• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    troyano win 32 adload da

    Buenas, tengo un problema con el troyano adload DA no lo doy eliminado y ni el avg, ni el malwarebytes, ni el superantispyware me lo detectan . Aqui dejo los informes del usb fix y ...

    1. #1
      Usuario Avatar de trueno66
      Registrado
      jul 2012
      Ubicación
      España
      Mensajes
      8

      Triste troyano win 32 adload da

      Buenas, tengo un problema con el troyano adload DA no lo doy eliminado y ni el avg, ni el malwarebytes, ni el superantispyware me lo detectan. Aqui dejo los informes del usb fix y del malwarebytes
      usb fix
      ############################## | UsbFix V 7.096 | [Supresión]

      Usuario: taty (Administrador) # DELL-PORTATIL
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 11:21:43 | 16/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: http://forum.eldesaparecido.com
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Dell Inc. (Vostro 3500) (X86-based PC) # Notebook
      CPU: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz (2527)
      RAM -> [Total : 2743 | Free : 1870]
      BIOS: BIOS Date: 01/09/10 15:17:22 Ver: 08.00.10
      BOOT: Fail-safe boot

      OS: Microsoft Windows 7 Home Premium (6.1.7600 32-Bit) #
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: AVG Anti-Virus Free Edition 2013 [Enabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 283 Gb (23 Mb libre(s) - 8%) [OS] # NTFS
      D:\ -> CD-ROM
      F:\ -> Disco extraíble # 4 Gb (4 Mb libre(s) - 100%) [TATY^_^] # FAT32
      H:\ -> Disco extraíble # 7 Gb (4 Mb libre(s) - 60%) [IPOD DE TAT] # FAT32

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (376)
      C:\Windows\system32\csrss.exe (424)
      C:\Windows\system32\wininit.exe (432)
      C:\Windows\system32\winlogon.exe (472)
      C:\Windows\system32\services.exe (524)
      C:\Windows\system32\lsass.exe (532)
      C:\Windows\system32\lsm.exe (544)
      C:\Windows\system32\svchost.exe (636)
      C:\Windows\system32\svchost.exe (708)
      C:\Windows\System32\svchost.exe (800)
      C:\Windows\system32\svchost.exe (832)
      C:\Windows\system32\svchost.exe (876)
      C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (932)
      C:\Windows\system32\svchost.exe (956)
      C:\Windows\Explorer.EXE (1204)
      C:\Windows\system32\ctfmon.exe (1248)
      C:\Windows\helppane.exe (1384)
      C:\Windows\system32\wbem\wmiprvse.exe (1500)
      C:\UsbFix\Go.exe (1592)
      C:\Windows\system32\wbem\wmiprvse.exe (1684)
      C:\Windows\System32\svchost.exe (1840)

      ################## | Procesos Parados |

      Parado! C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (932)
      Parado! C:\Windows\Explorer.EXE (1204)
      Parado! C:\Windows\system32\ctfmon.exe (1248)
      Parado! C:\Windows\helppane.exe (1384)

      ################## | Archivos # Carpetas infectadas |

      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-968974262-2092285498-2698529761-1001

      (!) Archivos temporales suprimido.

      ################## | Registro |


      ################## | Mountpoints2 |


      ################## | Listing |

      [03/10/2012 - 17:32:36 | D ] C:\$AVG
      [16/11/2012 - 11:25:21 | SHD ] C:\$Recycle.Bin
      [07/01/2011 - 22:32:02 | N | 17098] C:\0x0c0a.ini
      [07/01/2011 - 22:32:03 | N | 76288] C:\3082.MST
      [11/01/2012 - 21:59:52 | D ] C:\3c820e78573138c4e3755a6d53
      [11/12/2010 - 06:41:28 | D ] C:\Apps
      [17/12/2010 - 16:31:22 | D ] C:\Archivos de programa
      [10/06/2009 - 22:42:20 | N | 24] C:\autoexec.bat
      [16/11/2012 - 11:04:26 | RASHD ] C:\Autorun.inf
      [19/07/2012 - 03:18:56 | D ] C:\avast! sandbox
      [16/11/2012 - 11:07:08 | D ] C:\Config.Msi
      [10/06/2009 - 22:42:20 | N | 10] C:\config.sys
      [17/12/2010 - 17:11:11 | D ] C:\dell
      [11/12/2010 - 08:30:02 | N | 3576] C:\dell.sdr
      [14/07/2009 - 05:53:55 | SHD ] C:\Documents and Settings
      [29/10/2010 - 12:14:25 | D ] C:\Drivers
      [06/09/2011 - 09:56:38 | N | 43] C:\END
      [11/12/2010 - 06:42:13 | N | 1059] C:\freefallprotection.log
      [16/11/2012 - 11:19:20 | ASH | 2156863488] C:\hiberfil.sys
      [03/06/2011 - 18:48:03 | D ] C:\IDE
      [11/12/2010 - 06:41:33 | D ] C:\Intel
      [03/07/2011 - 18:13:40 | N | 0] C:\IO.SYS
      [03/07/2011 - 18:13:40 | N | 0] C:\MSDOS.SYS
      [30/08/2012 - 00:43:00 | D ] C:\MSNCleaner
      [15/01/2011 - 19:25:54 | RHD ] C:\MSOCache
      [28/05/2011 - 20:50:41 | D ] C:\OutputFolder
      [16/11/2012 - 11:19:26 | ASH | 2875822080] C:\pagefile.sys
      [14/07/2009 - 03:37:05 | D ] C:\PerfLogs
      [16/11/2012 - 08:49:16 | D ] C:\Program Files
      [10/10/2012 - 23:13:09 | HD ] C:\ProgramData
      [29/12/2011 - 21:36:09 | D ] C:\RavBin
      [17/10/2012 - 22:38:48 | N | 361] C:\rkill.log
      [16/11/2012 - 11:06:18 | SHD ] C:\System Volume Information
      [15/07/2011 - 17:52:49 | D ] C:\Temp
      [16/11/2012 - 11:13:34 | N | 31] C:\tmuninst.ini
      [16/11/2012 - 11:25:21 | D ] C:\UsbFix
      [16/11/2012 - 11:21:59 | A | 2278] C:\UsbFix.txt
      [16/11/2012 - 11:04:27 | N | 8558] C:\UsbFix_Upload_Me_DELL-PORTATIL.zip
      [10/06/2012 - 17:53:11 | N | 487] C:\user.js
      [21/12/2010 - 19:19:51 | D ] C:\Users
      [13/11/2012 - 18:52:20 | D ] C:\Windows

      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | Upload |

      Por favor, envie el archivo: C:\UsbFix_Upload_Me_DELL-PORTATIL.zip
      http://eldesaparecido.com/upload.php
      Gracias por su contribución.

      ################## | E.O.F |


      y el malwarebytes
      Malwarebytes Anti-Malware 1.65.1.1000
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.11.05.06

      Windows 7 x86 NTFS
      Internet Explorer 9.0.8112.16421
      taty :: DELL-PORTATIL [administrador]

      18/11/2012 23:01:34
      mbam-log-2012-11-18 (23-01-34).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|Q:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 387106
      Tiempo transcurrido: 1 hora(s), 43 minuto(s),

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

      espero que me podais ayudar gracias de antemano

    2. #2
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: troyano win 32 adload da

      Hola



      Por favor, seguí este procedimiento:



      PASO 1

      Descargá estas herramientas a Tu escritorio, pero NO ejecutes nada aún:



      ° TDSSKiller

      º Glary Utilities y lo instalas según Su manual.

      º ComboFix.exe


      PASO 2

      Ejecutá TDSSKiller tal cual lo indica Su manual. Cuando termine, Guardas Su reporte en el escritorio.



      PASO 3

      Ejecutá Glary Utilities
      • Presioná el Boton Mantenimiento un Clic
      • Presioná el Boton Ver Resultados y esperá a que termine.
      • Cuando termine, presionas el Boton Reparar Problemas.



      PASO 4

      Ejecutá ComboFix

      • Desactivá temporalmente el Antivirus y/o Antispyware.
      • Cerrá todas las ventanas abiertas.
      • Hace doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.




      En tu próxima respuesta, debes poner lo siguiente:


      ° El reporte de TDSSKiller
      º El reporte de ComboFix
      º Como funciona tu pc ahora



      NOTAS IMPORTANTES:

      ° Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.

      ° No Pongas los Reportes Dentro de Etiquetas Code ni HTML.

      ° No vuelvas a ejecutar ningún otro programa antivirus hasta que vuelva con una respuesta.

      ° Si No podes realizar un paso, lo saltas y seguis con el próximo.


