• Registrarse
  • Iniciar sesión


  • Página 1 de 4 1234 ÚltimoÚltimo
    Resultados 1 al 10 de 38

    computador infectado

    hola amigos del foro pase el ccleaner y malware y me detecto virus, en cambio hice un análisis online con eset y no pasa nada no detecta nada hay dejo el informe les agradezco si ...

    1. #1
      eddiec46
      No Registrado Avatar de eddiec46

      computador infectado

      hola amigos del foro pase el ccleaner y malware y me detecto virus, en cambio hice un análisis online con eset y no pasa nada no detecta nada hay dejo el informe les agradezco si me responden como debo proceder para eliminarr virus graciasMalwarebytes Anti-Malware (Versión de Prueba) 1.65.0.1400
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.10.13.09

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 9.0.8112.16421
      usuario :: USUARIO-PC [administrador]

      Protección: Habilitado

      13/10/2012 0519 p.m.
      mbam-log-2012-10-13 (17-10-19).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 420681
      Tiempo transcurrido: 1 hora(s), 32 minuto(s), 25 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 2
      HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1B302FEF-4F0F-4AC1-8C23-8A96D79F4A53} (Adware.GabPath) -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\QueryScan (Adware.GabPath) -> En cuarentena y eliminado con éxito.

      Valores del Registro Detectados: 1
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Minoral (Adware.GabPath) -> datos: C:\Users\usuario\AppData\Roaming\Minoral\minoral.exe -> En cuarentena y eliminado con éxito.

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 6
      C:\Users\usuario\AppData\Roaming\Minoral (Adware.GabPath) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Local\Temp\E_4 (Worm.AutoRun) -> En cuarentena y eliminado con éxito.
      C:\Program Files\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A} (Adware.QueryScan) -> En cuarentena y eliminado con éxito.
      C:\Program Files\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A}\chrome (Adware.QueryScan) -> En cuarentena y eliminado con éxito.
      C:\Program Files\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A}\defaults (Adware.QueryScan) -> En cuarentena y eliminado con éxito.
      C:\Program Files\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A}\defaults\preferences (Adware.QueryScan) -> En cuarentena y eliminado con éxito.

      Archivos Detectados: 11
      C:\Users\usuario\AppData\Local\Temp\E_4\com.run (Trojan.Agent) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Local\Temp\E_4\dp1.fne (Worm.Autorun) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Local\Temp\E_4\eAPI.fne (Worm.AutoRun) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Local\Temp\E_4\internet.fne (Trojan.Agent) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Local\Temp\E_4\krnln.fnr (Worm.Autorun) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Local\Temp\E_4\RegEx.fnr (Worm.AutoRun) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Local\Temp\E_4\shell.fne (Worm.AutoRun) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Roaming\Minoral\config.cfg (Adware.GabPath) -> En cuarentena y eliminado con éxito.
      C:\Users\usuario\AppData\Local\Temp\E_4\spec.fne (Worm.AutoRun) -> En cuarentena y eliminado con éxito.
      C:\Program Files\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A}\chrome.manifest (Adware.QueryScan) -> En cuarentena y eliminado con éxito.
      C:\Program Files\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A}\install.rdf (Adware.QueryScan) -> En cuarentena y eliminado con éxito.

      fin)

    2. #2
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Idea Re: computador infectado

      Hola amigo

      Estas bastante infectado hagamos lo siguiente:

      Descarga Ccleaner:Manual de CCleaner <------------ Este paso es MUY IMPORTANTE

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad

      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer como administrador.
      • Elige la Opcion #1 (Buscar y Destruir)
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • Si algún programa no inicia, reiniciar la PC.
      Descarga USBFIX-------->Manual de UsbFix.

      Ejecuta USBFix de la siguiente manera:

      * Conecta todos tus dispositivos extraibles, (pendrive, disco duro externo, Micro SD, etc)
      * Haga doble Click sobre USBFix
      * Pulsa la opción Supresión
      * El proceso de desinfección se iniciará, el ordenador se reiniciará si es necesario.
      * Cuando Windows inicie, USBFix, arrancará en automático, para complementar el proceso de desinfección y vacunación.
      * USBFix, genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt

      Nota: UsbFix creará una carpeta oculta llamada "autorun.inf" en cada partición y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudará a proteger sus dispositivos USB de futuras infecciones
      Descargar Dr. Web Cure-IT -> Manual de Dr. Web Cure-IT

      1. En Modo Seguro (de no poder en Modo Normal), realiza un
      2. Análisis Completo con Dr. Web Cure-IT
      3. La herramienta primero realiza un Análisis Express por defecto.
      4. Después eliges Análisis Completo
      5. Curas los archivos infectados que te encuentre, si no se pueden curar los Eliminas.
      6. __________________________________________________
      7. Terminado el escaneo:
      8. Ir a Archivo >>> Grabar lista de Informes >>> Guardas el informe en el escritorio
      9. Nota: Dr. Web Cure-It no necesita instalación ni actualización, si detecta hosts modificados eliges restaurarlos.

      Descarga TDSSKiller ---->MANUAL

      • Desconecta tu ordenador de Internet (Desconecta el cable).

      • Descomprime el archivo tdsskiller.zip

      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      Presiona clic sobre

      Presiona clic sobre el botón


      • TDSSKiller comenzara a analizar el equipo.


      Si el equipo no está infectado:
      • Mostrara

      • No threats found.

      • Presiona clic sobre el botón "Close"
      [
      B]Si el equipo está infectado:[/B]
      • Mostrara:

      • Threats detected.

      • Select action for found objects:


      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".

      • Suspicious object, medium risk. Usa siempre la opción "Skip"

      El programa selecciona de forma automática la acción a tomar.

      • Presiona clic sobre el botón "Continue"

      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.

      • Presiona clic sobre el botón.



      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.
      Nos comentas.

    3. #3
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      Hola MARTYN buenas tardes, quiero enviar los analisis hechos hasta momento pues los he dejado en la noche en modo seguro y algunos casi no se completen, estoy pensando en formatear que me sugiere, no tengo mucha exp algunos programas detecta virus en modo normal porqe en modo seguro no o estoy equivocado, le di borrar todo en malwarebytes y no se si estara bien o me apresure gracias


      Tiempo transcurrido: 59 minuto(s), 49 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 10
      HKCR\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKCR\ironsource.searchyaHlpr.1 (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKCR\ironsource.searchyaHlpr (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKCR\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKCR\ironsource.searchyadskBnd.1 (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKCR\ironsource.searchyadskBnd (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> En cuarentena y eliminado con éxito.

      Valores del Registro Detectados: 2
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> datos: SearchYa Toolbar -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> datos: -> En cuarentena y eliminado con éxito.

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 2
      C:\Program Files\SearchYa!\1.5.25.0\bh\searchya.dll (PUP.SearchYa) -> En cuarentena y eliminado con éxito.
      C:\Program Files\SearchYa!\1.5.25.0\searchyaTlbr.dll (PUP.SearchYa) -> En cuarentena y eliminado con éxito.

      fin)
      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.10.19.12

      Windows 7 Service Pack 1 x86 NTFS (Modo Seguro/Red)
      Internet Explorer 9.0.8112.16421
      usuario :: USUARIO-PC [administrador]

      Protección: Personas de movilidad reducida

      19/10/2012 05:55:48 p.m.
      mbam-log-2012-10-19 (18-59-38).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 409452
      Tiempo transcurrido: 59 minuto(s), 49 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 10
      HKCR\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No se tomaron medidas.
      HKCR\ironsource.searchyaHlpr.1 (PUP.SearchYa) -> No se tomaron medidas.
      HKCR\ironsource.searchyaHlpr (PUP.SearchYa) -> No se tomaron medidas.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No se tomaron medidas.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No se tomaron medidas.
      HKCR\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> No se tomaron medidas.
      HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.SearchYa) -> No se tomaron medidas.
      HKCR\ironsource.searchyadskBnd.1 (PUP.SearchYa) -> No se tomaron medidas.
      HKCR\ironsource.searchyadskBnd (PUP.SearchYa) -> No se tomaron medidas.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> No se tomaron medidas.

      Valores del Registro Detectados: 2
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> datos: SearchYa Toolbar -> No se tomaron medidas.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> datos: -> No se tomaron medidas.

