• Registrarse
  • Iniciar sesin


  • Pgina 1 de 2 12 ltimoltimo
    Resultados 1 al 10 de 12

    C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

    Buenos dias, tengo un problema, cada ves que abro un archivo autocad 2012, se aparece un mensaje que me dice que winrar no puede abrir el archivo, y se crea la carpeta C:\Windows\System32\!Ȥζеͼ y el ...

    1. #1
      Usuario Avatar de Richard Andre
      Registrado
      nov 2012
      Mensajes
      13

      C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      Buenos dias, tengo un problema, cada ves que abro un archivo autocad 2012, se aparece un mensaje que me dice que winrar no puede abrir el archivo, y se crea la carpeta C:\Windows\System32\!Ȥζеͼ y el archivo Ȥζеͼ.dxf quisiera saber que puedo hacer, ya pase el malwarebyte y me detecto dos virus que ya elimine, igual el mcaffe me detecto 7 virus pero los elimine, pensando que lo solucionaria, pero sigo teniendo ese problema

    2. #2
      Usuario Avatar de Richard Andre
      Registrado
      nov 2012
      Mensajes
      13

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      alguien me puede ayudar?

    3. #3
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicacin
      El Mundo
      Mensajes
      1.467

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      Hola Richard Bienvenido a ForoSpyware.


      Te pido por favor que no te auto-respondas.

      Lo que mencions es un conocido gusano llamado Medre. No elimines esos archivos manualmente.
      Cul es tu Sistema Operativo? Tu licencia de AutoCAD es original?

      Pega los reportes de las herramientas que hayas utilizado en tu prxima respuesta

      Saludos

    4. #4
      Usuario Avatar de Richard Andre
      Registrado
      nov 2012
      Mensajes
      13

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      mi sistema operativo es windows 7 home premium, service pack 1, el autocad es 2013, desintasle el 12 e instale el 13, al hacer una restauracion de sistema, el problema se soluciono, pero al abrir un archivo de mi usb volvio a aparecer, en todos los archivos autocad que abro, la licencia no es original, que herramienta me recomiendas para generar un reporte, ahora estoy pasandole un escaneo con el McAfee

    5. #5
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicacin
      El Mundo
      Mensajes
      1.467

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      Hola,

      Te pido por favor que pegues los reportes de MBAM y McAfee... Los necesitamos.

      Vamos a empezar con la desinfeccin.

      Descarga a tu escritorio -pero no ejecutes an.- las siguientes herramientas:
      ESET ACAD/Medre Cleaner
      USBFIX (lee atentamente su manual)
      TDSS Killer
      Ccleaner
      Activa Ver archivos ocultos (esto es muy importante)

      Procede con todos los programas cerrados:

      Ejecuta CCleaner.
      • Usando primero su opcin de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Despus usa su opcin de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Ejecuta USBFix de la siguiente manera:

      Conecta todos tus dispositivos extraibles, (pendrive, disco duro externo, Micro SD, etc)
      Haga doble Click sobre USBFix
      Pulsa la opcin Supresin
      El proceso de desinfeccin se iniciar, el ordenador se reiniciar si es necesario.
      Cuando Windows inicie, USBFix arrancar en automtico, para complementar el proceso de desinfeccin y vacunacin.
      USBFix, genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt

      Nota: UsbFix crear una carpeta oculta llamada "autorun.inf" en cada particin y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudar a proteger sus dispositivos USB de futuras infecciones.
      Desconecte fsicamente su equipo de Internet (Desconecte el cable / apague el mdem)

      Ejecute TDSS Killer como administrador y presione el botn Start Scan.
      Es importante que no utilice el navegador mientras se realiza el anlisis.

      Durante el anlisis ver el progreso de la exploracin, la herramienta buscar objetos maliciosos y/o sospechosos.

      Si su equipo est infectado:

      Le mostrar una ventana donde se ve que fue encontrada alguna infeccin. Threats detected.


      TDSSKiller puede mostrar:

      Malware object (Objetos Maliciosos): La accin predeterminada es "Cure" (Desinfectar) o "Delete" (Eliminar). El programa selecciona de forma automtica la accin a tomar.

      Suspicious object (Objetos Sospechosos): la opcin por defecto es Skip (saltar), no cambie esta opcin si no se le ha indicado, el objeto sospechoso quedar reflejado en el reporte el cual debe pegar en el tema que se lo solicitaron para que le indiquen las acciones a tomar. Si ejecut la herramienta por su cuenta puede abrir un tema con el reporte en nuestro foro para que sea analizado.

      Las otras opciones son:

      Restore: Restaura un MBR estndar. Si ha instalado un gestor de arranque como (Acronis, Grub, Lilo), deber reinstalarlo de nuevo.
      Quarantine: Copia los archivos detectados a cuarentena. Estos archivos no son eliminados.
      Delete: Elimina el archivo por completo. No use esta opcin si no se le ha indicado.
      Para desinfectar su sistema, puede que TDSS Killer solicite reiniciar. Permita este reinicio haciendo clic en "Reboot Computer".
      Ejecuta ESET ACAD/Medre Cleaner.
      (Por cualquier problema con este programa, traeme una captura del problema en s y explicame en qu consiste )
      Traenos los reportes de Malwarebytes, USBFix y TDSS Killer.
      Y comentanos cmo funciona tu equipo en relacin a este problema.
      Saludos
      ltima edicin por Raudron fecha: 27/11/12 a las 13:05:29 Razn: Arreglo una cosa.

    6. #6
      Usuario Avatar de Richard Andre
      Registrado
      nov 2012
      Mensajes
      13

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      BUENO EL reporte es el siguiente,

      1.- el mcafee me detecto estas amenazas:
      Generic PUP.z!f
      en el archivo IDM6.11 build.rar
      Generic PUP.z!gp
      en el archivo C:\AutoKMS\AutoKMS.exe

      2.- luego el MBAM detecto lo siguiente:
      Malwarebytes Anti-Malware (Versin de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versin de la Base de Datos: v2012.11.27.09

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      USER :: SNOOPDOG [administrador]

      Proteccin: Personas de movilidad reducida

      27/11/2012 01:03:02 p.m.
      mbam-log-2012-11-27 (14-12-15).txt

      Tipos de Anlisis: Anlisis Completo (C:\|D:\|)
      Opciones de anlisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurstica/Extra | Heurstica/Shuriken | PUP | PUM
      Opciones de anlisis desactivados: P2P
      Objetos examinados: 427030
      Tiempo transcurrido: 1 hora(s), 8 minuto(s), 34 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Mdulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 4
      C:\Games\Gunbound\gunbound.gme (Malware.Packer) -> No se tomaron medidas.
      C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\keygen.exe (Trojan.Agent.CK) -> No se tomaron medidas.
      D:\USB\Driver Genius 10 [SETUP].exe (Trojan.Keylogger.MWP) -> No se tomaron medidas.
      D:\USB\WirelessKeyView.exe (PUP.WirelessKeyView) -> No se tomaron medidas.

      fin)

    7. #7
      Usuario Avatar de Richard Andre
      Registrado
      nov 2012
      Mensajes
      13

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      3.- el USBFIX detecto lo siguiente:

      ############################## | UsbFix V 7.096 | [Supresin]

      Usuario: USER (Administrador) # SNOOPDOG
      Actualizado el 15/08/2012 por El Desaparecido
      Comenz a 14:41:46 | 27/11/2012

      Sitio web: SoSVirus • Portail
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: LENOVO (Lenovo IdeaPad Y580) (x64-based PC) # Notebook
      CPU: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz (2301)
      RAM -> [Total : 6046 | Free : 3508]
      BIOS: InsydeH2O Version 03.71.515DCN36WW(V2.03)
      BOOT: Normal boot

      OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: McAfee Anti-Virus y Anti-Spyware [(!) Disabled | Updated]
      FW: Windows FireWall Service [Enabled]

      C:\ (%systemdrive%) -> Disco fijo # 450 Gb (375 Mb libre(s) - 83%) [System] # NTFS
      D:\ -> Disco fijo # 462 Gb (403 Mb libre(s) - 87%) [Data] # NTFS
      E:\ -> Disco extrable # 7 Gb (6 Mb libre(s) - 75%) [SNOOPDOG] # FAT32
      F:\ -> CD-ROM

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (824)
      C:\Windows\system32\wininit.exe (964)
      C:\Windows\system32\csrss.exe (984)
      C:\Windows\system32\winlogon.exe (172)
      C:\Windows\system32\services.exe (412)
      C:\Windows\system32\lsass.exe (488)
      C:\Windows\system32\lsm.exe (492)
      C:\Windows\system32\svchost.exe (828)
      C:\Windows\system32\svchost.exe (1064)
      C:\Windows\System32\svchost.exe (1140)
      C:\Windows\System32\svchost.exe (1216)
      C:\Windows\system32\svchost.exe (1268)
      C:\Windows\system32\svchost.exe (1368)
      C:\Windows\system32\svchost.exe (1640)
      C:\Windows\system32\svchost.exe (1844)
      C:\Windows\system32\mfevtps.exe (2108)
      C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2268)
      C:\Windows\system32\Dwm.exe (2484)
      C:\Windows\system32\wbem\unsecapp.exe (2544)
      C:\Windows\system32\wbem\wmiprvse.exe (2676)
      C:\Windows\system32\svchost.exe (3548)
      C:\Windows\system32\svchost.exe (3976)
      C:\Windows\system32\svchost.exe (4836)
      C:\Windows\System32\svchost.exe (4548)
      C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (5296)
      C:\Program Files\Intel\iCLS Client\HeciServer.exe (6712)
      C:\Windows\system32\WUDFHost.exe (7424)
      C:\Windows\System32\rundll32.exe (8016)
      C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (8052)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (7392)
      C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (7032)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5528)
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (5840)
      C:\Program Files\Windows Media Player\wmpnetwk.exe (4904)
      C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1540)
      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (5912)
      C:\Windows\System32\spoolsv.exe (3348)
      C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (5800)
      C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (6988)
      c:\PROGRA~1\mcafee.com\agent\mcagent.exe (2920)
      C:\Windows\system32\SearchIndexer.exe (1784)
      C:\Windows\System32\rundll32.exe (6452)
      C:\Windows\Explorer.exe (1624)
      C:\Windows\system32\wuauclt.exe (6376)
      C:\Windows\system32\rundll32.exe (4104)
      C:\Windows\system32\rundll32.exe (3356)
      C:\Windows\SysWOW64\rundll32.exe (3484)
      C:\Windows\system32\taskeng.exe (2844)
      C:\UsbFix\Go.exe (6512)
      C:\Windows\system32\wbem\wmiprvse.exe (860)
      C:\Windows\system32\msiexec.exe (2888)
      C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1320)

      ################## | Procesos Parados |

      Parado! C:\Windows\system32\mfevtps.exe (2108)
      Parado! C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2268)
      Parado! C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (5296)
      Parado! C:\Program Files\Intel\iCLS Client\HeciServer.exe (6712)
      Parado! C:\Windows\system32\WUDFHost.exe (7424)
      Parado! C:\Windows\System32\rundll32.exe (8016)
      Parado! C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (8052)
      Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (7392)
      Parado! C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (7032)
      Parado! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (5840)
      Parado! C:\Program Files\Windows Media Player\wmpnetwk.exe (4904)
      Parado! C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1540)
      Parado! C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (5912)
      Parado! C:\Windows\System32\spoolsv.exe (3348)
      Parado! C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (5800)
      Parado! C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (6988)
      Parado! c:\PROGRA~1\mcafee.com\agent\mcagent.exe (2920)
      Parado! C:\Windows\system32\SearchIndexer.exe (1784)
      Parado! C:\Windows\System32\rundll32.exe (6452)
      Parado! C:\Windows\system32\wuauclt.exe (6376)
      Parado! C:\Windows\system32\rundll32.exe (4104)
      Parado! C:\Windows\system32\rundll32.exe (3356)
      Parado! C:\Windows\SysWOW64\rundll32.exe (3484)
      Parado! C:\Windows\system32\taskeng.exe (2844)
      Parado! C:\Windows\system32\msiexec.exe (2888)
      Parado! C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1320)

      ################## | Archivos # Carpetas infectadas |

      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-1537770754-528144151-1712220295-1001
      Suprimido ! D:\$RECYCLE.BIN\S-1-5-21-1537770754-528144151-1712220295-1001

      (!) Archivos temporales suprimido.