      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    3. #3
      Usuario Avatar de trueno66
      Registrado
      jul 2012
      Ubicación
      España
      Mensajes
      8

      Re: troyano win 32 adload da

      aqui dejo los reportes pero cuando el combo fix acaba de analizar no me deja abrir nada me dice que la clave esta marcada para ser eliminada ¿eso es normal?
      aquí dejo los reportes
      TDSS Killer
      18:38:21.0804 3660 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      18:38:21.0835 3660 ============================================================
      18:38:21.0835 3660 Current date / time: 2012/11/21 18:38:21.0835
      18:38:21.0835 3660 SystemInfo:
      18:38:21.0835 3660
      18:38:21.0835 3660 OS Version: 6.1.7600 ServicePack: 0.0
      18:38:21.0835 3660 Product type: Workstation
      18:38:21.0835 3660 ComputerName: DELL-PORTATIL
      18:38:21.0835 3660 UserName: taty
      18:38:21.0835 3660 Windows directory: C:\Windows
      18:38:21.0835 3660 System windows directory: C:\Windows
      18:38:21.0835 3660 Processor architecture: Intel x86
      18:38:21.0835 3660 Number of processors: 2
      18:38:21.0835 3660 Page size: 0x1000
      18:38:21.0835 3660 Boot type: Normal boot
      18:38:21.0835 3660 ============================================================
      18:38:22.0740 3660 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
      18:38:22.0755 3660 ============================================================
      18:38:22.0755 3660 \Device\Harddisk0\DR0:
      18:38:22.0755 3660 MBR partitions:
      18:38:22.0755 3660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
      18:38:22.0755 3660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
      18:38:22.0755 3660 ============================================================
      18:38:22.0787 3660 C: <-> \Device\Harddisk0\DR0\Partition2
      18:38:22.0787 3660 ============================================================
      18:38:22.0787 3660 Initialize success
      18:38:22.0787 3660 ============================================================
      18:38:39.0369 6100 ============================================================
      18:38:39.0369 6100 Scan started
      18:38:39.0369 6100 Mode: Manual;
      18:38:39.0369 6100 ============================================================
      18:38:41.0132 6100 ================ Scan system memory ========================
      18:38:41.0132 6100 System memory - ok
      18:38:41.0132 6100 ================ Scan services =============================
      18:38:41.0288 6100 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
      18:38:41.0288 6100 !SASCORE - ok
      18:38:41.0460 6100 [ D01E0B1CEF9EE82100C2BB07294880EF ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
      18:38:41.0460 6100 1394ohci - ok
      18:38:41.0522 6100 [ EB008A36206BF9D0DE3C5F9DF67D20D8 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
      18:38:41.0522 6100 Acceler - ok
      18:38:41.0569 6100 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
      18:38:41.0585 6100 ACPI - ok
      18:38:41.0631 6100 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
      18:38:41.0631 6100 AcpiPmi - ok
      18:38:41.0756 6100 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      18:38:41.0756 6100 AdobeFlashPlayerUpdateSvc - ok
      18:38:41.0787 6100 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
      18:38:41.0787 6100 adp94xx - ok
      18:38:41.0803 6100 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
      18:38:41.0819 6100 adpahci - ok
      18:38:41.0834 6100 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
      18:38:41.0834 6100 adpu320 - ok
      18:38:41.0865 6100 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      18:38:41.0881 6100 AeLookupSvc - ok
      18:38:41.0990 6100 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\aestsrv.exe
      18:38:41.0990 6100 AESTFilters - ok
      18:38:42.0053 6100 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
      18:38:42.0053 6100 AFD - ok
      18:38:42.0099 6100 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
      18:38:42.0099 6100 agp440 - ok
      18:38:42.0146 6100 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
      18:38:42.0146 6100 aic78xx - ok
      18:38:42.0162 6100 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
      18:38:42.0162 6100 ALG - ok
      18:38:42.0209 6100 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
      18:38:42.0209 6100 aliide - ok
      18:38:42.0240 6100 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
      18:38:42.0240 6100 amdagp - ok
      18:38:42.0255 6100 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
      18:38:42.0255 6100 amdide - ok
      18:38:42.0271 6100 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
      18:38:42.0271 6100 AmdK8 - ok
      18:38:42.0287 6100 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
      18:38:42.0287 6100 AmdPPM - ok
      18:38:42.0318 6100 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
      18:38:42.0318 6100 amdsata - ok
      18:38:42.0349 6100 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
      18:38:42.0349 6100 amdsbs - ok
      18:38:42.0365 6100 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      18:38:42.0365 6100 amdxata - ok
      18:38:42.0380 6100 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
      18:38:42.0380 6100 AppID - ok
      18:38:42.0427 6100 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      18:38:42.0443 6100 AppIDSvc - ok
      18:38:42.0474 6100 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
      18:38:42.0474 6100 Appinfo - ok
      18:38:42.0614 6100 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      18:38:42.0614 6100 Apple Mobile Device - ok
      18:38:42.0645 6100 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
      18:38:42.0645 6100 arc - ok
      18:38:42.0677 6100 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
      18:38:42.0692 6100 arcsas - ok
      18:38:42.0739 6100 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      18:38:42.0739 6100 AsyncMac - ok
      18:38:42.0786 6100 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
      18:38:42.0786 6100 atapi - ok
      18:38:42.0848 6100 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      18:38:42.0848 6100 AudioEndpointBuilder - ok
      18:38:42.0864 6100 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
      18:38:42.0864 6100 Audiosrv - ok
      18:38:43.0160 6100 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
      18:38:43.0192 6100 AVGIDSAgent - ok
      18:38:43.0301 6100 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
      18:38:43.0301 6100 AVGIDSDriver - ok
      18:38:43.0379 6100 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
      18:38:43.0379 6100 AVGIDSHX - ok
      18:38:43.0410 6100 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
      18:38:43.0410 6100 AVGIDSShim - ok
      18:38:43.0488 6100 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
      18:38:43.0488 6100 Avgldx86 - ok
      18:38:43.0550 6100 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
      18:38:43.0550 6100 Avglogx - ok
      18:38:43.0582 6100 [ 6C7C00B8DD22B4343B47FED148387057 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
      18:38:43.0582 6100 Avgmfx86 - ok
      18:38:43.0628 6100 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
      18:38:43.0628 6100 Avgrkx86 - ok
      18:38:43.0675 6100 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
      18:38:43.0675 6100 Avgtdix - ok
      18:38:43.0738 6100 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
      18:38:43.0753 6100 avgtp - ok
      18:38:43.0784 6100 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
      18:38:43.0784 6100 avgwd - ok
      18:38:43.0847 6100 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
      18:38:43.0847 6100 AxInstSV - ok
      18:38:43.0894 6100 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
      18:38:43.0909 6100 b06bdrv - ok
      18:38:43.0940 6100 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
      18:38:43.0956 6100 b57nd60x - ok
      18:38:44.0003 6100 [ 94F2DC372163D520D7B1DAD78AE40B5E ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
      18:38:44.0003 6100 BCM42RLY - ok
      18:38:44.0112 6100 [ F689C5965CEFAD780A2948546703BD5D ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
      18:38:44.0128 6100 BCM43XX - ok
      18:38:44.0190 6100 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
      18:38:44.0190 6100 BDESVC - ok
      18:38:44.0237 6100 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
      18:38:44.0237 6100 Beep - ok
      18:38:44.0284 6100 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
      18:38:44.0299 6100 BFE - ok
      18:38:44.0330 6100 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
      18:38:44.0346 6100 BITS - ok
      18:38:44.0362 6100 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
      18:38:44.0362 6100 blbdrive - ok
      18:38:44.0471 6100 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
      18:38:44.0486 6100 Bonjour Service - ok
      18:38:44.0518 6100 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      18:38:44.0518 6100 bowser - ok
      18:38:44.0549 6100 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
      18:38:44.0549 6100 BrFiltLo - ok
      18:38:44.0564 6100 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
      18:38:44.0564 6100 BrFiltUp - ok
      18:38:44.0596 6100 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
      18:38:44.0596 6100 Browser - ok
      18:38:44.0627 6100 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      18:38:44.0627 6100 Brserid - ok
      18:38:44.0642 6100 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      18:38:44.0642 6100 BrSerWdm - ok
      18:38:44.0658 6100 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      18:38:44.0658 6100 BrUsbMdm - ok
      18:38:44.0674 6100 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      18:38:44.0674 6100 BrUsbSer - ok
      18:38:44.0736 6100 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
      18:38:44.0752 6100 BthEnum - ok
      18:38:44.0767 6100 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
      18:38:44.0767 6100 BTHMODEM - ok