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 2
      C:\Program Files\SearchYa!\1.5.25.0\bh\searchya.dll (PUP.SearchYa) -> No se tomaron medidas.
      C:\Program Files\SearchYa!\1.5.25.0\searchyaTlbr.dll (PUP.SearchYa) -> No se tomaron medidas.

      fin)
      A/T-Destroyer 1.0.7 By Infospyware
      InfoSpyware
      Fecha iniciada en el analisis 19/10/2012
      Hora iniciada en el analisis 15:34:09.74
      Usuario Actual : [C:\Users\usuario]
      Sistema Operativo: Windows 7 Home Basic
      Service pack: Service Pack 1
      Arquitectura: Sistema operativo de 32 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [usuario-Administrador]
      Versión Google Chrome: 22.0.1229.94
      Versión Mozilla Firefox: 12.0

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | ( facemoods )
      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce | ( UpdateTutorialesHP )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {98889811-442D-49dd-99D7-DC866BE87DBC} )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {db131c55-60c8-4adc-84dc-9e76ab06e2dc} )
      HKEY_CURRENT_USER\Software\DataMngr\Files
      HKEY_CURRENT_USER\Software\DataMngr\Files\ChromeHomepage
      HKEY_CURRENT_USER\Software\DataMngr\Files\Homepage
      HKEY_CURRENT_USER\Software\DataMngr\Files\SelectedSearch
      HKEY_CURRENT_USER\Software\DataMngr\Files\UrlbarSearch
      HKEY_CURRENT_USER\Software\DataMngr\List
      HKEY_CURRENT_USER\Software\DataMngr\List\Item1
      HKEY_CURRENT_USER\Software\DataMngr\List\Item2
      HKEY_CURRENT_USER\Software\DataMngr\List\Item3
      HKEY_CURRENT_USER\Software\DataMngr\Toolbar
      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item1
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item2
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item3
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_CLASSES_ROOT\AppID\escort.DLL
      HKEY_CLASSES_ROOT\AppID\escort.DLL
      HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0
      HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0\0
      HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0\0\win32
      HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0\FLAGS
      HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0\HELPDIR
      HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\InprocServer32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\Programmable
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\TypeLib
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\VersionIndependentProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}\InprocServer32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}\ProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}\Programmable
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}\TypeLib
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}\VersionIndependentProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\Implemented Categories
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\InprocServer32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\Instance
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\Instance\InitPropertyBag
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\ProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\Programmable
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\TypeLib
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}\VersionIndependentProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4d12-BE31-D85BF666452B}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4dd2-8C55-56935A48987E}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4dd2-8C55-56935A48987E}\InprocServer32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4dd2-8C55-56935A48987E}\ProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4dd2-8C55-56935A48987E}\Programmable
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4dd2-8C55-56935A48987E}\TypeLib
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4dd2-8C55-56935A48987E}\VersionIndependentProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4dd2-8C55-56935A48987E}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}\LocalServer32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}\ProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}\Programmable
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}\TypeLib
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}\VersionIndependentProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\InprocServer32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\Programmable
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\TypeLib
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\VersionIndependentProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4d71-8CE1-09DEBB8CFB78}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4d71-8CE1-09DEBB8CFB78}\InprocServer32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4d71-8CE1-09DEBB8CFB78}\ProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4d71-8CE1-09DEBB8CFB78}\Programmable
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4d71-8CE1-09DEBB8CFB78}\TypeLib
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4d71-8CE1-09DEBB8CFB78}\VersionIndependentProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4d71-8CE1-09DEBB8CFB78}
      HKEY_CURRENT_USER\Software\Conduit\AppPaths
      HKEY_CURRENT_USER\Software\Conduit\AppPaths\ch20UPD
      HKEY_CURRENT_USER\Software\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths\client
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Community Alerts
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\InstallationGlobalKeys
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms\{10468fba-e711-4f61-9c0c-f57f445f1a40}
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms\{8275ECB1-0A01-4FC0-BB89-57E296FFD7D4}
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms\{9c905b42-976e-43c1-bc30-fc5937017909}
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Platforms\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Toolbars
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Tutoriales100\Tutoriales100
      HKEY_LOCAL_MACHINE\SOFTWARE\Tutoriales100


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Program Files\facemoods.com\facemoods
      C:\Program Files\facemoods.com\sqlite3.dll
      C:\Program Files\facemoods.com\facemoods\1.4.17.5
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\bh
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoods.crx
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoods.png
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodsApp.dll
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodsEng.dll
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\uninstall.exe
      C:\Program Files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
      "C:\Program Files\facemoods.com"
      C:\Program Files\babylontoolbar\BabylonToolbar
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8
      C:\Program Files\babylontoolbar\BabylonToolbar\BabylonTB.xpi
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\BabylonToolbarApp.dll
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\BabylonToolbarEng.dll
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\BabylonToolbarsrv.exe
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\bh
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\escortShld.dll
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\GUninstaller.exe
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\uninstall.exe
      C:\Program Files\babylontoolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll
      "C:\Program Files\babylontoolbar"
      C:\Users\usuario\AppData\Roaming\Babylon\log_file.txt
      "C:\Users\usuario\AppData\Roaming\Babylon"
      C:\Program Files\Conduit\Community Alerts
      C:\Program Files\Conduit\Community Alerts\Alert.dll
      "C:\Program Files\Conduit"
      C:\Users\usuario\Appdata\Local\Conduit\CT1854633
      C:\Users\usuario\Appdata\Local\Conduit\CT2851619
      C:\Users\usuario\Appdata\Local\Conduit\CT1854633\shARESAutoUpdaterHelper.exe
      C:\Users\usuario\Appdata\Local\Conduit\CT2851619\uTorrentBar_ESAutoUpdateHelper.exe
      "C:\Users\usuario\Appdata\Local\Conduit"
      "C:\ProgramData\Babylon"
      C:\Users\usuario\AppData\Roaming\Tutoriales100\Tutoriales100
      C:\Users\usuario\AppData\Roaming\Tutoriales100\Tutoriales100\shar.cyp
      C:\Users\usuario\AppData\Roaming\Tutoriales100\Tutoriales100\UpdTralesCoSftnic.exe
      C:\Users\usuario\AppData\Roaming\Tutoriales100\Tutoriales100\UpdTralesCoSftnicHP.exe
      C:\Users\usuario\AppData\Roaming\Tutoriales100\Tutoriales100\user_conf.cyp
      C:\Users\usuario\AppData\Roaming\Tutoriales100\Tutoriales100\user_prof.cyp
      "C:\Users\usuario\AppData\Roaming\Tutoriales100"
      C:\Program Files\Tutoriales100\tutoriales100_co_1.exe
      C:\Program Files\Tutoriales100\unins000.dat
      C:\Program Files\Tutoriales100\unins000.exe
      "C:\Program Files\Tutoriales100"
      C:\Program Files\mozilla firefox\searchplugins\babylon.xml
      C:\Program Files\Mozilla Firefox\extensions\[email protected]


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\system32\blank.htm
      Default_Page_URL == Hotmail, Messenger, Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\System32\blank.htm
      Default_Search_URL == Bing
      Default_Page_URL == Hotmail, Messenger, Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN


      "HKEY_USERS\S-1-5-21-3836215904-2481790394-1914173299-1000\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\system32\blank.htm
      Default_Page_URL == Hotmail, Messenger, Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("browser.startup.homepage", "http://google.com");
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======
      Usuario: usuario (Administrador) # USUARIO-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 17:08:09 | 19/10/2012

      Sitio web: http://eldesaparecido.com
      Foro: SosVirus &bull; Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Hewlett-Packard (Compaq Presario CQ40 Notebook PC) (X86-based PC) # Notebook
      CPU: AMD Sempron(tm) SI-42 (2100)
      RAM -> [Total : 1790 | Free : 1399]
      BIOS: Default System BIOS
      BOOT: Fail-safe with network boot

      OS: Microsoft Windows 7 Home Basic (6.1.7601 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [Enabled | Updated]
      FW: Windows FireWall Service [Enabled]

      C:\ (%systemdrive%) -> Disco fijo # 220 Gb (166 Mb libre(s) - 75%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Mb libre(s) - 17%) [RECOVERY] # NTFS
      E:\ -> CD-ROM
      F:\ -> CD-ROM
      G:\ -> Disco extraíble # 4 Gb (3 Mb libre(s) - 83%) [KINGSTON] # FAT32
      H:\ -> CD-ROM

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (344)
      C:\Windows\system32\wininit.exe (380)
      C:\Windows\system32\csrss.exe (388)
      C:\Windows\system32\services.exe (428)
      C:\Windows\system32\lsass.exe (436)
      C:\Windows\system32\lsm.exe (444)
      C:\Windows\system32\winlogon.exe (472)
      C:\Windows\system32\svchost.exe (600)
      C:\Windows\system32\svchost.exe (676)
      C:\Windows\System32\svchost.exe (764)
      C:\Windows\system32\svchost.exe (804)
      C:\Windows\system32\svchost.exe (840)
      C:\Windows\system32\svchost.exe (880)
      C:\Windows\system32\svchost.exe (908)
      C:\Windows\Explorer.EXE (1148)
      C:\Windows\system32\svchost.exe (1180)
      C:\Windows\system32\ctfmon.exe (1348)
      C:\Windows\system32\svchost.exe (1656)
      C:\Windows\System32\svchost.exe (1920)
      C:\Windows\system32\wbem\wmiprvse.exe (988)
      C:\Windows\system32\NOTEPAD.EXE (1560)
      C:\UsbFix\Go.exe (1052)

      ################## | Archivos # Carpetas infectadas |


      ################## | Registro |


      ################## | Mountpoints2 |

      HKCU\.\.\.\.\Explorer\MountPoints2\F
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84ce1-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84cf1-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84d10-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = G:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{3af8402e-8d65-11e0-b2a1-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{f56fc3a0-3b6c-11e0-9836-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe



      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      G:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | E.O.F |

    4. #4
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Bien Re: computador infectado

      Faltaria el reporte de TDSS killer

      Otra cosa es que el formateo para mi es loa ultima opcion aparte cuentame ¿que problema tiene tu PC actualmente?