      ################## | Registro |


      ################## | Mountpoints2 |


      ################## | Listing |

      [27/11/2012 - 14:42:10 | SHD ] C:\$RECYCLE.BIN
      [17/11/2012 - 01:47:33 | N | 9612] C:\AD020.LOG
      [17/11/2012 - 00:50:17 | D ] C:\Archivos de programa
      [26/11/2012 - 14:03:24 | D ] C:\Autodesk
      [27/11/2012 - 14:27:47 | RASHD ] C:\Autorun.inf
      [24/02/2011 - 12:03:40 | SHD ] C:\Boot
      [20/11/2010 - 22:23:51 | RASH | 383786] C:\bootmgr
      [24/02/2011 - 12:03:41 | N | 8192] C:\BOOTSECT.BAK
      [26/11/2012 - 19:00:10 | D ] C:\Config.Msi
      [14/07/2009 - 00:08:56 | SHD ] C:\Documents and Settings
      [27/11/2012 - 14:05:50 | N | 468263] C:\FaceProv.log
      [23/11/2012 - 14:15:52 | D ] C:\Games
      [26/11/2012 - 19:00:11 | ASH | 4755046400] C:\hiberfil.sys
      [13/06/2012 - 08:32:53 | D ] C:\Intel
      [17/11/2012 - 00:59:48 | RHD ] C:\MSOCache
      [17/11/2012 - 01:48:22 | D ] C:\MSSQL2005
      [22/11/2012 - 20:30:06 | D ] C:\Musica
      [26/11/2012 - 19:00:16 | ASH | 6340063232] C:\pagefile.sys
      [13/07/2009 - 22:20:08 | D ] C:\PerfLogs
      [27/11/2012 - 14:13:56 | D ] C:\Program Files
      [26/11/2012 - 14:14:24 | D ] C:\Program Files (x86)
      [25/11/2012 - 07:20:25 | HD ] C:\ProgramData
      [17/11/2012 - 00:50:18 | SHD ] C:\Recovery
      [25/11/2012 - 08:27:10 | D ] C:\S102000
      [26/11/2012 - 14:21:21 | SHD ] C:\System Volume Information
      [27/11/2012 - 14:42:10 | D ] C:\UsbFix
      [27/11/2012 - 14:41:57 | A | 7061] C:\UsbFix.txt
      [27/11/2012 - 14:36:55 | N | 1312573778] C:\UsbFix_Upload_Me_SNOOPDOG.zip
      [13/06/2012 - 09:08:23 | D ] C:\UserGuidePDF
      [17/11/2012 - 00:50:49 | D ] C:\Users
      [27/11/2012 - 14:14:42 | D ] C:\Windows
      [17/11/2012 - 01:03:58 | N | 11050] C:\WPI_Log_2012.11.17_01.02.19.txt
      [17/11/2012 - 01:05:47 | N | 9546] C:\WPI_Log_2012.11.17_01.04.25.txt
      [17/11/2012 - 0157 | N | 8672] C:\WPI_Log_2012.11.17_01.06.59.txt
      [27/11/2012 - 14:42:10 | SHD ] D:\$RECYCLE.BIN
      [16/03/2005 - 04:08:46 | | 49152] D:\acad.fas
      [21/11/2012 - 15:09:34 | D ] D:\Application
      [21/11/2012 - 15:33:59 | D ] D:\Autocad
      [27/11/2012 - 14:27:47 | RASHD ] D:\Autorun.inf
      [16/03/2005 - 04:08:46 | | 49152] D:\cad.fas
      [25/11/2012 - 14:26:28 | D ] D:\Camara
      [25/11/2012 - 20:07:07 | D ] D:\Chamba Aparte
      [23/11/2012 - 13:48:23 | N | 205233] D:\clarita.dwg
      [04/07/2006 - 15:09:44 | N | 3362733] D:\Detalles Varios.dwg
      [21/11/2012 - 15:08:42 | D ] D:\drivers
      [22/11/2012 - 21:04:46 | D ] D:\Fotos
      [22/11/2012 - 21:17:17 | D ] D:\IRC
      [21/11/2012 - 15:08:55 | D ] D:\Lenovo
      [22/11/2012 - 07:46:14 | D ] D:\Municipalidad Provincial
      [22/11/2012 - 21:37:07 | D ] D:\Obras
      [13/04/2010 - 10:22:32 | N | 1711579] D:\pmirc2010u.exe
      [25/11/2012 - 08:15:40 | D ] D:\Programas
      [22/11/2012 - 21:28:07 | D ] D:\Richard Andre
      [21/11/2012 - 15:44:08 | SHD ] D:\System Volume Information
      [27/11/2012 - 12:51:25 | D ] D:\Trabajos
      [26/11/2012 - 22:31:36 | D ] D:\USB
      [22/11/2012 - 20:43:59 | D ] D:\Videos
      [27/11/2012 - 08:23:35 | D ] D:\wow
      [26/11/2012 - 08:17:00 | D ] E:\FOTOS AVIACION
      [11/06/2012 - 16:47:06 | N | 1216220336] E:\AutoCAD_2013_English_Win_64bit.exe
      [28/09/2012 - 15:54:56 | D ] E:\FORM. PIP PACHECO CESPEDES 28139
      [28/09/2012 - 15:53:32 | D ] E:\EXP. TEC. PACHECO CESPEDES
      [28/09/2012 - 15:53:58 | D ] E:\EXP. TECN. VIAS CRISTO REY
      [28/09/2012 - 15:59:08 | D ] E:\mejoramiento vial
      [14/04/2012 - 15:44:40 | N | 1837] E:\Instalao.txt
      [31/05/2012 - 21:20:46 | N | 2945724] E:\Xforce para autocad 2013.rar
      [27/11/2012 - 08:27:30 | N | 7108287] E:\TRABAJO.dwg
      [27/11/2012 - 08:40:40 | N | 5059040] E:\TRABAJO 2007.dwg
      [27/11/2012 - 12:47:26 | N | 89376] E:\local jesus maria.dwg
      [27/11/2012 - 13:11:08 | N | 211] E:\local jesus maria.dwl2
      [27/11/2012 - 13:11:08 | N | 61] E:\local jesus maria.dwl
      [16/03/2005 - 04:08:46 | N | 49152] E:\acad.fas
      [16/03/2005 - 04:08:46 | N | 49152] E:\cad.fas
      [27/11/2012 - 13:11:12 | N | 111898] E:\acad.lsp
      [27/11/2012 - 14:27:48 | RASHD ] E:\Autorun.inf

      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      E:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | Upload |

      Por favor, envie el archivo: C:\UsbFix_Upload_Me_SNOOPDOG.zip
      http://eldesaparecido.com/upload.php
      Gracias por su contribucin.

      ################## | E.O.F |

      4.- el TDSS reporto lo siguiente:

      14:53:27.0972 1592 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      14:53:28.0019 1592 ============================================================
      14:53:28.0019 1592 Current date / time: 2012/11/27 14:53:28.0019
      14:53:28.0019 1592 SystemInfo:
      14:53:28.0019 1592
      14:53:28.0019 1592 OS Version: 6.1.7601 ServicePack: 1.0
      14:53:28.0019 1592 Product type: Workstation
      14:53:28.0019 1592 ComputerName: SNOOPDOG
      14:53:28.0019 1592 UserName: USER
      14:53:28.0019 1592 Windows directory: C:\Windows
      14:53:28.0019 1592 System windows directory: C:\Windows
      14:53:28.0019 1592 Running under WOW64
      14:53:28.0019 1592 Processor architecture: Intel x64
      14:53:28.0019 1592 Number of processors: 8
      14:53:28.0019 1592 Page size: 0x1000
      14:53:28.0019 1592 Boot type: Normal boot
      14:53:28.0019 1592 ============================================================
      14:53:28.0752 1592 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      14:53:28.0752 1592 Drive \Device\Harddisk1\DR5 - Size: 0x1DD7F8000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      14:53:28.0752 1592 ============================================================
      14:53:28.0752 1592 \Device\Harddisk0\DR0:
      14:53:28.0752 1592 MBR partitions:
      14:53:28.0752 1592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
      14:53:28.0752 1592 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x383DA000
      14:53:28.0784 1592 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3843F000, BlocksNum 0x39BB7000
      14:53:28.0784 1592 \Device\Harddisk1\DR5:
      14:53:28.0784 1592 MBR partitions:
      14:53:28.0784 1592 \Device\Harddisk1\DR5\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEEBDA1
      14:53:28.0784 1592 ============================================================
      14:53:28.0893 1592 C: <-> \Device\Harddisk0\DR0\Partition2
      14:53:28.0940 1592 D: <-> \Device\Harddisk0\DR0\Partition3
      14:53:28.0940 1592 ============================================================
      14:53:28.0940 1592 Initialize success
      14:53:28.0940 1592 ============================================================
      14:53:32.0403 6052 ============================================================
      14:53:32.0403 6052 Scan started
      14:53:32.0403 6052 Mode: Manual;
      14:53:32.0403 6052 ============================================================
      14:53:32.0777 6052 ================ Scan system memory ========================
      14:53:32.0777 6052 System memory - ok
      14:53:32.0793 6052 ================ Scan services =============================
      14:53:33.0011 6052 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
      14:53:33.0058 6052 1394ohci - ok
      14:53:33.0089 6052 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
      14:53:33.0120 6052 ACPI - ok
      14:53:33.0136 6052 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
      14:53:33.0152 6052 AcpiPmi - ok
      14:53:33.0183 6052 [ 5E813B11629007309E4FC0F0FD2B7C30 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
      14:53:33.0198 6052 ACPIVPC - ok
      14:53:33.0339 6052 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      14:53:33.0339 6052 AdobeARMservice - ok
      14:53:33.0479 6052 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      14:53:33.0479 6052 AdobeFlashPlayerUpdateSvc - ok
      14:53:33.0666 6052 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
      14:53:33.0682 6052 adp94xx - ok
      14:53:33.0713 6052 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
      14:53:33.0729 6052 adpahci - ok
      14:53:33.0807 6052 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
      14:53:33.0807 6052 adpu320 - ok
      14:53:33.0854 6052 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      14:53:33.0854 6052 AeLookupSvc - ok
      14:53:33.0900 6052 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
      14:53:33.0916 6052 AFD - ok
      14:53:33.0978 6052 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
      14:53:33.0994 6052 agp440 - ok
      14:53:34.0041 6052 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
      14:53:34.0056 6052 ALG - ok
      14:53:34.0103 6052 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
      14:53:34.0103 6052 aliide - ok
      14:53:34.0119 6052 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
      14:53:34.0119 6052 amdide - ok
      14:53:34.0119 6052 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
      14:53:34.0134 6052 AmdK8 - ok
      14:53:34.0134 6052 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
      14:53:34.0134 6052 AmdPPM - ok
      14:53:34.0197 6052 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
      14:53:34.0259 6052 amdsata - ok
      14:53:34.0290 6052 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
      14:53:34.0306 6052 amdsbs - ok
      14:53:34.0306 6052 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      14:53:34.0306 6052 amdxata - ok
      14:53:34.0337 6052 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
      14:53:34.0400 6052 AMPPAL - ok
      14:53:34.0415 6052 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
      14:53:34.0415 6052 AMPPALP - ok
      14:53:34.0493 6052 [ AB6E5B9333101E414D8F04BC570064F1 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
      14:53:34.0556 6052 AMPPALR3 - ok
      14:53:34.0587 6052 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
      14:53:34.0618 6052 AppID - ok
      14:53:34.0649 6052 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      14:53:34.0649 6052 AppIDSvc - ok
      14:53:34.0681 6052 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
      14:53:34.0681 6052 Appinfo - ok
      14:53:34.0696 6052 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
      14:53:34.0696 6052 arc - ok
      14:53:34.0712 6052 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
      14:53:34.0712 6052 arcsas - ok
      14:53:34.0821 6052 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
      14:53:34.0883 6052 aspnet_state - ok
      14:53:34.0930 6052 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      14:53:34.0930 6052 AsyncMac - ok
      14:53:34.0961 6052 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
      14:53:34.0961 6052 atapi - ok
      14:53:35.0008 6052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      14:53:35.0055 6052 AudioEndpointBuilder - ok
      14:53:35.0071 6052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
      14:53:35.0071 6052 AudioSrv - ok
      14:53:35.0383 6052 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
      14:53:35.0445 6052 Autodesk Content Service - ok
      14:53:35.0679 6052 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
      14:53:35.0695 6052 AxInstSV - ok
      14:53:35.0757 6052 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
      14:53:35.0773 6052 b06bdrv - ok
      14:53:35.0866 6052 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
      14:53:35.0882 6052 b57nd60a - ok
      14:53:35.0913 6052 [ BC9E4469FE2CE605902D4C8BB09E8236 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys

    8. #8
      Usuario Avatar de Richard Andre
      Registrado
      nov 2012
      Mensajes
      13

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      3.- el USBFIX detecto lo siguiente:

      ############################## | UsbFix V 7.096 | [Supresin]

      Usuario: USER (Administrador) # SNOOPDOG
      Actualizado el 15/08/2012 por El Desaparecido
      Comenz a 14:41:46 | 27/11/2012

      Sitio web: SoSVirus &bull; Portail
      Foro: SoSVirus &bull; Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: LENOVO (Lenovo IdeaPad Y580) (x64-based PC) # Notebook
      CPU: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz (2301)
      RAM -> [Total : 6046 | Free : 3508]
      BIOS: InsydeH2O Version 03.71.515DCN36WW(V2.03)
      BOOT: Normal boot

      OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: McAfee Anti-Virus y Anti-Spyware [(!) Disabled | Updated]
      FW: Windows FireWall Service [Enabled]

      C:\ (%systemdrive%) -> Disco fijo # 450 Gb (375 Mb libre(s) - 83%) [System] # NTFS
      D:\ -> Disco fijo # 462 Gb (403 Mb libre(s) - 87%) [Data] # NTFS
      E:\ -> Disco extrable # 7 Gb (6 Mb libre(s) - 75%) [SNOOPDOG] # FAT32
      F:\ -> CD-ROM

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (824)
      C:\Windows\system32\wininit.exe (964)
      C:\Windows\system32\csrss.exe (984)
      C:\Windows\system32\winlogon.exe (172)
      C:\Windows\system32\services.exe (412)
      C:\Windows\system32\lsass.exe (488)
      C:\Windows\system32\lsm.exe (492)
      C:\Windows\system32\svchost.exe (828)
      C:\Windows\system32\svchost.exe (1064)
      C:\Windows\System32\svchost.exe (1140)
      C:\Windows\System32\svchost.exe (1216)
      C:\Windows\system32\svchost.exe (1268)
      C:\Windows\system32\svchost.exe (1368)
      C:\Windows\system32\svchost.exe (1640)
      C:\Windows\system32\svchost.exe (1844)
      C:\Windows\system32\mfevtps.exe (2108)
      C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2268)
      C:\Windows\system32\Dwm.exe (2484)
      C:\Windows\system32\wbem\unsecapp.exe (2544)
      C:\Windows\system32\wbem\wmiprvse.exe (2676)
      C:\Windows\system32\svchost.exe (3548)
      C:\Windows\system32\svchost.exe (3976)
      C:\Windows\system32\svchost.exe (4836)
      C:\Windows\System32\svchost.exe (4548)
      C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (5296)
      C:\Program Files\Intel\iCLS Client\HeciServer.exe (6712)
      C:\Windows\system32\WUDFHost.exe (7424)
      C:\Windows\System32\rundll32.exe (8016)
      C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (8052)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (7392)
      C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (7032)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5528)
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (5840)
      C:\Program Files\Windows Media Player\wmpnetwk.exe (4904)
      C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1540)
      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (5912)
      C:\Windows\System32\spoolsv.exe (3348)
      C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (5800)
      C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (6988)
      c:\PROGRA~1\mcafee.com\agent\mcagent.exe (2920)
      C:\Windows\system32\SearchIndexer.exe (1784)
      C:\Windows\System32\rundll32.exe (6452)
      C:\Windows\Explorer.exe (1624)
      C:\Windows\system32\wuauclt.exe (6376)
      C:\Windows\system32\rundll32.exe (4104)
      C:\Windows\system32\rundll32.exe (3356)
      C:\Windows\SysWOW64\rundll32.exe (3484)
      C:\Windows\system32\taskeng.exe (2844)
      C:\UsbFix\Go.exe (6512)
      C:\Windows\system32\wbem\wmiprvse.exe (860)
      C:\Windows\system32\msiexec.exe (2888)
      C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1320)

      ################## | Procesos Parados |

      Parado! C:\Windows\system32\mfevtps.exe (2108)
      Parado! C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2268)
      Parado! C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (5296)
      Parado! C:\Program Files\Intel\iCLS Client\HeciServer.exe (6712)
      Parado! C:\Windows\system32\WUDFHost.exe (7424)
      Parado! C:\Windows\System32\rundll32.exe (8016)
      Parado! C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (8052)
      Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (7392)
      Parado! C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (7032)
      Parado! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (5840)
      Parado! C:\Program Files\Windows Media Player\wmpnetwk.exe (4904)
      Parado! C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1540)
      Parado! C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (5912)
      Parado! C:\Windows\System32\spoolsv.exe (3348)
      Parado! C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (5800)
      Parado! C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (6988)
      Parado! c:\PROGRA~1\mcafee.com\agent\mcagent.exe (2920)
      Parado! C:\Windows\system32\SearchIndexer.exe (1784)
      Parado! C:\Windows\System32\rundll32.exe (6452)
      Parado! C:\Windows\system32\wuauclt.exe (6376)
      Parado! C:\Windows\system32\rundll32.exe (4104)
      Parado! C:\Windows\system32\rundll32.exe (3356)
      Parado! C:\Windows\SysWOW64\rundll32.exe (3484)
      Parado! C:\Windows\system32\taskeng.exe (2844)
      Parado! C:\Windows\system32\msiexec.exe (2888)
      Parado! C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1320)

      ################## | Archivos # Carpetas infectadas |

      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-1537770754-528144151-1712220295-1001
      Suprimido ! D:\$RECYCLE.BIN\S-1-5-21-1537770754-528144151-1712220295-1001

      (!) Archivos temporales suprimido.

