• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    PC muy lento y me aparecen ventanas de publicidad a cada momento

    Hola a todos. Como dice el título del post, mi ordenador va lento y me aparecen contínuamente ventanas de publicidad. Las ventas me salen utilice indistintamente el Mozilla, Internet Explorer, o Google Chrome. He seguido ...

    1. #1
      Usuario Avatar de FaceMan
      Registrado
      oct 2012
      Ubicación
      Sevilla
      Mensajes
      13

      PC muy lento y me aparecen ventanas de publicidad a cada momento

      Hola a todos. Como dice el título del post, mi ordenador va lento y me aparecen contínuamente ventanas de publicidad. Las ventas me salen utilice indistintamente el Mozilla, Internet Explorer, o Google Chrome.
      He seguido todos los pasos de la La Guía de eliminación de malwares 2012, y aún así, no consigo elimnar ese problema.
      Al pasar el Malwarebyte Anty-Malware me sale lo siguiente:

      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.0.1400
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.10.09.09

      Windows XP Service Pack 2 x86 NTFS
      Internet Explorer 6.0.2900.2180
      Moises :: MOISES-E4341ADD [administrador]

      Protección: Habilitado

      09/10/2012 19:15:44
      mbam-log-2012-10-09 (19-15-44).txt

      Tipos de Análisis: Análisis Rápido
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 300084
      Tiempo transcurrido: 15 minuto(s), 44 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 1
      HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> En cuarentena y eliminado con éxito.

      Valores del Registro Detectados: 2
      HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> datos: 2bacb9f4f49913d680a614c86432e5f9 -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|system (Trojan.FakeAlert) -> datos: c:\windows\winp.exe -> En cuarentena y eliminado con éxito.

      Elementos de Datos del Registro Detectados: 1
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Malo: (http://www.isonico.com/) Bueno: (http://www.google.com) -> En cuarentena y reparado con éxito.

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)


      Tras haberlo reiniciado, le he pasado el Panda, habiendo neutralizado 24 problemas, y 1 que no lo ha podido neutralizar, el ipsec.sys, que lo he eliminado, tal y como recomendaba el programa.
      Lo he vuelto a reiniciar otra vez, y siguen saliéndome las ventas de publicidad. Señalar también que hace 2 días activé el Adblock Plus.

      Gracias por vuestra ayuda.

    2. #2
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      Hola, FaceMan



      Realiza estos pasos:


      1.- Descarga a tu escritorio pero no ejecutes aun:


      AT-Destroyer (by InfoSpyware)

      ComboFix.exe


      2.- Ejecuta en este orden:
      AT - Destroyer
      • Ejecuta la herramienta como administrador.
      • (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Aparecerá el Disclaimer de la herramienta. Presiona Sí.
      • Presiona sobre la opción 1 (Buscar y Destruir)
      • La herramienta desconectará el escritorio moméntaneamente.
      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.
      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.



      Antes de ejecutar ComboFix:
      1. Desactiva temporalmente el Antivirus y/o Antispyware.
      2. Cierra todas las ventanas abiertas.
      3. Has doble clic al archivo ComboFix.exe y seguí las instrucciones.
      4. Cuando termine, generará un reporte en C:\ComboFix.txt.



      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.



      **Nota**
      En tu próxima respuesta:
      Los reportes de AT - Destroyer y ComboFix.
      Como funciona todo.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de FaceMan
      Registrado
      oct 2012
      Ubicación
      Sevilla
      Mensajes
      13

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      Hola a todos. Lo primero, gracias por la rapidez en vuestra respuesta. Seguí los pasos que me dijeron: pasar el AT Destroyer, y después el Combo.Fix. Este último programa me puso que tenía el virus Rootkit.ZeroAccess.
      Después de sacar los 2 logs de ambos programas, al reiniciar el PC, me encuentro con que no me da la señal de conexión a Internet pero no me funciona. No sé si al pasarle esos 2 programas habrá habido alguna desconfiguración. Decir que para Internet utilizo un USB Wireless Adapter. Ahora mismo os estoy escribiendo desde otro ordenador.
      Mi duda es que, para pasaros por aquí los 2 logs de AT Destroyer y de ComboFix, he de meterel pen drive en mi ordenador, en introducirlo aquí en este otro, si de esta forma el virus que hay en mi ordenador se pueda pasar a través del pen a este otro ordenador desde el que estoy ahora mismo. De ahí mi temor.
      ¿Hay alguna otra forma de pasar los 2 logs de un ordenador a otro sin Internet ni pen drive?

      Por favor ayúdenme, llevo ya algunos días con esto del virus y estoy ya un tanto angustiado.

      Gracias por la ayuda.

    4. #4
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      Hola.

      Primero intenta iniciar en modo seguro con funciones de red y si logras esto envíame los reporte.

      De no usa un cd para copiar y enviarme los reporte.

      Saludos.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de FaceMan
      Registrado
      oct 2012
      Ubicación
      Sevilla
      Mensajes
      13

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      GRacias por la respuesta Anoika. TE paso el log de ComboFix:

      ComboFix 12-10-09.01 - Moises 10/10/2012 8:48.1.2 - x86
      Running from: c:\documents and settings\Moises\Mis documentos\Descargas\ComboFix.exe
      AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
      FW: Cloud Antivirus Firewall *Disabled* {1337562C-110A-4AF8-B12B-750C0B30E802}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\archivos de programa\WinRAR\setup.s
      c:\documents and settings\All Users.WINDOWS\Datos de programa\TEMP
      c:\windows\$NtUninstallKB2267$\1400527777\@
      c:\windows\$NtUninstallKB2267$\1400527777\cfg.ini
      c:\windows\$NtUninstallKB2267$\1400527777\Desktop.ini
      c:\windows\$NtUninstallKB2267$\1400527777\L\zjuduuew
      c:\windows\$NtUninstallKB2267$\3422067539
      c:\windows\system32\setb0.tmp
      c:\windows\system32\URTTemp
      c:\windows\system32\URTTemp\regtlib.exe
      c:\windows\$NtUninstallKB2267$ . . . . Failed to delete
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-09-10 to 2012-10-10 )))))))))))))))))))))))))))))))
      .
      .
      2012-10-10 06:23 . 2012-06-29 11:55 22528 ----a-w- c:\windows\AT-Uninstall.exe
      2012-10-10 06:23 . 2012-03-12 21:27 11776 ----a-w- c:\windows\Colous.exe
      2012-10-10 06:23 . 2008-03-25 08:39 69660 ----a-w- c:\windows\Fart.exe
      2012-10-09 17:47 . 2012-10-09 17:47 -------- d-----w- c:\documents and settings\Moises\Datos de programa\Panda Security
      2012-10-09 17:45 . 2012-10-09 17:45 -------- d-----w- c:\archivos de programa\Toolbar Cleaner
      2012-10-09 17:45 . 2012-10-09 17:45 -------- d-----w- c:\documents and settings\Moises\Configuración local\Datos de programa\panda2_0dn
      2012-10-09 17:45 . 2012-10-10 06:04 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\Panda Security URL Filtering
      2012-10-09 17:44 . 2012-10-09 20:02 -------- d-----w- c:\documents and settings\Moises\Datos de programa\pandasecuritytb
      2012-10-09 17:43 . 2012-10-09 17:44 -------- d-----w- c:\archivos de programa\Panda Security
      2012-10-09 17:43 . 2012-10-09 17:43 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\Panda Security
      2012-10-09 17:12 . 2012-10-09 17:12 -------- d-----w- c:\documents and settings\Moises\Datos de programa\Malwarebytes
      2012-10-09 17:12 . 2012-10-09 17:12 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\Malwarebytes
      2012-10-09 17:12 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-10-08 08:28 . 2012-10-08 08:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\IBUpdaterService
      2012-10-08 08:27 . 2012-10-08 08:27 -------- d-----w- c:\archivos de programa\SpywareBlaster
      2012-10-07 20:47 . 2012-10-07 20:47 -------- d-----w- c:\documents and settings\Moises\Configuración local\Datos de programa\Wajam
      2012-10-07 13:19 . 2012-10-07 13:37 -------- d-----w- c:\documents and settings\Moises\Datos de programa\Anvil Studio
      2012-10-07 12:40 . 2012-10-07 12:40 -------- d-----w- c:\documents and settings\Moises\Datos de programa\Iminent
      2012-10-07 12:40 . 2012-10-07 12:40 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\Iminent
      2012-10-07 12:40 . 2012-10-07 12:40 -------- d-----w- c:\windows\system32\aspi_backup
      2012-10-07 12:23 . 2012-10-07 12:57 -------- d-----w- c:\archivos de programa\Nosibay
      2012-10-07 12:20 . 2012-10-07 12:20 -------- d-----w- c:\documents and settings\Moises\Datos de programa\Nosibay
      2012-10-07 12:19 . 2012-10-07 21:02 -------- d-----w- c:\archivos de programa\intelliScore Polyphonic WAV to MIDI Converter Demo
      2012-10-07 11:31 . 2012-10-09 09:55 -------- d-----w- c:\documents and settings\Moises\Datos de programa\NCH Software
      2012-10-07 11:31 . 2012-10-07 20:42 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\NCH Software
      2012-10-06 16:49 . 2012-10-09 17:39 -------- d-----w- c:\documents and settings\Moises\Configuración local\Datos de programa\Lollipop
      2012-10-06 16:49 . 2012-10-06 16:49 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\Babylon
      2012-10-06 12:57 . 2012-10-06 12:57 -------- d-----w- c:\archivos de programa\Transcribe!
      2012-10-03 08:52 . 2012-10-03 08:52 -------- d-----w- c:\archivos de programa\Lame For Audacity
      2012-09-30 10:39 . 2012-10-03 20:18 -------- d-----w- c:\documents and settings\Moises\Datos de programa\Audacity
      2012-09-25 11:17 . 2012-09-25 11:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\Steinberg
      2012-09-24 14:01 . 2012-09-24 14:01 -------- d-----w- c:\documents and settings\Moises\AppData
      2012-09-24 08:42 . 2012-09-25 11:17 -------- d-----w- c:\archivos de programa\Archivos comunes\Steinberg
      2012-09-24 08:27 . 2012-09-24 08:42 -------- d-----w- c:\documents and settings\Moises\Datos de programa\Steinberg
      2012-09-24 08:27 . 2012-09-24 08:27 -------- d-----w- c:\archivos de programa\Steinberg
      2012-09-24 08:27 . 2012-09-24 08:27 2892 ----a-w- c:\windows\system32\audcon.sys
      2012-09-23 10:43 . 2006-11-23 15:20 18432 ----a-w- c:\windows\system32\drivers\synasUSB.sys
      2012-09-23 10:42 . 2006-01-29 09:48 147456 ----a-w- c:\windows\system32\SynsoLChk.dll
      2012-09-23 10:05 . 2012-09-24 08:27 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\Syncrosoft
      2012-09-23 10:05 . 2012-09-23 10:05 -------- d-----w- c:\documents and settings\Moises\Configuración local\Datos de programa\eLicenser
      2012-09-23 09:57 . 2012-09-24 08:27 -------- d-----w- c:\archivos de programa\Syncrosoft
      2012-09-23 09:57 . 2012-09-23 10:23 -------- d-----w- c:\archivos de programa\eLicenser
      2012-09-23 09:57 . 2012-09-23 10:05 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\eLicenser
      2012-09-23 09:56 . 2012-05-02 13:33 1277952 ------w- c:\windows\system32\SYNSOACC.dll
      2012-09-23 09:56 . 2006-01-29 09:48 45056 ----a-w- c:\windows\system32\Synsopos.exe
      2012-09-21 17:05 . 2012-09-21 17:05 -------- d-----w- c:\documents and settings\Moises\Configuración local\Datos de programa\Ilivid Player
      2012-09-21 17:02 . 2012-09-22 10:33 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Datos de programa\boost_interprocess
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-26 08:46 . 2012-08-26 08:46 120872 ----a-w- c:\windows\system32\drivers\PSINProt.sys
      2012-08-26 08:46 . 2012-08-26 08:46 179368 ----a-w- c:\windows\system32\drivers\PSINKNC.sys
      2012-08-26 08:46 . 2012-08-26 08:46 114856 ----a-w- c:\windows\system32\drivers\PSINProc.sys
      2012-08-26 08:46 . 2012-08-26 08:46 102696 ----a-w- c:\windows\system32\drivers\PSINFile.sys
      2012-08-26 08:46 . 2012-08-26 08:46 149544 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
      2012-07-24 16:09 . 2012-07-24 16:09 82432 ----a-w- c:\documents and settings\Moises\Datos de programa\Microsoft\MSXML2\msxml4r.dll
      2012-07-24 16:09 . 2012-07-24 16:09 44544 ----a-w- c:\documents and settings\Moises\Datos de programa\Microsoft\MSXML2\msxml4a.dll
      2012-07-24 16:09 . 2012-07-24 16:09 1275392 ----a-w- c:\documents and settings\Moises\Datos de programa\Microsoft\MSXML2\msxml4.dll
      2012-07-12 09:18 . 2012-07-12 09:18 206632 ----a-w- c:\windows\system32\drivers\NNSStrm.sys
      2012-09-07 21:03 . 2012-09-07 21:03 266720 ----a-w- c:\archivos de programa\mozilla firefox\components\browsercomps.dll
      .
      .
      ------- Sigcheck -------
      Note: Unsigned files aren't necessarily malware.
      .
      [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\atapi.sys
      [7] 2006-03-02 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
      .
      [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\asyncmac.sys
      [7] 2006-03-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys
      [7] 2006-03-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
      .
      [7] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
      [7] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
      .
      [-] 2008-04-14 . 188DDD286BC0DAEA6984858C6A4D7BBF . 25088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\kbdclass.sys
      [7] 2006-03-02 . 71BFDDA7B3006B45B18D8BAC92BC9993 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
      .
      [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ndis.sys
      [7] 2006-03-02 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ndis.sys
      [7] 2006-03-02 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys
      .
      [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ntfs.sys
      [7] 2006-03-02 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ntfs.sys
      [7] 2006-03-02 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys
      .
      [7] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
      [7] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
      .
      [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
      [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
      [7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
      [7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
      [7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
      [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\tcpip.sys
      [7] 2006-03-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
      .
      [-] 2008-04-14 . E28818BD591F8AF8FBE9897472B9665E . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\browser.dll
      [7] 2006-03-02 . D01CFCC753B09E70F5B7622501FF5383 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
      [7] 2006-03-02 . D01CFCC753B09E70F5B7622501FF5383 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll
      .
      [-] 2008-04-14 . 671ACA589DA3733FAC878A751C5BF0ED . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\lsass.exe
      [7] 2006-03-02 . 2B0B88652C9F6714FD4886839B3B0442 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
      [7] 2006-03-02 . 2B0B88652C9F6714FD4886839B3B0442 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe
      .
      [-] 2008-04-14 . A48884C9359EE9F1FC8F3F0D93FB1D95 . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\netman.dll
      [7] 2006-03-02 . 25128473F0D3FD431F74CC5BAFA123CA . 198144 . . [5.1.2600.2180] . . c:\windows\system32\netman.dll
      [7] 2006-03-02 . 25128473F0D3FD431F74CC5BAFA123CA . 198144 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netman.dll
      .
      [-] 2008-04-14 02:18 . 93F4E612C695E81512110956454E6E25 . 837120 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\comres.dll
      [7] 2006-03-02 12:00 . DECF5947EF11B06D716E08D0B86FC62A . 837120 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll
      [7] 2006-03-02 12:00 . DECF5947EF11B06D716E08D0B86FC62A . 837120 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\comres.dll
      .
      [-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\qmgr.dll
      [7] 2006-03-02 . 02451268DC47E4DC228210DA0E3C3274 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
      [7] 2006-03-02 . 02451268DC47E4DC228210DA0E3C3274 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll
      .
      [7] 2009-02-09 . AEF41FC6F108CC4F94F9B4E96AFA9C70 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
      [7] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
      [7] 2009-02-09 . 7A828726797A542BE390C054563E60BA . 399360 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll
      [7] 2009-02-09 . 7A828726797A542BE390C054563E60BA . 399360 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll
      [7] 2009-02-09 . D326677E8A052EABA778B9767ECB7724 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
      [-] 2008-04-14 . 53D02EFFA72CA5C57687BEE20610ABA6 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\rpcss.dll
      [7] 2006-03-02 . 86945706EBF0460631917E967BAB3CC4 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
      .
      [7] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
      [7] 2009-02-09 . AA6E1769469F9D15603A619FC1FB9E18 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
      [7] 2009-02-09 . 35A8E2160C1481D08FB97666C2127FE2 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe
      [7] 2009-02-09 . 35A8E2160C1481D08FB97666C2127FE2 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe
      [7] 2009-02-09 . 14BDC84F56A5DB7A01FDAA6FA7893759 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
      [-] 2008-04-14 . D658A8C2FC7B2AD53D1259741A09EE04 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\services.exe
      [7] 2006-03-02 . F9852F505E0699BB83D5C6321917040B . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe
      .
      [-] 2008-04-14 . CDD2DC6AE65084481E723E746C20539A . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\spoolsv.exe
      [7] 2006-03-02 . 1CF5AF263287CF6FEBF31539833EAF4A . 57856 . . [5.1.2600.2180] . . c:\windows\system32\spoolsv.exe
      [7] 2006-03-02 . 1CF5AF263287CF6FEBF31539833EAF4A . 57856 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\spoolsv.exe
      .
      [-] 2008-04-14 . 213C80D912880BBF04453D09FFCCB28C . 510976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\winlogon.exe
      [7] 2006-03-02 . FCB59D25D628B4D3181DC816D14679DD . 505344 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
      [7] 2006-03-02 . FCB59D25D628B4D3181DC816D14679DD . 505344 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe
      .
      [7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
      [7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
      [-] 2008-04-14 . 846908F3A9F03F85E78103ED9D87B441 . 112128 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\wuauclt.exe
      .
      [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ipsec.sys
      [7] 2006-03-02 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ipsec.sys
      [-] 2006-03-02 12:00 . A38CA7620A8C95FE96F1A2D6BE753174 . 74752 . . [5 Alpha157 RC37370 14.1061] . . c:\windows\system32\drivers\ipsec.sys
      .
      [-] 2008-04-14 . 618A4C7A7C0CA86DA884C8C0FACAD8C2 . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\comctl32.dll
      [-] 2008-04-14 . 08D17A982CD6191B34D1B8C8A2E694B6 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\asms\60\msft\windows\common\controls\comctl32.dll
      [7] 2006-03-02 . EDA7A1054484AF5DD29A648081E93107 . 611328 . . [5.82] . . c:\windows\system32\comctl32.dll
      [7] 2006-03-02 . EDA7A1054484AF5DD29A648081E93107 . 611328 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
      [7] 2006-03-02 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      [7] 2006-03-02 . A2126F1E83B97EEA496164748A9E3A8E . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
      .
      [-] 2008-04-14 . E423C9C1946C656E0E4840210A0A8681 . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\cryptsvc.dll
      [7] 2006-03-02 . 149CFFBF77CC1306FC535557CF513B91 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
      [7] 2006-03-02 . 149CFFBF77CC1306FC535557CF513B91 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll
      .
      [7] 2008-07-07 20:31 . 5BB73A064A19A5A3531A1EC6339F5082 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll
      [7] 2008-07-07 20:31 . 5BB73A064A19A5A3531A1EC6339F5082 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll
      [7] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
      [7] 2008-07-07 20:25 . 6EC3C2A5CEA41B78BB55B30444292CB8 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
      [7] 2008-07-07 20:18 . 9B8FE9DB4DB64DB5CB3B76DBA8C38B8B . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
      [-] 2008-04-14 02:18 . 76ABF3BB5A6D684641EC92B28240811D . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\es.dll
      [7] 2006-03-02 12:00 . 86F565E6FDD0C0776089D2F92AB1FC3F . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974$\es.dll
      .
      [-] 2008-04-14 . 95DF6A7520912B1040F748A287EA382A . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\imm32.dll
      [7] 2006-03-02 . BE2282FBEAFBB76577D47B06071139BB . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
      [7] 2006-03-02 . BE2282FBEAFBB76577D47B06071139BB . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll
      .
      [7] 2009-03-21 . B609BF6A4313087010F1F062B4490989 . 1039360 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll
      [7] 2009-03-21 . B609BF6A4313087010F1F062B4490989 . 1039360 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll
      [7] 2009-03-21 . 7DC06BF4CBC3FCD7557D8D69DFBD49F5 . 1042944 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
      [7] 2009-03-21 . 97D5372816EC546BD035EDAEDB5E6918 . 1044992 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
      [7] 2009-03-21 . 6FB482ABD03E16295A73270A3D30808F . 1042432 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
      [-] 2008-04-14 . F43FE49CF77EC1CEF9DB9E67BDDB970F . 1042944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\kernel32.dll
      [7] 2006-03-02 . 730DA000741545C7E5E176E1E9EA687D . 1036800 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
      .
      [-] 2008-04-14 . FB67F1E092AB9967D0CD17300D751874 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\linkinfo.dll
      [7] 2006-03-02 . 30FD47F2A925D0BB59792AB3920A1DAD . 18944 . . [5.1.2600.2180] . . c:\windows\system32\linkinfo.dll
      [7] 2006-03-02 . 30FD47F2A925D0BB59792AB3920A1DAD . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\linkinfo.dll
      .
      [-] 2008-04-14 . 87F15A88AA3376B48F75D7D176B312A0 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\lpk.dll
      [7] 2006-03-02 . 24B2A5D3EE366A3E9C1E0941363618C7 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
      [7] 2006-03-02 . 24B2A5D3EE366A3E9C1E0941363618C7 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll
      .
      [7] 2010-04-16 . 0F34C6110C2B963AA8F96D2D89E6751B . 3094016 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\mshtml.dll
      [7] 2010-04-16 . 3FF46A47986827428264AAE40C912529 . 3094528 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
      [7] 2010-04-16 . 0BC8C27CE9286656B2E08D44DF5D3B8B . 3086336 . . [6.00.2900.3698] . . c:\windows\system32\mshtml.dll
      [7] 2010-04-16 . 0BC8C27CE9286656B2E08D44DF5D3B8B . 3086336 . . [6.00.2900.3698] . . c:\windows\system32\dllcache\mshtml.dll
      [7] 2010-04-16 . 843E96F1D8B8E6B10C911D862EC73326 . 3094016 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\mshtml.dll
      [-] 2008-04-14 . 85B88C504D1527978F1C2FBE6A41E799 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\mshtml.dll
      [7] 2006-03-02 . 0DAB3544C86DD21C5F4643A4C01C64A1 . 3070464 . . [6.00.2900.2853] . . c:\windows\$NtUninstallKB982381$\mshtml.dll