      Te dejo el paso de TDSS (ya que no lo has realizado) y aparte otra herramienta :


      Descarga

      Rkill (Disfrazado de Winlogon)

      1. Ejecuta Rkill (de usar windows vista o 7 ejecútalo como administrador) de preferencia colocandolo en el escriotrio primero .
        ICONO----> .

      2. Aparecera una ventana negra (si tienes que esperar hazlo) que indicara que la herramienta se ha ejecutado con exito. Si no sucede vuelve a ejecutarlo hasta que se ejecute correctamente (de ser necesario insiste, este paso es importante)

      3. Traes el reporte de Rkill (c:\rkill.log)

      _Descarga TDSSKiller ---->MANUAL

      • Desconecta tu ordenador de Internet (Desconecta el cable).

      • Descomprime el archivo tdsskiller.zip

      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      Presiona clic sobre

      Presiona clic sobre el botón


      • TDSSKiller comenzara a analizar el equipo.


      Si el equipo no está infectado:
      • Mostrara

      • No threats found.

      • Presiona clic sobre el botón "Close"
      Si el equipo está infectado:
      • Mostrara:

      • Threats detected.

      • Select action for found objects:


      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".

      • Suspicious object, medium risk. Usa siempre la opción "Skip"

      El programa selecciona de forma automática la acción a tomar.

      • Presiona clic sobre el botón "Continue"

      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.

      • Presiona clic sobre el botón.



      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.
      Nos comentas.
      Descargar Dr. Web Cure-IT -> Manual de Dr. Web Cure-IT

      1. En Modo Seguro (de no poder en Modo Normal), realiza un
      2. Análisis Completo con Dr. Web Cure-IT
      3. La herramienta primero realiza un Análisis Express por defecto.
      4. Después eliges Análisis Completo
      5. Curas los archivos infectados que te encuentre, si no se pueden curar los Eliminas.
      6. __________________________________________________
      7. Terminado el escaneo:
      8. Ir a Archivo >>> Grabar lista de Informes >>> Guardas el informe en el escritorio
      9. Nota: Dr. Web Cure-It no necesita instalación ni actualización, si detecta hosts modificados eliges restaurarlos.
      Última edición por M4RTYN fecha: 24/10/12 a las 16:35:45

    5. #5
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      Cita Originalmente publicado por M4RTYN Ver Mensaje
      Faltaria el reporte de TDSS killer

      Otra cosa es que el formateo para mi es loa ultima opcion aparte cuentame ¿que problema tiene tu PC actualmente?

      Te dejo el paso de TDSS (ya que no lo has realizado) y aparte otra herramienta :
      pues la verdad no he notado muchos problemas depronto tengo descargados muchos programs y esta un poquito lento pero le sigo enviando los informes estoy analizando nuevamente con malwarebytes actualizado y hasta el momento no encuentra virus esperar a ver q pasa con los otros reportes q faltan muchas gracias M4rtin

    6. #6
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Bien Re: computador infectado

      Hola primero no veo conveniente que sigas pasando el malwarebytes (pero dejalo terminar este ultimo escaneo me traes reporte pero ya el ultimo) MEJOR PASA LAS HERRAMIENTAS QUE TE UBIKE EN ESTE POST:

      POST#4

      Las demas como USBIFX o At destroyer ya no las pases mas tampoco el malwarebytes solo las 3 que te deje ahora ultimo (son las que faltan) (son TDSS KILLER*Dr.WEB*Rkill)

      Lo de la lentitud no te preocupes si se dan las cosas quedara casi como nueva no he visto rastros de las primeras infecciones que has mostrado asi que ese ultimo escaneo de malwarebytes tienes que traerme reporte (pero ya no lo pases mas) y despues sigues con las otras herramientas y me traes su reporte.

      NOTA: tomate el tiempo que necesites porque el Dr.WEB es un poco Lento (pero efectivo) lo mando porque me has pegado varios reportes y en cada uno veo algo nuevo por eso entre con todo con las ultimas herramientas que te deje y no te preocupes si saldremos de esta

      RECUERDA: formatear es la ultima opción amigo
      Última edición por M4RTYN fecha: 24/10/12 a las 16:43:18

    7. #7
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      Hola M4RTIN termine el informe y detecto 6 anteriormentete habia detectado 20 archivos infectados,quedan 6
      pasare con los siguientes analisis que faltan, puedo darle click en eliminar o los dejo en cuarentena.

      Malwarebytes Anti-Malware (PRO) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.10.24.06

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 9.0.8112.16421
      usuario :: USUARIO-PC [administrador]

      Protección: Habilitado

      24/10/2012 02:42:36 p.m.
      mbam-log-2012-10-24 (16-24-05).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 431867
      Tiempo transcurrido: 1 hora(s), 39 minuto(s), 47 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 6
      C:\Users\usuario\DoctorWeb\Quarantine\nitro.pdf.6.x.+.7.x-patc0.exe (PUP.Hacktool.Patcher) -> No se tomaron medidas.
      C:\Users\usuario\DoctorWeb\Quarantine\nitro.pdf.6.x.+.7.x-patc1.exe (PUP.Hacktool.Patcher) -> No se tomaron medidas.
      C:\Users\usuario\DoctorWeb\Quarantine\nitro.pdf.6.x.+.7.x-patch.exe (PUP.Hacktool.Patcher) -> No se tomaron medidas.
      C:\Users\usuario\DoctorWeb\Quarantine\nitro.pdf.6.x.+.7.x-patch.exe.BAK (PUP.Hacktool.Patcher) -> No se tomaron medidas.
      C:\Users\usuario\DoctorWeb\Quarantine\nitro.pdf.6.x.+.7.x-patch.exe.tmp (PUP.Hacktool.Patcher) -> No se tomaron medidas.
      C:\Users\usuario\Downloads\Windows Loader\Windows Loader.exe (PUP.HackTool.H) -> No se tomaron medidas.

      fin)

    8. #8
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: computador infectado

      No los eliminastes (sale no se tomaron medidas)

      eliminalos y sigue con las demas herramientas (tomate tu tiempo por aqui estare esperando )

    9. #9
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      Buenas noches M4RTIN pego dos informes me falta uno pero voy a dejarlo en la noche, el Dr cur it. usted dira que acciones tengo que seguir de acuerdo a estos informes para eliminar los detectados GRACIAS POR TODO hasta la proxima

      Rkill 2.4.3 by Lawrence Abrams (Grinler)
      Bleeping Computer - Technical Support and Computer Help
      Copyright 2008-2012 BleepingComputer.com
      More Information about Rkill can be found at this link:
      RKill - What it does and What it Doesn't - A brief introduction to the program

      Program started at: 10/26/2012 07:30:16 PM in x86 mode.
      Windows Version: Windows 7 Home Basic Service Pack 1

      Checking for Windows services to stop:

      * No malware services found to stop.

      Checking for processes to terminate:

      * C:\Users\usuario\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PID: 2928) [UP-HEUR]

      1 proccess terminated!

      Checking Registry for malware related settings:

      * No issues found in the Registry.

      Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

      Performing miscellaneous checks:

      * No issues found.

      Checking Windows Service Integrity:

      * No issues found.

      Searching for Missing Digital Signatures:

      * No issues found.

      Checking HOSTS File:

      * No issues found.

      Program finished at: 10/26/2012 07:30:52 PM
      Execution time: 0 hours(s), 0 minute(s), and 36 seconds(s)