      ################## | Registro |


      ################## | Mountpoints2 |


      ################## | Listing |

      [27/11/2012 - 14:42:10 | SHD ] C:\$RECYCLE.BIN
      [17/11/2012 - 01:47:33 | N | 9612] C:\AD020.LOG
      [17/11/2012 - 00:50:17 | D ] C:\Archivos de programa
      [26/11/2012 - 14:03:24 | D ] C:\Autodesk
      [27/11/2012 - 14:27:47 | RASHD ] C:\Autorun.inf
      [24/02/2011 - 12:03:40 | SHD ] C:\Boot
      [20/11/2010 - 22:23:51 | RASH | 383786] C:\bootmgr
      [24/02/2011 - 12:03:41 | N | 8192] C:\BOOTSECT.BAK
      [26/11/2012 - 19:00:10 | D ] C:\Config.Msi
      [14/07/2009 - 00:08:56 | SHD ] C:\Documents and Settings
      [27/11/2012 - 14:05:50 | N | 468263] C:\FaceProv.log
      [23/11/2012 - 14:15:52 | D ] C:\Games
      [26/11/2012 - 19:00:11 | ASH | 4755046400] C:\hiberfil.sys
      [13/06/2012 - 08:32:53 | D ] C:\Intel
      [17/11/2012 - 00:59:48 | RHD ] C:\MSOCache
      [17/11/2012 - 01:48:22 | D ] C:\MSSQL2005
      [22/11/2012 - 20:30:06 | D ] C:\Musica
      [26/11/2012 - 19:00:16 | ASH | 6340063232] C:\pagefile.sys
      [13/07/2009 - 22:20:08 | D ] C:\PerfLogs
      [27/11/2012 - 14:13:56 | D ] C:\Program Files
      [26/11/2012 - 14:14:24 | D ] C:\Program Files (x86)
      [25/11/2012 - 07:20:25 | HD ] C:\ProgramData
      [17/11/2012 - 00:50:18 | SHD ] C:\Recovery
      [25/11/2012 - 08:27:10 | D ] C:\S102000
      [26/11/2012 - 14:21:21 | SHD ] C:\System Volume Information
      [27/11/2012 - 14:42:10 | D ] C:\UsbFix
      [27/11/2012 - 14:41:57 | A | 7061] C:\UsbFix.txt
      [27/11/2012 - 14:36:55 | N | 1312573778] C:\UsbFix_Upload_Me_SNOOPDOG.zip
      [13/06/2012 - 09:08:23 | D ] C:\UserGuidePDF
      [17/11/2012 - 00:50:49 | D ] C:\Users
      [27/11/2012 - 14:14:42 | D ] C:\Windows
      [17/11/2012 - 01:03:58 | N | 11050] C:\WPI_Log_2012.11.17_01.02.19.txt
      [17/11/2012 - 01:05:47 | N | 9546] C:\WPI_Log_2012.11.17_01.04.25.txt
      [17/11/2012 - 0157 | N | 8672] C:\WPI_Log_2012.11.17_01.06.59.txt
      [27/11/2012 - 14:42:10 | SHD ] D:\$RECYCLE.BIN
      [16/03/2005 - 04:08:46 | | 49152] D:\acad.fas
      [21/11/2012 - 15:09:34 | D ] D:\Application
      [21/11/2012 - 15:33:59 | D ] D:\Autocad
      [27/11/2012 - 14:27:47 | RASHD ] D:\Autorun.inf
      [16/03/2005 - 04:08:46 | | 49152] D:\cad.fas
      [25/11/2012 - 14:26:28 | D ] D:\Camara
      [25/11/2012 - 20:07:07 | D ] D:\Chamba Aparte
      [23/11/2012 - 13:48:23 | N | 205233] D:\clarita.dwg
      [04/07/2006 - 15:09:44 | N | 3362733] D:\Detalles Varios.dwg
      [21/11/2012 - 15:08:42 | D ] D:\drivers
      [22/11/2012 - 21:04:46 | D ] D:\Fotos
      [22/11/2012 - 21:17:17 | D ] D:\IRC
      [21/11/2012 - 15:08:55 | D ] D:\Lenovo
      [22/11/2012 - 07:46:14 | D ] D:\Municipalidad Provincial
      [22/11/2012 - 21:37:07 | D ] D:\Obras
      [13/04/2010 - 10:22:32 | N | 1711579] D:\pmirc2010u.exe
      [25/11/2012 - 08:15:40 | D ] D:\Programas
      [22/11/2012 - 21:28:07 | D ] D:\Richard Andre
      [21/11/2012 - 15:44:08 | SHD ] D:\System Volume Information
      [27/11/2012 - 12:51:25 | D ] D:\Trabajos
      [26/11/2012 - 22:31:36 | D ] D:\USB
      [22/11/2012 - 20:43:59 | D ] D:\Videos
      [27/11/2012 - 08:23:35 | D ] D:\wow
      [26/11/2012 - 08:17:00 | D ] E:\FOTOS AVIACION
      [11/06/2012 - 16:47:06 | N | 1216220336] E:\AutoCAD_2013_English_Win_64bit.exe
      [28/09/2012 - 15:54:56 | D ] E:\FORM. PIP PACHECO CESPEDES 28139
      [28/09/2012 - 15:53:32 | D ] E:\EXP. TEC. PACHECO CESPEDES
      [28/09/2012 - 15:53:58 | D ] E:\EXP. TECN. VIAS CRISTO REY
      [28/09/2012 - 15:59:08 | D ] E:\mejoramiento vial
      [14/04/2012 - 15:44:40 | N | 1837] E:\Instalao.txt
      [31/05/2012 - 21:20:46 | N | 2945724] E:\Xforce para autocad 2013.rar
      [27/11/2012 - 08:27:30 | N | 7108287] E:\TRABAJO.dwg
      [27/11/2012 - 08:40:40 | N | 5059040] E:\TRABAJO 2007.dwg
      [27/11/2012 - 12:47:26 | N | 89376] E:\local jesus maria.dwg
      [27/11/2012 - 13:11:08 | N | 211] E:\local jesus maria.dwl2
      [27/11/2012 - 13:11:08 | N | 61] E:\local jesus maria.dwl
      [16/03/2005 - 04:08:46 | N | 49152] E:\acad.fas
      [16/03/2005 - 04:08:46 | N | 49152] E:\cad.fas
      [27/11/2012 - 13:11:12 | N | 111898] E:\acad.lsp
      [27/11/2012 - 14:27:48 | RASHD ] E:\Autorun.inf

      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      E:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | Upload |

      Por favor, envie el archivo: C:\UsbFix_Upload_Me_SNOOPDOG.zip
      http://eldesaparecido.com/upload.php
      Gracias por su contribucin.

      ################## | E.O.F |

      4.- el TDSS reporto lo siguiente:

      14:53:27.0972 1592 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      14:53:28.0019 1592 ============================================================
      14:53:28.0019 1592 Current date / time: 2012/11/27 14:53:28.0019
      14:53:28.0019 1592 SystemInfo:
      14:53:28.0019 1592
      14:53:28.0019 1592 OS Version: 6.1.7601 ServicePack: 1.0
      14:53:28.0019 1592 Product type: Workstation
      14:53:28.0019 1592 ComputerName: SNOOPDOG
      14:53:28.0019 1592 UserName: USER
      14:53:28.0019 1592 Windows directory: C:\Windows
      14:53:28.0019 1592 System windows directory: C:\Windows
      14:53:28.0019 1592 Running under WOW64
      14:53:28.0019 1592 Processor architecture: Intel x64
      14:53:28.0019 1592 Number of processors: 8
      14:53:28.0019 1592 Page size: 0x1000
      14:53:28.0019 1592 Boot type: Normal boot
      14:53:28.0019 1592 ============================================================
      14:53:28.0752 1592 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      14:53:28.0752 1592 Drive \Device\Harddisk1\DR5 - Size: 0x1DD7F8000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      14:53:28.0752 1592 ============================================================
      14:53:28.0752 1592 \Device\Harddisk0\DR0:
      14:53:28.0752 1592 MBR partitions:
      14:53:28.0752 1592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
      14:53:28.0752 1592 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x383DA000
      14:53:28.0784 1592 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3843F000, BlocksNum 0x39BB7000
      14:53:28.0784 1592 \Device\Harddisk1\DR5:
      14:53:28.0784 1592 MBR partitions:
      14:53:28.0784 1592 \Device\Harddisk1\DR5\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEEBDA1
      14:53:28.0784 1592 ============================================================
      14:53:28.0893 1592 C: <-> \Device\Harddisk0\DR0\Partition2
      14:53:28.0940 1592 D: <-> \Device\Harddisk0\DR0\Partition3
      14:53:28.0940 1592 ============================================================
      14:53:28.0940 1592 Initialize success
      14:53:28.0940 1592 ============================================================
      14:53:32.0403 6052 ============================================================
      14:53:32.0403 6052 Scan started
      14:53:32.0403 6052 Mode: Manual;
      14:53:32.0403 6052 ============================================================
      14:53:32.0777 6052 ================ Scan system memory ========================
      14:53:32.0777 6052 System memory - ok
      14:53:32.0793 6052 ================ Scan services =============================
      14:53:33.0011 6052 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
      14:53:33.0058 6052 1394ohci - ok
      14:53:33.0089 6052 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
      14:53:33.0120 6052 ACPI - ok
      14:53:33.0136 6052 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
      14:53:33.0152 6052 AcpiPmi - ok
      14:53:33.0183 6052 [ 5E813B11629007309E4FC0F0FD2B7C30 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
      14:53:33.0198 6052 ACPIVPC - ok
      14:53:33.0339 6052 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      14:53:33.0339 6052 AdobeARMservice - ok
      14:53:33.0479 6052 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      14:53:33.0479 6052 AdobeFlashPlayerUpdateSvc - ok
      14:53:33.0666 6052 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
      14:53:33.0682 6052 adp94xx - ok
      14:53:33.0713 6052 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
      14:53:33.0729 6052 adpahci - ok
      14:53:33.0807 6052 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
      14:53:33.0807 6052 adpu320 - ok
      14:53:33.0854 6052 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      14:53:33.0854 6052 AeLookupSvc - ok
      14:53:33.0900 6052 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
      14:53:33.0916 6052 AFD - ok
      14:53:33.0978 6052 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
      14:53:33.0994 6052 agp440 - ok
      14:53:34.0041 6052 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
      14:53:34.0056 6052 ALG - ok
      14:53:34.0103 6052 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
      14:53:34.0103 6052 aliide - ok
      14:53:34.0119 6052 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
      14:53:34.0119 6052 amdide - ok
      14:53:34.0119 6052 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
      14:53:34.0134 6052 AmdK8 - ok
      14:53:34.0134 6052 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
      14:53:34.0134 6052 AmdPPM - ok
      14:53:34.0197 6052 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
      14:53:34.0259 6052 amdsata - ok
      14:53:34.0290 6052 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
      14:53:34.0306 6052 amdsbs - ok
      14:53:34.0306 6052 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      14:53:34.0306 6052 amdxata - ok
      14:53:34.0337 6052 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
      14:53:34.0400 6052 AMPPAL - ok
      14:53:34.0415 6052 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
      14:53:34.0415 6052 AMPPALP - ok
      14:53:34.0493 6052 [ AB6E5B9333101E414D8F04BC570064F1 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
      14:53:34.0556 6052 AMPPALR3 - ok
      14:53:34.0587 6052 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
      14:53:34.0618 6052 AppID - ok
      14:53:34.0649 6052 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      14:53:34.0649 6052 AppIDSvc - ok
      14:53:34.0681 6052 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
      14:53:34.0681 6052 Appinfo - ok
      14:53:34.0696 6052 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
      14:53:34.0696 6052 arc - ok
      14:53:34.0712 6052 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
      14:53:34.0712 6052 arcsas - ok
      14:53:34.0821 6052 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
      14:53:34.0883 6052 aspnet_state - ok
      14:53:34.0930 6052 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      14:53:34.0930 6052 AsyncMac - ok
      14:53:34.0961 6052 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
      14:53:34.0961 6052 atapi - ok
      14:53:35.0008 6052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      14:53:35.0055 6052 AudioEndpointBuilder - ok
      14:53:35.0071 6052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
      14:53:35.0071 6052 AudioSrv - ok
      14:53:35.0383 6052 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
      14:53:35.0445 6052 Autodesk Content Service - ok
      14:53:35.0679 6052 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
      14:53:35.0695 6052 AxInstSV - ok
      14:53:35.0757 6052 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
      14:53:35.0773 6052 b06bdrv - ok
      14:53:35.0866 6052 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
      14:53:35.0882 6052 b57nd60a - ok
      14:53:35.0913 6052 [ BC9E4469FE2CE605902D4C8BB09E8236 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys

    9. #9
      Usuario Avatar de Richard Andre
      Registrado
      nov 2012
      Mensajes
      13