      [7] 2006-02-20 . 8A8E859BEB0ED39C9497522671BF9704 . 3073024 . . [6.00.2900.2853] . . c:\windows\$hf_mig$\KB911164\SP2QFE\mshtml.dll
      .
      [-] 2008-04-14 . 0F021B29E0C2C9D897258399FB2149CD . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\msvcrt.dll
      [-] 2008-04-14 . B1CB86D70023988360DA136B317D8546 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\asms\70\msft\windows\mswincrt\msvcrt.dll
      [7] 2006-03-02 . 3CDD949F8340F06FD99667B4F75409D0 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
      [7] 2006-03-02 . 3CDD949F8340F06FD99667B4F75409D0 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll
      [7] 2006-03-02 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
      [7] 2006-03-02 . C19174138C9DAB560E4324374C5F739E . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
      .
      [7] 2008-06-20 . 738AE6EEE9531C826E212BF686B0C5E5 . 248320 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
      [7] 2008-06-20 . DC10B07F256C8EDF6642015E380C741E . 248320 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
      [7] 2008-06-20 . 1FAE3DDB8D36C5D7DCA7CB1FDA03ECAE . 248320 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll
      [7] 2008-06-20 . 1FAE3DDB8D36C5D7DCA7CB1FDA03ECAE . 248320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll
      [7] 2008-06-20 . C7C251D08747385131AF5D6E10653514 . 248320 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
      [-] 2008-04-14 . AD893C9D3A09081D55A4BDFBC66AD592 . 248320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\mswsock.dll
      [7] 2006-03-02 . 10558FED65AAA5DC95125E069AE65036 . 248320 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
      .
      [7] 2009-02-06 . E24DE816D7A868A11A320C0A09164BFF . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
      [7] 2009-02-06 . E24DE816D7A868A11A320C0A09164BFF . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
      [-] 2008-04-14 . CD2BBB52DFAAB666B812A51B1E96F2A0 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\netlogon.dll
      [7] 2006-03-02 . 7FD182B1B80117C353983565D60B1CAF . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
      [7] 2006-03-02 . 7FD182B1B80117C353983565D60B1CAF . 407040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netlogon.dll
      .
      [-] 2008-04-14 . 56DE6FD410B277C4345D7A2C3414DB64 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\powrprof.dll
      [7] 2006-03-02 . 75EFF6383C2F9BC1198C5351754D27AC . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
      [7] 2006-03-02 . 75EFF6383C2F9BC1198C5351754D27AC . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll
      .
      [-] 2008-04-14 . B6BE3C96CD33336A551DB3F2299A8E69 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\scecli.dll
      [7] 2006-03-02 . C6347748F2E9F310EA1E1915482ABFEF . 184832 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
      [7] 2006-03-02 . C6347748F2E9F310EA1E1915482ABFEF . 184832 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll
      .
      [-] 2008-04-14 . D5AC9FA63EBEFD7AACCB14BA0DB1BAC3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\sfc.dll
      [7] 2006-03-02 . CA557E5E31C7BCFC2CB61CCFE9F6C945 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
      [7] 2006-03-02 . CA557E5E31C7BCFC2CB61CCFE9F6C945 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll
      .
      [-] 2008-04-14 . 4F2340F0BD5B6365C38E74DD391919A8 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\svchost.exe
      [7] 2006-03-02 . FA03E1FC17F38FBDBA81470D08B3E416 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
      [7] 2006-03-02 . FA03E1FC17F38FBDBA81470D08B3E416 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe
      .
      [-] 2008-04-14 . 04A5B8EA326951DB27DF60A14F2999FF . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\tapisrv.dll
      [7] 2006-03-02 . C2DC3F102C351FA6D4BDAF2B927EAFC2 . 246272 . . [5.1.2600.2180] . . c:\windows\system32\tapisrv.dll
      [7] 2006-03-02 . C2DC3F102C351FA6D4BDAF2B927EAFC2 . 246272 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tapisrv.dll
      .
      [-] 2008-04-14 . DA8898129E0075C7DE4DEE457514A73C . 579584 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\user32.dll
      [7] 2006-03-02 . 5D5C9CC377A70D036816E7EA55F3CA73 . 578048 . . [5.1.2600.2180] . . c:\windows\system32\user32.dll
      [7] 2006-03-02 . 5D5C9CC377A70D036816E7EA55F3CA73 . 578048 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\user32.dll
      .
      [-] 2008-04-14 . F5B8745B9A90EAF17E30C0574E049AA3 . 26624 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\userinit.exe
      [7] 2006-03-02 . 7B30B4D55B4562C733A5DDF6D6F72B3F . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
      [7] 2006-03-02 . 7B30B4D55B4562C733A5DDF6D6F72B3F . 25088 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe
      .
      [7] 2010-04-16 . 115937820768413A92406553800F5BD3 . 669696 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\wininet.dll
      [7] 2010-04-16 . 0EB575B84044049E8C9E95D000DE6923 . 671232 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
      [7] 2010-04-16 . C7F8944AC44A3D8594E4B5080A2D8FEB . 664576 . . [6.00.2900.3698] . . c:\windows\system32\wininet.dll
      [7] 2010-04-16 . C7F8944AC44A3D8594E4B5080A2D8FEB . 664576 . . [6.00.2900.3698] . . c:\windows\system32\dllcache\wininet.dll
      [7] 2010-04-16 . E6DE7B128DC704860B96A0CA14BD2B06 . 671232 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\wininet.dll
      [-] 2008-04-14 . A9A84CFC20D5F4C609E9CBF9491B8DF6 . 668672 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\wininet.dll
      [7] 2006-03-02 . 80BB109560A23B9C18427855CA5305E6 . 658944 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB982381$\wininet.dll
      .
      [-] 2008-04-14 . 22DB5B3DA7005C6472D35BEF3FFDA5EC . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ws2_32.dll
      [7] 2006-03-02 . B4A90738BA4355F187BD26D6C112082B . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
      [7] 2006-03-02 . B4A90738BA4355F187BD26D6C112082B . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll
      .
      [-] 2008-04-14 . F7EE4BBFB48437EDC6F7F061DE1E8F2F . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ws2help.dll
      [7] 2006-03-02 . 0EDF3501370A14BEFB27526CD06FACEE . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll
      [7] 2006-03-02 . 0EDF3501370A14BEFB27526CD06FACEE . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2help.dll
      .
      [-] 2008-04-14 . 7522F548A84ABAD8FA516DE5AB3931EF . 1036288 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\explorer.exe
      [7] 2006-03-02 . 89C8DD146CEAF482D82822766437D93F . 1034752 . . [6.00.2900.2180] . . c:\windows\explorer.exe
      [7] 2006-03-02 . 89C8DD146CEAF482D82822766437D93F . 1034752 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
      .
      [-] 2008-04-14 . F4B9F9AA2F72FAD20D09C3E3FF2BE224 . 152064 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\regedit.exe
      [7] 2006-03-02 . 2BA8F4A46C83C6D3A02E9073A304F82C . 152064 . . [5.1.2600.2180] . . c:\windows\regedit.exe
      [7] 2006-03-02 . 2BA8F4A46C83C6D3A02E9073A304F82C . 152064 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regedit.exe
      .
      [-] 2008-04-14 . 463D57BF9FE5871208FF99399360A57D . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ole32.dll
      [7] 2006-03-02 . 4284D0170197D37F0D37F55B89B3FDB7 . 1281024 . . [5.1.2600.2180] . . c:\windows\system32\ole32.dll
      [7] 2006-03-02 . 4284D0170197D37F0D37F55B89B3FDB7 . 1281024 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ole32.dll
      .
      [-] 2008-04-14 . D2ABEB6AF76DA414D1FFF8B409F00635 . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\usp10.dll
      [7] 2006-03-02 . 0405987EE320AB0572E463C1E69C0121 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll
      [7] 2006-03-02 . 0405987EE320AB0572E463C1E69C0121 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\dllcache\usp10.dll
      .
      [-] 2008-04-14 . D9A84134776399F6BD244BC456076575 . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ksuser.dll
      [7] 2004-08-19 . 13A247D9214BB41BE25F2B491DCB7962 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll
      [7] 2004-08-19 . 13A247D9214BB41BE25F2B491DCB7962 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll
      .
      [-] 2008-04-14 . DAAE1CB1B1875B760496E7D3336DA1AD . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ctfmon.exe
      [7] 2006-03-02 . 25ECFA69AF1563FDE8DFD31F9954497A . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
      [7] 2006-03-02 . 25ECFA69AF1563FDE8DFD31F9954497A . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe
      .
      [-] 2008-04-14 . CA70EDBF32032EA53F114CB930741CB5 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\shsvcs.dll
      [7] 2006-03-02 . DBCF824BA771A1F27E6F5124D0516358 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll
      [7] 2006-03-02 . DBCF824BA771A1F27E6F5124D0516358 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\shsvcs.dll
      .
      [-] 2008-04-14 . B5D9EFEBE404A9A2C74EF27E1823A78B . 4608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\msimg32.dll
      [7] 2006-03-02 . 954E6AAC31883B151A936793406D7A90 . 4608 . . [5.1.2600.2180] . . c:\windows\system32\msimg32.dll
      [7] 2006-03-02 . 954E6AAC31883B151A936793406D7A90 . 4608 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msimg32.dll
      .
      [-] 2008-04-14 . 0F30EEC6013FCF76693405EC4A7DF899 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\srsvc.dll
      [7] 2006-03-02 . C791D16BF25264738B14873436293BD0 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
      [7] 2006-03-02 . C791D16BF25264738B14873436293BD0 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
      .
      [-] 2008-04-14 . B2718EC9DC738E915D4177498E92BC4D . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\wscntfy.exe
      [7] 2006-03-02 . 9C90A6DBE5D43E189F199172675D6312 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
      [7] 2006-03-02 . 9C90A6DBE5D43E189F199172675D6312 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe
      .
      [-] 2008-04-14 . 14FDADCF05A37582399DAF1DA1DE1C7B . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\xmlprov.dll
      [7] 2006-03-02 . 843E0DB8042A8C0D749EB2B9EFA54F24 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
      [7] 2006-03-02 . 843E0DB8042A8C0D749EB2B9EFA54F24 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll
      .
      [7] 2009-02-09 . 6CBEC637D1B5A19A1C91F2B84E03CDE2 . 739840 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
      [7] 2009-02-09 . D9B5602198F7DEE18B898298A52F684D . 739328 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntdll.dll
      [7] 2009-02-09 . 2A9AF687C920A8FFB84895504413A269 . 739328 . . [5.1.2600.3520] . . c:\windows\system32\ntdll.dll
      [7] 2009-02-09 . 2A9AF687C920A8FFB84895504413A269 . 739328 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\ntdll.dll
      [7] 2009-02-09 . D3A1B3EA95A52C4FAED7963CA1725F3F . 739840 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntdll.dll
      [-] 2008-04-14 . 91346D0D58E9FA1C75D8D0319F281745 . 730624 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ntdll.dll
      [7] 2006-03-02 . 306B64DD1822BB33A7B54D203B8DB4C4 . 732672 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\ntdll.dll
      .
      [7] 2009-02-27 . F42E5D6C75B5C59433690AAB4AB205D1 . 177152 . . [5.1.2600.3531] . . c:\windows\system32\msctfime.ime
      [7] 2009-02-27 . F42E5D6C75B5C59433690AAB4AB205D1 . 177152 . . [5.1.2600.3531] . . c:\windows\system32\dllcache\msctfime.ime
      [7] 2009-02-27 . 3AEC5DBB88B5DF8982857317A00AF9D1 . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3GDR\msctfime.ime
      [7] 2009-02-27 . C6A28D65B1F22FDD643E59A1022555C0 . 177152 . . [5.1.2600.3531] . . c:\windows\$hf_mig$\KB961503\SP2QFE\msctfime.ime
      [7] 2009-02-27 . EE8205E9F125C970711F78908D828B25 . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3QFE\msctfime.ime
      [-] 2008-04-14 . DFE0E9229DD3C1441B93AAB15610B9B8 . 177152 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\msctfime.ime
      [7] 2006-03-02 . BFF509A62E57630555DAD0B7E0209573 . 177152 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB961503$\msctfime.ime
      .
      [-] 2008-04-14 . 2744C713F0217BD8FFD13E2EF731371C . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\eventlog.dll
      [7] 2006-03-02 . 5696DF4EF09C375CE42FB2DDE1E68AB7 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
      [7] 2006-03-02 . 5696DF4EF09C375CE42FB2DDE1E68AB7 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll
      .
      [-] 2008-04-14 . 2A1E1DF559B291583903D2F9CC504522 . 1572352 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\sfcfiles.dll
      [7] 2006-03-02 . AAFD7382D64710AE3A6F1DEE5020CF19 . 1548800 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
      [7] 2006-03-02 . AAFD7382D64710AE3A6F1DEE5020CF19 . 1548800 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll
      .
      [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ipsec.sys
      [7] 2006-03-02 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ipsec.sys
      [-] 2006-03-02 12:00 . A38CA7620A8C95FE96F1A2D6BE753174 . 74752 . . [5 Alpha157 RC37370 14.1061] . . c:\windows\system32\drivers\ipsec.sys
      .
      [-] 2008-04-14 . E424F05B07AC4357DC08D06218D76C7C . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\regsvc.dll
      [7] 2006-03-02 . D025E953864EBEBAB5933086D15C4FC6 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
      [7] 2006-03-02 . D025E953864EBEBAB5933086D15C4FC6 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll
      .
      [-] 2008-04-14 . 51BE25C404D3DD344C6079DE715E4977 . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\schedsvc.dll
      [7] 2006-03-02 . 0125649B3C00D037E07FD7BCEF7B653B . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
      [7] 2006-03-02 . 0125649B3C00D037E07FD7BCEF7B653B . 192000 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll
      .
      [-] 2008-04-14 . B622A432EF02895DE4AA38AC8B85FA4C . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ssdpsrv.dll
      [7] 2006-03-02 . 4AFF5EA8BF2362C3D5001295FDEB3ABD . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
      [7] 2006-03-02 . 4AFF5EA8BF2362C3D5001295FDEB3ABD . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll
      .
      [-] 2008-04-14 . 288B20D56D5F0EC4BCC77FBFA5A81740 . 296960 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\termsrv.dll
      [7] 2006-03-02 . C2038466BE5A6A76EFD592FA0B459E17 . 296960 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll
      [7] 2006-03-02 . C2038466BE5A6A76EFD592FA0B459E17 . 296960 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\termsrv.dll
      .
      [-] 2008-04-14 . 54B34DA91EAF52A8EAC654CED8977980 . 347136 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\hnetcfg.dll
      [7] 2006-03-02 . ED424C815B96ECDB3167914E84189B1D . 347136 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll
      [7] 2006-03-02 . ED424C815B96ECDB3167914E84189B1D . 347136 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\hnetcfg.dll
      .
      [7] 2006-03-02 . 1C905333C0B9F3D7C68DDF25E54B00F9 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
      .
      [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\aec.sys
      [7] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\dllcache\aec.sys
      [7] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\drivers\aec.sys
      .
      [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ip6fw.sys
      [7] 2006-03-02 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ip6fw.sys
      [7] 2006-03-02 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
      .
      [-] 2008-04-14 02:18 . 27415CEEB58C8C2F92AFF8CFE2517A3C . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\mfc40u.dll
      [7] 2006-03-02 12:00 . F1197F879AF9ED702D3E6EBCD3B99107 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll
      [7] 2006-03-02 12:00 . F1197F879AF9ED702D3E6EBCD3B99107 . 924432 . . [4.1.6140] . . c:\windows\system32\dllcache\mfc40u.dll
      .
      [-] 2008-04-14 . 047E70B04B288439245DDC8DD1A31982 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\msgsvc.dll
      [7] 2006-03-02 . CA33F6547C49E749E47FB6A0D1DBE192 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
      [7] 2006-03-02 . CA33F6547C49E749E47FB6A0D1DBE192 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll
      .
      [-] 2008-04-14 02:18 . 57CF215B0250DE0C4AE36ABC8AE31BE4 . 52736 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\mspmsnsv.dll
      [7] 2006-03-02 12:00 . 7BB55C1143F8270467928AA843A48192 . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
      [7] 2005-01-28 06:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
      [7] 2005-01-28 06:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\MsPMSNSv.dll
      [7] 2005-01-28 06:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\dllcache\mspmsnsv.dll
      .
      [7] 2010-02-17 . 297709C813812AFB3274BF685C607572 . 2066176 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
      [7] 2010-02-16 . FDB7031157A14B1C99521BB04AC376EB . 2060800 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
      [7] 2010-02-16 . FDB7031157A14B1C99521BB04AC376EB . 2060800 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntkrnlpa.exe
      [7] 2010-02-16 . EF048F2232A4FE8168D4657E60C1B771 . 2019328 . . [5.1.2600.3670] . . c:\windows\system32\ntkrnlpa.exe
      [7] 2010-02-16 . E7D906C631864E89122862C637234199 . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
      [7] 2010-02-16 . 8154DCA6598C06058410A296FDDC9AC2 . 2069376 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
      [7] 2009-02-10 . 2050C3BAB913974643D43C1A414CACB5 . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
      [7] 2009-02-09 . B2BC59E4885946729BD19EC6C7921FE4 . 2018304 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
      [7] 2009-02-09 . 6DEAEEA5DE2374B98450054B863AE713 . 2065408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
      [7] 2009-02-09 . 9B5E5D325CEDBB10A9A86679634A38CC . 2068608 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
      [-] 2008-04-14 . 2E2931A58B112CDF2A99B00B5DACDBE4 . 2068224 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ntkrnlpa.exe
      [7] 2006-03-02 . 90AA698B03FAFEE217268AB443D7B4A9 . 2017792 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
      .
      [-] 2008-04-14 02:18 . D60C40D71A4D874C903255E4827AFA0C . 437760 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ntmssvc.dll