      18:38:44.0798 6100 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
      18:38:44.0798 6100 BthPan - ok
      18:38:44.0861 6100 [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
      18:38:44.0861 6100 BTHPORT - ok
      18:38:44.0923 6100 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
      18:38:44.0923 6100 bthserv - ok
      18:38:44.0954 6100 [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
      18:38:44.0954 6100 BTHUSB - ok
      18:38:44.0970 6100 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
      18:38:44.0970 6100 btwaudio - ok
      18:38:45.0017 6100 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
      18:38:45.0017 6100 btwavdt - ok
      18:38:45.0079 6100 [ 45F36763576B8AE91E809337DC7CE4E6 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      18:38:45.0095 6100 btwdins - ok
      18:38:45.0110 6100 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
      18:38:45.0110 6100 btwl2cap - ok
      18:38:45.0110 6100 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
      18:38:45.0126 6100 btwrchid - ok
      18:38:45.0157 6100 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      18:38:45.0157 6100 cdfs - ok
      18:38:45.0220 6100 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      18:38:45.0220 6100 cdrom - ok
      18:38:45.0282 6100 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
      18:38:45.0282 6100 CertPropSvc - ok
      18:38:45.0298 6100 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
      18:38:45.0298 6100 circlass - ok
      18:38:45.0313 6100 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
      18:38:45.0313 6100 CLFS - ok
      18:38:45.0391 6100 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      18:38:45.0391 6100 clr_optimization_v2.0.50727_32 - ok
      18:38:45.0485 6100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      18:38:45.0516 6100 clr_optimization_v4.0.30319_32 - ok
      18:38:45.0532 6100 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      18:38:45.0532 6100 CmBatt - ok
      18:38:45.0547 6100 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
      18:38:45.0547 6100 cmdide - ok
      18:38:45.0578 6100 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
      18:38:45.0578 6100 CNG - ok
      18:38:45.0625 6100 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      18:38:45.0625 6100 Compbatt - ok
      18:38:45.0672 6100 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
      18:38:45.0672 6100 CompositeBus - ok
      18:38:45.0688 6100 COMSysApp - ok
      18:38:45.0719 6100 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
      18:38:45.0719 6100 crcdisk - ok
      18:38:45.0781 6100 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
      18:38:45.0797 6100 CryptSvc - ok
      18:38:45.0890 6100 [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys
      18:38:45.0890 6100 CtAudDrv - ok
      18:38:45.0953 6100 [ CEBA8413F9B2C73A4E9E16DBD127DC25 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
      18:38:45.0953 6100 CtClsFlt - ok
      18:38:46.0031 6100 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
      18:38:46.0046 6100 cvhsvc - ok
      18:38:46.0078 6100 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
      18:38:46.0093 6100 DcomLaunch - ok
      18:38:46.0124 6100 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
      18:38:46.0140 6100 defragsvc - ok
      18:38:46.0187 6100 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      18:38:46.0187 6100 DfsC - ok
      18:38:46.0234 6100 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
      18:38:46.0234 6100 Dhcp - ok
      18:38:46.0265 6100 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
      18:38:46.0265 6100 discache - ok
      18:38:46.0312 6100 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
      18:38:46.0312 6100 Disk - ok
      18:38:46.0358 6100 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      18:38:46.0358 6100 Dnscache - ok
      18:38:46.0374 6100 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
      18:38:46.0374 6100 dot3svc - ok
      18:38:46.0436 6100 [ 0C23BF4CDDBECBACA8659A96C359E0DD ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
      18:38:46.0436 6100 DpHost - ok
      18:38:46.0452 6100 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
      18:38:46.0452 6100 DPS - ok
      18:38:46.0499 6100 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      18:38:46.0499 6100 drmkaud - ok
      18:38:46.0546 6100 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      18:38:46.0546 6100 DXGKrnl - ok
      18:38:46.0592 6100 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
      18:38:46.0608 6100 EapHost - ok
      18:38:46.0733 6100 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
      18:38:46.0826 6100 ebdrv - ok
      18:38:46.0858 6100 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
      18:38:46.0858 6100 EFS - ok
      18:38:46.0920 6100 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      18:38:46.0951 6100 ehRecvr - ok
      18:38:46.0982 6100 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
      18:38:46.0982 6100 ehSched - ok
      18:38:47.0045 6100 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
      18:38:47.0060 6100 elxstor - ok
      18:38:47.0060 6100 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
      18:38:47.0076 6100 ErrDev - ok
      18:38:47.0138 6100 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
      18:38:47.0138 6100 EventSystem - ok
      18:38:47.0154 6100 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
      18:38:47.0170 6100 exfat - ok
      18:38:47.0185 6100 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
      18:38:47.0185 6100 fastfat - ok
      18:38:47.0232 6100 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
      18:38:47.0232 6100 Fax - ok
      18:38:47.0279 6100 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      18:38:47.0279 6100 fdc - ok
      18:38:47.0294 6100 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
      18:38:47.0294 6100 fdPHost - ok
      18:38:47.0310 6100 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
      18:38:47.0310 6100 FDResPub - ok
      18:38:47.0326 6100 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      18:38:47.0326 6100 FileInfo - ok
      18:38:47.0326 6100 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      18:38:47.0341 6100 Filetrace - ok
      18:38:47.0357 6100 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      18:38:47.0357 6100 flpydisk - ok
      18:38:47.0388 6100 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      18:38:47.0388 6100 FltMgr - ok
      18:38:47.0435 6100 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
      18:38:47.0466 6100 FontCache - ok
      18:38:47.0544 6100 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      18:38:47.0544 6100 FontCache3.0.0.0 - ok
      18:38:47.0560 6100 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      18:38:47.0560 6100 FsDepends - ok
      18:38:47.0622 6100 [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
      18:38:47.0622 6100 FsUsbExDisk - ok
      18:38:47.0840 6100 [ 96633419F4A1E37ACB89B45EBCCFE001 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
      18:38:47.0840 6100 FsUsbExService - ok
      18:38:48.0028 6100 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      18:38:48.0043 6100 Fs_Rec - ok
      18:38:48.0199 6100 [ 10DBAA1703253FB511D0F5C5F6064B00 ] FTRTSVC C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      18:38:48.0199 6100 FTRTSVC - ok
      18:38:48.0262 6100 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      18:38:48.0262 6100 fvevol - ok
      18:38:48.0355 6100 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
      18:38:48.0355 6100 gagp30kx - ok
      18:38:48.0480 6100 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
      18:38:48.0480 6100 GEARAspiWDM - ok
      18:38:48.0589 6100 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
      18:38:48.0605 6100 gpsvc - ok
      18:38:48.0808 6100 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
      18:38:48.0808 6100 gupdate - ok
      18:38:48.0823 6100 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
      18:38:48.0823 6100 gupdatem - ok
      18:38:48.0901 6100 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      18:38:48.0901 6100 gusvc - ok
      18:38:48.0932 6100 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      18:38:48.0932 6100 hcw85cir - ok
      18:38:48.0979 6100 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
      18:38:48.0979 6100 HDAudBus - ok
      18:38:49.0057 6100 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
      18:38:49.0057 6100 HECI - ok
      18:38:49.0088 6100 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
      18:38:49.0088 6100 HidBatt - ok
      18:38:49.0104 6100 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
      18:38:49.0120 6100 HidBth - ok
      18:38:49.0166 6100 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
      18:38:49.0182 6100 HidIr - ok
      18:38:49.0198 6100 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
      18:38:49.0198 6100 hidserv - ok
      18:38:49.0260 6100 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      18:38:49.0260 6100 HidUsb - ok
      18:38:49.0307 6100 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
      18:38:49.0307 6100 hkmsvc - ok
      18:38:49.0385 6100 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      18:38:49.0385 6100 HomeGroupListener - ok
      18:38:49.0416 6100 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      18:38:49.0416 6100 HomeGroupProvider - ok
      18:38:49.0478 6100 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
      18:38:49.0478 6100 HpSAMD - ok
      18:38:49.0525 6100 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
      18:38:49.0525 6100 HTTP - ok
      18:38:49.0572 6100 [ C1258ADCBE6E51A3C06C234D2BDB81B5 ] Huawei C:\Windows\system32\DRIVERS\ewdcsc.sys
      18:38:49.0572 6100 Huawei - ok
      18:38:49.0634 6100 [ 92CA47DA32009CCC00A5ADED04ABBD78 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
      18:38:49.0634 6100 hwdatacard - ok
      18:38:49.0681 6100 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      18:38:49.0681 6100 hwpolicy - ok