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      14:53:35.0975 6052 bcbtums - ok
      14:53:36.0022 6052 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
      14:53:36.0022 6052 BDESVC - ok
      14:53:36.0022 6052 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
      14:53:36.0038 6052 Beep - ok
      14:53:36.0085 6052 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
      14:53:36.0147 6052 BFE - ok
      14:53:36.0209 6052 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
      14:53:36.0225 6052 BITS - ok
      14:53:36.0287 6052 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
      14:53:36.0303 6052 blbdrive - ok
      14:53:36.0334 6052 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      14:53:36.0397 6052 bowser - ok
      14:53:36.0428 6052 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\Windows\system32\drivers\BPntDrv.sys
      14:53:36.0459 6052 BPntDrv - ok
      14:53:36.0475 6052 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
      14:53:36.0475 6052 BrFiltLo - ok
      14:53:36.0475 6052 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
      14:53:36.0475 6052 BrFiltUp - ok
      14:53:36.0506 6052 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
      14:53:36.0537 6052 Browser - ok
      14:53:36.0537 6052 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      14:53:36.0537 6052 Brserid - ok
      14:53:36.0553 6052 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      14:53:36.0553 6052 BrSerWdm - ok
      14:53:36.0553 6052 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      14:53:36.0568 6052 BrUsbMdm - ok
      14:53:36.0568 6052 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      14:53:36.0568 6052 BrUsbSer - ok
      14:53:36.0584 6052 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
      14:53:36.0584 6052 BthEnum - ok
      14:53:36.0646 6052 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
      14:53:36.0646 6052 BTHMODEM - ok
      14:53:36.0662 6052 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
      14:53:36.0662 6052 BthPan - ok
      14:53:36.0693 6052 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
      14:53:36.0724 6052 BTHPORT - ok
      14:53:36.0771 6052 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
      14:53:36.0771 6052 bthserv - ok
      14:53:36.0833 6052 [ 588762F716C2B7A2054AFBC3D58E5C21 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
      14:53:36.0833 6052 BTHSSecurityMgr - ok
      14:53:36.0849 6052 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
      14:53:36.0911 6052 BTHUSB - ok
      14:53:36.0958 6052 [ 93F0E54C65EF7FCB56287FA685E4C4B7 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
      14:53:37.0005 6052 btwampfl - ok
      14:53:37.0114 6052 [ D1F3C58892C621935947C0261BAEF3C0 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
      14:53:37.0177 6052 btwaudio - ok
      14:53:37.0223 6052 [ 9C7A3858D87F3A2574C1D326CA6C1461 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
      14:53:37.0333 6052 btwavdt - ok
      14:53:37.0442 6052 [ CE6AD9E2874D19069569F03C819B558C ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
      14:53:37.0457 6052 btwdins - ok
      14:53:37.0520 6052 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
      14:53:37.0567 6052 btwl2cap - ok
      14:53:37.0582 6052 [ BB892C59D453E127797F8C5B203678DC ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
      14:53:37.0613 6052 btwrchid - ok
      14:53:37.0629 6052 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      14:53:37.0629 6052 cdfs - ok
      14:53:37.0660 6052 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      14:53:37.0723 6052 cdrom - ok
      14:53:37.0769 6052 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
      14:53:37.0785 6052 CertPropSvc - ok
      14:53:37.0847 6052 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
      14:53:37.0847 6052 cfwids - ok
      14:53:37.0941 6052 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
      14:53:37.0957 6052 circlass - ok
      14:53:37.0972 6052 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
      14:53:37.0972 6052 CLFS - ok
      14:53:38.0144 6052 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_3A60B698 C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe
      14:53:39.0173 6052 CLKMSVC10_3A60B698 - ok
      14:53:39.0314 6052 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      14:53:39.0314 6052 clr_optimization_v2.0.50727_32 - ok
      14:53:39.0376 6052 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      14:53:39.0376 6052 clr_optimization_v2.0.50727_64 - ok
      14:53:39.0532 6052 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      14:53:39.0595 6052 clr_optimization_v4.0.30319_32 - ok
      14:53:39.0641 6052 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      14:53:39.0641 6052 clr_optimization_v4.0.30319_64 - ok
      14:53:39.0688 6052 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
      14:53:39.0735 6052 clwvd - ok
      14:53:39.0751 6052 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      14:53:39.0766 6052 CmBatt - ok
      14:53:39.0766 6052 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
      14:53:39.0766 6052 cmdide - ok
      14:53:39.0782 6052 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
      14:53:39.0782 6052 CNG - ok
      14:53:39.0813 6052 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
      14:53:39.0875 6052 Compbatt - ok
      14:53:39.0907 6052 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
      14:53:39.0953 6052 CompositeBus - ok
      14:53:39.0969 6052 COMSysApp - ok
      14:53:40.0125 6052 [ 9DE2CE0A06DAB38BA03471BFE60493A6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
      14:53:40.0187 6052 cphs - ok
      14:53:40.0281 6052 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
      14:53:40.0281 6052 crcdisk - ok
      14:53:40.0406 6052 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
      14:53:40.0453 6052 CryptSvc - ok
      14:53:40.0499 6052 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
      14:53:40.0499 6052 DcomLaunch - ok
      14:53:40.0546 6052 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
      14:53:40.0546 6052 defragsvc - ok
      14:53:40.0562 6052 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      14:53:40.0593 6052 DfsC - ok
      14:53:40.0640 6052 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
      14:53:40.0671 6052 Dhcp - ok
      14:53:40.0687 6052 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
      14:53:40.0687 6052 discache - ok
      14:53:40.0702 6052 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
      14:53:40.0702 6052 Disk - ok
      14:53:40.0749 6052 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      14:53:40.0780 6052 Dnscache - ok
      14:53:40.0780 6052 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
      14:53:40.0811 6052 dot3svc - ok
      14:53:40.0811 6052 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
      14:53:40.0843 6052 DPS - ok
      14:53:40.0858 6052 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      14:53:40.0858 6052 drmkaud - ok
      14:53:40.0936 6052 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      14:53:40.0999 6052 DXGKrnl - ok
      14:53:41.0045 6052 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
      14:53:41.0045 6052 EapHost - ok
      14:53:41.0201 6052 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
      14:53:41.0264 6052 ebdrv - ok
      14:53:41.0279 6052 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
      14:53:41.0326 6052 EFS - ok
      14:53:41.0451 6052 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      14:53:41.0498 6052 ehRecvr - ok
      14:53:41.0529 6052 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
      14:53:41.0529 6052 ehSched - ok
      14:53:41.0576 6052 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
      14:53:41.0654 6052 elxstor - ok
      14:53:41.0685 6052 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
      14:53:41.0701 6052 ErrDev - ok
      14:53:41.0763 6052 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
      14:53:41.0763 6052 EventSystem - ok
      14:53:41.0919 6052 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      14:53:41.0981 6052 EvtEng - ok
      14:53:41.0997 6052 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
      14:53:42.0013 6052 exfat - ok
      14:53:42.0028 6052 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
      14:53:42.0028 6052 fastfat - ok
      14:53:42.0091 6052 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
      14:53:42.0106 6052 Fax - ok
      14:53:42.0169 6052 [ 0BDD7984DB7AAFF6DFEFD11D82D473DB ] fbfmon C:\Windows\system32\drivers\fbfmon.sys
      14:53:42.0231 6052 fbfmon - ok
      14:53:42.0231 6052 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
      14:53:42.0231 6052 fdc - ok
      14:53:42.0278 6052 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
      14:53:42.0278 6052 fdPHost - ok
      14:53:42.0278 6052 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
      14:53:42.0278 6052 FDResPub - ok
      14:53:42.0293 6052 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      14:53:42.0293 6052 FileInfo - ok
      14:53:42.0340 6052 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      14:53:42.0340 6052 Filetrace - ok
      14:53:42.0449 6052 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
      14:53:42.0496 6052 FLEXnet Licensing Service 64 - ok
      14:53:42.0512 6052 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
      14:53:42.0512 6052 flpydisk - ok
      14:53:42.0637 6052 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      14:53:42.0637 6052 FltMgr - ok
      14:53:42.0699 6052 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
      14:53:42.0777 6052 FontCache - ok
      14:53:42.0917 6052 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      14:53:42.0980 6052 FontCache3.0.0.0 - ok
      14:53:43.0011 6052 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      14:53:43.0011 6052 FsDepends - ok
      14:53:43.0042 6052 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
      14:53:43.0089 6052 fssfltr - ok
      14:53:43.0198 6052 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
      14:53:43.0354 6052 fsssvc - ok
      14:53:43.0385 6052 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      14:53:43.0417 6052 Fs_Rec - ok
      14:53:43.0432 6052 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      14:53:43.0463 6052 fvevol - ok
      14:53:43.0495 6052 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
      14:53:43.0495 6052 gagp30kx - ok
      14:53:43.0557 6052 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
      14:53:43.0573 6052 gpsvc - ok
      14:53:43.0666 6052 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      14:53:43.0729 6052 gupdate - ok
      14:53:43.0760 6052 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      14:53:43.0760 6052 gupdatem - ok
      14:53:43.0791 6052 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
      14:53:43.0853 6052 gusvc - ok
      14:53:43.0869 6052 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      14:53:43.0869 6052 hcw85cir - ok
      14:53:43.0916 6052 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      14:53:43.0978 6052 HdAudAddService - ok
      14:53:43.0994 6052 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
      14:53:44.0025 6052 HDAudBus - ok
      14:53:44.0025 6052 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
      14:53:44.0041 6052 HidBatt - ok
      14:53:44.0041 6052 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
      14:53:44.0041 6052 HidBth - ok
      14:53:44.0041 6052 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
      14:53:44.0041 6052 HidIr - ok
      14:53:44.0087 6052 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
      14:53:44.0087 6052 hidserv - ok
      14:53:44.0103 6052 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      14:53:44.0150 6052 HidUsb - ok
      14:53:44.0197 6052 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
      14:53:44.0259 6052 HipShieldK - ok
      14:53:44.0290 6052 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
      14:53:44.0321 6052 hkmsvc - ok
      14:53:44.0337 6052 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      14:53:44.0353 6052 HomeGroupListener - ok
      14:53:44.0399 6052 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      14:53:44.0415 6052 HomeGroupProvider - ok
      14:53:44.0446 6052 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
      14:53:44.0493 6052 HpSAMD - ok
      14:53:44.0509 6052 [ 436819F9B8B0032791400BD5B4934FAB ] hswpan C:\Windows\system32\DRIVERS\hswpan.sys
      14:53:44.0540 6052 hswpan - ok
      14:53:44.0571 6052 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      14:53:44.0633 6052 HTTP - ok
      14:53:44.0633 6052 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      14:53:44.0649 6052 hwpolicy - ok
      14:53:44.0680 6052 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
      14:53:44.0680 6052 i8042prt - ok
      14:53:44.0696 6052 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
      14:53:44.0696 6052 iaStor - ok
      14:53:44.0821 6052 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      14:53:44.0867 6052 IAStorDataMgrSvc - ok
      14:53:44.0914 6052 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      14:53:44.0977 6052 iaStorV - ok
      14:53:45.0133 6052 [ 2A63036283B36B3B68CDC6F85A7D53ED ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
      14:53:45.0195 6052 IDMWFP - ok
      14:53:45.0242 6052 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      14:53:45.0320 6052 idsvc - ok
      14:53:45.0554 6052 [ 7054941241807E91663A83A38BCE3F0D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
      14:53:45.0835 6052 igfx - ok
      14:53:45.0866 6052 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
      14:53:45.0866 6052 iirsp - ok
      14:53:45.0913 6052 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
      14:53:45.0913 6052 IKEEXT - ok
      14:53:46.0006 6052 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
      14:53:46.0053 6052 intaud_WaveExtensible - ok
      14:53:46.0178 6052 [ D830262519DDCDFC8BE34EB7047C22DC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
      14:53:46.0427 6052 IntcAzAudAddService - ok
      14:53:46.0474 6052 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
      14:53:46.0599 6052 IntcDAud - ok
      14:53:46.0693 6052 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
      14:53:46.0786 6052 Intel(R) Capability Licensing Service Interface - ok
      14:53:46.0802 6052 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
      14:53:46.0802 6052 intelide - ok
      14:53:46.0833 6052 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      14:53:46.0833 6052 intelppm - ok
      14:53:46.0880 6052 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      14:53:46.0895 6052 IPBusEnum - ok
      14:53:46.0895 6052 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      14:53:46.0942 6052 IpFilterDriver - ok
      14:53:46.0973 6052 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      14:53:46.0973 6052 iphlpsvc - ok
      14:53:46.0989 6052 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
      14:53:47.0020 6052 IPMIDRV - ok
      14:53:47.0020 6052 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      14:53:47.0036 6052 IPNAT - ok
      14:53:47.0051 6052 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      14:53:47.0051 6052 IRENUM - ok
      14:53:47.0051 6052 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      14:53:47.0067 6052 isapnp - ok
      14:53:47.0129 6052 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
      14:53:47.0176 6052 iScsiPrt - ok
      14:53:47.0192 6052 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
      14:53:47.0192 6052 iusb3hcs - ok
      14:53:47.0223 6052 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
      14:53:47.0285 6052 iusb3hub - ok
      14:53:47.0332 6052 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
      14:53:47.0395 6052 iusb3xhc - ok
      14:53:47.0410 6052 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
      14:53:47.0441 6052 iwdbus - ok
      14:53:47.0488 6052 [ 09CA717536671E0896E07D239EE6740F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      14:53:47.0519 6052 jhi_service - ok
      14:53:47.0519 6052 [ DD931496F49CDDF4F0B440455423E162 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
      14:53:47.0551 6052 JMCR - ok
      14:53:47.0566 6052 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
      14:53:47.0582 6052 kbdclass - ok
      14:53:47.0582 6052 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
      14:53:47.0613 6052 kbdhid - ok
      14:53:47.0629 6052 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
      14:53:47.0629 6052 KeyIso - ok
      14:53:47.0629 6052 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      14:53:47.0660 6052 KSecDD - ok
      14:53:47.0660 6052 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      14:53:47.0691 6052 KSecPkg - ok
      14:53:47.0707 6052 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
      14:53:47.0722 6052 ksthunk - ok
      14:53:47.0753 6052 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
      14:53:47.0769 6052 KtmRm - ok
      14:53:47.0800 6052 [ E84DA1A93978B3700EA63414357B9BA3 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
      14:53:47.0863 6052 L1C - ok
      14:53:47.0894 6052 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
      14:53:47.0909 6052 LanmanServer - ok
      14:53:47.0941 6052 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      14:53:47.0987 6052 LanmanWorkstation - ok
      14:53:48.0003 6052 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