      [7] 2006-03-02 12:00 . 395948DEE2B0F534A8C70687CC6DD7CA . 437760 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
      [7] 2006-03-02 12:00 . 395948DEE2B0F534A8C70687CC6DD7CA . 437760 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll
      .
      [-] 2008-04-14 . 7594203F459ABDB5FE53C08D6B1BD53B . 186368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\upnphost.dll
      [7] 2006-03-02 . 4B48358383940F6E559DA2F64753029F . 185344 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll
      [7] 2006-03-02 . 4B48358383940F6E559DA2F64753029F . 185344 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\upnphost.dll
      .
      [-] 2008-04-14 . 9EF059A2C76BCE8DB9B0DD95EFE23A48 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\dsound.dll
      [7] 2006-03-02 . BDE6AEDFD66768C08C42DAE5056B6779 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll
      [7] 2006-03-02 . BDE6AEDFD66768C08C42DAE5056B6779 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll
      .
      [-] 2008-04-14 . AE5DD931EFAB3687BA4DF0671F4CE078 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\d3d9.dll
      [7] 2006-03-02 . 77A1379688F15B02D5100183A54778BB . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll
      [7] 2006-03-02 . 77A1379688F15B02D5100183A54778BB . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\d3d9.dll
      .
      [-] 2008-04-14 . 28D0D87445F4ADD6614155EC13F042DD . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ddraw.dll
      [7] 2006-03-02 . 285B7EA6C449DA0E08B1195FE7033A1A . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll
      [7] 2006-03-02 . 285B7EA6C449DA0E08B1195FE7033A1A . 266240 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\ddraw.dll
      .
      [-] 2008-04-14 02:18 . F71CB6064DFC10DFB767B537BFA33D61 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\olepro32.dll
      [7] 2006-03-02 12:00 . 74A98B98FB63049B6FECC472AD09A577 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll
      [7] 2006-03-02 12:00 . 74A98B98FB63049B6FECC472AD09A577 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\olepro32.dll
      .
      [-] 2008-04-14 . 91C2A139745F2AF17E4685A1E54B4FDA . 41984 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\perfctrs.dll
      [7] 2006-03-02 . AC18C8A4D842211748AAACF89EFEBF07 . 41984 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll
      [7] 2006-03-02 . AC18C8A4D842211748AAACF89EFEBF07 . 41984 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\perfctrs.dll
      .
      [-] 2008-04-14 . F4968D88123785BCF95A31E0225C5592 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\version.dll
      [7] 2006-03-02 . 63782F8342BB8F04E0AFCAABA2B60C09 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll
      [7] 2006-03-02 . 63782F8342BB8F04E0AFCAABA2B60C09 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\version.dll
      .
      [-] 2008-04-14 . 12CE2CACCF25D99944CA69F6A3A83441 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\iexplore.exe
      [7] 2006-03-02 . 2E47EC1812526240B1F9E00FB9E5036D . 93184 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\iexplore.exe
      .
      .
      [7] 2010-02-17 . 318271984461DD8E31FF1A36B3B3F099 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
      [7] 2010-02-16 . 12522B524E23A2B846C8E17DC93CF75C . 2183808 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
      [7] 2010-02-16 . 12522B524E23A2B846C8E17DC93CF75C . 2183808 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntoskrnl.exe
      [7] 2010-02-16 . B888916DB7A5ECB44C3375472203A847 . 2139648 . . [5.1.2600.3670] . . c:\windows\system32\ntoskrnl.exe
      [7] 2010-02-16 . D98822B74868D236D7B0EA6F96D3641E . 2189312 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
      [7] 2010-02-16 . 1D596B8BEBAB1A9C7B749D553E5E2A20 . 2192512 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
      [7] 2009-02-10 . 6BC8E4AAFC98B556B8FB616AD30CD5A3 . 2191616 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
      [7] 2009-02-09 . 9B16A0B87E09C6D03FD3E7BEEB3F133D . 2138624 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
      [7] 2009-02-09 . 9AB66A74CDD55AEBB975FD7C77A39B7D . 2188544 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
      [7] 2009-02-09 . 0A413FFFE5C2FC00D5F8F6FF4B3F6889 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
      [-] 2008-04-14 . 6468827016FA22CAE81D7059F1A974C0 . 2191360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\ntoskrnl.exe
      [7] 2006-03-02 . DEC879BE42071616F07F73B4CF0C367B . 2150912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
      .
      [-] 2008-04-14 . 0F30EEC6013FCF76693405EC4A7DF899 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\srsvc.dll
      [7] 2006-03-02 . C791D16BF25264738B14873436293BD0 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
      [7] 2006-03-02 . C791D16BF25264738B14873436293BD0 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
      .
      [-] 2008-04-14 . C71CFACDBFADD819736F61F5738BDDC1 . 177152 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\w32time.dll
      [7] 2006-03-02 . 13835C57C973519F82B27EA506239369 . 176640 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll
      [7] 2006-03-02 . 13835C57C973519F82B27EA506239369 . 176640 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\w32time.dll
      .
      [-] 2008-04-14 . 7226422C95FDF8AA6092EE964912B0DF . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\wiaservc.dll
      [7] 2006-03-02 . FFFA385FEADC60175C653AFB215F539A . 333824 . . [5.1.2600.2180] . . c:\windows\system32\wiaservc.dll
      [7] 2006-03-02 . FFFA385FEADC60175C653AFB215F539A . 333824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wiaservc.dll
      .
      [-] 2008-04-14 . D94FF77931D467AC3ED916F767FA7E1F . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\midimap.dll
      [7] 2006-03-02 . 3D9CD39DA8C8FC3C04BF11B89501C9FB . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll
      [7] 2006-03-02 . 3D9CD39DA8C8FC3C04BF11B89501C9FB . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\midimap.dll
      .
      [-] 2008-04-14 . 73ECA7B33EB3F7262D92EA80B61708CD . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\rasadhlp.dll
      [7] 2006-03-02 . B9FC593B9487F8755F974FE7147B8191 . 8192 . . [5.1.2600.2180] . . c:\windows\system32\rasadhlp.dll
      [7] 2006-03-02 . B9FC593B9487F8755F974FE7147B8191 . 8192 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\rasadhlp.dll
      .
      [-] 2008-04-14 . AF6AFCD7BAB71127B3812762500EFBA1 . 19456 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\4fcdf3a74fe834ce16dc12a720df5cc7\wshtcpip.dll
      [7] 2006-03-02 . DE1A0E546351E4D33BB7E1FB8480E9E1 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\wshtcpip.dll
      [7] 2006-03-02 . DE1A0E546351E4D33BB7E1FB8480E9E1 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wshtcpip.dll
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
      "{0974848a-b5bc-49f2-9778-307742b4a55d}"= "c:\archivos de programa\softonic.com4\prxtbsof1.dll" [2011-05-09 176936]
      "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\archivos de programa\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2012-03-15 86696]
      .
      [HKEY_CLASSES_ROOT\clsid\{0974848a-b5bc-49f2-9778-307742b4a55d}]
      .
      [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
      .
      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974848a-b5bc-49f2-9778-307742b4a55d}]
      2011-05-09 09:49 176936 ----a-w- c:\archivos de programa\softonic.com4\prxtbsof1.dll
      .
      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
      2012-03-15 21:02 86696 ----a-w- c:\archivos de programa\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\archivos de programa\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2012-03-15 86696]
      .
      [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
      .
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
      "{0974848A-B5BC-49F2-9778-307742B4A55D}"= "c:\archivos de programa\softonic.com4\prxtbsof1.dll" [2011-05-09 176936]
      .
      [HKEY_CLASSES_ROOT\clsid\{0974848a-b5bc-49f2-9778-307742b4a55d}]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SUPERAntiSpyware"="c:\archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-01 2010864]
      "ares"="c:\archivos de programa\Ares\Ares.exe" [2008-12-13 882176]
      "lollipop"="c:\documents and settings\moises\configuración local\datos de programa\lollipop\lollipop.exe" [2012-10-06 913408]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-08-14 98304]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-08-14 114688]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2006-08-14 94208]
      "Acceso directo a la página de propiedades de High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]
      "StatusClient"="c:\archivos de programa\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
      "TomcatStartup"="c:\archivos de programa\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
      "HP Software Update"="c:\archivos de programa\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
      "HP Component Manager"="c:\archivos de programa\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
      "SunJavaUpdateSched"="c:\archivos de programa\Archivos comunes\Java\Java Update\jusched.exe" [2010-10-29 249064]
      "PSUAMain"="c:\archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2012-08-26 37152]
      "Panda Security URL Filtering"="c:\documents and settings\All Users.WINDOWS\Datos de programa\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2012-03-15 217256]
      .
      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
      .
      c:\documents and settings\All Users.WINDOWS\Menú Inicio\Programas\Inicio\
      HP Digital Imaging Monitor.lnk - c:\archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
      Inicio rápido de HP Image Zone.lnk - c:\archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-29 53248]
      .
      c:\documents and settings\All Users.WINDOWS\Menú Inicio\Programas\Inicio\Ansonic
      AN-W541USB Wireless Utility.lnk - c:\archivos de programa\Ansonic\AN-W541USB Wireless Utility\ZDWlan.exe [2008-12-14 520192]
      .
      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\archivos de programa\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
      .
      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
      "c:\\Archivos de programa\\Messenger\\msmsgs.exe"=
      "c:\\Archivos de programa\\Ares\\Ares.exe"=
      "c:\\Archivos de programa\\Windows Live\\Messenger\\wlcsdk.exe"=
      "c:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\Archivos de programa\\Windows Live\\Sync\\WindowsLiveSync.exe"=
      "c:\\Archivos de programa\\Mozilla Firefox\\firefox.exe"=
      "c:\\Archivos de programa\\Skype\\Phone\\Skype.exe"=
      "c:\\Archivos de programa\\Skype\\Plugin Manager\\skypePM.exe"=
      "c:\\Archivos de programa\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
      "c:\\Archivos de programa\\Panda Security\\Panda Security Toolbar\\dtuser.exe"=
      .
      R1 NNSALPC;NNSAlpc;c:\windows\system32\drivers\NNSAlpc.sys [27/06/2012 15:51 82472]
      R1 NNSHTTP;NNSHttp;c:\windows\system32\drivers\NNSHttp.sys [27/06/2012 15:51 120744]
      R1 NNSIDS;NNSids;c:\windows\system32\drivers\NNSIds.sys [27/06/2012 15:51 122664]
      R1 NNSPICC;NNSPicc;c:\windows\system32\drivers\NNSpicc.sys [27/06/2012 15:51 93992]
      R1 NNSPOP3;NNSPop3;c:\windows\system32\drivers\NNSPop3.sys [27/06/2012 15:51 104104]
      R1 NNSPROT;NNSProt;c:\windows\system32\drivers\NNSProt.sys [27/06/2012 15:51 286376]
      R1 NNSPRV;NNSPrv;c:\windows\system32\drivers\NNSPrv.sys [27/06/2012 15:51 153000]
      R1 NNSSMTP;NNSSmtp;c:\windows\system32\drivers\NNSSmtp.sys [27/06/2012 15:51 106536]
      R1 NNSSTRM;NNSStrm;c:\windows\system32\drivers\NNSStrm.sys [12/07/2012 11:18 206632]
      R1 NNSTLSC;NNSTlsc;c:\windows\system32\drivers\NNStlsc.sys [27/06/2012 15:51 92840]
      R1 PSINKNC;PSINKnc;c:\windows\system32\drivers\PSINKNC.sys [26/08/2012 10:46 179368]
      R1 SASDIFSV;SASDIFSV;c:\archivos de programa\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 11:25 12872]
      R1 SASKUTIL;SASKUTIL;c:\archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS [17/02/2010 11:15 66632]
      R2 MBAMScheduler;MBAMScheduler;c:\archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe [09/10/2012 19:12 399432]
      R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe [26/08/2012 10:41 140064]
      R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [26/08/2012 10:46 149544]
      R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [26/08/2012 10:46 102696]
      R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [26/08/2012 10:46 114856]
      R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [26/08/2012 10:46 120872]
      R2 PSUAService;Panda Product Service;c:\archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe [26/08/2012 11:14 36640]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [09/10/2012 19:12 22856]
      R3 SASENUM;SASENUM;c:\archivos de programa\SUPERAntiSpyware\SASENUM.SYS [17/02/2010 11:15 12872]
      R3 ZD1211BU(Ansonic);AN-W541USB Wireless USB Adapter Driver(Ansonic);c:\windows\system32\drivers\ZD1211BU.sys [14/12/2008 20:15 500736]
      S2 gupdate;Servicio Google Update (gupdate);c:\archivos de programa\Google\Update\GoogleUpdate.exe [20/10/2010 20:21 136176]
      S2 MBAMService;MBAMService;c:\archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe [11/02/2010 21:34 676936]
      S3 gupdatem;Servicio de Google Update (gupdatem);c:\archivos de programa\Google\Update\GoogleUpdate.exe [20/10/2010 20:21 136176]
      S3 MozillaMaintenance;Mozilla Maintenance Service;c:\archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe [26/05/2012 18:05 114144]
      S3 NNSNAHS;Network Activity Hook Server Service;c:\windows\system32\drivers\NNSNAHS.sys [09/09/2011 13:54 38536]
      S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 22:22 34064]
      S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [23/09/2012 12:43 18432]
      S4 NNSPIHS;NNSPihs;c:\windows\system32\drivers\NNSpihs.sys [27/06/2012 15:51 51496]
      .
      --- Other Services/Drivers In Memory ---
      .
      *Deregistered* - PSKMAD
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\archivos de programa\Google\Update\GoogleUpdate.exe [2010-10-20 18:21]
      .
      2012-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\archivos de programa\Google\Update\GoogleUpdate.exe [2010-10-20 18:21]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.es/
      mStart Page = hxxp://www.google.com
      uInternet Settings,ProxyOverride = <local>
      IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
      FF - ProfilePath - c:\documents and settings\Moises\Datos de programa\Mozilla\Firefox\Profiles\bu1hmk4t.default\
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.es/
      FF - prefs.js: network.proxy.type - 0
      FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=7c97ea060000000000000015609a6418&q=
      FF - user.js: extensions.BabylonToolbar.id - 7c97ea060000000000000015609a6418
      FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
      FF - user.js: extensions.BabylonToolbar.instlDay - 15620
      FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7
      FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.722:48
      FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
      FF - user.js: extensions.BabylonToolbar.instlRef - sst
      FF - user.js: extensions.BabylonToolbar.dfltLng - en
      FF - user.js: extensions.BabylonToolbar.excTlbr - false
      FF - user.js: extensions.BabylonToolbar.admin - false
      FF - user.js: extensions.claro.id - 7c97ea060000000000000015609a6418
      FF - user.js: extensions.claro.instlDay - 15621
      FF - user.js: extensions.claro.vrsn - 1.6.4.1
      FF - user.js: extensions.claro.vrsni - 1.6.4.1
      FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.110:29
      FF - user.js: extensions.claro.prtnrId - claro
      FF - user.js: extensions.claro.prdct - claro
      FF - user.js: extensions.claro.aflt - babsst
      FF - user.js: extensions.claro_i.smplGrp - none
      FF - user.js: extensions.claro.tlbrId - claro
      FF - user.js: extensions.claro.instlRef - sst
      FF - user.js: extensions.claro.dfltLng - en
      FF - user.js: extensions.claro.excTlbr - false
      FF - user.js: extensions.claro.admin - false
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-10 - (no file)
      HKCU-Run-Bubble Dock - c:\documents and settings\Moises\Datos de programa\Nosibay\Bubble Dock\LBubble Dock.exe
      .
      .
      .
      **************************************************************************
      .
      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2012-10-10 09:01
      Windows 5.1.2600 Service Pack 2 NTFS
      .
      scanning hidden processes ...
      .
      scanning hidden autostart entries ...
      .
      scanning hidden files ...
      .
      scan completed successfully
      hidden files: 0
      .
      **************************************************************************
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------
      .
      - - - - - - - > 'explorer.exe'(2468)
      c:\documents and settings\All Users.WINDOWS\Datos de programa\Panda Security URL Filtering\panda_url_filtering.dll
      c:\windows\system32\msi.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\archivos de programa\HP\Digital Imaging\bin\hpqgalry.exe
      c:\archivos de programa\Java\jre6\bin\jqs.exe
      c:\windows\system32\wdfmgr.exe
      c:\windows\system32\wbem\wmiapsrv.exe
      c:\windows\system32\wscntfy.exe
      .
      **************************************************************************
      .
      Completion time: 2012-10-10 09:17:04 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-10-10 07:17
      .
      Pre-Run: 116.831.232.000 bytes libres
      Post-Run: 117.296.427.008 bytes libres
      .
      WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
      [boot loader]
      timeout=2
      default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
      [operating systems]
      c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
      UnsupportedDebug="do not select this" /debug
      multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
      .
      - - End Of File - - BEEB3833C32DF36CC507D4B16BAAA16D