      18:38:49.0744 6100 [ 1D4D6D24256F61E6B08A3CF8184A78B8 ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
      18:38:49.0744 6100 hwusbfake - ok
      18:38:49.0806 6100 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
      18:38:49.0806 6100 i8042prt - ok
      18:38:49.0853 6100 [ 26541A068572F650A2FA490726FE81BE ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
      18:38:49.0853 6100 iaStor - ok
      18:38:49.0884 6100 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      18:38:49.0900 6100 iaStorV - ok
      18:38:50.0009 6100 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      18:38:50.0009 6100 IDriverT - ok
      18:38:50.0071 6100 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      18:38:50.0102 6100 idsvc - ok
      18:38:50.0134 6100 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
      18:38:50.0134 6100 iirsp - ok
      18:38:50.0196 6100 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
      18:38:50.0212 6100 IKEEXT - ok
      18:38:50.0274 6100 [ 2DB41BA61D5E44D0667CF126D35DCF34 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
      18:38:50.0274 6100 Impcd - ok
      18:38:50.0305 6100 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
      18:38:50.0305 6100 intelide - ok
      18:38:50.0336 6100 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      18:38:50.0352 6100 intelppm - ok
      18:38:50.0352 6100 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      18:38:50.0352 6100 IPBusEnum - ok
      18:38:50.0368 6100 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      18:38:50.0383 6100 IpFilterDriver - ok
      18:38:50.0430 6100 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      18:38:50.0430 6100 iphlpsvc - ok
      18:38:50.0446 6100 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
      18:38:50.0446 6100 IPMIDRV - ok
      18:38:50.0461 6100 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      18:38:50.0461 6100 IPNAT - ok
      18:38:50.0555 6100 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
      18:38:50.0570 6100 iPod Service - ok
      18:38:50.0617 6100 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
      18:38:50.0617 6100 IRENUM - ok
      18:38:50.0633 6100 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
      18:38:50.0633 6100 isapnp - ok
      18:38:50.0648 6100 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
      18:38:50.0648 6100 iScsiPrt - ok
      18:38:50.0680 6100 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
      18:38:50.0680 6100 kbdclass - ok
      18:38:50.0726 6100 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
      18:38:50.0726 6100 kbdhid - ok
      18:38:50.0742 6100 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
      18:38:50.0742 6100 KeyIso - ok
      18:38:50.0789 6100 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      18:38:50.0789 6100 KSecDD - ok
      18:38:50.0851 6100 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      18:38:50.0867 6100 KSecPkg - ok
      18:38:50.0898 6100 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
      18:38:50.0898 6100 KtmRm - ok
      18:38:50.0929 6100 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
      18:38:50.0945 6100 LanmanServer - ok
      18:38:50.0976 6100 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      18:38:50.0976 6100 LanmanWorkstation - ok
      18:38:51.0007 6100 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      18:38:51.0007 6100 lltdio - ok
      18:38:51.0023 6100 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
      18:38:51.0038 6100 lltdsvc - ok
      18:38:51.0054 6100 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
      18:38:51.0054 6100 lmhosts - ok
      18:38:51.0116 6100 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      18:38:51.0116 6100 LMS - ok
      18:38:51.0148 6100 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
      18:38:51.0148 6100 LSI_FC - ok
      18:38:51.0163 6100 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
      18:38:51.0163 6100 LSI_SAS - ok
      18:38:51.0194 6100 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
      18:38:51.0194 6100 LSI_SAS2 - ok
      18:38:51.0194 6100 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
      18:38:51.0210 6100 LSI_SCSI - ok
      18:38:51.0210 6100 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
      18:38:51.0226 6100 luafv - ok
      18:38:51.0272 6100 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      18:38:51.0272 6100 Mcx2Svc - ok
      18:38:51.0288 6100 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
      18:38:51.0288 6100 megasas - ok
      18:38:51.0304 6100 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
      18:38:51.0319 6100 MegaSR - ok
      18:38:51.0444 6100 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
      18:38:51.0444 6100 Microsoft Office Groove Audit Service - ok
      18:38:51.0475 6100 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
      18:38:51.0475 6100 MMCSS - ok
      18:38:51.0491 6100 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
      18:38:51.0491 6100 Modem - ok
      18:38:51.0538 6100 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      18:38:51.0538 6100 monitor - ok
      18:38:51.0569 6100 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      18:38:51.0584 6100 mouclass - ok
      18:38:51.0584 6100 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      18:38:51.0600 6100 mouhid - ok
      18:38:51.0631 6100 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      18:38:51.0631 6100 mountmgr - ok
      18:38:51.0709 6100 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      18:38:51.0709 6100 MozillaMaintenance - ok
      18:38:51.0725 6100 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
      18:38:51.0725 6100 mpio - ok
      18:38:51.0740 6100 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      18:38:51.0740 6100 mpsdrv - ok
      18:38:51.0787 6100 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
      18:38:51.0787 6100 MpsSvc - ok
      18:38:51.0818 6100 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      18:38:51.0818 6100 MRxDAV - ok
      18:38:51.0865 6100 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      18:38:51.0865 6100 mrxsmb - ok
      18:38:51.0896 6100 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      18:38:51.0896 6100 mrxsmb10 - ok
      18:38:51.0912 6100 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      18:38:51.0912 6100 mrxsmb20 - ok
      18:38:51.0943 6100 [ CB5D37E91135B0F15CEE64D1F1BA5DE5 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
      18:38:51.0943 6100 msahci - ok
      18:38:52.0084 6100 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
      18:38:52.0099 6100 MSCSPTISRV - ok
      18:38:52.0130 6100 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
      18:38:52.0130 6100 msdsm - ok
      18:38:52.0146 6100 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
      18:38:52.0162 6100 MSDTC - ok
      18:38:52.0193 6100 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
      18:38:52.0208 6100 Msfs - ok
      18:38:52.0208 6100 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      18:38:52.0208 6100 mshidkmdf - ok
      18:38:52.0240 6100 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
      18:38:52.0255 6100 msisadrv - ok
      18:38:52.0286 6100 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      18:38:52.0302 6100 MSiSCSI - ok
      18:38:52.0302 6100 msiserver - ok
      18:38:52.0333 6100 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      18:38:52.0349 6100 MSKSSRV - ok
      18:38:52.0349 6100 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      18:38:52.0364 6100 MSPCLOCK - ok
      18:38:52.0380 6100 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      18:38:52.0380 6100 MSPQM - ok
      18:38:52.0380 6100 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      18:38:52.0396 6100 MsRPC - ok
      18:38:52.0411 6100 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
      18:38:52.0411 6100 mssmbios - ok
      18:38:52.0427 6100 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      18:38:52.0427 6100 MSTEE - ok
      18:38:52.0442 6100 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
      18:38:52.0442 6100 MTConfig - ok
      18:38:52.0458 6100 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
      18:38:52.0458 6100 Mup - ok
      18:38:52.0489 6100 mxocldxq - ok
      18:38:52.0520 6100 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
      18:38:52.0536 6100 napagent - ok
      18:38:52.0583 6100 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      18:38:52.0583 6100 NativeWifiP - ok
      18:38:52.0645 6100 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
      18:38:52.0661 6100 NDIS - ok
      18:38:52.0676 6100 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      18:38:52.0676 6100 NdisCap - ok
      18:38:52.0692 6100 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      18:38:52.0692 6100 NdisTapi - ok
      18:38:52.0708 6100 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      18:38:52.0708 6100 Ndisuio - ok
      18:38:52.0723 6100 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      18:38:52.0723 6100 NdisWan - ok
      18:38:52.0739 6100 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      18:38:52.0739 6100 NDProxy - ok
      18:38:52.0754 6100 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      18:38:52.0754 6100 NetBIOS - ok
      18:38:52.0770 6100 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      18:38:52.0770 6100 NetBT - ok
      18:38:52.0786 6100 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
      18:38:52.0801 6100 Netlogon - ok
      18:38:52.0848 6100 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
      18:38:52.0848 6100 Netman - ok
      18:38:52.0864 6100 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
      18:38:52.0879 6100 netprofm - ok
      18:38:52.0942 6100 [ BC897CD88CA86EBC245274E11E7F9452 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
      18:38:52.0973 6100 netr28u - ok
      18:38:53.0004 6100 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      18:38:53.0020 6100 NetTcpPortSharing - ok
      18:38:53.0066 6100 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
      18:38:53.0066 6100 nfrd960 - ok
