:52:36.0659 2212 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      15:52:36.0675 2212 HidUsb - ok
      15:52:36.0706 2212 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
      15:52:36.0737 2212 hkmsvc - ok
      15:52:36.0753 2212 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      15:52:36.0784 2212 HomeGroupListener - ok
      15:52:36.0815 2212 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      15:52:36.0831 2212 HomeGroupProvider - ok
      15:52:36.0909 2212 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
      15:52:36.0924 2212 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
      15:52:36.0924 2212 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
      15:52:36.0940 2212 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
      15:52:36.0956 2212 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
      15:52:36.0956 2212 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
      15:52:36.0971 2212 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
      15:52:36.0987 2212 HpSAMD - ok
      15:52:37.0018 2212 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      15:52:37.0065 2212 HTTP - ok
      15:52:37.0096 2212 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      15:52:37.0112 2212 hwpolicy - ok
      15:52:37.0127 2212 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
      15:52:37.0143 2212 i8042prt - ok
      15:52:37.0158 2212 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      15:52:37.0174 2212 iaStorV - ok
      15:52:37.0205 2212 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      15:52:37.0236 2212 idsvc - ok
      15:52:37.0252 2212 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
      15:52:37.0268 2212 iirsp - ok
      15:52:37.0299 2212 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
      15:52:37.0346 2212 IKEEXT - ok
      15:52:37.0361 2212 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
      15:52:37.0377 2212 intelide - ok
      15:52:37.0392 2212 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      15:52:37.0408 2212 intelppm - ok
      15:52:37.0424 2212 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      15:52:37.0455 2212 IPBusEnum - ok
      15:52:37.0486 2212 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      15:52:37.0548 2212 IpFilterDriver - ok
      15:52:37.0564 2212 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      15:52:37.0626 2212 iphlpsvc - ok
      15:52:37.0642 2212 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
      15:52:37.0658 2212 IPMIDRV - ok
      15:52:37.0658 2212 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      15:52:37.0704 2212 IPNAT - ok
      15:52:37.0720 2212 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      15:52:37.0736 2212 IRENUM - ok
      15:52:37.0751 2212 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      15:52:37.0767 2212 isapnp - ok
      15:52:37.0782 2212 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
      15:52:37.0782 2212 iScsiPrt - ok
      15:52:37.0798 2212 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
      15:52:37.0814 2212 kbdclass - ok
      15:52:37.0829 2212 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
      15:52:37.0845 2212 kbdhid - ok
      15:52:37.0860 2212 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
      15:52:37.0876 2212 KeyIso - ok
      15:52:37.0892 2212 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      15:52:37.0907 2212 KSecDD - ok
      15:52:37.0923 2212 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      15:52:37.0923 2212 KSecPkg - ok
      15:52:37.0954 2212 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
      15:52:37.0985 2212 ksthunk - ok
      15:52:38.0016 2212 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
      15:52:38.0063 2212 KtmRm - ok
      15:52:38.0094 2212 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
      15:52:38.0141 2212 LanmanServer - ok
      15:52:38.0172 2212 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      15:52:38.0204 2212 LanmanWorkstation - ok
      15:52:38.0250 2212 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      15:52:38.0282 2212 lltdio - ok
      15:52:38.0313 2212 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
      15:52:38.0360 2212 lltdsvc - ok
      15:52:38.0375 2212 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
      15:52:38.0406 2212 lmhosts - ok
      15:52:38.0438 2212 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
      15:52:38.0453 2212 LSI_FC - ok
      15:52:38.0453 2212 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
      15:52:38.0469 2212 LSI_SAS - ok
      15:52:38.0469 2212 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
      15:52:38.0484 2212 LSI_SAS2 - ok
      15:52:38.0484 2212 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
      15:52:38.0500 2212 LSI_SCSI - ok
      15:52:38.0516 2212 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
      15:52:38.0562 2212 luafv - ok
      15:52:38.0594 2212 [ A014E25D95F7091000B60FF8A1C2E988 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
      15:52:38.0609 2212 lvpopf64 - ok
      15:52:38.0625 2212 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
      15:52:38.0640 2212 LVPr2M64 - ok
      15:52:38.0640 2212 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
      15:52:38.0656 2212 LVPr2Mon - ok
      15:52:38.0687 2212 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
      15:52:38.0703 2212 LVPrcS64 - ok
      15:52:38.0718 2212 [ A43A6CBEA073990A784603EF065A281B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
      15:52:38.0734 2212 LVRS64 - ok
      15:52:38.0828 2212 [ 4350876AB0D0C77D0B40A1C85935C96B ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
      15:52:38.0921 2212 LVUVC64 - ok
      15:52:38.0952 2212 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      15:52:38.0968 2212 Mcx2Svc - ok
      15:52:38.0984 2212 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
      15:52:38.0984 2212 megasas - ok
      15:52:39.0015 2212 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
      15:52:39.0030 2212 MegaSR - ok
      15:52:39.0046 2212 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
      15:52:39.0093 2212 MMCSS - ok
      15:52:39.0108 2212 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
      15:52:39.0155 2212 Modem - ok
      15:52:39.0171 2212 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      15:52:39.0186 2212 monitor - ok
      15:52:39.0218 2212 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      15:52:39.0233 2212 mouclass - ok
      15:52:39.0264 2212 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      15:52:39.0264 2212 mouhid - ok
      15:52:39.0311 2212 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      15:52:39.0327 2212 mountmgr - ok
      15:52:39.0342 2212 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      15:52:39.0358 2212 MozillaMaintenance - ok
      15:52:39.0389 2212 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
      15:52:39.0405 2212 mpio - ok
      15:52:39.0420 2212 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      15:52:39.0452 2212 mpsdrv - ok
      15:52:39.0483 2212 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
      15:52:39.0530 2212 MpsSvc - ok
      15:52:39.0561 2212 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      15:52:39.0576 2212 MRxDAV - ok
      15:52:39.0592 2212 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      15:52:39.0608 2212 mrxsmb - ok
      15:52:39.0639 2212 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      15:52:39.0670 2212 mrxsmb10 - ok
      15:52:39.0686 2212 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      15:52:39.0701 2212 mrxsmb20 - ok