      20:00:08.0096 1064 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
      20:00:08.0595 1064 ============================================================
      20:00:08.0595 1064 Current date / time: 2012/10/26 20:00:08.0595
      20:00:08.0595 1064 SystemInfo:
      20:00:08.0595 1064
      20:00:08.0595 1064 OS Version: 6.1.7601 ServicePack: 1.0
      20:00:08.0595 1064 Product type: Workstation
      20:00:08.0595 1064 ComputerName: USUARIO-PC
      20:00:08.0595 1064 UserName: usuario
      20:00:08.0595 1064 Windows directory: C:\Windows
      20:00:08.0595 1064 System windows directory: C:\Windows
      20:00:08.0595 1064 Processor architecture: Intel x86
      20:00:08.0595 1064 Number of processors: 1
      20:00:08.0595 1064 Page size: 0x1000
      20:00:08.0595 1064 Boot type: Normal boot
      20:00:08.0595 1064 ============================================================
      20:00:10.0015 1064 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
      20:00:10.0030 1064 ============================================================
      20:00:10.0030 1064 \Device\Harddisk0\DR0:
      20:00:10.0030 1064 MBR partitions:
      20:00:10.0030 1064 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
      20:00:10.0030 1064 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B8F0800
      20:00:10.0030 1064 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B954800, BlocksNum 0x1870800
      20:00:10.0030 1064 ============================================================
      20:00:10.0077 1064 C: <-> \Device\Harddisk0\DR0\Partition2
      20:00:10.0124 1064 D: <-> \Device\Harddisk0\DR0\Partition3
      20:00:10.0155 1064 ============================================================
      20:00:10.0155 1064 Initialize success
      20:00:10.0155 1064 ============================================================
      20:00:23.0540 4744 ============================================================
      20:00:23.0540 4744 Scan started
      20:00:23.0540 4744 Mode: Manual; SigCheck; TDLFS;
      20:00:23.0540 4744 ============================================================
      20:00:24.0320 4744 ================ Scan system memory ========================
      20:00:24.0320 4744 System memory - ok
      20:00:24.0320 4744 ================ Scan services =============================
      20:00:24.0570 4744 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
      20:00:24.0679 4744 1394ohci - ok
      20:00:24.0726 4744 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
      20:00:24.0757 4744 ACPI - ok
      20:00:24.0882 4744 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
      20:00:24.0913 4744 AcpiPmi - ok
      20:00:25.0038 4744 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      20:00:25.0085 4744 AdobeFlashPlayerUpdateSvc - ok
      20:00:25.0147 4744 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
      20:00:25.0163 4744 adp94xx - ok
      20:00:25.0225 4744 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
      20:00:25.0241 4744 adpahci - ok
      20:00:25.0287 4744 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
      20:00:25.0303 4744 adpu320 - ok
      20:00:25.0350 4744 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      20:00:25.0365 4744 AeLookupSvc - ok
      20:00:25.0537 4744 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe
      20:00:25.0568 4744 AESTFilters - ok
      20:00:25.0615 4744 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
      20:00:25.0646 4744 AFD - ok
      20:00:25.0865 4744 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
      20:00:25.0927 4744 AgereModemAudio - ok
      20:00:26.0005 4744 [ FAA5A0B80E011464C7654851CE3D7FE7 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
      20:00:26.0083 4744 AgereSoftModem - ok
      20:00:26.0130 4744 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
      20:00:26.0161 4744 agp440 - ok
      20:00:26.0208 4744 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
      20:00:26.0239 4744 aic78xx - ok
      20:00:26.0301 4744 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
      20:00:26.0333 4744 ALG - ok
      20:00:26.0379 4744 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
      20:00:26.0395 4744 aliide - ok
      20:00:26.0457 4744 [ 92543DA5BB9775978FDBC1650C24A058 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
      20:00:26.0489 4744 AMD External Events Utility - ok
      20:00:26.0535 4744 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
      20:00:26.0551 4744 amdagp - ok
      20:00:26.0582 4744 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
      20:00:26.0598 4744 amdide - ok
      20:00:26.0645 4744 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
      20:00:26.0660 4744 AmdK8 - ok
      20:00:26.0707 4744 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
      20:00:26.0754 4744 AmdPPM - ok
      20:00:26.0816 4744 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
      20:00:26.0832 4744 amdsata - ok
      20:00:26.0879 4744 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
      20:00:26.0894 4744 amdsbs - ok
      20:00:26.0910 4744 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      20:00:26.0941 4744 amdxata - ok
      20:00:27.0003 4744 [ 7DF70A08B56CBBC874744D9B0B396272 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
      20:00:27.0081 4744 ApfiltrService - ok
      20:00:27.0144 4744 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
      20:00:27.0191 4744 AppID - ok
      20:00:27.0237 4744 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      20:00:27.0284 4744 AppIDSvc - ok
      20:00:27.0315 4744 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
      20:00:27.0378 4744 Appinfo - ok
      20:00:27.0425 4744 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
      20:00:27.0456 4744 arc - ok
      20:00:27.0471 4744 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
      20:00:27.0487 4744 arcsas - ok
      20:00:27.0534 4744 [ 054DF24C92B55427E0757CFFF160E4F2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
      20:00:27.0581 4744 aswFsBlk - ok
      20:00:27.0643 4744 [ 258143605E77E4008F1758481D6A977D ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
      20:00:27.0659 4744 aswMonFlt - ok
      20:00:27.0690 4744 [ 352D5A48EBAB35A7693B048679304831 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
      20:00:27.0705 4744 aswRdr - ok
      20:00:27.0783 4744 [ 8D34D2B24297E27D93E847319ABFDEC4 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
      20:00:27.0830 4744 aswSnx - ok
      20:00:27.0846 4744 [ 010012597333DA1F46C3243F33F8409E ] aswSP C:\Windows\system32\drivers\aswSP.sys
      20:00:27.0877 4744 aswSP - ok
      20:00:27.0893 4744 [ F9F84364416658E9786235904D448D37 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
      20:00:27.0924 4744 aswTdi - ok
      20:00:27.0955 4744 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      20:00:27.0986 4744 AsyncMac - ok
      20:00:28.0017 4744 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
      20:00:28.0033 4744 atapi - ok
      20:00:28.0127 4744 [ BB9E7C7F937714F05A4E05C287D6DDFF ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
      20:00:28.0142 4744 AtiHdmiService - ok
      20:00:28.0298 4744 [ 632A5BE70D168B84F658A82AC8DBBEAD ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
      20:00:28.0407 4744 atikmdag - ok
      20:00:28.0454 4744 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
      20:00:28.0470 4744 AtiPcie - ok
      20:00:28.0532 4744 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      20:00:28.0610 4744 AudioEndpointBuilder - ok
      20:00:28.0626 4744 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
      20:00:28.0673 4744 Audiosrv - ok
      20:00:28.0766 4744 [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
      20:00:28.0797 4744 avast! Antivirus - ok
      20:00:28.0844 4744 [ 54DA0F700393AF2F1E9CD54A82F0C5A4 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
      20:00:28.0860 4744 avgtp - ok
      20:00:28.0922 4744 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
      20:00:28.0969 4744 AxInstSV - ok
      20:00:29.0031 4744 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
      20:00:29.0094 4744 b06bdrv - ok
      20:00:29.0141 4744 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
      20:00:29.0156 4744 b57nd60x - ok
      20:00:29.0265 4744 [ DBF43DB0C648DB9101D61041E00DF5C4 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
      20:00:29.0297 4744 BBSvc - ok
      20:00:29.0406 4744 [ B9E94D37FC08525D893B632A0CA2E18C ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
      20:00:29.0499 4744 BCM43XX - ok
      20:00:29.0546 4744 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
      20:00:29.0624 4744 BDESVC - ok
      20:00:29.0671 4744 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
      20:00:29.0718 4744 Beep - ok
      20:00:29.0780 4744 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
      20:00:29.0843 4744 BFE - ok
      20:00:29.0905 4744 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
      20:00:29.0952 4744 BITS - ok
      20:00:29.0983 4744 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
      20:00:30.0014 4744 blbdrive - ok
      20:00:30.0061 4744 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      20:00:30.0092 4744 bowser - ok
      20:00:30.0108 4744 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
      20:00:30.0139 4744 BrFiltLo - ok
      20:00:30.0155 4744 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
      20:00:30.0186 4744 BrFiltUp - ok
      20:00:30.0233 4744 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
      20:00:30.0295 4744 Browser - ok
      20:00:30.0311 4744 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      20:00:30.0389 4744 Brserid - ok
      20:00:30.0420 4744 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      20:00:30.0451 4744 BrSerWdm - ok
      20:00:30.0482 4744 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      20:00:30.0529 4744 BrUsbMdm - ok
      20:00:30.0545 4744 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      20:00:30.0591 4744 BrUsbSer - ok
      20:00:30.0654 4744 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
      20:00:30.0685 4744 BthEnum - ok
      20:00:30.0716 4744 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
      20:00:30.0763 4744 BTHMODEM - ok
      20:00:30.0794 4744 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
      20:00:30.0872 4744 BthPan - ok
      20:00:31.0091 4744 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
      20:00:31.0137 4744 BTHPORT - ok
      20:00:31.0184 4744 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
      20:00:31.0231 4744 bthserv - ok
      20:00:31.0262 4744 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
      20:00:31.0293 4744 BTHUSB - ok
      20:00:31.0340 4744 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      20:00:31.0371 4744 cdfs - ok
      20:00:31.0418 4744 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      20:00:31.0449 4744 cdrom - ok
      20:00:31.0496 4744 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
      20:00:31.0527 4744 CertPropSvc - ok
      20:00:31.0559 4744 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
      20:00:31.0590 4744 circlass - ok
      20:00:31.0621 4744 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
      20:00:31.0652 4744 CLFS - ok