      18:38:53.0098 6100 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
      18:38:53.0098 6100 NlaSvc - ok
      18:38:53.0113 6100 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
      18:38:53.0113 6100 Npfs - ok
      18:38:53.0129 6100 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
      18:38:53.0129 6100 nsi - ok
      18:38:53.0129 6100 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      18:38:53.0129 6100 nsiproxy - ok
      18:38:53.0191 6100 [ 5126C5402C730C2A953275D8497A4715 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      18:38:53.0191 6100 Ntfs - ok
      18:38:53.0300 6100 [ AFEFA4A7DAB65DA3FBEB6EC7B01E7D42 ] ntrtscan c:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
      18:38:53.0316 6100 ntrtscan - ok
      18:38:53.0363 6100 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
      18:38:53.0363 6100 Null - ok
      18:38:53.0410 6100 [ B4F70FAC4EA61CF150823AA063A39FF9 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
      18:38:53.0425 6100 NVHDA - ok
      18:38:53.0628 6100 [ 1A1BEF2359AF8242A88FB411DAC0FFF9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
      18:38:53.0690 6100 nvlddmkm - ok
      18:38:53.0753 6100 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
      18:38:53.0753 6100 nvraid - ok
      18:38:53.0800 6100 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
      18:38:53.0800 6100 nvstor - ok
      18:38:53.0846 6100 [ 9BF0A35D07183603737F92E4988D92AC ] nvsvc C:\Windows\system32\nvvsvc.exe
      18:38:53.0862 6100 nvsvc - ok
      18:38:53.0878 6100 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
      18:38:53.0878 6100 nv_agp - ok
      18:38:53.0971 6100 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      18:38:53.0971 6100 odserv - ok
      18:38:54.0002 6100 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
      18:38:54.0002 6100 ohci1394 - ok
      18:38:54.0065 6100 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      18:38:54.0065 6100 ose - ok
      18:38:54.0190 6100 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      18:38:54.0299 6100 osppsvc - ok
      18:38:54.0377 6100 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      18:38:54.0377 6100 p2pimsvc - ok
      18:38:54.0424 6100 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
      18:38:54.0439 6100 p2psvc - ok
      18:38:54.0486 6100 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
      18:38:54.0533 6100 PACSPTISVR - ok
      18:38:54.0564 6100 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
      18:38:54.0564 6100 Parport - ok
      18:38:54.0595 6100 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
      18:38:54.0595 6100 partmgr - ok
      18:38:54.0626 6100 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
      18:38:54.0626 6100 Parvdm - ok
      18:38:54.0642 6100 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
      18:38:54.0642 6100 PcaSvc - ok
      18:38:54.0673 6100 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
      18:38:54.0689 6100 pci - ok
      18:38:54.0704 6100 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
      18:38:54.0720 6100 pciide - ok
      18:38:54.0736 6100 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
      18:38:54.0736 6100 pcmcia - ok
      18:38:54.0751 6100 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
      18:38:54.0751 6100 pcw - ok
      18:38:54.0798 6100 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      18:38:54.0798 6100 PEAUTH - ok
      18:38:54.0845 6100 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
      18:38:54.0892 6100 pla - ok
      18:38:54.0938 6100 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      18:38:54.0938 6100 PlugPlay - ok
      18:38:54.0954 6100 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      18:38:54.0954 6100 PNRPAutoReg - ok
      18:38:54.0970 6100 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      18:38:54.0985 6100 PNRPsvc - ok
      18:38:55.0016 6100 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      18:38:55.0016 6100 PolicyAgent - ok
      18:38:55.0063 6100 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
      18:38:55.0063 6100 Power - ok
      18:38:55.0110 6100 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      18:38:55.0126 6100 PptpMiniport - ok
      18:38:55.0141 6100 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
      18:38:55.0141 6100 Processor - ok
      18:38:55.0188 6100 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
      18:38:55.0188 6100 ProfSvc - ok
      18:38:55.0204 6100 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
      18:38:55.0219 6100 ProtectedStorage - ok
      18:38:55.0250 6100 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      18:38:55.0266 6100 Psched - ok
      18:38:55.0313 6100 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
      18:38:55.0313 6100 PxHelp20 - ok
      18:38:55.0344 6100 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
      18:38:55.0391 6100 ql2300 - ok
      18:38:55.0422 6100 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
      18:38:55.0438 6100 ql40xx - ok
      18:38:55.0469 6100 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
      18:38:55.0469 6100 QWAVE - ok
      18:38:55.0484 6100 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      18:38:55.0484 6100 QWAVEdrv - ok
      18:38:55.0547 6100 [ 583608EE65AABF971117A61AEE4BCAAE ] RalinkRegistryWriter C:\Program Files\Ralink\Common\RaRegistry.exe
      18:38:55.0562 6100 RalinkRegistryWriter - ok
      18:38:55.0562 6100 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      18:38:55.0578 6100 RasAcd - ok
      18:38:55.0609 6100 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      18:38:55.0609 6100 RasAgileVpn - ok
      18:38:55.0609 6100 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
      18:38:55.0625 6100 RasAuto - ok
      18:38:55.0656 6100 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      18:38:55.0656 6100 Rasl2tp - ok
      18:38:55.0718 6100 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
      18:38:55.0718 6100 RasMan - ok
      18:38:55.0765 6100 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      18:38:55.0765 6100 RasPppoe - ok
      18:38:55.0781 6100 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      18:38:55.0796 6100 RasSstp - ok
      18:38:55.0828 6100 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      18:38:55.0828 6100 rdbss - ok
      18:38:55.0843 6100 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
      18:38:55.0859 6100 rdpbus - ok
      18:38:55.0874 6100 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      18:38:55.0874 6100 RDPCDD - ok
      18:38:55.0906 6100 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      18:38:55.0906 6100 RDPENCDD - ok
      18:38:55.0921 6100 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      18:38:55.0921 6100 RDPREFMP - ok
      18:38:55.0968 6100 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      18:38:55.0968 6100 RDPWD - ok
      18:38:56.0015 6100 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      18:38:56.0015 6100 rdyboost - ok
      18:38:56.0062 6100 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
      18:38:56.0062 6100 RemoteAccess - ok
      18:38:56.0093 6100 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      18:38:56.0093 6100 RemoteRegistry - ok
      18:38:56.0124 6100 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
      18:38:56.0140 6100 RFCOMM - ok
      18:38:56.0171 6100 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      18:38:56.0171 6100 RpcEptMapper - ok
      18:38:56.0186 6100 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
      18:38:56.0186 6100 RpcLocator - ok
      18:38:56.0202 6100 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
      18:38:56.0218 6100 RpcSs - ok
      18:38:56.0264 6100 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      18:38:56.0264 6100 rspndr - ok
      18:38:56.0311 6100 [ 31D45ECA63884FF5F7AECC50F7D1BAE0 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
      18:38:56.0327 6100 RSUSBSTOR - ok
      18:38:56.0389 6100 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
      18:38:56.0389 6100 RTL8167 - ok
      18:38:56.0405 6100 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
      18:38:56.0405 6100 SamSs - ok
      18:38:56.0498 6100 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
      18:38:56.0498 6100 SASDIFSV - ok
      18:38:56.0670 6100 SASKUTIL - ok
      18:38:56.0732 6100 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
      18:38:56.0732 6100 sbp2port - ok
      18:38:56.0779 6100 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
      18:38:56.0779 6100 SCardSvr - ok
      18:38:56.0795 6100 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      18:38:56.0795 6100 scfilter - ok
      18:38:56.0826 6100 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
      18:38:56.0842 6100 Schedule - ok
      18:38:56.0873 6100 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
      18:38:56.0873 6100 SCPolicySvc - ok
      18:38:56.0920 6100 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      18:38:56.0920 6100 SDRSVC - ok
      18:38:56.0966 6100 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      18:38:56.0966 6100 secdrv - ok
      18:38:56.0982 6100 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
      18:38:56.0982 6100 seclogon - ok
      18:38:57.0029 6100 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
      18:38:57.0029 6100 SENS - ok
      18:38:57.0060 6100 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
      18:38:57.0076 6100 SensrSvc - ok
      18:38:57.0107 6100 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
      18:38:57.0107 6100 Serenum - ok
      18:38:57.0122 6100 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
      18:38:57.0122 6100 Serial - ok
      18:38:57.0138 6100 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
      18:38:57.0138 6100 sermouse - ok
      18:38:57.0185 6100 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
      18:38:57.0185 6100 SessionEnv - ok
      18:38:57.0200 6100 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
      18:38:57.0200 6100 sffdisk - ok
      18:38:57.0216 6100 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