      14:53:48.0050 6052 LHDmgr - ok
      14:53:48.0081 6052 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      14:53:48.0081 6052 lltdio - ok
      14:53:48.0143 6052 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
      14:53:48.0159 6052 lltdsvc - ok
      14:53:48.0175 6052 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
      14:53:48.0175 6052 lmhosts - ok
      14:53:48.0221 6052 [ A60D56228FF3EE7EC1A56A908924680E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      14:53:48.0284 6052 LMS - ok
      14:53:48.0331 6052 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
      14:53:48.0346 6052 LSI_FC - ok
      14:53:48.0409 6052 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
      14:53:48.0409 6052 LSI_SAS - ok
      14:53:48.0424 6052 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
      14:53:48.0424 6052 LSI_SAS2 - ok
      14:53:48.0424 6052 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
      14:53:48.0424 6052 LSI_SCSI - ok
      14:53:48.0440 6052 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
      14:53:48.0455 6052 luafv - ok
      14:53:48.0596 6052 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
      14:53:48.0596 6052 McAfee SiteAdvisor Service - ok
      14:53:48.0674 6052 [ F48571922079BBAB289C57BAFEFE88F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
      14:53:48.0721 6052 McAWFwk - ok
      14:53:48.0736 6052 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
      14:53:48.0736 6052 McMPFSvc - ok
      14:53:48.0736 6052 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
      14:53:48.0736 6052 mcmscsvc - ok
      14:53:48.0752 6052 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
      14:53:48.0752 6052 McNaiAnn - ok
      14:53:48.0752 6052 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
      14:53:48.0752 6052 McNASvc - ok
      14:53:48.0923 6052 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
      14:53:48.0923 6052 McODS - ok
      14:53:48.0939 6052 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
      14:53:48.0939 6052 McOobeSv - ok
      14:53:48.0939 6052 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
      14:53:48.0955 6052 McProxy - ok
      14:53:49.0048 6052 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
      14:53:49.0111 6052 McShield - ok
      14:53:49.0157 6052 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      14:53:49.0204 6052 Mcx2Svc - ok
      14:53:49.0220 6052 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
      14:53:49.0220 6052 megasas - ok
      14:53:49.0235 6052 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
      14:53:49.0251 6052 MegaSR - ok
      14:53:49.0298 6052 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
      14:53:49.0360 6052 MEIx64 - ok
      14:53:49.0391 6052 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
      14:53:49.0438 6052 mfeapfk - ok
      14:53:49.0469 6052 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
      14:53:49.0594 6052 mfeavfk - ok
      14:53:49.0610 6052 mfeavfk01 - ok
      14:53:49.0672 6052 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
      14:53:49.0719 6052 mfefire - ok
      14:53:49.0766 6052 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
      14:53:49.0797 6052 mfefirek - ok
      14:53:49.0906 6052 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
      14:53:49.0969 6052 mfehidk - ok
      14:53:50.0000 6052 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
      14:53:50.0031 6052 mferkdet - ok
      14:53:50.0062 6052 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Windows\system32\mfevtps.exe
      14:53:50.0093 6052 mfevtp - ok
      14:53:50.0109 6052 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
      14:53:50.0140 6052 mfewfpk - ok
      14:53:50.0187 6052 Microsoft SharePoint Workspace Audit Service - ok
      14:53:50.0234 6052 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
      14:53:50.0234 6052 MMCSS - ok
      14:53:50.0312 6052 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
      14:53:50.0312 6052 Modem - ok
      14:53:50.0343 6052 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      14:53:50.0343 6052 monitor - ok
      14:53:50.0359 6052 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      14:53:50.0359 6052 mouclass - ok
      14:53:50.0374 6052 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      14:53:50.0374 6052 mouhid - ok
      14:53:50.0390 6052 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      14:53:50.0437 6052 mountmgr - ok
      14:53:50.0483 6052 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      14:53:50.0546 6052 MozillaMaintenance - ok
      14:53:50.0546 6052 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
      14:53:50.0577 6052 mpio - ok
      14:53:50.0608 6052 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      14:53:50.0608 6052 mpsdrv - ok
      14:53:50.0717 6052 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
      14:53:50.0733 6052 MpsSvc - ok
      14:53:50.0733 6052 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      14:53:50.0780 6052 MRxDAV - ok
      14:53:50.0780 6052 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      14:53:50.0795 6052 mrxsmb - ok
      14:53:50.0827 6052 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      14:53:50.0889 6052 mrxsmb10 - ok
      14:53:50.0889 6052 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      14:53:50.0920 6052 mrxsmb20 - ok
      14:53:50.0920 6052 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
      14:53:50.0967 6052 msahci - ok
      14:53:50.0967 6052 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      14:53:50.0998 6052 msdsm - ok
      14:53:51.0014 6052 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
      14:53:51.0029 6052 MSDTC - ok
      14:53:51.0045 6052 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      14:53:51.0061 6052 Msfs - ok
      14:53:51.0061 6052 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      14:53:51.0061 6052 mshidkmdf - ok
      14:53:51.0076 6052 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      14:53:51.0076 6052 msisadrv - ok
      14:53:51.0107 6052 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      14:53:51.0107 6052 MSiSCSI - ok
      14:53:51.0123 6052 msiserver - ok
      14:53:51.0201 6052 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
      14:53:51.0201 6052 MSK80Service - ok
      14:53:51.0217 6052 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      14:53:51.0232 6052 MSKSSRV - ok
      14:53:51.0279 6052 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      14:53:51.0279 6052 MSPCLOCK - ok
      14:53:51.0279 6052 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      14:53:51.0295 6052 MSPQM - ok
      14:53:51.0326 6052 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      14:53:51.0373 6052 MsRPC - ok
      14:53:51.0373 6052 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
      14:53:51.0373 6052 mssmbios - ok
      14:53:51.0419 6052 MSSQLSERVER - ok
      14:53:51.0482 6052 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
      14:53:51.0529 6052 MSSQLServerADHelper - ok
      14:53:51.0529 6052 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      14:53:51.0544 6052 MSTEE - ok
      14:53:51.0544 6052 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
      14:53:51.0544 6052 MTConfig - ok
      14:53:51.0560 6052 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
      14:53:51.0560 6052 Mup - ok
      14:53:51.0622 6052 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
      14:53:51.0622 6052 MyWiFiDHCPDNS - ok
      14:53:51.0669 6052 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
      14:53:51.0731 6052 napagent - ok
      14:53:51.0778 6052 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      14:53:51.0794 6052 NativeWifiP - ok
      14:53:51.0903 6052 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
      14:53:51.0919 6052 NDIS - ok
      14:53:51.0934 6052 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      14:53:51.0950 6052 NdisCap - ok
      14:53:51.0965 6052 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      14:53:51.0965 6052 NdisTapi - ok
      14:53:51.0997 6052 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      14:53:52.0059 6052 Ndisuio - ok
      14:53:52.0059 6052 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      14:53:52.0090 6052 NdisWan - ok
      14:53:52.0090 6052 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      14:53:52.0121 6052 NDProxy - ok
      14:53:52.0121 6052 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      14:53:52.0121 6052 NetBIOS - ok
      14:53:52.0121 6052 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      14:53:52.0153 6052 NetBT - ok
      14:53:52.0184 6052 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
      14:53:52.0184 6052 Netlogon - ok
      14:53:52.0231 6052 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
      14:53:52.0246 6052 Netman - ok
      14:53:52.0309 6052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      14:53:52.0371 6052 NetMsmqActivator - ok
      14:53:52.0371 6052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      14:53:52.0371 6052 NetPipeActivator - ok
      14:53:52.0371 6052 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
      14:53:52.0387 6052 netprofm - ok
      14:53:52.0402 6052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      14:53:52.0402 6052 NetTcpActivator - ok
      14:53:52.0402 6052 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      14:53:52.0402 6052 NetTcpPortSharing - ok
      14:53:52.0605 6052 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
      14:53:52.0823 6052 NETwNs64 - ok
      14:53:52.0855 6052 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
      14:53:52.0855 6052 nfrd960 - ok
      14:53:52.0917 6052 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
      14:53:52.0964 6052 NlaSvc - ok
      14:53:52.0979 6052 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      14:53:52.0979 6052 Npfs - ok
      14:53:52.0979 6052 [ 686398C3A52EE6588948EAC0C01B126C ] NSD C:\Windows\system32\drivers\nsd.sys
      14:53:53.0011 6052 NSD - ok
      14:53:53.0011 6052 [ 2152DC8E58391562C9F07998C6FCCF8C ] Nsdfltr C:\Windows\system32\drivers\Nsdfltr.sys
      14:53:53.0042 6052 Nsdfltr - ok
      14:53:53.0073 6052 [ 486EC2BDC09FBAC5814032D38215010A ] NSDSvc C:\Windows\System32\NSDSvc.exe
      14:53:53.0104 6052 NSDSvc - ok
      14:53:53.0104 6052 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
      14:53:53.0104 6052 nsi - ok
      14:53:53.0135 6052 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      14:53:53.0135 6052 nsiproxy - ok
      14:53:53.0198 6052 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      14:53:53.0229 6052 Ntfs - ok
      14:53:53.0229 6052 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
      14:53:53.0229 6052 Null - ok
      14:53:53.0557 6052 [ A68C95F8E17A4CFCB99F2139D73F552B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
      14:53:53.0962 6052 nvlddmkm - ok
      14:53:53.0993 6052 [ 7B4BD86B22DFE63FC08E5F4E24B54438 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
      14:53:53.0993 6052 nvpciflt - ok
      14:53:54.0025 6052 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
      14:53:54.0056 6052 nvraid - ok
      14:53:54.0056 6052 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
      14:53:54.0087 6052 nvstor - ok
      14:53:54.0165 6052 [ BD1CEC4D0CACABCFD93A07B2CC46C9EB ] nvsvc C:\Windows\system32\nvvsvc.exe
      14:53:54.0181 6052 nvsvc - ok
      14:53:54.0290 6052 [ 82205275BDB35B0AC8750FA8D0A21A5B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      14:53:54.0368 6052 nvUpdatusService - ok
      14:53:54.0399 6052 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      14:53:54.0399 6052 nv_agp - ok
      14:53:54.0415 6052 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
      14:53:54.0415 6052 ohci1394 - ok
      14:53:54.0555 6052 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      14:53:54.0617 6052 ose - ok
      14:53:54.0836 6052 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      14:53:54.0992 6052 osppsvc - ok
      14:53:55.0101 6052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      14:53:55.0117 6052 p2pimsvc - ok
      14:53:55.0179 6052 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
      14:53:55.0195 6052 p2psvc - ok
      14:53:55.0241 6052 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
      14:53:55.0257 6052 Parport - ok
      14:53:55.0257 6052 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
      14:53:55.0319 6052 partmgr - ok
      14:53:55.0397 6052 [ 9665402B7FA59302D520AD845DDFC026 ] Partner Service C:\ProgramData\Partner\Partner.exe
      14:53:55.0413 6052 Partner Service - ok
      14:53:55.0413 6052 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
      14:53:55.0429 6052 PcaSvc - ok
      14:53:55.0460 6052 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
      14:53:55.0460 6052 pci - ok
      14:53:55.0460 6052 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
      14:53:55.0460 6052 pciide - ok
      14:53:55.0491 6052 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
      14:53:55.0491 6052 pcmcia - ok
      14:53:55.0491 6052 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
      14:53:55.0507 6052 pcw - ok
      14:53:55.0507 6052 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      14:53:55.0522 6052 PEAUTH - ok
      14:53:55.0616 6052 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
      14:53:55.0616 6052 PerfHost - ok
      14:53:55.0772 6052 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
      14:53:55.0803 6052 pla - ok
      14:53:55.0881 6052 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      14:53:55.0928 6052 PlugPlay - ok
      14:53:55.0928 6052 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      14:53:55.0928 6052 PNRPAutoReg - ok
      14:53:55.0943 6052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      14:53:55.0959 6052 PNRPsvc - ok
      14:53:56.0006 6052 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      14:53:56.0115 6052 PolicyAgent - ok
      14:53:56.0146 6052 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
      14:53:56.0146 6052 Power - ok
      14:53:56.0224 6052 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      14:53:56.0271 6052 PptpMiniport - ok
      14:53:56.0302 6052 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
      14:53:56.0302 6052 Processor - ok
      14:53:56.0380 6052 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
      14:53:56.0411 6052 ProfSvc - ok
      14:53:56.0458 6052 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
      14:53:56.0458 6052 ProtectedStorage - ok
      14:53:56.0505 6052 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      14:53:56.0505 6052 Psched - ok
      14:53:56.0552 6052 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
      14:53:56.0583 6052 ql2300 - ok
      14:53:56.0614 6052 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
      14:53:56.0614 6052 ql40xx - ok
      14:53:56.0661 6052 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
      14:53:56.0661 6052 QWAVE - ok
      14:53:56.0677 6052 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      14:53:56.0677 6052 QWAVEdrv - ok
      14:53:56.0692 6052 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      14:53:56.0692 6052 RasAcd - ok
      14:53:56.0755 6052 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      14:53:56.0755 6052 RasAgileVpn - ok
      14:53:56.0833 6052 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
      14:53:56.0848 6052 RasAuto - ok
      14:53:56.0864 6052 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      14:53:56.0911 6052 Rasl2tp - ok
      14:53:56.0942 6052 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
      14:53:56.0957 6052 RasMan - ok
      14:53:56.0957 6052 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      14:53:56.0973 6052 RasPppoe - ok
      14:53:56.0989 6052 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      14:53:56.0989 6052 RasSstp - ok
      14:53:57.0020 6052 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      14:53:57.0020 6052 rdbss - ok
      14:53:57.0020 6052 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
      14:53:57.0020 6052 rdpbus - ok
      14:53:57.0035 6052 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      14:53:57.0035 6052 RDPCDD - ok
      14:53:57.0051 6052 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      14:53:57.0051 6052 RDPENCDD - ok
      14:53:57.0067 6052 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      14:53:57.0067 6052 RDPREFMP - ok
      14:53:57.0067 6052 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      14:53:57.0067 6052 RDPWD - ok
      14:53:57.0082 6052 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      14:53:57.0113 6052 rdyboost - ok
      14:53:57.0223 6052 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      14:53:57.0285 6052 RegSrvc - ok
      14:53:57.0316 6052 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
      14:53:57.0316 6052 RemoteAccess - ok
      14:53:57.0363 6052 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      14:53:57.0379 6052 RemoteRegistry - ok
      14:53:57.0394 6052 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
      14:53:57.0410 6052 RFCOMM - ok
      14:53:57.0457 6052 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      14:53:57.0472 6052 RpcEptMapper - ok
      14:53:57.0519 6052 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
      14:53:57.0535 6052 RpcLocator - ok
      14:53:57.0550 6052 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
      14:53:57.0566 6052 RpcSs - ok