      15:52:39.0717 2212 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
      15:52:39.0717 2212 msahci - ok
      15:52:39.0732 2212 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      15:52:39.0748 2212 msdsm - ok
      15:52:39.0764 2212 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
      15:52:39.0795 2212 MSDTC - ok
      15:52:39.0810 2212 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      15:52:39.0842 2212 Msfs - ok
      15:52:39.0857 2212 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      15:52:39.0888 2212 mshidkmdf - ok
      15:52:39.0920 2212 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      15:52:39.0920 2212 msisadrv - ok
      15:52:39.0951 2212 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      15:52:39.0982 2212 MSiSCSI - ok
      15:52:39.0998 2212 msiserver - ok
      15:52:40.0013 2212 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      15:52:40.0060 2212 MSKSSRV - ok
      15:52:40.0060 2212 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      15:52:40.0091 2212 MSPCLOCK - ok
      15:52:40.0107 2212 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      15:52:40.0154 2212 MSPQM - ok
      15:52:40.0185 2212 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      15:52:40.0200 2212 MsRPC - ok
      15:52:40.0216 2212 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
      15:52:40.0216 2212 mssmbios - ok
      15:52:40.0232 2212 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      15:52:40.0263 2212 MSTEE - ok
      15:52:40.0278 2212 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
      15:52:40.0294 2212 MTConfig - ok
      15:52:40.0341 2212 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
      15:52:40.0372 2212 MTsensor - ok
      15:52:40.0372 2212 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
      15:52:40.0388 2212 Mup - ok
      15:52:40.0419 2212 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
      15:52:40.0466 2212 napagent - ok
      15:52:40.0497 2212 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      15:52:40.0512 2212 NativeWifiP - ok
      15:52:40.0559 2212 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
      15:52:40.0590 2212 NDIS - ok
      15:52:40.0606 2212 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      15:52:40.0653 2212 NdisCap - ok
      15:52:40.0668 2212 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      15:52:40.0700 2212 NdisTapi - ok
      15:52:40.0746 2212 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      15:52:40.0778 2212 Ndisuio - ok
      15:52:40.0809 2212 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      15:52:40.0856 2212 NdisWan - ok
      15:52:40.0887 2212 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      15:52:40.0934 2212 NDProxy - ok
      15:52:40.0965 2212 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
      15:52:40.0980 2212 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      15:52:40.0980 2212 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      15:52:41.0012 2212 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      15:52:41.0043 2212 NetBIOS - ok
      15:52:41.0090 2212 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      15:52:41.0121 2212 NetBT - ok
      15:52:41.0136 2212 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
      15:52:41.0152 2212 Netlogon - ok
      15:52:41.0183 2212 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
      15:52:41.0230 2212 Netman - ok
      15:52:41.0246 2212 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
      15:52:41.0292 2212 netprofm - ok
      15:52:41.0324 2212 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
      15:52:41.0370 2212 netr28ux - ok
      15:52:41.0386 2212 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
      15:52:41.0402 2212 NetTcpPortSharing - ok
      15:52:41.0417 2212 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
      15:52:41.0433 2212 nfrd960 - ok
      15:52:41.0464 2212 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
      15:52:41.0511 2212 NlaSvc - ok
      15:52:41.0620 2212 [ 8ACF8E802087880B821EC985FEACCD72 ] NMSAccess64 C:\Windows\SysWOW64\NMSAccess64.exe
      15:52:41.0636 2212 NMSAccess64 - ok
      15:52:41.0651 2212 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      15:52:41.0682 2212 Npfs - ok
      15:52:41.0698 2212 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
      15:52:41.0729 2212 nsi - ok
      15:52:41.0745 2212 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      15:52:41.0792 2212 nsiproxy - ok
      15:52:41.0854 2212 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      15:52:41.0901 2212 Ntfs - ok
      15:52:41.0916 2212 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
      15:52:41.0948 2212 Null - ok
      15:52:41.0963 2212 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
      15:52:41.0979 2212 nvraid - ok
      15:52:41.0994 2212 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
      15:52:42.0010 2212 nvstor - ok
      15:52:42.0026 2212 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      15:52:42.0041 2212 nv_agp - ok
      15:52:42.0104 2212 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      15:52:42.0119 2212 odserv - ok
      15:52:42.0135 2212 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
      15:52:42.0150 2212 ohci1394 - ok
      15:52:42.0166 2212 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      15:52:42.0182 2212 ose - ok
      15:52:42.0197 2212 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      15:52:42.0228 2212 p2pimsvc - ok
      15:52:42.0260 2212 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
      15:52:42.0275 2212 p2psvc - ok
      15:52:42.0291 2212 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
      15:52:42.0306 2212 Parport - ok
      15:52:42.0338 2212 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
      15:52:42.0338 2212 partmgr - ok
      15:52:42.0353 2212 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
      15:52:42.0384 2212 PcaSvc - ok
      15:52:42.0400 2212 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
      15:52:42.0400 2212 pci - ok
      15:52:42.0431 2212 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
      15:52:42.0447 2212 pciide - ok
      15:52:42.0462 2212 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
      15:52:42.0478 2212 pcmcia - ok
      15:52:42.0478 2212 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
      15:52:42.0494 2212 pcw - ok
      15:52:42.0509 2212 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      15:52:42.0572 2212 PEAUTH - ok
      15:52:42.0681 2212 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
      15:52:42.0743 2212 PeerDistSvc - ok
      15:52:42.0774 2212 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
      15:52:42.0790 2212 PerfHost - ok
      15:52:42.0837 2212 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
      15:52:42.0899 2212 pla - ok
      15:52:42.0930 2212 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      15:52:42.0946 2212 PlugPlay - ok
      15:52:42.0977 2212 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
      15:52:42.0977 2212 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      15:52:42.0977 2212 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      15:52:42.0993 2212 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      15:52:43.0008 2212 PNRPAutoReg - ok
      15:52:43.0024 2212 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      15:52:43.0040 2212 PNRPsvc - ok
      15:52:43.0071 2212 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      15:52:43.0118 2212 PolicyAgent - ok
      15:52:43.0133 2212 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