      18:38:57.0216 6100 sffp_mmc - ok
      18:38:57.0232 6100 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
      18:38:57.0232 6100 sffp_sd - ok
      18:38:57.0247 6100 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
      18:38:57.0247 6100 sfloppy - ok
      18:38:57.0310 6100 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
      18:38:57.0310 6100 Sftfs - ok
      18:38:57.0388 6100 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
      18:38:57.0388 6100 sftlist - ok
      18:38:57.0403 6100 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
      18:38:57.0403 6100 Sftplay - ok
      18:38:57.0434 6100 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
      18:38:57.0434 6100 Sftredir - ok
      18:38:57.0450 6100 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
      18:38:57.0450 6100 Sftvol - ok
      18:38:57.0466 6100 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
      18:38:57.0466 6100 sftvsa - ok
      18:38:57.0528 6100 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
      18:38:57.0528 6100 SharedAccess - ok
      18:38:57.0575 6100 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      18:38:57.0575 6100 ShellHWDetection - ok
      18:38:57.0590 6100 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
      18:38:57.0590 6100 sisagp - ok
      18:38:57.0637 6100 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
      18:38:57.0637 6100 SiSRaid2 - ok
      18:38:57.0653 6100 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
      18:38:57.0653 6100 SiSRaid4 - ok
      18:38:57.0700 6100 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
      18:38:57.0700 6100 Smb - ok
      18:38:57.0918 6100 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      18:38:57.0918 6100 SNMPTRAP - ok
      18:38:58.0012 6100 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
      18:38:58.0012 6100 SonicStage Back-End Service - ok
      18:38:58.0043 6100 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
      18:38:58.0043 6100 spldr - ok
      18:38:58.0074 6100 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe
      18:38:58.0074 6100 Spooler - ok
      18:38:58.0152 6100 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
      18:38:58.0168 6100 sppsvc - ok
      18:38:58.0214 6100 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      18:38:58.0214 6100 sppuinotify - ok
      18:38:58.0277 6100 [ C4BB8A12843D9CBB65F5FF617F389BBD ] sptd C:\Windows\system32\Drivers\sptd.sys
      18:38:58.0277 6100 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: C4BB8A12843D9CBB65F5FF617F389BBD
      18:38:58.0277 6100 sptd ( LockedFile.Multi.Generic ) - warning
      18:38:58.0277 6100 sptd - detected LockedFile.Multi.Generic (1)
      18:38:58.0308 6100 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
      18:38:58.0308 6100 SPTISRV - ok
      18:38:58.0339 6100 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
      18:38:58.0355 6100 srv - ok
      18:38:58.0355 6100 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      18:38:58.0355 6100 srv2 - ok
      18:38:58.0370 6100 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      18:38:58.0370 6100 srvnet - ok
      18:38:58.0386 6100 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      18:38:58.0402 6100 SSDPSRV - ok
      18:38:58.0433 6100 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
      18:38:58.0433 6100 SSScsiSV - ok
      18:38:58.0464 6100 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
      18:38:58.0464 6100 SstpSvc - ok
      18:38:58.0542 6100 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
      18:38:58.0542 6100 ss_bbus - ok
      18:38:58.0589 6100 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
      18:38:58.0589 6100 ss_bmdfl - ok
      18:38:58.0604 6100 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
      18:38:58.0604 6100 ss_bmdm - ok
      18:38:58.0729 6100 [ FBAA145C28074C853529050914D405C6 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\STacSV.exe
      18:38:58.0729 6100 STacSV - ok
      18:38:58.0760 6100 [ 73D7A81E3AF7763AA627D99F50BD3F49 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
      18:38:58.0776 6100 stdcfltn - ok
      18:38:58.0823 6100 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
      18:38:58.0823 6100 stexstor - ok
      18:38:58.0885 6100 [ 06CBB271F42EF70FB6EF372C491BA9AA ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
      18:38:58.0885 6100 STHDA - ok
      18:38:58.0932 6100 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
      18:38:58.0932 6100 StiSvc - ok
      18:38:58.0979 6100 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
      18:38:58.0979 6100 stllssvr - ok
      18:38:59.0072 6100 [ 01FBCC8F2C30EB1FAF9A477FA53C6655 ] svcGenericHost c:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe
      18:38:59.0072 6100 svcGenericHost - ok
      18:38:59.0088 6100 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
      18:38:59.0088 6100 swenum - ok
      18:38:59.0291 6100 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      18:38:59.0291 6100 SwitchBoard - ok
      18:38:59.0322 6100 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
      18:38:59.0338 6100 swprv - ok
      18:38:59.0384 6100 [ CF196A45FD61118C95585489FAD5B2AA ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
      18:38:59.0400 6100 SynTP - ok
      18:38:59.0431 6100 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
      18:38:59.0431 6100 SysMain - ok
      18:38:59.0494 6100 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
      18:38:59.0494 6100 TabletInputService - ok
      18:38:59.0509 6100 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
      18:38:59.0525 6100 TapiSrv - ok
      18:38:59.0525 6100 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
      18:38:59.0540 6100 TBS - ok
      18:38:59.0587 6100 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      18:38:59.0618 6100 Tcpip - ok
      18:38:59.0681 6100 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      18:38:59.0681 6100 TCPIP6 - ok
      18:38:59.0728 6100 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      18:38:59.0728 6100 tcpipreg - ok
      18:38:59.0743 6100 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      18:38:59.0743 6100 TDPIPE - ok
      18:38:59.0790 6100 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      18:38:59.0790 6100 TDTCP - ok
      18:38:59.0821 6100 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      18:38:59.0837 6100 tdx - ok
      18:38:59.0868 6100 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
      18:38:59.0868 6100 TermDD - ok
      18:38:59.0899 6100 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
      18:38:59.0915 6100 TermService - ok
      18:38:59.0930 6100 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
      18:38:59.0930 6100 Themes - ok
      18:38:59.0962 6100 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
      18:38:59.0977 6100 THREADORDER - ok
      18:39:00.0008 6100 [ CA9E9C2C04A198ED345C1752222A5F3E ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
      18:39:00.0008 6100 tmactmon - ok
      18:39:00.0055 6100 [ 4D69206E3A3E665221FDD7E397106405 ] TMBMServer c:\Program Files\Trend Micro\BM\TMBMSRV.exe
      18:39:00.0055 6100 TMBMServer - ok
      18:39:00.0196 6100 [ A3D20789B3FF0576A29462BEF25BCFCC ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
      18:39:00.0196 6100 tmcomm - ok
      18:39:00.0227 6100 [ 21F215E54770C4BF93EFAF63F58FE57E ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
      18:39:00.0242 6100 tmevtmgr - ok
      18:39:00.0274 6100 [ 1D84C335EB869BBE64543C6945A1F3C9 ] TmFilter c:\Program Files\Trend Micro\Client Server Security Agent\TmXPFlt.sys
      18:39:00.0274 6100 TmFilter - ok
      18:39:00.0352 6100 [ 3062BAB9C0F90577674BC2D006EB9EFA ] tmlisten c:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
      18:39:00.0367 6100 tmlisten - ok
      18:39:00.0414 6100 [ 4E87D02E56E9B1AF831C5D521597D629 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
      18:39:00.0414 6100 tmlwf - ok
      18:39:00.0461 6100 [ 255328CF08D602368B69FF1F55EBD93E ] TmPfw c:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe
      18:39:00.0461 6100 TmPfw - ok
      18:39:00.0476 6100 [ 7AAB3FEF8B19AE023EE05386F1B0A5DD ] TmPreFilter c:\Program Files\Trend Micro\Client Server Security Agent\TmPreFlt.sys
      18:39:00.0476 6100 TmPreFilter - ok
      18:39:00.0523 6100 [ 0FEC6C50B2BE07C57651573CDD1C721F ] TmProxy c:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
      18:39:00.0539 6100 TmProxy - ok
      18:39:00.0570 6100 [ 44C262C1B2412DED35078B6166D2ACC2 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
      18:39:00.0570 6100 tmtdi - ok
      18:39:00.0570 6100 [ D9882FD91B7C4C35ACAA8498D1F3CD68 ] tmwfp C:\Windows\system32\DRIVERS\tmwfp.sys
      18:39:00.0586 6100 tmwfp - ok
      18:39:00.0632 6100 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
      18:39:00.0648 6100 TrkWks - ok
      18:39:00.0710 6100 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      18:39:00.0710 6100 TrustedInstaller - ok
      18:39:00.0742 6100 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      18:39:00.0757 6100 tssecsrv - ok
      18:39:00.0788 6100 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      18:39:00.0788 6100 tunnel - ok
      18:39:00.0804 6100 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
      18:39:00.0820 6100 uagp35 - ok
      18:39:00.0851 6100 [ EB0A7BD4D471AC3CE55564A4C55B9D8E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      18:39:00.0866 6100 udfs - ok
      18:39:00.0882 6100 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      18:39:00.0882 6100 UI0Detect - ok
      18:39:00.0898 6100 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
      18:39:00.0898 6100 uliagpkx - ok
      18:39:00.0944 6100 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
      18:39:00.0944 6100 umbus - ok
      18:39:00.0960 6100 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
      18:39:00.0960 6100 UmPass - ok
      18:39:01.0054 6100 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      18:39:01.0054 6100 UNS - ok
      18:39:01.0100 6100 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