      20:00:31.0761 4744 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      20:00:31.0793 4744 clr_optimization_v2.0.50727_32 - ok
      20:00:31.0917 4744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      20:00:31.0980 4744 clr_optimization_v4.0.30319_32 - ok
      20:00:32.0011 4744 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      20:00:32.0042 4744 CmBatt - ok
      20:00:32.0073 4744 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
      20:00:32.0089 4744 cmdide - ok
      20:00:32.0136 4744 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
      20:00:32.0183 4744 CNG - ok
      20:00:32.0307 4744 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
      20:00:32.0339 4744 Com4QLBEx - ok
      20:00:32.0370 4744 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      20:00:32.0385 4744 Compbatt - ok
      20:00:32.0448 4744 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
      20:00:32.0495 4744 CompositeBus - ok
      20:00:32.0510 4744 COMSysApp - ok
      20:00:32.0541 4744 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
      20:00:32.0557 4744 crcdisk - ok
      20:00:32.0635 4744 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
      20:00:32.0666 4744 CryptSvc - ok
      20:00:32.0729 4744 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
      20:00:32.0791 4744 DcomLaunch - ok
      20:00:32.0853 4744 [ 2AB40D0F2C34549604C75DC0B54451E7 ] DefaultTabSearch C:\Program Files\DefaultTab\DefaultTabSearch.exe
      20:00:32.0885 4744 DefaultTabSearch ( UnsignedFile.Multi.Generic ) - warning
      20:00:32.0885 4744 DefaultTabSearch - detected UnsignedFile.Multi.Generic (1)
      20:00:33.0041 4744 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\usuario\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
      20:00:33.0056 4744 DefaultTabUpdate ( UnsignedFile.Multi.Generic ) - warning
      20:00:33.0056 4744 DefaultTabUpdate - detected UnsignedFile.Multi.Generic (1)
      20:00:33.0103 4744 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
      20:00:33.0150 4744 defragsvc - ok
      20:00:33.0228 4744 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      20:00:33.0259 4744 DfsC - ok
      20:00:33.0337 4744 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
      20:00:33.0399 4744 Dhcp - ok
      20:00:33.0446 4744 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
      20:00:33.0509 4744 discache - ok
      20:00:33.0618 4744 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
      20:00:33.0649 4744 Disk - ok
      20:00:33.0696 4744 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      20:00:33.0758 4744 Dnscache - ok
      20:00:33.0805 4744 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
      20:00:33.0867 4744 dot3svc - ok
      20:00:33.0914 4744 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
      20:00:33.0977 4744 DPS - ok
      20:00:34.0023 4744 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      20:00:34.0039 4744 drmkaud - ok
      20:00:34.0117 4744 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
      20:00:34.0148 4744 dtsoftbus01 - ok
      20:00:34.0195 4744 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      20:00:34.0242 4744 DXGKrnl - ok
      20:00:34.0304 4744 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
      20:00:34.0367 4744 EapHost - ok
      20:00:34.0507 4744 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
      20:00:34.0632 4744 ebdrv - ok
      20:00:34.0663 4744 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
      20:00:34.0694 4744 EFS - ok
      20:00:34.0757 4744 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
      20:00:34.0803 4744 elxstor - ok
      20:00:34.0850 4744 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
      20:00:34.0881 4744 ErrDev - ok
      20:00:34.0959 4744 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
      20:00:35.0006 4744 EventSystem - ok
      20:00:35.0069 4744 [ DAFC7E1B2FFA35CCBDDF95AE3E31BFAE ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
      20:00:35.0162 4744 ewusbnet - ok
      20:00:35.0193 4744 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
      20:00:35.0240 4744 exfat - ok
      20:00:35.0271 4744 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
      20:00:35.0303 4744 fastfat - ok
      20:00:35.0381 4744 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
      20:00:35.0505 4744 Fax - ok
      20:00:35.0537 4744 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      20:00:35.0552 4744 fdc - ok
      20:00:35.0599 4744 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
      20:00:35.0661 4744 fdPHost - ok
      20:00:35.0708 4744 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
      20:00:35.0755 4744 FDResPub - ok
      20:00:35.0802 4744 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      20:00:35.0817 4744 FileInfo - ok
      20:00:35.0849 4744 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      20:00:35.0880 4744 Filetrace - ok
      20:00:35.0895 4744 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      20:00:35.0927 4744 flpydisk - ok
      20:00:35.0958 4744 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      20:00:35.0989 4744 FltMgr - ok
      20:00:36.0051 4744 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
      20:00:36.0145 4744 FontCache - ok
      20:00:36.0223 4744 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      20:00:36.0239 4744 FontCache3.0.0.0 - ok
      20:00:36.0254 4744 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      20:00:36.0270 4744 FsDepends - ok
      20:00:36.0317 4744 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      20:00:36.0332 4744 Fs_Rec - ok
      20:00:36.0379 4744 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      20:00:36.0410 4744 fvevol - ok
      20:00:36.0457 4744 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
      20:00:36.0473 4744 gagp30kx - ok
      20:00:36.0535 4744 [ 521A469CAF61F00E1DE081CC2099C1D6 ] GameConsoleService C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
      20:00:36.0551 4744 GameConsoleService - ok
      20:00:36.0613 4744 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
      20:00:36.0707 4744 gpsvc - ok
      20:00:36.0738 4744 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      20:00:36.0816 4744 hcw85cir - ok
      20:00:36.0863 4744 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      20:00:36.0909 4744 HdAudAddService - ok
      20:00:36.0941 4744 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
      20:00:37.0003 4744 HDAudBus - ok
      20:00:37.0034 4744 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
      20:00:37.0081 4744 HidBatt - ok
      20:00:37.0112 4744 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
      20:00:37.0159 4744 HidBth - ok
      20:00:37.0221 4744 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
      20:00:37.0237 4744 HidIr - ok
      20:00:37.0284 4744 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
      20:00:37.0331 4744 hidserv - ok
      20:00:37.0393 4744 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      20:00:37.0409 4744 HidUsb - ok
      20:00:37.0455 4744 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
      20:00:37.0502 4744 hkmsvc - ok
      20:00:37.0533 4744 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      20:00:37.0580 4744 HomeGroupListener - ok
      20:00:37.0627 4744 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      20:00:37.0658 4744 HomeGroupProvider - ok
      20:00:37.0705 4744 [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      20:00:37.0736 4744 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
      20:00:37.0736 4744 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
      20:00:37.0783 4744 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
      20:00:37.0830 4744 HpqKbFiltr - ok
      20:00:37.0861 4744 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      20:00:37.0892 4744 hpqwmiex - ok
      20:00:37.0939 4744 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
      20:00:37.0986 4744 HpSAMD - ok
      20:00:38.0048 4744 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      20:00:38.0079 4744 HTTP - ok
      20:00:38.0142 4744 [ C1258ADCBE6E51A3C06C234D2BDB81B5 ] Huawei C:\Windows\system32\DRIVERS\ewdcsc.sys
      20:00:38.0204 4744 Huawei - ok
      20:00:38.0282 4744 [ 1FC7A63148E4F2BD831DAB0DC732026D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
      20:00:38.0329 4744 hwdatacard - ok
      20:00:38.0376 4744 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      20:00:38.0391 4744 hwpolicy - ok
      20:00:38.0454 4744 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
      20:00:38.0485 4744 hwusbdev - ok
      20:00:38.0532 4744 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
      20:00:38.0563 4744 i8042prt - ok
      20:00:38.0610 4744 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      20:00:38.0641 4744 iaStorV - ok
      20:00:38.0719 4744 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      20:00:38.0781 4744 idsvc - ok
      20:00:38.0891 4744 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
      20:00:38.0922 4744 iirsp - ok
      20:00:39.0000 4744 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
      20:00:39.0093 4744 IKEEXT - ok
      20:00:39.0125 4744 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
      20:00:39.0156 4744 intelide - ok
      20:00:39.0203 4744 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      20:00:39.0234 4744 intelppm - ok
      20:00:39.0265 4744 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      20:00:39.0312 4744 IPBusEnum - ok
      20:00:39.0359 4744 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      20:00:39.0405 4744 IpFilterDriver - ok
      20:00:39.0452 4744 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      20:00:39.0530 4744 iphlpsvc - ok
      20:00:39.0577 4744 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
      20:00:39.0608 4744 IPMIDRV - ok
      20:00:39.0655 4744 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      20:00:39.0686 4744 IPNAT - ok
      20:00:39.0733 4744 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
      20:00:39.0749 4744 IRENUM - ok
      20:00:39.0764 4744 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      20:00:39.0780 4744 isapnp - ok
      20:00:39.0842 4744 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
      20:00:39.0873 4744 iScsiPrt - ok
      20:00:39.0936 4744 [ 8C17DEB1995E593853373C30485E7368 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
      20:00:39.0983 4744 JMCR - ok
      20:00:40.0029 4744 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
      20:00:40.0045 4744 kbdclass - ok
      20:00:40.0107 4744 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
      20:00:40.0139 4744 kbdhid - ok
      20:00:40.0154 4744 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
      20:00:40.0185 4744 KeyIso - ok
      20:00:40.0217 4744 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      20:00:40.0232 4744 KSecDD - ok
      20:00:40.0263 4744 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      20:00:40.0279 4744 KSecPkg - ok
      20:00:40.0326 4744 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
      20:00:40.0373 4744 KtmRm - ok
      20:00:40.0435 4744 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
      20:00:40.0482 4744 LanmanServer - ok
      20:00:40.0513 4744 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      20:00:40.0560 4744 LanmanWorkstation - ok