      15:52:43.0164 2212 Power - ok
      15:52:43.0196 2212 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      15:52:43.0227 2212 PptpMiniport - ok
      15:52:43.0258 2212 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
      15:52:43.0274 2212 Processor - ok
      15:52:43.0305 2212 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
      15:52:43.0352 2212 ProfSvc - ok
      15:52:43.0367 2212 Prot6Flt - ok
      15:52:43.0383 2212 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
      15:52:43.0383 2212 ProtectedStorage - ok
      15:52:43.0430 2212 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      15:52:43.0461 2212 Psched - ok
      15:52:43.0476 2212 [ 9E97E62098FA1238D189181AAB13C402 ] pwdrvio C:\Windows\system32\pwdrvio.sys
      15:52:43.0492 2212 pwdrvio - ok
      15:52:43.0508 2212 [ 1A8011B9BD9B5CB53783E7F91109B946 ] pwdspio C:\Windows\system32\pwdspio.sys
      15:52:43.0523 2212 pwdspio - ok
      15:52:43.0554 2212 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
      15:52:43.0570 2212 PxHlpa64 - ok
      15:52:43.0601 2212 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
      15:52:43.0648 2212 ql2300 - ok
      15:52:43.0664 2212 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
      15:52:43.0679 2212 ql40xx - ok
      15:52:43.0695 2212 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
      15:52:43.0710 2212 QWAVE - ok
      15:52:43.0726 2212 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      15:52:43.0742 2212 QWAVEdrv - ok
      15:52:43.0757 2212 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      15:52:43.0788 2212 RasAcd - ok
      15:52:43.0820 2212 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      15:52:43.0851 2212 RasAgileVpn - ok
      15:52:43.0866 2212 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
      15:52:43.0913 2212 RasAuto - ok
      15:52:43.0929 2212 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      15:52:43.0960 2212 Rasl2tp - ok
      15:52:44.0007 2212 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
      15:52:44.0038 2212 RasMan - ok
      15:52:44.0069 2212 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      15:52:44.0100 2212 RasPppoe - ok
      15:52:44.0116 2212 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      15:52:44.0147 2212 RasSstp - ok
      15:52:44.0178 2212 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      15:52:44.0210 2212 rdbss - ok
      15:52:44.0225 2212 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
      15:52:44.0241 2212 rdpbus - ok
      15:52:44.0256 2212 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      15:52:44.0288 2212 RDPCDD - ok
      15:52:44.0319 2212 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
      15:52:44.0334 2212 RDPDR - ok
      15:52:44.0366 2212 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      15:52:44.0397 2212 RDPENCDD - ok
      15:52:44.0412 2212 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      15:52:44.0444 2212 RDPREFMP - ok
      15:52:44.0459 2212 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      15:52:44.0490 2212 RDPWD - ok
      15:52:44.0522 2212 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      15:52:44.0537 2212 rdyboost - ok
      15:52:44.0568 2212 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
      15:52:44.0600 2212 RemoteAccess - ok
      15:52:44.0615 2212 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      15:52:44.0646 2212 RemoteRegistry - ok
      15:52:44.0662 2212 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      15:52:44.0709 2212 RpcEptMapper - ok
      15:52:44.0740 2212 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
      15:52:44.0771 2212 RpcLocator - ok
      15:52:44.0802 2212 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
      15:52:44.0834 2212 RpcSs - ok
      15:52:44.0865 2212 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      15:52:44.0912 2212 rspndr - ok
      15:52:44.0927 2212 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
      15:52:44.0943 2212 RTL8167 - ok
      15:52:44.0974 2212 [ 1D170A8538C6F14B3D7DCBE8723F054B ] RTL8187 C:\Windows\system32\DRIVERS\RTL8187.sys
      15:52:45.0005 2212 RTL8187 - ok
      15:52:45.0036 2212 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
      15:52:45.0068 2212 s3cap - ok
      15:52:45.0083 2212 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
      15:52:45.0099 2212 SamSs - ok
      15:52:45.0114 2212 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      15:52:45.0130 2212 sbp2port - ok
      15:52:45.0177 2212 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
      15:52:45.0192 2212 SBSDWSCService - ok
      15:52:45.0224 2212 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
      15:52:45.0270 2212 SCardSvr - ok
      15:52:45.0286 2212 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      15:52:45.0333 2212 scfilter - ok
      15:52:45.0364 2212 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
      15:52:45.0411 2212 Schedule - ok
      15:52:45.0458 2212 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
      15:52:45.0483 2212 SCPolicySvc - ok
      15:52:45.0513 2212 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      15:52:45.0533 2212 SDRSVC - ok
      15:52:45.0563 2212 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      15:52:45.0603 2212 secdrv - ok
      15:52:45.0623 2212 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
      15:52:45.0653 2212 seclogon - ok
      15:52:45.0683 2212 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
      15:52:45.0723 2212 SENS - ok
      15:52:45.0723 2212 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
      15:52:45.0753 2212 SensrSvc - ok
      15:52:45.0773 2212 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
      15:52:45.0783 2212 Serenum - ok
      15:52:45.0793 2212 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
      15:52:45.0803 2212 Serial - ok
      15:52:45.0813 2212 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
      15:52:45.0833 2212 sermouse - ok
      15:52:45.0863 2212 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
      15:52:45.0893 2212 SessionEnv - ok
      15:52:45.0923 2212 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      15:52:45.0943 2212 sffdisk - ok
      15:52:45.0943 2212 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      15:52:45.0963 2212 sffp_mmc - ok
      15:52:45.0963 2212 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      15:52:45.0983 2212 sffp_sd - ok
      15:52:45.0993 2212 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
      15:52:46.0013 2212 sfloppy - ok
      15:52:46.0043 2212 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
      15:52:46.0093 2212 SharedAccess - ok
      15:52:46.0113 2212 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      15:52:46.0153 2212 ShellHWDetection - ok
      15:52:46.0173 2212 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
      15:52:46.0183 2212 SiSRaid2 - ok
      15:52:46.0193 2212 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
      15:52:46.0203 2212 SiSRaid4 - ok
      15:52:46.0253 2212 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
      15:52:46.0253 2212 SkypeUpdate - ok
      15:52:46.0273 2212 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      15:52:46.0313 2212 Smb - ok
      15:52:46.0343 2212 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      15:52:46.0353 2212 SNMPTRAP - ok
      15:52:46.0363 2212 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
      15:52:46.0373 2212 spldr - ok
      15:52:46.0413 2212 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
      15:52:46.0453 2212 Spooler - ok