      18:39:01.0116 6100 upnphost - ok
      18:39:01.0163 6100 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
      18:39:01.0163 6100 USBAAPL - ok
      18:39:01.0194 6100 [ 5C233AEFB566EE78C1EFBC0493FB066A ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      18:39:01.0194 6100 usbccgp - ok
      18:39:01.0210 6100 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
      18:39:01.0225 6100 usbcir - ok
      18:39:01.0241 6100 [ 5B71019A6ACA0116FD21B368F19C0B91 ] usbehci C:\Windows\system32\drivers\usbehci.sys
      18:39:01.0241 6100 usbehci - ok
      18:39:01.0256 6100 [ 5823D3965C2A4F6F785ED1A3B403F3B8 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      18:39:01.0256 6100 usbhub - ok
      18:39:01.0272 6100 [ E753ED6C49DA13967EBABF9EA616454A ] usbohci C:\Windows\system32\drivers\usbohci.sys
      18:39:01.0272 6100 usbohci - ok
      18:39:01.0303 6100 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      18:39:01.0319 6100 usbprint - ok
      18:39:01.0366 6100 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
      18:39:01.0366 6100 usbscan - ok
      18:39:01.0397 6100 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      18:39:01.0397 6100 USBSTOR - ok
      18:39:01.0428 6100 [ 6A30928A469CE802600E1EA8C0F2F53F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
      18:39:01.0428 6100 usbuhci - ok
      18:39:01.0475 6100 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
      18:39:01.0475 6100 usbvideo - ok
      18:39:01.0490 6100 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
      18:39:01.0490 6100 UxSms - ok
      18:39:01.0522 6100 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
      18:39:01.0522 6100 VaultSvc - ok
      18:39:01.0584 6100 [ F44970C4137B57A5D5BD632B46113366 ] vcsFPService C:\Windows\system32\vcsFPService.exe
      18:39:01.0584 6100 vcsFPService - ok
      18:39:01.0646 6100 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
      18:39:01.0646 6100 vdrvroot - ok
      18:39:01.0662 6100 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
      18:39:01.0678 6100 vds - ok
      18:39:01.0693 6100 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      18:39:01.0709 6100 vga - ok
      18:39:01.0709 6100 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
      18:39:01.0709 6100 VgaSave - ok
      18:39:01.0740 6100 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
      18:39:01.0740 6100 vhdmp - ok
      18:39:01.0771 6100 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
      18:39:01.0787 6100 viaagp - ok
      18:39:01.0787 6100 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
      18:39:01.0787 6100 ViaC7 - ok
      18:39:01.0834 6100 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
      18:39:01.0834 6100 viaide - ok
      18:39:01.0849 6100 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
      18:39:01.0849 6100 volmgr - ok
      18:39:01.0865 6100 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      18:39:01.0865 6100 volmgrx - ok
      18:39:01.0896 6100 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
      18:39:01.0896 6100 volsnap - ok
      18:39:01.0958 6100 [ 8B9325C1D1167A703042986DF758D799 ] VSApiNt c:\Program Files\Trend Micro\Client Server Security Agent\VSApiNt.sys
      18:39:01.0958 6100 VSApiNt - ok
      18:39:02.0005 6100 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
      18:39:02.0005 6100 vsmraid - ok
      18:39:02.0036 6100 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
      18:39:02.0068 6100 VSS - ok
      18:39:02.0177 6100 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
      18:39:02.0177 6100 vToolbarUpdater13.2.0 - ok
      18:39:02.0208 6100 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
      18:39:02.0208 6100 vwifibus - ok
      18:39:02.0255 6100 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
      18:39:02.0255 6100 vwififlt - ok
      18:39:02.0302 6100 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
      18:39:02.0302 6100 vwifimp - ok
      18:39:02.0317 6100 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
      18:39:02.0333 6100 W32Time - ok
      18:39:02.0348 6100 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
      18:39:02.0348 6100 WacomPen - ok
      18:39:02.0364 6100 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      18:39:02.0364 6100 WANARP - ok
      18:39:02.0364 6100 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      18:39:02.0364 6100 Wanarpv6 - ok
      18:39:02.0442 6100 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
      18:39:02.0458 6100 WatAdminSvc - ok
      18:39:02.0520 6100 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
      18:39:02.0551 6100 wbengine - ok
      18:39:02.0567 6100 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      18:39:02.0567 6100 WbioSrvc - ok
      18:39:02.0598 6100 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
      18:39:02.0614 6100 wcncsvc - ok
      18:39:02.0614 6100 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      18:39:02.0629 6100 WcsPlugInService - ok
      18:39:02.0645 6100 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
      18:39:02.0645 6100 Wd - ok
      18:39:02.0692 6100 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      18:39:02.0692 6100 Wdf01000 - ok
      18:39:02.0723 6100 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
      18:39:02.0723 6100 WdiServiceHost - ok
      18:39:02.0738 6100 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
      18:39:02.0738 6100 WdiSystemHost - ok
      18:39:02.0785 6100 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
      18:39:02.0785 6100 WebClient - ok
      18:39:02.0801 6100 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
      18:39:02.0801 6100 Wecsvc - ok
      18:39:02.0816 6100 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
      18:39:02.0816 6100 wercplsupport - ok
      18:39:02.0863 6100 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
      18:39:02.0863 6100 WerSvc - ok
      18:39:02.0910 6100 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      18:39:02.0910 6100 WfpLwf - ok
      18:39:02.0926 6100 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      18:39:02.0926 6100 WIMMount - ok
      18:39:03.0004 6100 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
      18:39:03.0019 6100 WinDefend - ok
      18:39:03.0019 6100 WinHttpAutoProxySvc - ok
      18:39:03.0097 6100 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      18:39:03.0097 6100 Winmgmt - ok
      18:39:03.0128 6100 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
      18:39:03.0160 6100 WinRM - ok
      18:39:03.0238 6100 [ B5BA3CC19D00F2EBA92F1CFBEBB5D650 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
      18:39:03.0238 6100 WinUSB - ok
      18:39:03.0269 6100 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
      18:39:03.0269 6100 Wlansvc - ok
      18:39:03.0347 6100 [ 7FFF34AE69DFB80F7B190ABA31E00610 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
      18:39:03.0347 6100 wltrysvc - ok
      18:39:03.0394 6100 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
      18:39:03.0394 6100 WmiAcpi - ok
      18:39:03.0440 6100 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      18:39:03.0456 6100 wmiApSrv - ok
      18:39:03.0565 6100 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
      18:39:03.0596 6100 WMPNetworkSvc - ok
      18:39:03.0643 6100 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
      18:39:03.0659 6100 WPCSvc - ok
      18:39:03.0674 6100 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      18:39:03.0690 6100 WPDBusEnum - ok
      18:39:03.0690 6100 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      18:39:03.0706 6100 ws2ifsl - ok
      18:39:03.0737 6100 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
      18:39:03.0752 6100 wscsvc - ok
      18:39:03.0752 6100 WSearch - ok
      18:39:03.0846 6100 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
      18:39:03.0908 6100 wuauserv - ok
      18:39:03.0955 6100 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      18:39:03.0955 6100 WudfPf - ok
      18:39:04.0064 6100 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      18:39:04.0064 6100 WUDFRd - ok
      18:39:04.0127 6100 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      18:39:04.0142 6100 wudfsvc - ok
      18:39:04.0220 6100 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
      18:39:04.0252 6100 WwanSvc - ok
      18:39:04.0361 6100 ================ Scan global ===============================
      18:39:04.0392 6100 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
      18:39:04.0454 6100 [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll
      18:39:04.0470 6100 [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll
      18:39:04.0532 6100 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
      18:39:04.0579 6100 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
      18:39:04.0579 6100 [Global] - ok
      18:39:04.0579 6100 ================ Scan MBR ==================================
      18:39:04.0595 6100 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
      18:39:05.0266 6100 \Device\Harddisk0\DR0 - ok
      18:39:05.0266 6100 ================ Scan VBR ==================================
      18:39:05.0266 6100 [ EE4E383977BFA44A14DE732A00F5B0B5 ] \Device\Harddisk0\DR0\Partition1
      18:39:05.0281 6100 \Device\Harddisk0\DR0\Partition1 - ok
      18:39:05.0297 6100 [ 63577858657BA5AD8BEAA944603F9AA9 ] \Device\Harddisk0\DR0\Partition2
      18:39:05.0297 6100 \Device\Harddisk0\DR0\Partition2 - ok
      18:39:05.0297 6100 ============================================================
      18:39:05.0297 6100 Scan finished
      18:39:05.0297 6100 ============================================================
      18:39:05.0468 3312 Detected object count: 1
      18:39:05.0468 3312 Actual detected object count: 1
      18:39:45.0592 3312 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
      18:39:45.0592 3312 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
      18:39:45.0638 3312 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
      18:39:45.0763 3312 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
      18:39:45.0763 3312 sptd ( LockedFile.Multi.Generic ) - User select action: Delete