    6. #6
      Usuario Avatar de FaceMan
      Registrado
      oct 2012
      Ubicación
      Sevilla
      Mensajes
      13

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      Y ahora el log de AT Destroyer.

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 10/10/2012
      Hora iniciada en el analisis 8:23:43,89
      Usuario Actual : [C:\Documents and Settings\Moises]
      Sistema Operativo: Windows XP
      Service pack: 2
      Arquitectura: Sistema operativo de 32 bits
      Versión Internet Explorer: 6.0.2900.2180
      Modo Actual: Modo Normal.
      Privilegios: [Moises-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox: 15.0.1

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {99079a25-328f-4bd4-be04-00955acaa0a7} )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {977AE9CC-AF83-45E8-9E03-E2798216E2D5} )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {0974848a-b5bc-49f2-9778-307742b4a55d} )
      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_CURRENT_USER\Software\DataMngr\Files
      HKEY_CURRENT_USER\Software\DataMngr\Files\ChromeHomepage
      HKEY_CURRENT_USER\Software\DataMngr\Files\Homepage
      HKEY_CURRENT_USER\Software\DataMngr\Files\SelectedSearch
      HKEY_CURRENT_USER\Software\DataMngr\Files\UrlbarSearch
      HKEY_CURRENT_USER\Software\DataMngr\List
      HKEY_CURRENT_USER\Software\DataMngr\List\Item1
      HKEY_CURRENT_USER\Software\DataMngr\List\Item2
      HKEY_CURRENT_USER\Software\DataMngr\List\Item3
      HKEY_CURRENT_USER\Software\DataMngr\Toolbar
      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_CURRENT_USER\Software\DataMngr_Toolbar
      HKEY_CURRENT_USER\Software\DataMngr_Toolbar
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item1
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item2
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item3
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
      HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32
      HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\Implemented Categories
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\InprocServer32
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\ProgID
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\Programmable
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\TypeLib
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\VersionIndependentProgID
      HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
      HKEY_CURRENT_USER\Software\Conduit
      HKEY_CURRENT_USER\Software\Conduit\AppPaths
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Channels
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Channels\825439
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Channels\825439\Feeds
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Channels\909619
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Channels\909619\Feeds
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Feeds
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Feeds\821247
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Feeds\821247\History
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Feeds\905414
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\InstantAlertIds
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Sources
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Data\Sources\IE_TB_CT2431232
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\RegisteredSources
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings\Locales
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings\Locales\en
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings\Services
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings\Services\ChannelsSettings
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings\Services\DynamicDialogs
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings\Services\Login
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings\Services\Translation
      HKEY_CURRENT_USER\Software\Conduit\Community Alerts\Settings\Services\Usage
      HKEY_CURRENT_USER\Software\Conduit\FeatureProtector
      HKEY_CURRENT_USER\Software\Conduit\Settings
      HKEY_CURRENT_USER\Software\Conduit\Toolbar
      HKEY_CURRENT_USER\Software\Conduit\Toolbar\EmailNotifier
      HKEY_CURRENT_USER\Software\Conduit\Toolbar\EmailNotifier\SourcesLastCheckTimes
      HKEY_CURRENT_USER\Software\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Community Alerts
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms\{0974848a-b5bc-49f2-9778-307742b4a55d}
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms\{B215F2D2-A0FC-4D3B-AD28-A16C1FC23FFC}
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms\{BB93C2D4-A1B1-4BDA-8A98-AB330CE4C6BD}
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Toolbars
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
      HKEY_CURRENT_USER\SOFTWARE\Iminent
      HKEY_CURRENT_USER\SOFTWARE\Iminent


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      "C:\Documents and Settings\Moises\Datos de programa\searchquband"
      C:\Documents and Settings\Moises\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}
      "C:\Documents and Settings\Moises\AppData\LocalLow\DataMngr"
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\1.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\a.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\b.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\c.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\d.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\e.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\f.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\g.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\h.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\i.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\J.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\k.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\l.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\m.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\mru.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\n.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\o.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\p.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\q.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\r.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\s.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\t.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\u.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\v.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\w.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\x.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\y.xml
      C:\Documents and Settings\Moises\Datos de programa\PriceGong\Data\z.xml
      "C:\Documents and Settings\Moises\Datos de programa\PriceGong"
      C:\Documents and Settings\Moises\Datos de programa\Babylon\log_file.txt
      "C:\Documents and Settings\Moises\Datos de programa\Babylon"
      C:\Archivos de programa\Conduit\Community Alerts
      C:\Archivos de programa\Conduit\Community Alerts\Alert.dll
      C:\Archivos de programa\Conduit\Community Alerts\Alert0.dll
      C:\Archivos de programa\Conduit\Community Alerts\Alert1.dll
      "C:\Archivos de programa\Conduit"
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\arrow_refresh.png
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\basis.xml
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cog.png
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\computer_delete.png
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\icons.bmp
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\IMinent_Toolbar.crc
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\info.txt
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\TbHelper2.exe
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\uninstall.exe
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\update.exe
      C:\Documents and Settings\Moises\Datos de programa\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\version.txt
      "C:\Documents and Settings\Moises\Datos de programa\Toolbar4"
      C:\DOCUME~1\Moises\CONFIG~1\Temp\searchqutoolbar-manifest.xml
      C:\Archivos de programa\mozilla firefox\searchplugins\babylon.xml
      C:\WINDOWS\System32\ezsidmv.dat
      C:\WINDOWS\System32\d3d9caps.dat
      C:\user.js


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      -
      Start Page == http://www.google.com
      -
      Search Page == http://search.live.com
      -
      Local Page == C:\WINDOWS\system32\blank.htm
      -
      -

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      -
      Start Page == http://www.google.com
      -
      Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      -
      Local Page == %SystemRoot%\system32\blank.htm
      -
      Default_Search_URL == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      -
      Default_Page_URL == http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome


      "HKEY_USERS\S-1-5-21-1659004503-1788223648-839522115-1004\Software\Microsoft\Internet Explorer\Main"
      -
      Start Page == http://www.google.com
      -
      Search Page == http://search.live.com
      -
      Local Page == C:\WINDOWS\system32\blank.htm
      -
      -


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("extensions.crossriderapp5060.5060.homepage", "");
      user_pref("pref.browser.homepage.disable_button.current_page", false);
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======

      Lo he dividido en 2post porque sobrepasaban los 75000 caracteres en uno sólo. Gracias

    7. #7
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      Ejecuta según su manual:

      Manual de TDSSKiller.


      Me traes el reporte generado.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de FaceMan
      Registrado
      oct 2012
      Ubicación
      Sevilla
      Mensajes
      13

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      Hola Anoika. Gracias ante todo. Te paso el reporte.