      15:52:46.0523 2212 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
      15:52:46.0623 2212 sppsvc - ok
      15:52:46.0633 2212 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      15:52:46.0673 2212 sppuinotify - ok
      15:52:46.0713 2212 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
      15:52:46.0743 2212 srv - ok
      15:52:46.0783 2212 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      15:52:46.0813 2212 srv2 - ok
      15:52:46.0833 2212 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      15:52:46.0853 2212 srvnet - ok
      15:52:46.0893 2212 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      15:52:46.0933 2212 SSDPSRV - ok
      15:52:46.0953 2212 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
      15:52:46.0993 2212 SstpSvc - ok
      15:52:47.0023 2212 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
      15:52:47.0023 2212 stexstor - ok
      15:52:47.0073 2212 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
      15:52:47.0103 2212 stisvc - ok
      15:52:47.0133 2212 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
      15:52:47.0143 2212 storflt - ok
      15:52:47.0153 2212 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
      15:52:47.0183 2212 StorSvc - ok
      15:52:47.0203 2212 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
      15:52:47.0213 2212 storvsc - ok
      15:52:47.0223 2212 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
      15:52:47.0233 2212 swenum - ok
      15:52:47.0283 2212 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      15:52:47.0303 2212 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
      15:52:47.0303 2212 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
      15:52:47.0333 2212 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
      15:52:47.0383 2212 swprv - ok
      15:52:47.0433 2212 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
      15:52:47.0493 2212 SysMain - ok
      15:52:47.0513 2212 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
      15:52:47.0533 2212 TabletInputService - ok
      15:52:47.0653 2212 [ B5B736216FF7C71D320BF493825752A1 ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
      15:52:47.0783 2212 TabletServicePen - ok
      15:52:47.0823 2212 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
      15:52:47.0863 2212 TapiSrv - ok
      15:52:47.0893 2212 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
      15:52:47.0923 2212 TBS - ok
      15:52:47.0973 2212 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      15:52:48.0023 2212 Tcpip - ok
      15:52:48.0073 2212 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      15:52:48.0103 2212 TCPIP6 - ok
      15:52:48.0133 2212 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      15:52:48.0173 2212 tcpipreg - ok
      15:52:48.0203 2212 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      15:52:48.0223 2212 TDPIPE - ok
      15:52:48.0253 2212 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      15:52:48.0263 2212 TDTCP - ok
      15:52:48.0293 2212 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      15:52:48.0333 2212 tdx - ok
      15:52:48.0363 2212 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
      15:52:48.0363 2212 TermDD - ok
      15:52:48.0393 2212 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
      15:52:48.0443 2212 TermService - ok
      15:52:48.0463 2212 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
      15:52:48.0483 2212 Themes - ok
      15:52:48.0493 2212 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
      15:52:48.0523 2212 THREADORDER - ok
      15:52:48.0543 2212 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
      15:52:48.0583 2212 TrkWks - ok
      15:52:48.0633 2212 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      15:52:48.0673 2212 TrustedInstaller - ok
      15:52:48.0703 2212 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      15:52:48.0743 2212 tssecsrv - ok
      15:52:48.0783 2212 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
      15:52:48.0793 2212 TsUsbFlt - ok
      15:52:48.0833 2212 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      15:52:48.0873 2212 tunnel - ok
      15:52:48.0883 2212 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
      15:52:48.0893 2212 uagp35 - ok
      15:52:48.0923 2212 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      15:52:48.0963 2212 udfs - ok
      15:52:48.0983 2212 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      15:52:49.0003 2212 UI0Detect - ok
      15:52:49.0023 2212 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      15:52:49.0033 2212 uliagpkx - ok
      15:52:49.0053 2212 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
      15:52:49.0063 2212 umbus - ok
      15:52:49.0073 2212 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
      15:52:49.0089 2212 UmPass - ok
      15:52:49.0120 2212 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
      15:52:49.0136 2212 UmRdpService - ok
      15:52:49.0182 2212 [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
      15:52:49.0198 2212 UMVPFSrv - ok
      15:52:49.0214 2212 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
      15:52:49.0245 2212 upnphost - ok
      15:52:49.0292 2212 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
      15:52:49.0307 2212 usbaudio - ok
      15:52:49.0323 2212 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      15:52:49.0338 2212 usbccgp - ok
      15:52:49.0385 2212 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      15:52:49.0401 2212 usbcir - ok
      15:52:49.0416 2212 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\drivers\usbehci.sys
      15:52:49.0432 2212 usbehci - ok
      15:52:49.0463 2212 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
      15:52:49.0479 2212 usbhub - ok
      15:52:49.0479 2212 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
      15:52:49.0494 2212 usbohci - ok
      15:52:49.0510 2212 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      15:52:49.0526 2212 usbprint - ok
      15:52:49.0541 2212 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
      15:52:49.0572 2212 usbscan - ok
      15:52:49.0572 2212 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      15:52:49.0604 2212 USBSTOR - ok
      15:52:49.0619 2212 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
      15:52:49.0635 2212 usbuhci - ok
      15:52:49.0650 2212 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
      15:52:49.0682 2212 UxSms - ok
      15:52:49.0682 2212 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
      15:52:49.0697 2212 VaultSvc - ok
      15:52:49.0713 2212 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
      15:52:49.0728 2212 vdrvroot - ok
      15:52:49.0760 2212 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
      15:52:49.0806 2212 vds - ok
      15:52:49.0838 2212 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      15:52:49.0838 2212 vga - ok
      15:52:49.0853 2212 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
      15:52:49.0900 2212 VgaSave - ok
      15:52:49.0931 2212 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
      15:52:49.0931 2212 vhdmp - ok
      15:52:49.0947 2212 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
      15:52:49.0962 2212 viaide - ok
      15:52:49.0978 2212 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
      15:52:49.0994 2212 vmbus - ok
      15:52:49.0994 2212 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
      15:52:50.0025 2212 VMBusHID - ok
      15:52:50.0040 2212 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      15:52:50.0040 2212 volmgr - ok
      15:52:50.0072 2212 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      15:52:50.0087 2212 volmgrx - ok