      20:00:40.0638 4744 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      20:00:40.0653 4744 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
      20:00:40.0653 4744 LightScribeService - detected UnsignedFile.Multi.Generic (1)
      20:00:40.0716 4744 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      20:00:40.0778 4744 lltdio - ok
      20:00:40.0903 4744 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
      20:00:40.0965 4744 lltdsvc - ok
      20:00:40.0997 4744 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
      20:00:41.0043 4744 lmhosts - ok
      20:00:41.0106 4744 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
      20:00:41.0137 4744 LSI_FC - ok
      20:00:41.0184 4744 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
      20:00:41.0199 4744 LSI_SAS - ok
      20:00:41.0231 4744 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
      20:00:41.0246 4744 LSI_SAS2 - ok
      20:00:41.0293 4744 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
      20:00:41.0309 4744 LSI_SCSI - ok
      20:00:41.0355 4744 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
      20:00:41.0387 4744 luafv - ok
      20:00:41.0449 4744 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
      20:00:41.0465 4744 MBAMProtector - ok
      20:00:41.0543 4744 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      20:00:41.0589 4744 MBAMScheduler - ok
      20:00:41.0667 4744 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      20:00:41.0714 4744 MBAMService - ok
      20:00:41.0761 4744 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
      20:00:41.0777 4744 megasas - ok
      20:00:41.0808 4744 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
      20:00:41.0839 4744 MegaSR - ok
      20:00:41.0917 4744 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
      20:00:41.0948 4744 Microsoft Office Groove Audit Service - ok
      20:00:41.0979 4744 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
      20:00:42.0026 4744 MMCSS - ok
      20:00:42.0057 4744 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
      20:00:42.0104 4744 Modem - ok
      20:00:42.0135 4744 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      20:00:42.0167 4744 monitor - ok
      20:00:42.0213 4744 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      20:00:42.0229 4744 mouclass - ok
      20:00:42.0276 4744 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      20:00:42.0307 4744 mouhid - ok
      20:00:42.0338 4744 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      20:00:42.0369 4744 mountmgr - ok
      20:00:42.0463 4744 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      20:00:42.0494 4744 MozillaMaintenance - ok
      20:00:42.0541 4744 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
      20:00:42.0572 4744 mpio - ok
      20:00:42.0619 4744 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      20:00:42.0666 4744 mpsdrv - ok
      20:00:42.0728 4744 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
      20:00:42.0822 4744 MpsSvc - ok
      20:00:42.0869 4744 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      20:00:42.0900 4744 MRxDAV - ok
      20:00:42.0947 4744 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      20:00:42.0978 4744 mrxsmb - ok
      20:00:43.0009 4744 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      20:00:43.0025 4744 mrxsmb10 - ok
      20:00:43.0056 4744 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      20:00:43.0087 4744 mrxsmb20 - ok
      20:00:43.0118 4744 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
      20:00:43.0149 4744 msahci - ok
      20:00:43.0165 4744 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      20:00:43.0196 4744 msdsm - ok
      20:00:43.0212 4744 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
      20:00:43.0259 4744 MSDTC - ok
      20:00:43.0321 4744 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
      20:00:43.0368 4744 Msfs - ok
      20:00:43.0399 4744 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      20:00:43.0430 4744 mshidkmdf - ok
      20:00:43.0461 4744 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      20:00:43.0493 4744 msisadrv - ok
      20:00:43.0524 4744 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      20:00:43.0586 4744 MSiSCSI - ok
      20:00:43.0602 4744 msiserver - ok
      20:00:43.0649 4744 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      20:00:43.0680 4744 MSKSSRV - ok
      20:00:43.0727 4744 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      20:00:43.0758 4744 MSPCLOCK - ok
      20:00:43.0773 4744 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      20:00:43.0820 4744 MSPQM - ok
      20:00:43.0851 4744 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      20:00:43.0867 4744 MsRPC - ok
      20:00:43.0898 4744 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
      20:00:43.0914 4744 mssmbios - ok
      20:00:43.0945 4744 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      20:00:43.0976 4744 MSTEE - ok
      20:00:44.0023 4744 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
      20:00:44.0054 4744 MTConfig - ok
      20:00:44.0070 4744 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
      20:00:44.0085 4744 Mup - ok
      20:00:44.0148 4744 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
      20:00:44.0226 4744 napagent - ok
      20:00:44.0273 4744 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      20:00:44.0288 4744 NativeWifiP - ok
      20:00:44.0335 4744 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
      20:00:44.0366 4744 NDIS - ok
      20:00:44.0413 4744 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      20:00:44.0460 4744 NdisCap - ok
      20:00:44.0507 4744 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      20:00:44.0538 4744 NdisTapi - ok
      20:00:44.0600 4744 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      20:00:44.0631 4744 Ndisuio - ok
      20:00:44.0678 4744 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      20:00:44.0725 4744 NdisWan - ok
      20:00:44.0756 4744 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      20:00:44.0803 4744 NDProxy - ok
      20:00:44.0834 4744 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      20:00:44.0881 4744 NetBIOS - ok
      20:00:44.0912 4744 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      20:00:44.0943 4744 NetBT - ok
      20:00:44.0975 4744 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
      20:00:44.0990 4744 Netlogon - ok
      20:00:45.0053 4744 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
      20:00:45.0084 4744 Netman - ok
      20:00:45.0131 4744 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
      20:00:45.0209 4744 netprofm - ok
      20:00:45.0240 4744 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      20:00:45.0271 4744 NetTcpPortSharing - ok
      20:00:45.0302 4744 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
      20:00:45.0318 4744 nfrd960 - ok
      20:00:45.0349 4744 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
      20:00:45.0427 4744 NlaSvc - ok
      20:00:45.0536 4744 [ FAC20F9060FF9C74AF0C8A002BB04AE7 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
      20:00:45.0552 4744 nlsX86cc - ok
      20:00:45.0583 4744 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
      20:00:45.0630 4744 Npfs - ok
      20:00:45.0661 4744 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
      20:00:45.0723 4744 nsi - ok
      20:00:45.0770 4744 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      20:00:45.0801 4744 nsiproxy - ok
      20:00:45.0895 4744 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      20:00:45.0942 4744 Ntfs - ok
      20:00:45.0957 4744 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
      20:00:46.0004 4744 Null - ok
      20:00:46.0051 4744 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
      20:00:46.0098 4744 NVENETFD - ok
      20:00:46.0145 4744 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
      20:00:46.0176 4744 nvraid - ok
      20:00:46.0223 4744 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
      20:00:46.0238 4744 nvstor - ok
      20:00:46.0269 4744 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      20:00:46.0285 4744 nv_agp - ok
      20:00:46.0379 4744 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      20:00:46.0441 4744 odserv - ok
      20:00:46.0472 4744 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
      20:00:46.0503 4744 ohci1394 - ok
      20:00:46.0550 4744 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      20:00:46.0597 4744 ose - ok
      20:00:46.0659 4744 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      20:00:46.0737 4744 p2pimsvc - ok
      20:00:46.0753 4744 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
      20:00:46.0800 4744 p2psvc - ok
      20:00:46.0847 4744 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
      20:00:46.0862 4744 Parport - ok
      20:00:46.0893 4744 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
      20:00:46.0909 4744 partmgr - ok
      20:00:46.0940 4744 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
      20:00:46.0956 4744 Parvdm - ok
      20:00:46.0971 4744 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
      20:00:47.0003 4744 PcaSvc - ok
      20:00:47.0049 4744 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
      20:00:47.0081 4744 pci - ok
      20:00:47.0096 4744 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
      20:00:47.0112 4744 pciide - ok
      20:00:47.0174 4744 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
      20:00:47.0205 4744 pcmcia - ok
      20:00:47.0252 4744 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
      20:00:47.0268 4744 pcw - ok
      20:00:47.0315 4744 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      20:00:47.0393 4744 PEAUTH - ok
      20:00:47.0517 4744 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
      20:00:47.0627 4744 pla - ok
      20:00:47.0689 4744 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      20:00:47.0751 4744 PlugPlay - ok
      20:00:47.0783 4744 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      20:00:47.0829 4744 PNRPAutoReg - ok
      20:00:47.0876 4744 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      20:00:47.0907 4744 PNRPsvc - ok
      20:00:47.0939 4744 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      20:00:47.0985 4744 PolicyAgent - ok
      20:00:48.0032 4744 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
      20:00:48.0063 4744 Power - ok
      20:00:48.0110 4744 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      20:00:48.0157 4744 PptpMiniport - ok
      20:00:48.0188 4744 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
      20:00:48.0204 4744 Processor - ok
      20:00:48.0266 4744 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
      20:00:48.0297 4744 ProfSvc - ok
      20:00:48.0329 4744 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
      20:00:48.0360 4744 ProtectedStorage - ok
      20:00:48.0391 4744 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      20:00:48.0422 4744 Psched - ok
      20:00:48.0485 4744 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
      20:00:48.0500 4744 PSI_SVC_2 - ok
      20:00:48.0578 4744 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