      14:53:57.0597 6052 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      14:53:57.0597 6052 rspndr - ok
      14:53:57.0659 6052 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
      14:53:57.0659 6052 SamSs - ok
      14:53:57.0706 6052 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      14:53:57.0753 6052 sbp2port - ok
      14:53:57.0800 6052 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
      14:53:57.0800 6052 SCardSvr - ok
      14:53:57.0800 6052 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      14:53:57.0831 6052 scfilter - ok
      14:53:57.0862 6052 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
      14:53:57.0925 6052 Schedule - ok
      14:53:57.0956 6052 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
      14:53:57.0956 6052 SCPolicySvc - ok
      14:53:57.0987 6052 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
      14:53:58.0018 6052 sdbus - ok
      14:53:58.0081 6052 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      14:53:58.0127 6052 SDRSVC - ok
      14:53:58.0190 6052 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      14:53:58.0190 6052 secdrv - ok
      14:53:58.0252 6052 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
      14:53:58.0283 6052 seclogon - ok
      14:53:58.0299 6052 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
      14:53:58.0299 6052 SENS - ok
      14:53:58.0346 6052 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
      14:53:58.0346 6052 SensrSvc - ok
      14:53:58.0361 6052 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
      14:53:58.0361 6052 Serenum - ok
      14:53:58.0455 6052 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
      14:53:58.0471 6052 Serial - ok
      14:53:58.0502 6052 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
      14:53:58.0502 6052 sermouse - ok
      14:53:58.0549 6052 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
      14:53:58.0595 6052 SessionEnv - ok
      14:53:58.0595 6052 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      14:53:58.0611 6052 sffdisk - ok
      14:53:58.0611 6052 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      14:53:58.0611 6052 sffp_mmc - ok
      14:53:58.0611 6052 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      14:53:58.0642 6052 sffp_sd - ok
      14:53:58.0642 6052 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
      14:53:58.0642 6052 sfloppy - ok
      14:53:58.0689 6052 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
      14:53:58.0705 6052 SharedAccess - ok
      14:53:58.0720 6052 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      14:53:58.0720 6052 ShellHWDetection - ok
      14:53:58.0751 6052 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
      14:53:58.0767 6052 SiSRaid2 - ok
      14:53:58.0767 6052 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
      14:53:58.0783 6052 SiSRaid4 - ok
      14:53:58.0814 6052 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      14:53:58.0814 6052 Smb - ok
      14:53:58.0876 6052 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      14:53:58.0876 6052 SNMPTRAP - ok
      14:53:58.0892 6052 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
      14:53:58.0907 6052 spldr - ok
      14:53:58.0954 6052 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
      14:53:59.0017 6052 Spooler - ok
      14:53:59.0110 6052 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
      14:53:59.0157 6052 sppsvc - ok
      14:53:59.0188 6052 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      14:53:59.0188 6052 sppuinotify - ok
      14:53:59.0344 6052 [ 3612108D36EA74F6F9FC5005E88E353B ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
      14:53:59.0407 6052 SQLBrowser - ok
      14:53:59.0485 6052 [ 27A547B061C44D72AFA6C1E71665D4A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      14:53:59.0547 6052 SQLWriter - ok
      14:53:59.0578 6052 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
      14:53:59.0609 6052 srv - ok
      14:53:59.0609 6052 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      14:53:59.0641 6052 srv2 - ok
      14:53:59.0656 6052 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      14:53:59.0687 6052 srvnet - ok
      14:53:59.0734 6052 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      14:53:59.0734 6052 SSDPSRV - ok
      14:53:59.0750 6052 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
      14:53:59.0765 6052 SstpSvc - ok
      14:53:59.0765 6052 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
      14:53:59.0765 6052 stexstor - ok
      14:53:59.0812 6052 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
      14:53:59.0859 6052 stisvc - ok
      14:53:59.0859 6052 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
      14:53:59.0875 6052 swenum - ok
      14:53:59.0968 6052 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      14:54:00.0031 6052 SwitchBoard - ok
      14:54:00.0062 6052 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
      14:54:00.0077 6052 swprv - ok
      14:54:00.0140 6052 [ E6A9BD45EF10EFA2EB2D380A32FBA7B6 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
      14:54:00.0202 6052 SynTP - ok
      14:54:00.0265 6052 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
      14:54:00.0280 6052 SysMain - ok
      14:54:00.0280 6052 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
      14:54:00.0311 6052 TabletInputService - ok
      14:54:00.0311 6052 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
      14:54:00.0343 6052 TapiSrv - ok
      14:54:00.0343 6052 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
      14:54:00.0358 6052 TBS - ok
      14:54:00.0452 6052 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      14:54:00.0530 6052 Tcpip - ok
      14:54:00.0561 6052 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      14:54:00.0577 6052 TCPIP6 - ok
      14:54:00.0577 6052 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      14:54:00.0608 6052 tcpipreg - ok
      14:54:00.0623 6052 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      14:54:00.0623 6052 TDPIPE - ok
      14:54:00.0639 6052 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      14:54:00.0639 6052 TDTCP - ok
      14:54:00.0701 6052 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      14:54:00.0748 6052 tdx - ok
      14:54:00.0748 6052 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
      14:54:00.0779 6052 TermDD - ok
      14:54:00.0826 6052 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
      14:54:00.0935 6052 TermService - ok
      14:54:00.0967 6052 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
      14:54:00.0967 6052 Themes - ok
      14:54:00.0998 6052 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
      14:54:00.0998 6052 THREADORDER - ok
      14:54:01.0107 6052 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
      14:54:01.0107 6052 TPM - ok
      14:54:01.0154 6052 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
      14:54:01.0154 6052 TrkWks - ok
      14:54:01.0216 6052 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      14:54:01.0216 6052 TrustedInstaller - ok
      14:54:01.0232 6052 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      14:54:01.0263 6052 tssecsrv - ok
      14:54:01.0294 6052 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
      14:54:01.0325 6052 TsUsbFlt - ok
      14:54:01.0325 6052 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
      14:54:01.0357 6052 TsUsbGD - ok
      14:54:01.0372 6052 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      14:54:01.0403 6052 tunnel - ok
      14:54:01.0419 6052 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
      14:54:01.0419 6052 uagp35 - ok
      14:54:01.0450 6052 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      14:54:01.0481 6052 udfs - ok
      14:54:01.0513 6052 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      14:54:01.0513 6052 UI0Detect - ok
      14:54:01.0513 6052 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      14:54:01.0513 6052 uliagpkx - ok
      14:54:01.0544 6052 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
      14:54:01.0575 6052 umbus - ok
      14:54:01.0575 6052 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
      14:54:01.0575 6052 UmPass - ok
      14:54:01.0637 6052 [ A0153CC9D28568A10BDAEE5EC612CFC8 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      14:54:01.0731 6052 UNS - ok
      14:54:01.0747 6052 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
      14:54:01.0747 6052 upnphost - ok
      14:54:01.0747 6052 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      14:54:01.0778 6052 usbccgp - ok
      14:54:01.0793 6052 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      14:54:01.0809 6052 usbcir - ok
      14:54:01.0809 6052 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      14:54:01.0840 6052 usbehci - ok
      14:54:01.0856 6052 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      14:54:01.0887 6052 usbhub - ok
      14:54:01.0903 6052 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
      14:54:01.0934 6052 usbohci - ok
      14:54:01.0949 6052 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
      14:54:01.0949 6052 usbprint - ok
      14:54:01.0949 6052 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      14:54:01.0949 6052 USBSTOR - ok
      14:54:01.0949 6052 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
      14:54:01.0981 6052 usbuhci - ok
      14:54:02.0027 6052 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
      14:54:02.0059 6052 usbvideo - ok
      14:54:02.0090 6052 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
      14:54:02.0090 6052 UxSms - ok
      14:54:02.0121 6052 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
      14:54:02.0121 6052 VaultSvc - ok
      14:54:02.0152 6052 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
      14:54:02.0168 6052 vdrvroot - ok
      14:54:02.0199 6052 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
      14:54:02.0246 6052 vds - ok
      14:54:02.0293 6052 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      14:54:02.0293 6052 vga - ok
      14:54:02.0308 6052 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
      14:54:02.0308 6052 VgaSave - ok
      14:54:02.0339 6052 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
      14:54:02.0386 6052 vhdmp - ok
      14:54:02.0386 6052 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
      14:54:02.0386 6052 viaide - ok
      14:54:02.0449 6052 [ 8793B8146F58D54D07245CE5F722DA93 ] vm331avs C:\Windows\system32\Drivers\vm331avs.sys
      14:54:02.0511 6052 vm331avs - ok
      14:54:02.0511 6052 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      14:54:02.0511 6052 volmgr - ok
      14:54:02.0527 6052 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      14:54:02.0573 6052 volmgrx - ok
      14:54:02.0573 6052 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      14:54:02.0605 6052 volsnap - ok
      14:54:02.0620 6052 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
      14:54:02.0636 6052 vsmraid - ok
      14:54:02.0683 6052 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
      14:54:02.0698 6052 VSS - ok
      14:54:02.0745 6052 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
      14:54:02.0745 6052 vwifibus - ok
      14:54:02.0807 6052 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
      14:54:02.0854 6052 vwififlt - ok
      14:54:02.0854 6052 [ 49003B357D101CDC474937437ECF5ABC ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
      14:54:02.0885 6052 vwifimp - ok
      14:54:02.0901 6052 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
      14:54:02.0917 6052 W32Time - ok
      14:54:02.0932 6052 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
      14:54:02.0932 6052 WacomPen - ok
      14:54:02.0963 6052 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      14:54:03.0088 6052 WANARP - ok
      14:54:03.0088 6052 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      14:54:03.0088 6052 Wanarpv6 - ok
      14:54:03.0151 6052 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
      14:54:03.0197 6052 wbengine - ok
      14:54:03.0197 6052 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      14:54:03.0197 6052 WbioSrvc - ok
      14:54:03.0213 6052 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
      14:54:03.0244 6052 wcncsvc - ok
      14:54:03.0244 6052 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      14:54:03.0244 6052 WcsPlugInService - ok
      14:54:03.0244 6052 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
      14:54:03.0260 6052 Wd - ok
      14:54:03.0291 6052 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      14:54:03.0291 6052 Wdf01000 - ok
      14:54:03.0307 6052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
      14:54:03.0307 6052 WdiServiceHost - ok
      14:54:03.0307 6052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
      14:54:03.0307 6052 WdiSystemHost - ok
      14:54:03.0338 6052 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
      14:54:03.0353 6052 WebClient - ok
      14:54:03.0416 6052 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
      14:54:03.0431 6052 Wecsvc - ok
      14:54:03.0463 6052 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      14:54:03.0463 6052 wercplsupport - ok
      14:54:03.0478 6052 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
      14:54:03.0494 6052 WerSvc - ok
      14:54:03.0525 6052 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      14:54:03.0525 6052 WfpLwf - ok
      14:54:03.0587 6052 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      14:54:03.0587 6052 WIMMount - ok
      14:54:03.0619 6052 WinDefend - ok
      14:54:03.0634 6052 WinHttpAutoProxySvc - ok
      14:54:03.0681 6052 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      14:54:03.0697 6052 Winmgmt - ok
      14:54:03.0775 6052 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
      14:54:03.0821 6052 WinRM - ok
      14:54:03.0884 6052 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
      14:54:03.0884 6052 Wlansvc - ok
      14:54:03.0946 6052 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
      14:54:04.0009 6052 wlcrasvc - ok
      14:54:04.0087 6052 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      14:54:04.0149 6052 wlidsvc - ok
      14:54:04.0196 6052 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      14:54:04.0196 6052 WmiAcpi - ok
      14:54:04.0274 6052 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      14:54:04.0289 6052 wmiApSrv - ok
      14:54:04.0336 6052 WMPNetworkSvc - ok
      14:54:04.0367 6052 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
      14:54:04.0367 6052 WPCSvc - ok
      14:54:04.0430 6052 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      14:54:04.0445 6052 WPDBusEnum - ok
      14:54:04.0477 6052 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      14:54:04.0477 6052 ws2ifsl - ok
      14:54:04.0508 6052 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
      14:54:04.0508 6052 wscsvc - ok
      14:54:04.0523 6052 WSearch - ok
      14:54:04.0539 6052 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
      14:54:04.0586 6052 wsvd - ok
      14:54:04.0633 6052 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
      14:54:04.0648 6052 wuauserv - ok
      14:54:04.0664 6052 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      14:54:04.0695 6052 WudfPf - ok
      14:54:04.0742 6052 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      14:54:04.0757 6052 WUDFRd - ok
      14:54:04.0820 6052 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      14:54:04.0867 6052 wudfsvc - ok
      14:54:04.0882 6052 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
      14:54:04.0882 6052 WwanSvc - ok
      14:54:05.0007 6052 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
      14:54:05.0069 6052 ZeroConfigService - ok
      14:54:05.0085 6052 ================ Scan global ===============================
      14:54:05.0116 6052 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
      14:54:05.0194 6052 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
      14:54:05.0225 6052 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
      14:54:05.0241 6052 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
      14:54:05.0272 6052 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
      14:54:05.0272 6052 [Global] - ok
      14:54:05.0272 6052 ================ Scan MBR ==================================
      14:54:05.0288 6052 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
      14:54:05.0444 6052 \Device\Harddisk0\DR0 - ok
      14:54:05.0444 6052 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR5
      14:54:05.0444 6052 \Device\Harddisk1\DR5 - ok
      14:54:05.0444 6052 ================ Scan VBR ==================================
      14:54:05.0459 6052 [ F680DA94D48DABACA632DF5A22509C49 ] \Device\Harddisk0\DR0\Partition1
      14:54:05.0459 6052 \Device\Harddisk0\DR0\Partition1 - ok
      14:54:05.0475 6052 [ 21E142779A1D64CEC68CF83E12BE1890 ] \Device\Harddisk0\DR0\Partition2
      14:54:05.0475 6052 \Device\Harddisk0\DR0\Partition2 - ok
      14:54:05.0506 6052 [ 218381481BEE26ED16C2410609787ABB ] \Device\Harddisk0\DR0\Partition3
      14:54:05.0506 6052 \Device\Harddisk0\DR0\Partition3 - ok
      14:54:05.0506 6052 [ AE8CAE855130560EAE785BD89F57A03A ] \Device\Harddisk1\DR5\Partition1
      14:54:05.0506 6052 \Device\Harddisk1\DR5\Partition1 - ok
      14:54:05.0506 6052 ============================================================
      14:54:05.0506 6052 Scan finished
      14:54:05.0506 6052 ============================================================
      14:54:05.0506 8004 Detected object count: 0
      14:54:05.0506 8004 Actual detected object count: 0