      15:52:50.0103 2212 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      15:52:50.0118 2212 volsnap - ok
      15:52:50.0150 2212 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
      15:52:50.0150 2212 vsmraid - ok
      15:52:50.0196 2212 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
      15:52:50.0274 2212 VSS - ok
      15:52:50.0274 2212 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
      15:52:50.0290 2212 vwifibus - ok
      15:52:50.0306 2212 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
      15:52:50.0337 2212 vwififlt - ok
      15:52:50.0337 2212 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
      15:52:50.0368 2212 vwifimp - ok
      15:52:50.0399 2212 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
      15:52:50.0430 2212 W32Time - ok
      15:52:50.0462 2212 [ 6B6718DC4B4597EC10F4F8C614282EE1 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
      15:52:50.0462 2212 wacmoumonitor - ok
      15:52:50.0477 2212 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
      15:52:50.0477 2212 WacomPen - ok
      15:52:50.0508 2212 [ 26B430E7C5F598FE7353E3BC4B261321 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
      15:52:50.0524 2212 wacomvhid - ok
      15:52:50.0555 2212 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      15:52:50.0586 2212 WANARP - ok
      15:52:50.0586 2212 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      15:52:50.0618 2212 Wanarpv6 - ok
      15:52:50.0664 2212 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
      15:52:50.0711 2212 WatAdminSvc - ok
      15:52:50.0758 2212 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
      15:52:50.0805 2212 wbengine - ok
      15:52:50.0836 2212 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      15:52:50.0852 2212 WbioSrvc - ok
      15:52:50.0883 2212 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
      15:52:50.0914 2212 wcncsvc - ok
      15:52:50.0930 2212 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      15:52:50.0945 2212 WcsPlugInService - ok
      15:52:50.0961 2212 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
      15:52:50.0976 2212 Wd - ok
      15:52:50.0992 2212 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      15:52:51.0008 2212 Wdf01000 - ok
      15:52:51.0023 2212 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
      15:52:51.0101 2212 WdiServiceHost - ok
      15:52:51.0101 2212 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
      15:52:51.0117 2212 WdiSystemHost - ok
      15:52:51.0148 2212 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
      15:52:51.0179 2212 WebClient - ok
      15:52:51.0195 2212 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
      15:52:51.0242 2212 Wecsvc - ok
      15:52:51.0242 2212 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      15:52:51.0288 2212 wercplsupport - ok
      15:52:51.0304 2212 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
      15:52:51.0335 2212 WerSvc - ok
      15:52:51.0366 2212 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      15:52:51.0398 2212 WfpLwf - ok
      15:52:51.0413 2212 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      15:52:51.0429 2212 WIMMount - ok
      15:52:51.0444 2212 WinDefend - ok
      15:52:51.0444 2212 WinHttpAutoProxySvc - ok
      15:52:51.0476 2212 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      15:52:51.0522 2212 Winmgmt - ok
      15:52:51.0569 2212 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
      15:52:51.0647 2212 WinRM - ok
      15:52:51.0694 2212 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
      15:52:51.0725 2212 Wlansvc - ok
      15:52:51.0756 2212 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      15:52:51.0756 2212 WmiAcpi - ok
      15:52:51.0788 2212 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      15:52:51.0803 2212 wmiApSrv - ok
      15:52:51.0834 2212 WMPNetworkSvc - ok
      15:52:51.0850 2212 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
      15:52:51.0866 2212 WPCSvc - ok
      15:52:51.0881 2212 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      15:52:51.0897 2212 WPDBusEnum - ok
      15:52:51.0912 2212 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      15:52:51.0944 2212 ws2ifsl - ok
      15:52:51.0959 2212 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
      15:52:51.0990 2212 wscsvc - ok
      15:52:51.0990 2212 WSearch - ok
      15:52:52.0037 2212 [ A2CC9A9BC30C6141FF99D85A4E26D7A7 ] WTouchService C:\Program Files\WTouch\WTouchService.exe
      15:52:52.0037 2212 WTouchService - ok
      15:52:52.0115 2212 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
      15:52:52.0193 2212 wuauserv - ok
      15:52:52.0224 2212 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      15:52:52.0271 2212 WudfPf - ok
      15:52:52.0287 2212 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      15:52:52.0334 2212 WUDFRd - ok
      15:52:52.0349 2212 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      15:52:52.0380 2212 wudfsvc - ok
      15:52:52.0412 2212 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
      15:52:52.0427 2212 WwanSvc - ok
      15:52:52.0458 2212 ================ Scan global ===============================
      15:52:52.0490 2212 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
      15:52:52.0521 2212 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
      15:52:52.0521 2212 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
      15:52:52.0552 2212 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
      15:52:52.0568 2212 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
      15:52:52.0568 2212 [Global] - ok
      15:52:52.0568 2212 ================ Scan MBR ==================================
      15:52:52.0583 2212 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
      15:52:53.0067 2212 \Device\Harddisk0\DR0 - ok
      15:52:53.0067 2212 ================ Scan VBR ==================================
      15:52:53.0067 2212 [ BE54514B151BD1E86665C068FFF66340 ] \Device\Harddisk0\DR0\Partition1
      15:52:53.0067 2212 \Device\Harddisk0\DR0\Partition1 - ok
      15:52:53.0098 2212 [ 9A06EFCEC9CABA9522E77BEB87A50682 ] \Device\Harddisk0\DR0\Partition2
      15:52:53.0098 2212 \Device\Harddisk0\DR0\Partition2 - ok
      15:52:53.0114 2212 [ 8944981151C92A54074A24E01FE0BC53 ] \Device\Harddisk0\DR0\Partition3
      15:52:53.0114 2212 \Device\Harddisk0\DR0\Partition3 - ok
      15:52:53.0114 2212 ============================================================
      15:52:53.0114 2212 Scan finished
      15:52:53.0114 2212 ============================================================
      15:52:53.0129 5108 Detected object count: 6
      15:52:53.0129 5108 Actual detected object count: 6
      15:53:18.0588 5108 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
      15:53:18.0588 5108 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:53:18.0588 5108 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
      15:53:18.0588 5108 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:53:18.0588 5108 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
      15:53:18.0588 5108 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:53:18.0588 5108 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      15:53:18.0588 5108 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:53:18.0604 5108 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      15:53:18.0604 5108 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:53:18.0604 5108 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
      15:53:18.0604 5108 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
      15:53:24.0626 4840 Deinitialize success