      20:00:48.0641 4744 ql2300 - ok
      20:00:48.0656 4744 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
      20:00:48.0687 4744 ql40xx - ok
      20:00:48.0734 4744 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
      20:00:48.0781 4744 QWAVE - ok
      20:00:48.0812 4744 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      20:00:48.0843 4744 QWAVEdrv - ok
      20:00:48.0890 4744 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      20:00:48.0921 4744 RasAcd - ok
      20:00:48.0968 4744 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      20:00:49.0015 4744 RasAgileVpn - ok
      20:00:49.0046 4744 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
      20:00:49.0093 4744 RasAuto - ok
      20:00:49.0109 4744 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      20:00:49.0155 4744 Rasl2tp - ok
      20:00:49.0202 4744 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
      20:00:49.0280 4744 RasMan - ok
      20:00:49.0311 4744 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      20:00:49.0343 4744 RasPppoe - ok
      20:00:49.0374 4744 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      20:00:49.0436 4744 RasSstp - ok
      20:00:49.0483 4744 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      20:00:49.0545 4744 rdbss - ok
      20:00:49.0561 4744 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
      20:00:49.0592 4744 rdpbus - ok
      20:00:49.0670 4744 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      20:00:49.0701 4744 RDPCDD - ok
      20:00:49.0779 4744 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      20:00:49.0826 4744 RDPENCDD - ok
      20:00:49.0857 4744 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      20:00:49.0920 4744 RDPREFMP - ok
      20:00:49.0967 4744 [ 244C83332F44589AE98FC347F11B2693 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      20:00:49.0982 4744 RDPWD - ok
      20:00:50.0045 4744 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      20:00:50.0076 4744 rdyboost - ok
      20:00:50.0107 4744 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
      20:00:50.0169 4744 RemoteAccess - ok
      20:00:50.0232 4744 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      20:00:50.0279 4744 RemoteRegistry - ok
      20:00:50.0341 4744 [ B9BB8E2093C1615AD6EA55AD96214354 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
      20:00:50.0357 4744 Revoflt - ok
      20:00:50.0403 4744 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
      20:00:50.0450 4744 RFCOMM - ok
      20:00:50.0544 4744 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
      20:00:50.0591 4744 RichVideo - ok
      20:00:50.0637 4744 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      20:00:50.0700 4744 RpcEptMapper - ok
      20:00:50.0747 4744 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
      20:00:50.0778 4744 RpcLocator - ok
      20:00:50.0825 4744 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
      20:00:50.0871 4744 RpcSs - ok
      20:00:50.0918 4744 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      20:00:50.0965 4744 rspndr - ok
      20:00:51.0012 4744 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
      20:00:51.0090 4744 RTL8167 - ok
      20:00:51.0105 4744 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
      20:00:51.0121 4744 SamSs - ok
      20:00:51.0168 4744 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      20:00:51.0215 4744 sbp2port - ok
      20:00:51.0246 4744 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
      20:00:51.0308 4744 SCardSvr - ok
      20:00:51.0355 4744 [ 89CF8543BB208261C5A684636D379154 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
      20:00:51.0371 4744 SCDEmu - ok
      20:00:51.0417 4744 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      20:00:51.0449 4744 scfilter - ok
      20:00:51.0495 4744 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
      20:00:51.0558 4744 Schedule - ok
      20:00:51.0573 4744 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
      20:00:51.0605 4744 SCPolicySvc - ok
      20:00:51.0651 4744 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
      20:00:51.0667 4744 sdbus - ok
      20:00:51.0729 4744 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      20:00:51.0776 4744 SDRSVC - ok
      20:00:51.0885 4744 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
      20:00:51.0932 4744 SeaPort - ok
      20:00:51.0979 4744 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      20:00:52.0026 4744 secdrv - ok
      20:00:52.0088 4744 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
      20:00:52.0151 4744 seclogon - ok
      20:00:52.0213 4744 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
      20:00:52.0260 4744 SENS - ok
      20:00:52.0353 4744 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
      20:00:52.0385 4744 SensrSvc - ok
      20:00:52.0400 4744 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
      20:00:52.0431 4744 Serenum - ok
      20:00:52.0447 4744 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
      20:00:52.0463 4744 Serial - ok
      20:00:52.0509 4744 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
      20:00:52.0541 4744 sermouse - ok
      20:00:52.0603 4744 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
      20:00:52.0665 4744 SessionEnv - ok
      20:00:52.0697 4744 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      20:00:52.0728 4744 sffdisk - ok
      20:00:52.0743 4744 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      20:00:52.0806 4744 sffp_mmc - ok
      20:00:52.0837 4744 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      20:00:52.0853 4744 sffp_sd - ok
      20:00:52.0899 4744 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
      20:00:52.0915 4744 sfloppy - ok
      20:00:52.0962 4744 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
      20:00:53.0024 4744 SharedAccess - ok
      20:00:53.0071 4744 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      20:00:53.0102 4744 ShellHWDetection - ok
      20:00:53.0149 4744 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
      20:00:53.0180 4744 sisagp - ok
      20:00:53.0227 4744 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
      20:00:53.0243 4744 SiSRaid2 - ok
      20:00:53.0274 4744 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
      20:00:53.0305 4744 SiSRaid4 - ok
      20:00:53.0352 4744 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
      20:00:53.0399 4744 Smb - ok
      20:00:53.0461 4744 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      20:00:53.0477 4744 SNMPTRAP - ok
      20:00:53.0492 4744 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
      20:00:53.0523 4744 spldr - ok
      20:00:53.0586 4744 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
      20:00:53.0617 4744 Spooler - ok
      20:00:53.0742 4744 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
      20:00:53.0882 4744 sppsvc - ok
      20:00:53.0929 4744 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      20:00:53.0976 4744 sppuinotify - ok
      20:00:54.0023 4744 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
      20:00:54.0054 4744 srv - ok
      20:00:54.0085 4744 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      20:00:54.0101 4744 srv2 - ok
      20:00:54.0147 4744 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
      20:00:54.0194 4744 SrvHsfHDA - ok
      20:00:54.0257 4744 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
      20:00:54.0319 4744 SrvHsfV92 - ok
      20:00:54.0350 4744 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
      20:00:54.0381 4744 SrvHsfWinac - ok
      20:00:54.0397 4744 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      20:00:54.0428 4744 srvnet - ok
      20:00:54.0444 4744 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      20:00:54.0491 4744 SSDPSRV - ok
      20:00:54.0537 4744 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
      20:00:54.0584 4744 SstpSvc - ok
      20:00:54.0693 4744 [ 05AE358CD777BF8857F512A18E1DE7AA ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe
      20:00:54.0725 4744 STacSV - ok
      20:00:54.0771 4744 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
      20:00:54.0787 4744 stexstor - ok
      20:00:54.0865 4744 [ E69A606872650B46DE54EC15DCC93529 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
      20:00:54.0896 4744 STHDA - ok
      20:00:54.0959 4744 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
      20:00:55.0005 4744 StiSvc - ok
      20:00:55.0052 4744 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
      20:00:55.0068 4744 swenum - ok
      20:00:55.0115 4744 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
      20:00:55.0177 4744 swprv - ok
      20:00:55.0255 4744 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
      20:00:55.0349 4744 SysMain - ok
      20:00:55.0395 4744 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
      20:00:55.0427 4744 TabletInputService - ok
      20:00:55.0473 4744 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
      20:00:55.0520 4744 TapiSrv - ok
      20:00:55.0551 4744 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
      20:00:55.0598 4744 TBS - ok
      20:00:55.0692 4744 [ 65D10B191C59C5501A1263FC33F6894B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      20:00:55.0723 4744 Tcpip - ok
      20:00:55.0801 4744 [ 65D10B191C59C5501A1263FC33F6894B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      20:00:55.0832 4744 TCPIP6 - ok
      20:00:55.0879 4744 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      20:00:55.0941 4744 tcpipreg - ok
      20:00:55.0973 4744 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      20:00:56.0004 4744 TDPIPE - ok
      20:00:56.0035 4744 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      20:00:56.0051 4744 TDTCP - ok
      20:00:56.0097 4744 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      20:00:56.0129 4744 tdx - ok
      20:00:56.0175 4744 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
      20:00:56.0191 4744 TermDD - ok
      20:00:56.0253 4744 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
      20:00:56.0285 4744 TermService - ok
      20:00:56.0316 4744 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
      20:00:56.0347 4744 Themes - ok
      20:00:56.0378 4744 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
      20:00:56.0409 4744 THREADORDER - ok
      20:00:56.0441 4744 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
      20:00:56.0487 4744 TrkWks - ok
      20:00:56.0565 4744 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      20:00:56.0612 4744 TrustedInstaller - ok
      20:00:56.0675 4744 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      20:00:56.0706 4744 tssecsrv - ok
      20:00:56.0753 4744 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
      20:00:56.0831 4744 TsUsbFlt - ok
      20:00:56.0862 4744 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      20:00:56.0909 4744 tunnel - ok
      20:00:56.0924 4744 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
      20:00:56.0955 4744 uagp35 - ok
      20:00:56.0971 4744 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      20:00:57.0018 4744 udfs - ok
      20:00:57.0080 4744 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      20:00:57.0111 4744 UI0Detect - ok
      20:00:57.0158 4744 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      20:00:57.0174 4744 uliagpkx - ok