    4. #4
      Usuario Avatar de trueno66
      Registrado
      jul 2012
      Ubicación
      España
      Mensajes
      8

      Re: troyano win 32 adload da

      aquí el de combo fix (perdon por el doble post no me dejaba en una sola)
      ComboFix 12-11-20.02 - taty 22/11/2012 14:09:21.4.2 - x86
      Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.2743.1585 [GMT 1:00]
      Running from: c:\users\taty\Desktop\ComboFix.exe
      AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
      FW: Trend Micro Personal Firewall *Enabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
      SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-22 to 2012-11-22 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-22 13:20 . 2012-11-22 13:20 -------- d-----w- c:\users\Dell\AppData\Local\temp
      2012-11-22 13:20 . 2012-11-22 13:20 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-21 18:32 . 2012-11-22 13:20 -------- d-----w- c:\users\taty\AppData\Local\temp
      2012-11-21 17:51 . 2012-11-21 17:51 -------- d-----w- c:\users\taty\AppData\Roaming\GlarySoft
      2012-11-21 17:47 . 2012-11-21 17:47 -------- d-----w- c:\program files\Glary Utilities
      2012-11-21 17:39 . 2012-11-21 17:39 -------- d-----w- C:\TDSSKiller_Quarantine
      2012-11-19 10:23 . 2012-11-19 10:23 -------- d-----w- c:\program files\CheckPoint
      2012-11-19 10:23 . 2012-11-19 10:23 -------- d-----w- c:\programdata\CheckPoint
      2012-11-19 10:14 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
      2012-11-19 10:14 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
      2012-11-19 10:14 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
      2012-11-19 10:11 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
      2012-11-19 10:11 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
      2012-11-19 10:11 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
      2012-11-19 10:11 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
      2012-11-19 10:11 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
      2012-11-19 10:11 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
      2012-11-19 10:11 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
      2012-11-19 09:58 . 2012-09-25 21:55 78336 ----a-w- c:\windows\system32\synceng.dll
      2012-11-19 09:58 . 2012-10-18 17:57 2344960 ----a-w- c:\windows\system32\win32k.sys
      2012-11-19 09:42 . 2012-11-19 09:42 -------- d-----w- c:\program files\ESET
      2012-11-16 09:57 . 2012-11-16 10:26 -------- d-----w- C:\UsbFix
      2012-11-16 07:59 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6C5CF8A3-3357-439E-AD6F-8A0627C5F5C7}\mpengine.dll
      2012-11-12 10:44 . 2012-11-12 10:45 -------- d-----w- c:\program files\AVG Secure Search
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-11-16 10:26 . 2012-11-16 10:04 6978 ----a-w- C:\UsbFix_Upload_Me_DELL-PORTATIL.zip
      2012-11-12 10:44 . 2012-10-03 16:34 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
      2012-10-31 23:04 . 2011-09-12 08:39 444952 ----a-w- c:\windows\system32\wrap_oal.dll
      2012-10-31 23:04 . 2011-09-12 08:39 109080 ----a-w- c:\windows\system32\OpenAL32.dll
      2012-10-22 12:02 . 2012-10-22 12:02 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
      2012-10-15 02:48 . 2012-10-15 02:48 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
      2012-10-13 01:03 . 2012-10-13 01:03 0 ----a-w- c:\windows\system32\sho74D5.tmp
      2012-10-10 10:06 . 2012-04-08 12:32 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-10-10 10:06 . 2011-11-12 09:57 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-10-05 02:32 . 2012-10-05 02:32 93536 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
      2012-10-02 01:30 . 2012-10-02 01:30 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
      2012-09-29 17:54 . 2012-07-02 01:13 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-09-21 01:46 . 2012-09-21 01:46 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys
      2012-09-21 01:46 . 2012-09-21 01:46 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys
      2012-09-21 01:45 . 2012-09-21 01:45 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
      2012-09-15 10:12 . 2010-12-11 05:48 499712 ----a-w- c:\windows\system32\msvcp71.dll
      2012-09-14 18:30 . 2012-10-10 09:08 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-09-14 01:05 . 2012-09-14 01:05 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
      2012-08-31 17:21 . 2012-10-10 09:06 1210736 ----a-w- c:\windows\system32\drivers\ntfs.sys
      2012-08-30 17:18 . 2012-10-10 09:06 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2012-08-30 17:18 . 2012-10-10 09:06 3902832 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-08-24 17:10 . 2012-10-10 09:08 172544 ----a-w- c:\windows\system32\wintrust.dll
      2012-09-08 20:37 . 2012-03-31 18:25 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
      2012-11-12 10:44 1796552 ----a-w- c:\program files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll" [2012-11-12 1796552]
      .
      [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
      [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
      [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2012-08-16 17:03 220608 ----a-w- c:\users\taty\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2012-08-16 17:03 220608 ----a-w- c:\users\taty\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2012-08-16 17:03 220608 ----a-w- c:\users\taty\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-05 4763008]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
      "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-20 39408]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-01-07 1602856]
      "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-04-06 495708]
      "FreeFallProtection"="c:\program files\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-08-02 726640]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-08 136216]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-08 171032]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-08 170008]
      "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-24 13838952]
      "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-12-11 5249024]
      "DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-05-12 842816]
      "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
      "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472]
      "OfficeScanNT Monitor"="c:\program files\Trend Micro\Client Server Security Agent\pccntmon.exe" [2010-06-25 1099088]
      "DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2010-05-20 206336]
      "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
      "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
      "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
      "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
      "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]
      "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-11-12 997320]
      "ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-11-12 1020512]
      "ZoneAlarm Installer"="c:\program files\CheckPoint\Install\Launcher.exe" [2012-11-19 403096]
      .
      c:\users\taty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2010-12-21 1643808]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-10-15 113024]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
      2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "mixer9"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Notification Packages REG_MULTI_SZ scecli DPPWDFLT
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
      2010-12-20 15:36 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      .
      R1 mxocldxq;mxocldxq;c:\windows\system32\drivers\mxocldxq.sys [x]
      R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
      R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
      R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [x]
      R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
      R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
      R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [x]
      R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
      R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
      R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
      R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
      R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
      R3 TmProxy;Trend Micro Client/Server Security Agent Proxy Service;c:\program files\Trend Micro\Client Server Security Agent\TmProxy.exe [x]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
      S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
      S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
      S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
      S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x]
      S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
      S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
      S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
      S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
      S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
      S1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [x]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
      S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\aestsrv.exe [x]
      S2 avgwd;WatchDog de AVG;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
      S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
      S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]
      S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
      S2 svcGenericHost;Trend Micro Client/Server Security Agent;c:\program files\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe [x]
      S2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\Client Server Security Agent\TmXPFlt.sys [x]
      S2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\Client Server Security Agent\TmPreFlt.sys [x]
      S2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\DRIVERS\tmwfp.sys [x]
      S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
      S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [x]
      S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
      S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
      S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
      S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
      S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
      S3 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
      S3 TmPfw;Trend Micro Client/Server Security Agent Personal Firewall;c:\program files\Trend Micro\Client Server Security Agent\TmPfw.exe [x]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - FSUSBEXDISK
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-22 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 10:06]
      .
      2012-11-22 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files\Glary Utilities\initialize.exe [2012-11-21 11:45]
      .
      2012-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 15:37]
      .
      2012-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 15:37]
      .
      2012-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-968974262-2092285498-2698529761-1000Core.job
      - c:\users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-17 16:19]
      .
      2012-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-968974262-2092285498-2698529761-1000UA.job
      - c:\users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-17 16:19]
      .
      2012-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-968974262-2092285498-2698529761-1001Core.job
      - c:\users\taty\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-25 15:42]
      .
      2012-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-968974262-2092285498-2698529761-1001UA.job
      - c:\users\taty\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-25 15:42]
      .
      .
      ------- Supplementary Scan -------
      .
      uInternet Settings,ProxyOverride = *.local
      IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
      IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
      IE: Enviar página al dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
      TCP: DhcpNameServer = 213.60.205.175 213.60.205.173 212.51.32.254
      Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
      FF - ProfilePath - c:\users\taty\AppData\Roaming\Mozilla\Firefox\Profiles\z5skmubd.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=3&q={searchTerms}
      FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.es/
      FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid={4168BC3E-1186-40B7-96F8-1B8A798860F0}&mid=8d035cce019b47d6b1a111827e58e4f9-54eba1ee161963ec828fd26330d76406d7c3a306&lang=es&ds=AVG&pr=fr&d=2012-11-12 11:44&v=13.2.0.4&sap=ku&q=
      FF - ExtSQL: 2012-11-12 11:45; [email protected]; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.4
      FF - ExtSQL: !HIDDEN! 2010-12-11 06:47; [email protected]; c:\program files\DigitalPersona\Bin\FirefoxExt
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113480&tt=060612_5_
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      FF - user.js: extensions.BabylonToolbar_i.id - b690630700000000000000c0ca4a78b2
      FF - user.js: extensions.BabylonToolbar_i.hardId - b690630700000000000000c0ca4a78b2
      FF - user.js: extensions.BabylonToolbar_i.instlDay - 15501
      FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1718:53
      FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
      FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------
      .
      - - - - - - - > 'lsass.exe'(776)
      c:\windows\system32\DPPWDFLT.DLL
      .
      - - - - - - - > 'Explorer.exe'(468)
      c:\program files\DigitalPersona\Bin\DpoFeedb.dll
      c:\program files\DigitalPersona\Bin\DpoSet.dll
      .
      Completion time: 2012-11-22 14:22:35
      ComboFix-quarantined-files.txt 2012-11-22 13:22
      ComboFix2.txt 2012-11-22 12:51
      .
      Pre-Run: 18.788.360.192 bytes libres
      Post-Run: 18.719.031.296 bytes libres
      .
      - - End Of File - - 2AD278D1797713C79DBF67AA4ED547A1

    5. #5
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: troyano win 32 adload da

      Hola

      Y como va Tu ordenador ahora ???
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    6. #6
      Usuario Avatar de trueno66
      Registrado
      jul 2012
      Ubicación
      España
      Mensajes
      8

      Re: troyano win 32 adload da

      Perdón por mi tardanza en contestar =P, ahora el orde me sigue notificando el adload Da y me falla mucho el explorador windows quiero decir que se me para cada 2 x 3 y despues de buscar una solución vuelve a funcionar y algo raro que me pasa es que hace algun tiempo me bajé el instalador del zone alarm (pero desde este foro asi que estaba libre de virus) y cada vez que inicio sesion aun cuando lo elimine me sigue notificando que lo instale ¿eso es normal?

    7. #7
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: troyano win 32 adload da

      Hola


      Si tenes el sistema operativo Actualizado, vas a usar la Herramienta Microsoft Malicious Software Removal Tool.

      Vas a Inicio --- Ejecutar y escribis MRT

      Haces un escaneo completo del sistema y eliminas Todo lo que encuentre.


      Si Tu sistema No está Actualizado, y no podes actualizarlo, Seguí El Manual de Esta Herramienta Para descargarla y Ejecutarla.



      Nos comentas como sigue ...
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    8. #8
      Usuario Avatar de trueno66
      Registrado
      jul 2012
      Ubicación
      España
      Mensajes
      8

      Re: troyano win 32 adload da

      lo detectó nada
      "no se detectó software malintencionado"

    9. #9
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: troyano win 32 adload da

      Hola de nuevo


      Realiza lo siguiente :

      • Clic en INICIO > EJECUTAR >
        • Y ahí pones notepad.exe y ACEPTAR
        • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad


      Código:
      KillAll::
      ClearJavaCache::
      Firefox::
      FF - ProfilePath - c:\users\taty\AppData\Roaming\Mozilla\Firefox\Profiles\z5skmubd.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=3&q={searchTerms}
      FF - ExtSQL: !HIDDEN! 2010-12-11 06:47; [email protected]; c:\program files\DigitalPersona\Bin\FirefoxExt
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113480&tt=060612_5_
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      FF - user.js: extensions.BabylonToolbar_i.id - b690630700000000000000c0ca4a78b2
      FF - user.js: extensions.BabylonToolbar_i.hardId - b690630700000000000000c0ca4a78b2
      FF - user.js: extensions.BabylonToolbar_i.instlDay - 15501
      FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1718:53
      FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
      FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
      File::
      c:\windows\system32\sho74D5.tmp
      c:\windows\system32\drivers\mxocldxq.sys
      Driver::
      mxocldxq


      • Guarda este archivo con el nombre CFScript.txt
      • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



      • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.




      Después de reiniciar, comprobas en funcionamiento y nos comentás.



      saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    10. #10
      Usuario Avatar de trueno66
      Registrado
      jul 2012
      Ubicación
      España
      Mensajes
      8

      Re: troyano win 32 adload da

      por ahora no se me volvio a parar , solo que a veces se me desconecta de internet y en el centro de actividades me sigue marcando el troyano
      el reporte
      ComboFix 12-12-10.01 - taty 19/12/2012 1:55:31.5.2 - x86
      Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.2743.1694 [GMT 1:00]
      Running from: C:\Users\taty\Desktop\ComboFix.exe
      Command switches used :: C:\Users\taty\Desktop\CFScript.txt

      AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
      FW: Trend Micro Personal Firewall *Enabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
      SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      - REDUCED FUNCTIONALITY MODE -

      FILE ::
      "c:\windows\system32\drivers\mxocldxq.sys"
      "c:\windows\system32\sho74D5.tmp"



      felices fiestas y gracias por tu atención

    Página 1 de 2 12 ÚltimoÚltimo