    8. #8
      Developer Avatar de Dany3j
      Registrado
      mar 2011
      Ubicación
      China
      Mensajes
      6.652

      Re: Imposible eliminar virus doble tilde ´´

      Hola de nuevo

      Realiza lo siguiente :

      • Clic en INICIO > EJECUTAR >
        • Y ahí pones notepad.exe y ACEPTAR
        • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad


      Código:
      KillAll::
      ClearJavaCache::
      
      File::
      c:\windows\system32\UCQSgpE.exe
      
      Folder::
      c:\programdata\0C1D1739028F94C4C52AD1B4F875EF60
      
      DDS::
      TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
      
      Firefox::
      FF - ProfilePath - c:\users\Concha\AppData\Roaming\Mozilla\Firefox\Profiles\17b3hhb0.default\
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.es/
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109730&tt=290312_29
      FF - user.js: extensions.BabylonToolbar_i.babExt - 
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      FF - user.js: extensions.BabylonToolbar_i.id - 8ad64180000000000000061d1a0c173a
      FF - user.js: extensions.BabylonToolbar_i.hardId - 8ad64180000000000000061d1a0c173a
      FF - user.js: extensions.BabylonToolbar_i.instlDay - 15430
      FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:01
      FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
      FF - user.js: extensions.BabylonToolbar_i.instlRef - sst


      • Guarda este archivo con el nombre CFScript.txt
      • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



      • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.