      13:00:50.0812 3416 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
      13:00:50.0906 3416 ============================================================
      13:00:50.0906 3416 Current date / time: 2012/10/13 13:00:50.0906
      13:00:50.0906 3416 SystemInfo:
      13:00:50.0906 3416
      13:00:50.0906 3416 OS Version: 5.1.2600 ServicePack: 2.0
      13:00:50.0906 3416 Product type: Workstation
      13:00:50.0906 3416 ComputerName: MOISES-E4341ADD
      13:00:50.0906 3416 UserName: Moises
      13:00:50.0906 3416 Windows directory: C:\WINDOWS
      13:00:50.0906 3416 System windows directory: C:\WINDOWS
      13:00:50.0906 3416 Processor architecture: Intel x86
      13:00:50.0906 3416 Number of processors: 2
      13:00:50.0906 3416 Page size: 0x1000
      13:00:50.0906 3416 Boot type: Normal boot
      13:00:50.0906 3416 ============================================================
      13:00:52.0281 3416 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
      13:00:52.0281 3416 Drive \Device\Harddisk1\DR4 - Size: 0x77880000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      13:00:52.0281 3416 ============================================================
      13:00:52.0281 3416 \Device\Harddisk0\DR0:
      13:00:52.0281 3416 MBR partitions:
      13:00:52.0281 3416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
      13:00:52.0281 3416 \Device\Harddisk1\DR4:
      13:00:52.0281 3416 MBR partitions:
      13:00:52.0281 3416 \Device\Harddisk1\DR4\Partition1: MBR, Type 0xC, StartLBA 0x1208, BlocksNum 0x3BB1F8
      13:00:52.0281 3416 ============================================================
      13:00:52.0312 3416 C: <-> \Device\Harddisk0\DR0\Partition1
      13:00:52.0312 3416 ============================================================
      13:00:52.0312 3416 Initialize success
      13:00:52.0312 3416 ============================================================
      13:02:41.0328 3492 ============================================================
      13:02:41.0328 3492 Scan started
      13:02:41.0328 3492 Mode: Manual;
      13:02:41.0328 3492 ============================================================
      13:02:41.0468 3492 ================ Scan system memory ========================
      13:02:41.0468 3492 System memory - ok
      13:02:41.0468 3492 ================ Scan services =============================
      13:02:41.0578 3492 Abiosdsk - ok
      13:02:41.0578 3492 abp480n5 - ok
      13:02:41.0625 3492 [ 33D1373EE875CE8B063777F7E77815B7 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
      13:02:41.0625 3492 ACPI - ok
      13:02:41.0656 3492 [ 1C905333C0B9F3D7C68DDF25E54B00F9 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
      13:02:41.0656 3492 ACPIEC - ok
      13:02:41.0671 3492 adpu160m - ok
      13:02:41.0703 3492 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
      13:02:41.0703 3492 aec - ok
      13:02:41.0750 3492 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
      13:02:41.0750 3492 AFD - ok
      13:02:41.0750 3492 Aha154x - ok
      13:02:41.0765 3492 aic78u2 - ok
      13:02:41.0765 3492 aic78xx - ok
      13:02:41.0812 3492 [ FFD14EA04A74CE3AA34E9511C994C590 ] Alerter C:\WINDOWS\system32\alrsvc.dll
      13:02:41.0812 3492 Alerter - ok
      13:02:41.0843 3492 [ 906D6932D533F1591CAA84E846B9BA06 ] ALG C:\WINDOWS\System32\alg.exe
      13:02:41.0843 3492 ALG - ok
      13:02:41.0843 3492 AliIde - ok
      13:02:41.0859 3492 amsint - ok
      13:02:41.0859 3492 AppMgmt - ok
      13:02:41.0875 3492 asc - ok
      13:02:41.0875 3492 asc3350p - ok
      13:02:41.0875 3492 asc3550 - ok
      13:02:41.0953 3492 [ B979979AB8027F7F53FB16EC4229B7DB ] ASPI32 C:\WINDOWS\system32\drivers\ASPI32.sys
      13:02:41.0953 3492 ASPI32 - ok
      13:02:42.0046 3492 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
      13:02:42.0062 3492 aspnet_state - ok
      13:02:42.0093 3492 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      13:02:42.0093 3492 AsyncMac - ok
      13:02:42.0140 3492 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
      13:02:42.0140 3492 atapi - ok
      13:02:42.0140 3492 Atdisk - ok
      13:02:42.0171 3492 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      13:02:42.0171 3492 Atmarpc - ok
      13:02:42.0218 3492 [ F72DF7512D92C2ABEDFAE488411C9FE4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
      13:02:42.0218 3492 AudioSrv - ok
      13:02:42.0250 3492 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
      13:02:42.0250 3492 audstub - ok
      13:02:42.0281 3492 [ 48BF91CFFBCDD12A710207F2A08FEC4D ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
      13:02:42.0296 3492 b57w2k - ok
      13:02:42.0328 3492 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
      13:02:42.0328 3492 Beep - ok
      13:02:42.0390 3492 [ 02451268DC47E4DC228210DA0E3C3274 ] BITS C:\WINDOWS\system32\qmgr.dll
      13:02:42.0421 3492 BITS - ok
      13:02:42.0453 3492 [ D01CFCC753B09E70F5B7622501FF5383 ] Browser C:\WINDOWS\System32\browser.dll
      13:02:42.0453 3492 Browser - ok
      13:02:42.0453 3492 catchme - ok
      13:02:42.0484 3492 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
      13:02:42.0484 3492 cbidf2k - ok
      13:02:42.0484 3492 cd20xrnt - ok
      13:02:42.0515 3492 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
      13:02:42.0515 3492 Cdaudio - ok
      13:02:42.0546 3492 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
      13:02:42.0546 3492 Cdfs - ok
      13:02:42.0593 3492 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
      13:02:42.0593 3492 Cdrom - ok
      13:02:42.0609 3492 Changer - ok
      13:02:42.0640 3492 [ C2991BBEF6836C9B3ABCE7F87B19B0E8 ] CiSvc C:\WINDOWS\system32\cisvc.exe
      13:02:42.0640 3492 CiSvc - ok
      13:02:42.0656 3492 [ 7931F88DB9B42B3F7B5D9978BBACB22A ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
      13:02:42.0656 3492 ClipSrv - ok
      13:02:42.0703 3492 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      13:02:42.0734 3492 clr_optimization_v2.0.50727_32 - ok
      13:02:42.0828 3492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      13:02:42.0828 3492 clr_optimization_v4.0.30319_32 - ok
      13:02:42.0828 3492 CmdIde - ok
      13:02:42.0843 3492 COMSysApp - ok
      13:02:42.0843 3492 Cpqarray - ok
      13:02:42.0875 3492 [ 149CFFBF77CC1306FC535557CF513B91 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
      13:02:42.0875 3492 CryptSvc - ok
      13:02:42.0890 3492 dac2w2k - ok
      13:02:42.0890 3492 dac960nt - ok
      13:02:42.0937 3492 [ 7A828726797A542BE390C054563E60BA ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
      13:02:42.0937 3492 DcomLaunch - ok
      13:02:42.0984 3492 [ 83E48A6E01E8D9B26CFDDA050B0A4758 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
      13:02:42.0984 3492 Dhcp - ok
      13:02:43.0015 3492 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
      13:02:43.0015 3492 Disk - ok
      13:02:43.0031 3492 dmadmin - ok
      13:02:43.0093 3492 [ 9FB634A0ED429AA64DE57C53DD10CCF9 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
      13:02:43.0125 3492 dmboot - ok
      13:02:43.0156 3492 [ 67DECFAF3B6CDB34B3FA77D965281BB5 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
      13:02:43.0171 3492 dmio - ok
      13:02:43.0187 3492 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
      13:02:43.0187 3492 dmload - ok
      13:02:43.0218 3492 [ 9108AFA79D60EBFB2D6AF87B9515BA1A ] dmserver C:\WINDOWS\System32\dmserver.dll
      13:02:43.0218 3492 dmserver - ok
      13:02:43.0250 3492 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
      13:02:43.0250 3492 DMusic - ok
      13:02:43.0296 3492 [ 8739D42144E3687F5D107D1A1B10B9C1 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
      13:02:43.0296 3492 Dnscache - ok
      13:02:43.0343 3492 [ AD7FC1963B152B3728E3C4F83554A576 ] Dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
      13:02:43.0359 3492 Dot4 - ok
      13:02:43.0421 3492 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
      13:02:43.0421 3492 Dot4Print - ok
      13:02:43.0468 3492 [ A2455D1ECB4C7312E95929997FF20D1B ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
      13:02:43.0484 3492 dot4usb - ok
      13:02:43.0484 3492 dpti2o - ok
      13:02:43.0515 3492 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
      13:02:43.0515 3492 drmkaud - ok
      13:02:43.0546 3492 [ 90C85A6F2E6529526B897BE25343663A ] ERSvc C:\WINDOWS\System32\ersvc.dll
      13:02:43.0562 3492 ERSvc - ok
      13:02:43.0593 3492 [ 35A8E2160C1481D08FB97666C2127FE2 ] Eventlog C:\WINDOWS\system32\services.exe
      13:02:43.0609 3492 Eventlog - ok
      13:02:43.0640 3492 [ 5BB73A064A19A5A3531A1EC6339F5082 ] EventSystem C:\WINDOWS\system32\es.dll
      13:02:43.0656 3492 EventSystem - ok
      13:02:43.0687 3492 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
      13:02:43.0687 3492 Fastfat - ok
      13:02:43.0734 3492 [ DBCF824BA771A1F27E6F5124D0516358 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
      13:02:43.0734 3492 FastUserSwitchingCompatibility - ok
      13:02:43.0765 3492 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
      13:02:43.0765 3492 Fdc - ok
      13:02:43.0812 3492 [ 6E9D149CFAE2AF4783F85DBD6CEDF7A1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
      13:02:43.0812 3492 Fips - ok
      13:02:43.0843 3492 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
      13:02:43.0843 3492 Flpydisk - ok
      13:02:43.0890 3492 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
      13:02:43.0890 3492 FltMgr - ok
      13:02:43.0953 3492 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
      13:02:43.0953 3492 FontCache3.0.0.0 - ok
      13:02:44.0000 3492 [ E0087225B137E57239FF40F8AE82059B ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
      13:02:44.0000 3492 fssfltr - ok
      13:02:44.0125 3492 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe
      13:02:44.0140 3492 fsssvc - ok
      13:02:44.0171 3492 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
      13:02:44.0171 3492 Fs_Rec - ok
      13:02:44.0187 3492 [ CC5F3AF5711A1C7C8FA1D43BB16B401A ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      13:02:44.0187 3492 Ftdisk - ok
      13:02:44.0218 3492 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
      13:02:44.0218 3492 Gpc - ok
      13:02:44.0296 3492 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Archivos de programa\Google\Update\GoogleUpdate.exe
      13:02:44.0296 3492 gupdate - ok
      13:02:44.0312 3492 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Archivos de programa\Google\Update\GoogleUpdate.exe
      13:02:44.0312 3492 gupdatem - ok
      13:02:44.0343 3492 [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
      13:02:44.0343 3492 HdAudAddService - ok
      13:02:44.0359 3492 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
      13:02:44.0359 3492 HDAudBus - ok
      13:02:44.0437 3492 [ E9982061A16EC28239EFEDE6BD6DE846 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
      13:02:44.0437 3492 helpsvc - ok
      13:02:44.0437 3492 HidServ - ok
      13:02:44.0453 3492 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
      13:02:44.0453 3492 hidusb - ok
      13:02:44.0453 3492 hpn - ok
      13:02:44.0500 3492 [ 5FABA4775D4C61E55EC669D643FFC71F ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
      13:02:44.0500 3492 HPZid412 - ok
      13:02:44.0515 3492 [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
      13:02:44.0515 3492 HPZipr12 - ok
      13:02:44.0562 3492 [ 2906949BD4E206F2BB0DD1896CE9F66F ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
      13:02:44.0562 3492 HPZius12 - ok
      13:02:44.0625 3492 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
      13:02:44.0625 3492 HTTP - ok
      13:02:44.0656 3492 [ EF167770BD4358B395608F61BA11C6D4 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
      13:02:44.0656 3492 HTTPFilter - ok
      13:02:44.0671 3492 i2omgmt - ok
      13:02:44.0671 3492 i2omp - ok
      13:02:44.0687 3492 [ 0CAB3EE361CFEAB260B3906C8B6FB2BE ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      13:02:44.0687 3492 i8042prt - ok
      13:02:44.0750 3492 [ 85D42B7F0DD406ADF5E3EC7659A279EC ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
      13:02:44.0812 3492 ialm - ok
      13:02:44.0890 3492 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      13:02:44.0953 3492 idsvc - ok
      13:02:44.0984 3492 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
      13:02:44.0984 3492 Imapi - ok
      13:02:45.0031 3492 [ CEE36882EA2298D0AD7E5C1BA750D49C ] ImapiService C:\WINDOWS\system32\imapi.exe
      13:02:45.0046 3492 ImapiService - ok
      13:02:45.0046 3492 ini910u - ok
      13:02:45.0062 3492 IntelIde - ok
      13:02:45.0093 3492 [ 98BBC0E8EFA90FFF1EC9456EE7B0B1F1 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
      13:02:45.0093 3492 intelppm - ok
      13:02:45.0125 3492 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
      13:02:45.0125 3492 Ip6Fw - ok
      13:02:45.0156 3492 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      13:02:45.0156 3492 IpFilterDriver - ok
      13:02:45.0187 3492 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
      13:02:45.0187 3492 IpInIp - ok
      13:02:45.0218 3492 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
      13:02:45.0218 3492 IpNat - ok
      13:02:45.0265 3492 [ A38CA7620A8C95FE96F1A2D6BE753174 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
      13:02:45.0265 3492 IPSec ( Virus.Win32.ZAccess.l ) - infected
      13:02:45.0265 3492 IPSec - detected Virus.Win32.ZAccess.l (0)
      13:02:45.0296 3492 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
      13:02:45.0296 3492 IRENUM - ok
      13:02:45.0328 3492 [ 90BC6118193B4E8A76F0FC0D4A3572DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
      13:02:45.0328 3492 isapnp - ok
      13:02:45.0421 3492 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Archivos de programa\Java\jre6\bin\jqs.exe
      13:02:45.0421 3492 JavaQuickStarterService - ok
      13:02:45.0468 3492 [ 71BFDDA7B3006B45B18D8BAC92BC9993 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      13:02:45.0468 3492 Kbdclass - ok
      13:02:45.0500 3492 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
      13:02:45.0515 3492 kmixer - ok
      13:02:45.0546 3492 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
      13:02:45.0546 3492 KSecDD - ok
      13:02:45.0578 3492 [ 22211F6FB9C4369B64A2B62050241EB3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
      13:02:45.0578 3492 lanmanserver - ok
      13:02:45.0625 3492 [ D8DEA6E5959FA7CB602F6A6EADC0E7A9 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
      13:02:45.0640 3492 lanmanworkstation - ok
      13:02:45.0656 3492 lbrtfdc - ok
      13:02:45.0687 3492 [ F9801C6F1682A9F3099D694320BFFC27 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
      13:02:45.0687 3492 LmHosts - ok
      13:02:45.0718 3492 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
      13:02:45.0718 3492 MBAMProtector - ok
      13:02:45.0812 3492 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe
      13:02:45.0812 3492 MBAMScheduler - ok
      13:02:45.0859 3492 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
      13:02:45.0890 3492 MBAMService - ok
      13:02:45.0937 3492 [ CA33F6547C49E749E47FB6A0D1DBE192 ] Messenger C:\WINDOWS\System32\msgsvc.dll
      13:02:45.0937 3492 Messenger - ok
      13:02:45.0968 3492 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
      13:02:45.0968 3492 mnmdd - ok
      13:02:46.0000 3492 [ A0751C0AF862E271FBB135B4B7D56C4D ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
      13:02:46.0000 3492 mnmsrvc - ok
      13:02:46.0031 3492 [ B65F57D37E8D43089B701ED16E22D0E9 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
      13:02:46.0031 3492 Modem - ok
      13:02:46.0062 3492 [ 05E9C75C6797145A4983E9D0A4778BC3 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
      13:02:46.0062 3492 Mouclass - ok
      13:02:46.0093 3492 [ 8EE532E516B2D23D686CFC1CC0A15C25 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
      13:02:46.0109 3492 mouhid - ok
      13:02:46.0140 3492 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
      13:02:46.0140 3492 MountMgr - ok
      13:02:46.0187 3492 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe
      13:02:46.0187 3492 MozillaMaintenance - ok
      13:02:46.0187 3492 mraid35x - ok
      13:02:46.0218 3492 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      13:02:46.0218 3492 MRxDAV - ok
      13:02:46.0265 3492 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      13:02:46.0281 3492 MRxSmb - ok
      13:02:46.0328 3492 [ 64CF2B82B89B5DDDF04B1C5CFED39518 ] MSDTC C:\WINDOWS\system32\msdtc.exe
      13:02:46.0328 3492 MSDTC - ok
      13:02:46.0375 3492 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
      13:02:46.0375 3492 Msfs - ok
      13:02:46.0375 3492 MSIServer - ok
      13:02:46.0421 3492 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
      13:02:46.0421 3492 MSKSSRV - ok
      13:02:46.0453 3492 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      13:02:46.0453 3492 MSPCLOCK - ok
      13:02:46.0468 3492 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
      13:02:46.0468 3492 MSPQM - ok
      13:02:46.0500 3492 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      13:02:46.0515 3492 mssmbios - ok
      13:02:46.0546 3492 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
      13:02:46.0546 3492 Mup - ok
      13:02:46.0625 3492 [ 9821F54FD943D9E8A5BA56AEBF6297AC ] NanoServiceMain C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe
      13:02:46.0625 3492 NanoServiceMain - ok
      13:02:46.0640 3492 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
      13:02:46.0640 3492 NDIS - ok
      13:02:46.0687 3492 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      13:02:46.0687 3492 NdisTapi - ok
      13:02:46.0718 3492 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      13:02:46.0718 3492 Ndisuio - ok
      13:02:46.0750 3492 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      13:02:46.0750 3492 NdisWan - ok
      13:02:46.0765 3492 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
      13:02:46.0765 3492 NDProxy - ok
      13:02:46.0796 3492 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
      13:02:46.0796 3492 NetBIOS - ok
      13:02:46.0812 3492 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
      13:02:46.0812 3492 NetBT - ok
      13:02:46.0843 3492 [ BCFA51E14E310586A3D199BB8EC0AA4E ] NetDDE C:\WINDOWS\system32\netdde.exe
      13:02:46.0859 3492 NetDDE - ok
      13:02:46.0859 3492 [ BCFA51E14E310586A3D199BB8EC0AA4E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
      13:02:46.0859 3492 NetDDEdsdm - ok
      13:02:46.0890 3492 [ 2B0B88652C9F6714FD4886839B3B0442 ] Netlogon C:\WINDOWS\system32\lsass.exe
      13:02:46.0890 3492 Netlogon - ok
      13:02:46.0921 3492 [ 25128473F0D3FD431F74CC5BAFA123CA ] Netman C:\WINDOWS\System32\netman.dll
      13:02:46.0937 3492 Netman - ok
      13:02:46.0953 3492 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      13:02:46.0953 3492 NetTcpPortSharing - ok
      13:02:47.0000 3492 [ 1FAE3DDB8D36C5D7DCA7CB1FDA03ECAE ] Nla C:\WINDOWS\System32\mswsock.dll
      13:02:47.0000 3492 Nla - ok