      20:00:57.0221 4744 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
      20:00:57.0267 4744 umbus - ok
      20:00:57.0314 4744 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
      20:00:57.0330 4744 UmPass - ok
      20:00:57.0361 4744 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
      20:00:57.0408 4744 upnphost - ok
      20:00:57.0455 4744 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      20:00:57.0470 4744 usbccgp - ok
      20:00:57.0517 4744 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      20:00:57.0564 4744 usbcir - ok
      20:00:57.0595 4744 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      20:00:57.0626 4744 usbehci - ok
      20:00:57.0673 4744 [ 0150B06D3E73F6C27AFCB963FD931820 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
      20:00:57.0689 4744 usbfilter - ok
      20:00:57.0735 4744 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      20:00:57.0751 4744 usbhub - ok
      20:00:57.0813 4744 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
      20:00:57.0845 4744 usbohci - ok
      20:00:57.0891 4744 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      20:00:57.0907 4744 usbprint - ok
      20:00:57.0938 4744 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      20:00:57.0954 4744 USBSTOR - ok
      20:00:57.0985 4744 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
      20:00:58.0001 4744 usbuhci - ok
      20:00:58.0063 4744 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
      20:00:58.0110 4744 usbvideo - ok
      20:00:58.0157 4744 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
      20:00:58.0203 4744 UxSms - ok
      20:00:58.0235 4744 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
      20:00:58.0266 4744 VaultSvc - ok
      20:00:58.0297 4744 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
      20:00:58.0313 4744 vdrvroot - ok
      20:00:58.0375 4744 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
      20:00:58.0453 4744 vds - ok
      20:00:58.0500 4744 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      20:00:58.0531 4744 vga - ok
      20:00:58.0578 4744 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
      20:00:58.0609 4744 VgaSave - ok
      20:00:58.0656 4744 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
      20:00:58.0671 4744 vhdmp - ok
      20:00:58.0718 4744 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
      20:00:58.0734 4744 viaagp - ok
      20:00:58.0781 4744 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
      20:00:58.0796 4744 ViaC7 - ok
      20:00:58.0843 4744 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
      20:00:58.0859 4744 viaide - ok
      20:00:58.0905 4744 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      20:00:58.0921 4744 volmgr - ok
      20:00:58.0952 4744 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      20:00:58.0983 4744 volmgrx - ok
      20:00:59.0015 4744 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      20:00:59.0046 4744 volsnap - ok
      20:00:59.0077 4744 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
      20:00:59.0108 4744 vsmraid - ok
      20:00:59.0171 4744 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
      20:00:59.0264 4744 VSS - ok
      20:00:59.0342 4744 [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
      20:00:59.0389 4744 vToolbarUpdater13.2.0 - ok
      20:00:59.0420 4744 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
      20:00:59.0467 4744 vwifibus - ok
      20:00:59.0498 4744 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
      20:00:59.0529 4744 vwififlt - ok
      20:00:59.0561 4744 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
      20:00:59.0592 4744 vwifimp - ok
      20:00:59.0639 4744 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
      20:00:59.0685 4744 W32Time - ok
      20:00:59.0732 4744 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
      20:00:59.0763 4744 WacomPen - ok
      20:00:59.0810 4744 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      20:00:59.0857 4744 WANARP - ok
      20:00:59.0857 4744 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      20:00:59.0904 4744 Wanarpv6 - ok
      20:00:59.0951 4744 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
      20:01:00.0044 4744 wbengine - ok
      20:01:00.0075 4744 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      20:01:00.0122 4744 WbioSrvc - ok
      20:01:00.0169 4744 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
      20:01:00.0200 4744 wcncsvc - ok
      20:01:00.0231 4744 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      20:01:00.0294 4744 WcsPlugInService - ok
      20:01:00.0309 4744 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
      20:01:00.0325 4744 Wd - ok
      20:01:00.0372 4744 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      20:01:00.0419 4744 Wdf01000 - ok
      20:01:00.0434 4744 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
      20:01:00.0465 4744 WdiServiceHost - ok
      20:01:00.0481 4744 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
      20:01:00.0512 4744 WdiSystemHost - ok
      20:01:00.0559 4744 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
      20:01:00.0621 4744 WebClient - ok
      20:01:00.0668 4744 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
      20:01:00.0715 4744 Wecsvc - ok
      20:01:00.0746 4744 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
      20:01:00.0824 4744 wercplsupport - ok
      20:01:00.0871 4744 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
      20:01:00.0918 4744 WerSvc - ok
      20:01:00.0949 4744 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      20:01:00.0980 4744 WfpLwf - ok
      20:01:01.0011 4744 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      20:01:01.0027 4744 WIMMount - ok
      20:01:01.0121 4744 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
      20:01:01.0183 4744 WinDefend - ok
      20:01:01.0199 4744 WinHttpAutoProxySvc - ok
      20:01:01.0277 4744 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      20:01:01.0339 4744 Winmgmt - ok
      20:01:01.0401 4744 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
      20:01:01.0479 4744 WinRM - ok
      20:01:01.0542 4744 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
      20:01:01.0620 4744 WinUsb - ok
      20:01:01.0698 4744 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
      20:01:01.0760 4744 Wlansvc - ok
      20:01:01.0916 4744 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      20:01:01.0963 4744 wlidsvc - ok
      20:01:02.0025 4744 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      20:01:02.0072 4744 WmiAcpi - ok
      20:01:02.0135 4744 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      20:01:02.0181 4744 wmiApSrv - ok
      20:01:02.0291 4744 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
      20:01:02.0369 4744 WMPNetworkSvc - ok
      20:01:02.0400 4744 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
      20:01:02.0478 4744 WPCSvc - ok
      20:01:02.0525 4744 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      20:01:02.0556 4744 WPDBusEnum - ok
      20:01:02.0603 4744 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      20:01:02.0634 4744 ws2ifsl - ok
      20:01:02.0649 4744 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
      20:01:02.0696 4744 wscsvc - ok
      20:01:02.0712 4744 WSearch - ok
      20:01:02.0790 4744 [ 3026418A50C5B4761BEFA632CEDB7406 ] wuauserv C:\Windows\system32\wuaueng.dll
      20:01:02.0946 4744 wuauserv - ok
      20:01:02.0977 4744 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      20:01:03.0008 4744 WudfPf - ok
      20:01:03.0071 4744 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      20:01:03.0102 4744 WUDFRd - ok
      20:01:03.0164 4744 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      20:01:03.0195 4744 wudfsvc - ok
      20:01:03.0242 4744 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
      20:01:03.0289 4744 WwanSvc - ok
      20:01:03.0367 4744 [ E18EC62E707506A7B0C3C4190A534363 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
      20:01:03.0414 4744 ZTEusbmdm6k - ok
      20:01:03.0461 4744 [ E18EC62E707506A7B0C3C4190A534363 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
      20:01:03.0476 4744 ZTEusbnmea - ok
      20:01:03.0539 4744 [ E18EC62E707506A7B0C3C4190A534363 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
      20:01:03.0570 4744 ZTEusbser6k - ok
      20:01:03.0617 4744 [ E18EC62E707506A7B0C3C4190A534363 ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
      20:01:03.0632 4744 ZTEusbvoice - ok
      20:01:03.0679 4744 ================ Scan global ===============================
      20:01:03.0726 4744 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
      20:01:03.0773 4744 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
      20:01:03.0804 4744 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
      20:01:03.0835 4744 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
      20:01:03.0882 4744 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
      20:01:03.0897 4744 [Global] - ok
      20:01:03.0897 4744 ================ Scan MBR ==================================
      20:01:03.0913 4744 [ EE6FC79EAC306B2B389019B901C53EF4 ] \Device\Harddisk0\DR0
      20:01:04.0287 4744 \Device\Harddisk0\DR0 - ok
      20:01:04.0303 4744 ================ Scan VBR ==================================
      20:01:04.0303 4744 [ 5E7C18668299843E3FDDB8898B430788 ] \Device\Harddisk0\DR0\Partition1
      20:01:04.0303 4744 \Device\Harddisk0\DR0\Partition1 - ok
      20:01:04.0350 4744 [ E272028223E0849274AC1CB0439A684F ] \Device\Harddisk0\DR0\Partition2
      20:01:04.0350 4744 \Device\Harddisk0\DR0\Partition2 - ok
      20:01:04.0381 4744 [ 30BB2A1B6C7B691A7A62381E86F90579 ] \Device\Harddisk0\DR0\Partition3
      20:01:04.0397 4744 \Device\Harddisk0\DR0\Partition3 - ok
      20:01:04.0397 4744 ============================================================
      20:01:04.0397 4744 Scan finishe
      20:01:04.0397 4744 ============================================================
      20:01:04.0412 2184 Detected object count: 4
      20:01:04.0412 2184 Actual detected object count: 4
      20:03:07.0622 2184 DefaultTabSearch ( UnsignedFile.Multi.Generic ) - skipped by user
      20:03:07.0622 2184 DefaultTabSearch ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:03:07.0637 2184 DefaultTabUpdate ( UnsignedFile.Multi.Generic ) - skipped by user
      20:03:07.0637 2184 DefaultTabUpdate ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:03:07.0637 2184 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
      20:03:07.0637 2184 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:03:07.0637 2184 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
      20:03:07.0637 2184 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:04:15.0997 4588 Deinitialize success
      pues precisamente no se como operar con esas herrrameientas en medio di mi ignoragcia pero CREO Q C CON TAN INFORMES TAN LARGOS
      EL FORMATEO HUBIESE SIDO MAS EFICAZ
      Última edición por eddiec46 fecha: 29/10/12 a las 02:25:59 Razón: hola

    10. #10
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: computador infectado

      Hola espero el reporte de malwarebytes (donde eliminas las amenazas) y el del Dr. WEB

    Página 1 de 4 1234 ÚltimoÚltimo