      Después de reiniciar, comprobas en funcionamiento y nos comentás.



      saludos

      Me tope con un gato negro y tuve que desviarme por el camino largo.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de YoNkor
      Registrado
      abr 2012
      Ubicación
      Sebastopol
      Mensajes
      14
      Parece de chiste... sigue agarrado :S

      ComboFix 12-09-09.02 - Concha 10/09/2012 20:12:16.2.2 - x64
      Microsoft Windows 7 Professional 6.1.7601.1.1252.34.3082.18.3839.2773 [GMT 2:00]
      Running from: c:\users\Concha\Desktop\ComboFix.exe
      Command switches used :: c:\users\Concha\Desktop\CFScript.txt
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      FILE ::
      "c:\windows\system32\UCQSgpE.exe"
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\programdata\0C1D1739028F94C4C52AD1B4F875EF60
      c:\programdata\0C1D1739028F94C4C52AD1B4F875EF60\0C1D1739028F94C4C52AD1B4F875EF60
      c:\programdata\0C1D1739028F94C4C52AD1B4F875EF60\0C1D1739028F94C4C52AD1B4F875EF60.ico
      c:\users\Concha\AppData\Local\Temp\_MEI28162\_ctypes.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\_elementtree.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\_hashlib.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\_socket.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\_ssl.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\pyexpat.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\pysqlite2._sqlite.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\python26.dll
      c:\users\Concha\AppData\Local\Temp\_MEI28162\pythoncom26.dll
      c:\users\Concha\AppData\Local\Temp\_MEI28162\PyWinTypes26.dll
      c:\users\Concha\AppData\Local\Temp\_MEI28162\select.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\unicodedata.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\win32api.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\win32com.shell.shell.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\win32crypt.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\win32event.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\win32file.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\win32inet.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\win32pdh.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\win32process.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\windows._cacheinvalidation.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wx._controls_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wx._core_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wx._gdi_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wx._html2.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wx._misc_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wx._windows_.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wx._wizard.pyd
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wxbase293u_net_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wxbase293u_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wxmsw293u_adv_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wxmsw293u_core_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wxmsw293u_html_vc.dll
      c:\users\Concha\AppData\Local\Temp\_MEI28162\wxmsw293u_webview_vc.dll
      c:\users\Concha\AppData\Roaming\WTouch
      c:\users\Concha\AppData\Roaming\WTouch\WTouch.xml
      c:\windows\system32\UCQSgpE.exe
      c:\windows\SysWow64\UCQSgpE.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-10 to 2012-09-10 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-10 18:18 . 2012-09-10 18:19 -------- d-----w- c:\users\Concha\AppData\Roaming\WTouch
      2012-09-10 18:17 . 2012-09-10 18:17 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-09-10 18:17 . 2012-09-10 18:17 59392 ----a-w- c:\windows\system32\aHvRUvx.exe
      2012-09-08 01:11 . 2012-09-08 01:11 -------- d-----w- C:\_DT-Kill
      2012-09-08 01:07 . 2012-09-08 01:07 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
      2012-09-07 21:23 . 2012-09-07 21:23 -------- d-----w- c:\users\Concha\AppData\Roaming\Malwarebytes
      2012-09-07 21:23 . 2012-09-07 21:23 -------- d-----w- c:\programdata\Malwarebytes
      2012-09-07 11:03 . 2012-09-10 13:36 -------- d-s---w- c:\users\Concha\Google Drive
      2012-09-07 05:53 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C591351-5390-4B77-B2F5-B16E261A46CE}\mpengine.dll
      2012-09-01 21:58 . 2012-09-01 21:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
      2012-08-23 12:58 . 2012-08-23 12:58 -------- d-----w- c:\program files (x86)\Oracle
      2012-08-23 11:44 . 2012-08-23 11:44 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-08-23 11:44 . 2012-08-23 11:44 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-08-21 19:21 . 2012-09-10 10:47 -------- d-----w- c:\users\Concha\AppData\Roaming\.minecraft
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-23 11:44 . 2011-09-08 11:52 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-08-17 20:53 . 2011-05-20 07:29 62134624 ----a-w- c:\windows\system32\MRT.exe
      2012-07-03 09:10 . 2012-07-03 09:10 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-07-03 09:10 . 2011-07-21 04:28 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      .
      .
      ((((((((((((((((((((((((((((( [email protected]_12.59.48 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2011-03-19 18:59 . 2012-09-10 13:38 42572 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
      + 2009-07-14 05:10 . 2012-09-10 13:38 40610 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
      - 2011-03-19 18:36 . 2012-09-10 11:53 14486 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-887416047-875199164-1038058173-1000_UserData.bin
      + 2011-03-19 18:36 . 2012-09-10 13:38 14486 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-887416047-875199164-1038058173-1000_UserData.bin
      - 2011-03-19 18:20 . 2012-09-10 12:59 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
      + 2011-03-19 18:20 . 2012-09-10 18:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
      + 2011-03-19 18:20 . 2012-09-10 18:19 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
      - 2011-03-19 18:20 . 2012-09-10 12:59 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
      + 2009-07-14 04:54 . 2012-09-10 18:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
      - 2009-07-14 04:54 . 2012-09-10 12:59 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
      - 2011-03-20 10:58 . 2012-09-10 12:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
      + 2011-03-20 10:58 . 2012-09-10 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
      - 2011-03-20 10:58 . 2012-09-10 12:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
      + 2011-03-20 10:58 . 2012-09-10 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
      - 2012-09-10 12:59 . 2012-09-10 12:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
      + 2012-09-10 18:18 . 2012-09-10 18:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
      + 2012-09-10 18:18 . 2012-09-10 18:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
      - 2012-09-10 12:59 . 2012-09-10 12:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
      + 2011-03-20 12:17 . 2012-09-10 14:31 430232 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
      + 2009-07-14 09:31 . 2012-09-10 13:40 694148 c:\windows\system32\perfh00A.dat
      - 2009-07-14 09:31 . 2012-09-10 11:56 694148 c:\windows\system32\perfh00A.dat
      - 2009-07-14 02:36 . 2012-09-10 11:56 606992 c:\windows\system32\perfh009.dat
      + 2009-07-14 02:36 . 2012-09-10 13:40 606992 c:\windows\system32\perfh009.dat
      + 2009-07-14 09:31 . 2012-09-10 13:40 134242 c:\windows\system32\perfc00A.dat
      - 2009-07-14 09:31 . 2012-09-10 11:56 134242 c:\windows\system32\perfc00A.dat
      + 2009-07-14 02:36 . 2012-09-10 13:40 103370 c:\windows\system32\perfc009.dat
      - 2009-07-14 02:36 . 2012-09-10 11:56 103370 c:\windows\system32\perfc009.dat
      + 2009-07-14 05:01 . 2012-09-10 18:18 657404 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
      - 2009-07-14 05:01 . 2012-09-10 12:58 657404 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
      + 2011-03-19 20:00 . 2012-09-10 18:18 37980876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-887416047-875199164-1038058173-1000-8192.dat
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
      "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
      "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-07-20 12218904]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
      "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
      "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
      "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
      "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
      "CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-10-11 110592]
      HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      R2 gupdate;Servicio de Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-24 136176]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
      R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-24 136176]
      R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2010-05-14 271712]
      R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
      R3 netr28ux;Controlador de la Tarjeta de LAN inalámbrica USB RT2870 para Vista;c:\windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
      R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x]
      R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-04-09 19936]
      R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-04-09 13280]
      R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [2009-06-26 417792]
      R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
      R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-27 18216]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-20 1255736]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-20 254528]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 203776]
      S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
      S2 NMSAccess64;NMSAccess64;c:\windows\SysWOW64\NMSAccess64.exe [2009-01-12 82872]
      S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
      S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-11-24 5556520]
      S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
      S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-11-24 127784]
      S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 9085952]
      S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 299520]
      S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-05-17 1847296]
      S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
      S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2010-05-14 329952]
      S3 LVUVC64;Logitech Webcam C160(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2010-05-14 6465760]
      S3 RTL8167;Controlador NT de Realtek 8167;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
      hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-24 09:35]
      .
      2012-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-24 09:35]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
      2012-07-20 13:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
      2012-07-20 13:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
      2012-07-20 13:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
      2012-07-20 13:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
      FF - ProfilePath - c:\users\Concha\AppData\Roaming\Mozilla\Firefox\Profiles\17b3hhb0.default\
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.10"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
      c:\program files (x86)\Bonjour\mDNSResponder.exe
      c:\program files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
      .
      **************************************************************************
      .
      Completion time: 2012-09-10 20:23:25 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-09-10 18:23
      ComboFix2.txt 2012-09-10 13:04
      .
      Pre-Run: 9.754.001.408 bytes libres
      Post-Run: 9.688.752.128 bytes libres
      .
      - - End Of File - - FCEE13923E87484F315A436DF7DA8B52