      13:02:47.0031 3492 [ 60CF8C7192B3614F240838DDBAA4A245 ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
      13:02:47.0031 3492 nm - ok
      13:02:47.0062 3492 [ CFEE15A88280D369672DA0E378BBC702 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
      13:02:47.0078 3492 NNSALPC - ok
      13:02:47.0109 3492 [ 2708799ADC223C4412341F0C68D032E3 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
      13:02:47.0109 3492 NNSHTTP - ok
      13:02:47.0125 3492 [ 533F19056B98D9CCE466B64186905BC1 ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIds.sys
      13:02:47.0125 3492 NNSIDS - ok
      13:02:47.0156 3492 [ 5F7A83B1FC6CAE3E46B215F5E5C759E9 ] NNSNAHS C:\WINDOWS\system32\DRIVERS\NNSNAHS.sys
      13:02:47.0156 3492 NNSNAHS - ok
      13:02:47.0203 3492 [ 1F054C5CA627FCD3983538D74574016B ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
      13:02:47.0203 3492 NNSPICC - ok
      13:02:47.0234 3492 [ 1ABA7D70E4F029892A381C75EE144C16 ] NNSPIHS C:\WINDOWS\system32\DRIVERS\NNSPihs.sys
      13:02:47.0234 3492 NNSPIHS - ok
      13:02:47.0265 3492 [ 5F8C023775B8F4A0A8FFC93DD0A27285 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
      13:02:47.0265 3492 NNSPOP3 - ok
      13:02:47.0281 3492 [ CA541CE4A1FC034EEC8CFD6C155B9D30 ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSProt.sys
      13:02:47.0281 3492 NNSPROT - ok
      13:02:47.0312 3492 [ 938E8CCC7AC5922F2E3DBDF3E7A3035C ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
      13:02:47.0312 3492 NNSPRV - ok
      13:02:47.0359 3492 [ 2458E950F0A0DD9AD08385209B5E1702 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
      13:02:47.0359 3492 NNSSMTP - ok
      13:02:47.0390 3492 [ 75D990651236A570C4C80ED56BFB4009 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
      13:02:47.0390 3492 NNSSTRM - ok
      13:02:47.0437 3492 [ 9D526B79E7D438056ED7D382AB94019A ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
      13:02:47.0437 3492 NNSTLSC - ok
      13:02:47.0484 3492 [ 6623E51595C0076755C29C00846C4EB2 ] NPF C:\WINDOWS\system32\drivers\npf.sys
      13:02:47.0484 3492 NPF - ok
      13:02:47.0500 3492 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
      13:02:47.0500 3492 Npfs - ok
      13:02:47.0546 3492 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
      13:02:47.0562 3492 Ntfs - ok
      13:02:47.0578 3492 [ 2B0B88652C9F6714FD4886839B3B0442 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
      13:02:47.0578 3492 NtLmSsp - ok
      13:02:47.0625 3492 [ 395948DEE2B0F534A8C70687CC6DD7CA ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
      13:02:47.0640 3492 NtmsSvc - ok
      13:02:47.0656 3492 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
      13:02:47.0656 3492 Null - ok
      13:02:47.0687 3492 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      13:02:47.0703 3492 NwlnkFlt - ok
      13:02:47.0718 3492 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      13:02:47.0718 3492 NwlnkFwd - ok
      13:02:47.0796 3492 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
      13:02:47.0796 3492 ose - ok
      13:02:47.0828 3492 [ 0DF0B83C90473CCFDC3DC882CBB6E4A9 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
      13:02:47.0843 3492 Parport - ok
      13:02:47.0843 3492 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
      13:02:47.0843 3492 PartMgr - ok
      13:02:47.0890 3492 [ FAD44D704ECD7D39AD01415B8BB34204 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
      13:02:47.0890 3492 ParVdm - ok
      13:02:47.0937 3492 [ A566B8DA5E70B3237274D418853A87E0 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
      13:02:47.0937 3492 PCI - ok
      13:02:47.0937 3492 PCIDump - ok
      13:02:47.0953 3492 [ 33D63F0A9021ACB4D75D83B646B93A30 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
      13:02:47.0953 3492 PCIIde - ok
      13:02:47.0984 3492 [ 6374A34B03AEA7971C976982A391AD07 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
      13:02:47.0984 3492 Pcmcia - ok
      13:02:47.0984 3492 PDCOMP - ok
      13:02:48.0000 3492 PDFRAME - ok
      13:02:48.0000 3492 PDRELI - ok
      13:02:48.0015 3492 PDRFRAME - ok
      13:02:48.0015 3492 perc2 - ok
      13:02:48.0015 3492 perc2hib - ok
      13:02:48.0046 3492 [ 35A8E2160C1481D08FB97666C2127FE2 ] PlugPlay C:\WINDOWS\system32\services.exe
      13:02:48.0046 3492 PlugPlay - ok
      13:02:48.0093 3492 [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
      13:02:48.0093 3492 Pml Driver HPZ12 - ok
      13:02:48.0109 3492 [ 2B0B88652C9F6714FD4886839B3B0442 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
      13:02:48.0109 3492 PolicyAgent - ok
      13:02:48.0140 3492 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
      13:02:48.0140 3492 PptpMiniport - ok
      13:02:48.0156 3492 [ 2B0B88652C9F6714FD4886839B3B0442 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
      13:02:48.0156 3492 ProtectedStorage - ok
      13:02:48.0156 3492 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
      13:02:48.0171 3492 PSched - ok
      13:02:48.0203 3492 [ AADEB32FB5038C8F6DB2518DCD2CB678 ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
      13:02:48.0203 3492 PSINAflt - ok
      13:02:48.0250 3492 [ A0095FC49F8E30703A467FC117234804 ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys
      13:02:48.0250 3492 PSINFile - ok
      13:02:48.0265 3492 [ 5BE56E38CE1F48C5EBB15C0637AC5285 ] PSINKNC C:\WINDOWS\system32\DRIVERS\psinknc.sys
      13:02:48.0265 3492 PSINKNC - ok
      13:02:48.0312 3492 [ CC28138921674D867DABC9449FEB005F ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys
      13:02:48.0312 3492 PSINProc - ok
      13:02:48.0343 3492 [ D9E5D32A9B493018E03B0A90D7DEAA2E ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys
      13:02:48.0343 3492 PSINProt - ok
      13:02:48.0375 3492 [ 476769481841007583875023F7ECC4CA ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
      13:02:48.0375 3492 PSKMAD - ok
      13:02:48.0406 3492 [ 86C00481DAE67613C59E32A335D3E363 ] PSUAService C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe
      13:02:48.0406 3492 PSUAService - ok
      13:02:48.0421 3492 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
      13:02:48.0421 3492 Ptilink - ok
      13:02:48.0421 3492 ql1080 - ok
      13:02:48.0437 3492 Ql10wnt - ok
      13:02:48.0437 3492 ql12160 - ok
      13:02:48.0437 3492 ql1240 - ok
      13:02:48.0453 3492 ql1280 - ok
      13:02:48.0453 3492 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
      13:02:48.0453 3492 RasAcd - ok
      13:02:48.0500 3492 [ C6133601F8D4B3C995B51307EE7BE086 ] RasAuto C:\WINDOWS\System32\rasauto.dll
      13:02:48.0500 3492 RasAuto - ok
      13:02:48.0515 3492 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      13:02:48.0515 3492 Rasl2tp - ok
      13:02:48.0546 3492 [ C680BF19CA33F3FCAE850275D7719634 ] RasMan C:\WINDOWS\System32\rasmans.dll
      13:02:48.0562 3492 RasMan - ok
      13:02:48.0578 3492 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      13:02:48.0578 3492 RasPppoe - ok
      13:02:48.0578 3492 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
      13:02:48.0578 3492 Raspti - ok
      13:02:48.0593 3492 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
      13:02:48.0593 3492 Rdbss - ok
      13:02:48.0609 3492 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      13:02:48.0609 3492 RDPCDD - ok
      13:02:48.0656 3492 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
      13:02:48.0656 3492 RDPWD - ok
      13:02:48.0703 3492 [ 8C88612F0E863B4F8069FC59C74259D4 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
      13:02:48.0718 3492 RDSessMgr - ok
      13:02:48.0750 3492 [ 28531A950381DA67FC6412DFEBCC8C5C ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
      13:02:48.0750 3492 redbook - ok
      13:02:48.0796 3492 [ CE85B0049C7F0AC32CB5576AFFEEEC4D ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
      13:02:48.0796 3492 RemoteAccess - ok
      13:02:48.0828 3492 [ E51A8D02B4BD33EBA1F7A5B76C3766ED ] rpcapd C:\Archivos de programa\WinPcap\rpcapd.exe
      13:02:48.0828 3492 rpcapd - ok
      13:02:48.0875 3492 [ 08377EBB699418269613903C5340311F ] RpcLocator C:\WINDOWS\system32\locator.exe
      13:02:48.0875 3492 RpcLocator - ok
      13:02:48.0906 3492 [ 7A828726797A542BE390C054563E60BA ] RpcSs C:\WINDOWS\System32\rpcss.dll
      13:02:48.0906 3492 RpcSs - ok
      13:02:48.0953 3492 [ 5E38212C2C00DC342E2281D2F6BFB746 ] RSVP C:\WINDOWS\system32\rsvp.exe
      13:02:48.0968 3492 RSVP - ok
      13:02:48.0984 3492 [ 2B0B88652C9F6714FD4886839B3B0442 ] SamSs C:\WINDOWS\system32\lsass.exe
      13:02:48.0984 3492 SamSs - ok
      13:02:49.0046 3492 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS
      13:02:49.0046 3492 SASDIFSV - ok
      13:02:49.0093 3492 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Archivos de programa\SUPERAntiSpyware\SASENUM.SYS
      13:02:49.0093 3492 SASENUM - ok
      13:02:49.0125 3492 [ 67D2688756DD304AF655349BAAD82BFF ] SASKUTIL C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS
      13:02:49.0125 3492 SASKUTIL - ok
      13:02:49.0156 3492 [ 71CAB99AD55F1DAAE201E990AA0EBDBF ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
      13:02:49.0171 3492 SCardSvr - ok
      13:02:49.0203 3492 [ 0125649B3C00D037E07FD7BCEF7B653B ] Schedule C:\WINDOWS\system32\schedsvc.dll
      13:02:49.0203 3492 Schedule - ok
      13:02:49.0250 3492 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
      13:02:49.0250 3492 Secdrv - ok
      13:02:49.0281 3492 [ 881E212E7D5DBC3A09732A9996C0CFD4 ] seclogon C:\WINDOWS\System32\seclogon.dll
      13:02:49.0281 3492 seclogon - ok
      13:02:49.0296 3492 [ 00B0A54474E8F99FD43D108446F0D5BE ] SENS C:\WINDOWS\system32\sens.dll
      13:02:49.0296 3492 SENS - ok
      13:02:49.0312 3492 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
      13:02:49.0312 3492 serenum - ok
      13:02:49.0328 3492 [ FA9C4C4AC544301FA13C5C00A270399F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
      13:02:49.0328 3492 Serial - ok
      13:02:49.0375 3492 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
      13:02:49.0375 3492 Sfloppy - ok
      13:02:49.0390 3492 [ 0DC5698BE9BBFE9673EB80A0D65D17E5 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
      13:02:49.0406 3492 SharedAccess - ok
      13:02:49.0406 3492 [ DBCF824BA771A1F27E6F5124D0516358 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
      13:02:49.0406 3492 ShellHWDetection - ok
      13:02:49.0421 3492 Simbad - ok
      13:02:49.0421 3492 Sparrow - ok
      13:02:49.0468 3492 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
      13:02:49.0468 3492 splitter - ok
      13:02:49.0484 3492 [ 1CF5AF263287CF6FEBF31539833EAF4A ] Spooler C:\WINDOWS\system32\spoolsv.exe
      13:02:49.0484 3492 Spooler - ok
      13:02:49.0515 3492 [ 3C151D50CF3AE1683C6E3EC201B2AD3D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
      13:02:49.0515 3492 sr - ok
      13:02:49.0546 3492 [ C791D16BF25264738B14873436293BD0 ] srservice C:\WINDOWS\system32\srsvc.dll
      13:02:49.0562 3492 srservice - ok
      13:02:49.0609 3492 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
      13:02:49.0609 3492 Srv - ok
      13:02:49.0640 3492 [ 4AFF5EA8BF2362C3D5001295FDEB3ABD ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
      13:02:49.0656 3492 SSDPSRV - ok
      13:02:49.0703 3492 [ FFFA385FEADC60175C653AFB215F539A ] stisvc C:\WINDOWS\system32\wiaservc.dll
      13:02:49.0703 3492 stisvc - ok
      13:02:49.0718 3492 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
      13:02:49.0718 3492 swenum - ok
      13:02:49.0750 3492 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
      13:02:49.0750 3492 swmidi - ok
      13:02:49.0750 3492 SwPrv - ok
      13:02:49.0750 3492 symc810 - ok
      13:02:49.0765 3492 symc8xx - ok
      13:02:49.0765 3492 sym_hi - ok
      13:02:49.0781 3492 sym_u3 - ok
      13:02:49.0812 3492 [ 418BD80A7FEFAA3FCBD3DCFC021CB294 ] SynasUSB C:\WINDOWS\system32\drivers\SynasUSB.sys
      13:02:49.0812 3492 SynasUSB - ok
      13:02:49.0843 3492 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
      13:02:49.0843 3492 sysaudio - ok
      13:02:49.0875 3492 [ 69C20E092A03E619108ACCDB62FEDD18 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
      13:02:49.0890 3492 SysmonLog - ok
      13:02:49.0937 3492 [ C2DC3F102C351FA6D4BDAF2B927EAFC2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
      13:02:49.0968 3492 TapiSrv - ok
      13:02:50.0015 3492 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
      13:02:50.0031 3492 Tcpip - ok
      13:02:50.0062 3492 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
      13:02:50.0062 3492 TDPIPE - ok
      13:02:50.0093 3492 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
      13:02:50.0093 3492 TDTCP - ok
      13:02:50.0125 3492 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
      13:02:50.0125 3492 TermDD - ok
      13:02:50.0171 3492 [ C2038466BE5A6A76EFD592FA0B459E17 ] TermService C:\WINDOWS\System32\termsrv.dll
      13:02:50.0187 3492 TermService - ok
      13:02:50.0203 3492 [ DBCF824BA771A1F27E6F5124D0516358 ] Themes C:\WINDOWS\System32\shsvcs.dll
      13:02:50.0203 3492 Themes - ok
      13:02:50.0218 3492 TosIde - ok
      13:02:50.0234 3492 [ BF0B2A43C17C4BBD38B8D8E10BE980C1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
      13:02:50.0234 3492 TrkWks - ok
      13:02:50.0281 3492 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
      13:02:50.0281 3492 Udfs - ok
      13:02:50.0281 3492 ultra - ok
      13:02:50.0328 3492 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
      13:02:50.0343 3492 UMWdf - ok
      13:02:50.0375 3492 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
      13:02:50.0375 3492 Update - ok
      13:02:50.0421 3492 [ 4B48358383940F6E559DA2F64753029F ] upnphost C:\WINDOWS\System32\upnphost.dll
      13:02:50.0437 3492 upnphost - ok
      13:02:50.0468 3492 [ FCD517BF3DB339F5D18EDE1A95D72F71 ] UPS C:\WINDOWS\System32\ups.exe
      13:02:50.0484 3492 UPS - ok
      13:02:50.0515 3492 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
      13:02:50.0515 3492 usbccgp - ok
      13:02:50.0578 3492 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
      13:02:50.0578 3492 usbehci - ok
      13:02:50.0593 3492 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
      13:02:50.0593 3492 usbhub - ok
      13:02:50.0625 3492 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
      13:02:50.0625 3492 usbprint - ok
      13:02:50.0671 3492 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
      13:02:50.0671 3492 usbscan - ok
      13:02:50.0718 3492 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      13:02:50.0718 3492 USBSTOR - ok
      13:02:50.0750 3492 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      13:02:50.0750 3492 usbuhci - ok
      13:02:50.0750 3492 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
      13:02:50.0750 3492 VgaSave - ok
      13:02:50.0765 3492 ViaIde - ok
      13:02:50.0781 3492 [ D6EC4AFF061665A10F0B1A9517D338E3 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
      13:02:50.0781 3492 VolSnap - ok
      13:02:50.0828 3492 [ E8649EC7621B5AE45A29164CAE41A6DF ] VSS C:\WINDOWS\System32\vssvc.exe
      13:02:50.0843 3492 VSS - ok
      13:02:50.0875 3492 [ 13835C57C973519F82B27EA506239369 ] W32Time C:\WINDOWS\system32\w32time.dll
      13:02:50.0875 3492 W32Time - ok
      13:02:50.0890 3492 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
      13:02:50.0890 3492 Wanarp - ok
      13:02:50.0890 3492 WDICA - ok
      13:02:50.0937 3492 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
      13:02:50.0937 3492 wdmaud - ok
      13:02:50.0953 3492 [ A7096FF98F9FFB9F36E1BA3FCD4591CD ] WebClient C:\WINDOWS\System32\webclnt.dll
      13:02:50.0953 3492 WebClient - ok
      13:02:51.0109 3492 [ 3E8DF5E4F0E6419801FF5F568CC8C531 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
      13:02:51.0109 3492 winmgmt - ok
      13:02:51.0171 3492 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
      13:02:51.0203 3492 WmdmPmSN - ok
      13:02:51.0234 3492 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
      13:02:51.0234 3492 WmiAcpi - ok
      13:02:51.0281 3492 [ 2710BF9B02BC92D352CFCABAC64918FA ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
      13:02:51.0281 3492 WmiApSrv - ok
      13:02:51.0609 3492 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
      13:02:51.0875 3492 WPFFontCache_v0400 - ok
      13:02:51.0906 3492 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
      13:02:51.0921 3492 WS2IFSL - ok
      13:02:51.0953 3492 [ FA7335C49F09D764CD6E507B946CD8D1 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
      13:02:51.0968 3492 wscsvc - ok
      13:02:52.0015 3492 [ EEDA22E0C570C7204724C3A30A0B1A40 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
      13:02:52.0015 3492 wuauserv - ok
      13:02:52.0156 3492 [ E28BB7BB83250346EB4E71134ACD5627 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
      13:02:52.0250 3492 WZCSVC - ok
      13:02:52.0343 3492 [ 843E0DB8042A8C0D749EB2B9EFA54F24 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
      13:02:52.0375 3492 xmlprov - ok
      13:02:52.0625 3492 [ D125E1445BB9DC951C250D4192E70841 ] ZD1211BU(Ansonic) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
      13:02:52.0890 3492 ZD1211BU(Ansonic) - ok
      13:02:52.0968 3492 [ 00AE175B903D45ED4A62384D3315DC2A ] ZDPSp50 C:\WINDOWS\system32\Drivers\ZDPSp50.sys
      13:02:53.0031 3492 ZDPSp50 - ok
      13:02:53.0031 3492 ================ Scan global ===============================
      13:02:53.0062 3492 [ B594A2F6778B6B05CBF5022A645427F8 ] C:\WINDOWS\system32\basesrv.dll
      13:02:53.0140 3492 [ F39602CF86E98BAB77B49D93291BD3EF ] C:\WINDOWS\system32\winsrv.dll
      13:02:53.0296 3492 [ F39602CF86E98BAB77B49D93291BD3EF ] C:\WINDOWS\system32\winsrv.dll
      13:02:53.0328 3492 [ 35A8E2160C1481D08FB97666C2127FE2 ] C:\WINDOWS\system32\services.exe
      13:02:53.0328 3492 [Global] - ok
      13:02:53.0328 3492 ================ Scan MBR ==================================
      13:02:53.0343 3492 [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk0\DR0
      13:02:53.0515 3492 \Device\Harddisk0\DR0 - ok
      13:02:53.0531 3492 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR4
      13:02:57.0015 3492 \Device\Harddisk1\DR4 - ok
      13:02:57.0015 3492 ================ Scan VBR ==================================
      13:02:57.0031 3492 [ 6B981C0CB7173E8AA97D165C9F91C676 ] \Device\Harddisk0\DR0\Partition1
      13:02:57.0031 3492 \Device\Harddisk0\DR0\Partition1 - ok
      13:02:57.0046 3492 [ 8225225A10A509B1F32B19ADEA7239FF ] \Device\Harddisk1\DR4\Partition1
      13:02:57.0046 3492 \Device\Harddisk1\DR4\Partition1 - ok
      13:02:57.0046 3492 ============================================================
      13:02:57.0046 3492 Scan finished
      13:02:57.0046 3492 ============================================================
      13:02:57.0046 3692 Detected object count: 1
      13:02:57.0046 3692 Actual detected object count: 1
      13:06:41.0656 3692 C:\WINDOWS\system32\DRIVERS\ipsec.sys - copied to quarantine
      13:06:56.0250 3692 Backup copy found, using it..
      13:06:56.0250 3692 C:\WINDOWS\system32\DRIVERS\ipsec.sys - will be cured on reboot
      13:06:56.0312 3692 IPSec ( Virus.Win32.ZAccess.l ) - User select action: Cure
      13:09:24.0921 3528 Deinitialize success