      _______________________

      luego de realizar estos procesos, ya no presenta el problema mi pc, debo de hacer algo mas? me preocupa los virus que detecto el mcafee, y el malwarebytes

    10. #10
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicacin
      El Mundo
      Mensajes
      1.467

      Re: C:\Windows\System32\!Ȥζеͼ SE CREA CARPETA CUANDO ABRO ARCHIVO AUTOCAD

      Hola,

      En el reporte de Malwarebytes aparece:
      Archivos Detectados: 4
      C:\Games\Gunbound\gunbound.gme (Malware.Packer) -> No se tomaron medidas.
      C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\keygen.exe (Trojan.Agent.CK) -> No se tomaron medidas.
      D:\USB\Driver Genius 10 [SETUP].exe (Trojan.Keylogger.MWP) -> No se tomaron medidas.
      D:\USB\WirelessKeyView.exe (PUP.WirelessKeyView) -> No se tomaron medidas.
      Confirmame que hayas tildado, eliminado las amenazas y reiniciado tu ordenador. Si no es as, volve a correr Malwarebytes en un Exmen completo y elimin lo que detecte

      Una pregunta, utilizaste el programa ESET ACAD/Medre Cleaner?

      Lo que muestra el reporte de McAfee son archivos pertenecientes a programas crackeados o con keygen... AutoKMS suele aparecer cuando utilizs Office ilegal. El .rar es de Internet Download Manager.
      Vamos a comprobar que no sigan habiendo infecciones en tu ordenador

      Hace un Anlisis Completo con Panda ActiveScan 2.0, segn lo indica su manual.
      Cuando el anlisis termine, guarda el reporte (con el botn ).
      Pega el reporte en tu prxima respuesta
      Saludos

    Pgina 1 de 2 12 ltimoltimo