      La cosa sigue empeorando, ahora aparte de la doble tilde tambien tengo "bloqueada la cuenta de facebook" que no es mas que el virus intentando sacar los datos de la tarjeta de credito. No entiendo como puede esconderse de tantos antivirus y procesos y afectar de manera tan grave ¡Ayuda por favor!

      Volvi a pasarle el malwarebytes por los nuevos "sintomas" pero sigue sin detectar absolutamente nada. Tengo datos bastante importantes que no me gustaria perder con un formateo-punto de restauracion y no se si al conectar un pendrive-disco duro puedo introducirlo en otros PC... No se que hacer.

      Edito:
      En mi desesperacion he intentado reestablecer el sistema con un punto de restauracion. No me lo permite, segun windows no hay ningun punto de restauracion y esta desactivado, cuando creo viene por defecto y no lo he desactivado, al intentar activarlo windows me reporta un error. No se si tiene solucion, pero no me gustaria formatear....
      Última edición por Dany3j fecha: 11/09/12 a las 09:22:26

    10. #10
      Developer Avatar de Dany3j
      Registrado
      mar 2011
      Ubicación
      China
      Mensajes
      6.652

      Re: Imposible eliminar virus doble tilde ´´

      Realiza lo siguiente:

      Descarga OTL.exe by OldTimer a tu escritorio.
      • Cierra todos los programas y ventanas abiertas.

      • Ejecuta OTL.exe haciendo doble clic sobre el icono.

      • Configure lo siguiente dejando lo demas por defecto:

      • Marque la casilla Analizar Todos.

      • Cambie la opción Tipo de Análisis a Resultado Mínimo.

      • Marque las casillas:


        • Usar Listado de Compañías Reconocidas.
        • Omitir Archivos De Microsoft.
        • Buscar LOP.
        • Buscar Purity.


      • Copie y pegue el siguiente codigo en el recuadro

      • Código:
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
        
      • No modifique alguna otra configuración a menos que se le indique.

      • Presiona el botón No utilice el ordenador durante el análisis.

      • Cuando haya terminado, se abrirán dos (2) reportes:


      • OTL.Txt
      • Extras.Txt

      Nota: Los reportes quedan guardados en el mismo lugar donde OTL.exe fue ejecutado.
      Copia y pega únicamente el contenido del archivo OTL.txt en tu próxima respuesta.

      Me tope con un gato negro y tuve que desviarme por el camino largo.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 3 123 ÚltimoÚltimo