    9. #9
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      Realiza lo siguiente:


      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR

      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      Folder:: 
      c:\archivos de programa\Toolbar Cleaner
      c:\documents and settings\Moises\Datos de programa\Iminent
      c:\documents and settings\All Users.WINDOWS\Datos de programa\Iminent
      c:\documents and settings\Moises\Configuración local\Datos de programa\Lollipop
      c:\documents and settings\All Users.WINDOWS\Datos de programa\Babylon
      
      
      Firefox::
      FF - ProfilePath - c:\documents and settings\Moises\Datos de programa\Mozilla\Firefox\Profiles\bu1hmk4t.default\
      FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=7c97ea060000000000000015609a 6418&q=
      FF - user.js: extensions.BabylonToolbar.id - 7c97ea060000000000000015609a6418
      FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
      FF - user.js: extensions.BabylonToolbar.instlDay - 15620
      FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7
      FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.722:48
      FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
      FF - user.js: extensions.BabylonToolbar.instlRef - sst
      FF - user.js: extensions.BabylonToolbar.dfltLng - en
      FF - user.js: extensions.BabylonToolbar.excTlbr - false
      FF - user.js: extensions.BabylonToolbar.admin - false
      
      Registry::
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "lollipop"=-
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de FaceMan
      Registrado
      oct 2012
      Ubicación
      Sevilla
      Mensajes
      13

      Re: PC muy lento y me aparecen ventanas de publicidad a cada momento

      Hola Anoika. Gracias por tu respuesta. He hecho lo que me dices, y hay un problema. Cuando arrastro el archivo CFScript al ComboFix, éste último se me queda colgado. En la ventana de título AutoScan me aparece el siguiente texto:

      Scanning for infected files......
      This tipically doesn't take no more than 10 minutes.
      However, scan times for badly infected machines may easily doubled.

      Lleva con esta ventana abierta 2 horas y media, y no veo el más mínimo ápice de que el ordenador esté trabajando. ¿Existe alguna solución?

      Otro detalle que no sé si será relevante, es quecuando guardo el archivo CFScript, se me guarda como CFScript, no como CFScript.txt Y el ComboFix, lo tengo en el escritorio como ComboFix, no como ComboFix.exe. tal y como pone en la imagen que me has pasado en tu último post. No sé si esto que te cuento tendrá algo que ver. Espero tu respuesta. Gracias.

    Página 1 de 2 12 ÚltimoÚltimo