• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 15

    TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

    hola, Avira me está bombardeando con mensajes de que tengo: TR/ATRAPS.Gen2 - TR/ZAccess.H - Sirefef.A.37, todos en C:\$Recycle.Bin\. Ya pasé el malwarebytes, el super antispyware scanner y el nod32 online y me eliminaron muchas amenazas ...

    1. #1
      Usuario Avatar de fabiola86
      Registrado
      may 2006
      Ubicación
      México
      Mensajes
      10

      TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      hola, Avira me está bombardeando con mensajes de que tengo: TR/ATRAPS.Gen2 - TR/ZAccess.H - Sirefef.A.37, todos en C:\$Recycle.Bin\.
      Ya pasé el malwarebytes, el super antispyware scanner y el nod32 online y me eliminaron muchas amenazas y virus, pero avira sigue anunciando con pop ups.
      que hago? les agradecería muho su ayuda, ya no se que hacer.

    2. #2
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Bien Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      Oks compañero porfavor pega el reporte de SuperantiSpyware Malwarebytes y ESET online!

      Malwarebytes en su pestaña "registros"

      Eset: C:\Archivos de programa\ESET\ESET Online Scanner\log

      SuperAntiSpyware : Los reportes quedan guardados en la pestaña Estadística/Registro de la sección Configuración y Preferencias.

      Le damos a ver registro y nos aparecera lo siguiente :

    3. #3
      Usuario Avatar de fabiola86
      Registrado
      may 2006
      Ubicación
      México
      Mensajes
      10

      Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      de eset online scanner es este:

      C:\Users\JoRgE lUiS\AppData\Local\{ce48abbb-4dd3-590f-abd7-1803f38476ed}\n a variant of Win32/Kryptik.AICM trojan cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\AppData\Local\{ce48abbb-4dd3-590f-abd7-1803f38476ed}\U\00000004.@ Win32/Conedex.D trojan cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\AppData\Local\{ce48abbb-4dd3-590f-abd7-1803f38476ed}\U\00000008.@ Win32/Sirefef.FG trojan cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\AppData\Local\{ce48abbb-4dd3-590f-abd7-1803f38476ed}\U\000000cb.@ Win32/Conedex.E trojan cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\AppData\Local\{ce48abbb-4dd3-590f-abd7-1803f38476ed}\U\80000000.@ Win32/Sirefef.FA trojan cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\AppData\Local\{ce48abbb-4dd3-590f-abd7-1803f38476ed}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\AppData\Roaming\qtwm.exe a variant of Win32/Injector.QHU trojan cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\ESET Smart Security 5 - instalé Abril 2012.zip Win32/RiskWare.HackAV.IL application deleted - quarantined
      C:\Users\JoRgE lUiS\loyo\jorge luis\muy x\LimeWire versión Portable\Portable_LimeWire_Pro_4.12.3\root\wake up-cory en la casa blanca naked.zip multiple threats deleted - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.2.70\Fix\NOD32.FiX.v2.1-nsane.exe Win32/RiskWare.HackAV.HT application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\nl94.rar Win32/RiskWare.HackAV.BL application deleted - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\Dasumo ESET Fix v3.2\EsetFix_3.2.exe Win32/RiskWare.HackAV.BF application deleted - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\EmSaExT 1.0.0.1 patch\EmSaExT 1.0.0.1.exe Win32/RiskWare.HackAV.AR application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\Eset Login Viewer v1.2\Eset Login Viewer v1.2.exe Win32/RiskWare.HackAV.AU application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\Generador 6.1\Generador 6.1 - 32bits\generador.exe Win32/RiskWare.HackAV.BL application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\Generador 6.1\Generador 6.1 - 64bits\generador.exe Win32/RiskWare.HackAV.BL application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\Marsu-fix 2.1\Marsufix.exe Win32/RiskWare.HackAV.EO application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NOD32 Update Viewer V 3.01.1\Portable\NOD32view.exe probably a variant of Win32/RiskWare.HackAV.GJ application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NOD32 Update Viewer V 3.01.1\SETUP\NOD32view3_01_1.exe probably a variant of Win32/RiskWare.HackAV.GJ application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\Nod32view\NOD32view.exe probably a variant of Win32/RiskWare.HackAV.GJ application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NodGen 2.0 para 3.0 y 2.7\nodgen.exe Win32/RiskWare.HackAV.AY application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NodLogin 9.4\NodLogin9.4_32bits\setup.exe Win32/RiskWare.HackAV.BL application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NodLogin 9.4\NodLogin9.4_64bits\setup.exe Win32/RiskWare.HackAV.BL application cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\TNOD User & Password Finder 0.5.4\TNOD-U&P.exe probably a variant of Win32/Spy.Agent.KYFEMNB trojan cleaned by deleting - quarantined
      C:\Users\JoRgE lUiS\memoria\Nueva carpeta\MsgPlusLive-460.exe a variant of Win32/Adware.CiDHelp application cleaned by deleting - quarantined
      Operating memory multiple threats



      Malwarebytes Anti-Malware 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.09.29.05

      Windows Vista Service Pack 1 x86 NTFS (Modo Seguro/Red)
      Internet Explorer 8.0.6001.19088
      JoRgE lUiS :: JORGELUIS1 [administrador]

      25/12/2012 12:20:50 a.m.
      mbam-log-2012-12-25 (00-29-45).txt

      Tipos de Análisis: Análisis Rápido
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 196282
      Tiempo transcurrido: 5 minuto(s), 1 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 1
      HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> No se tomaron medidas.

      Valores del Registro Detectados: 3
      HKCU\Software\Microsoft|idln2 (Malware.Trace) -> datos: uddul1dvjmrxreaebtiqhnymfvftcfv -> No se tomaron medidas.
      HKCU\Software\Microsoft|bk (Malware.Trace) -> datos: dns-requests.com/test/;
      -> No se tomaron medidas.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows UDP Control Center (Backdoor.Bot) -> datos: fxstaller.exe -> No se tomaron medidas.

      Elementos de Datos del Registro Detectados: 2
      HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Malo: (C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\n.) Bueno: (fastprox.dll) -> No se tomaron medidas.
      HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Malo: (C:\$Recycle.Bin\S-1-5-21-709962578-3550812630-727566589-1000\$ce48abbb4dd3590fabd71803f38476ed\n.) Bueno: (shell32.dll) -> No se tomaron medidas.

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 3
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\n (Trojan.0Access) -> No se tomaron medidas.
      C:\$Recycle.Bin\S-1-5-21-709962578-3550812630-727566589-1000\$ce48abbb4dd3590fabd71803f38476ed\n (Trojan.0Access) -> No se tomaron medidas.
      C:\Windows\System32\ge.exe (RiskWare.Tool.CK) -> No se tomaron medidas.

      fin)


      SUPERAntiSpyware Scan Log
      SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

      Generated 12/25/2012 at 01:17 PM

      Application Version : 5.5.1016

      Core Rules Database Version : 9786
      Trace Rules Database Version: 7598

      Scan type : Complete Scan
      Total Scan Time : 01:06:30

      Operating System Information
      Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
      UAC Off - Administrator

      Memory items scanned : 629
      Memory threats detected : 0
      Registry items scanned : 39229
      Registry threats detected : 18
      File items scanned : 45466
      File threats detected : 302

      PUP.BabylonToolbar
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}#AppID
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\InprocServer32
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\InprocServer32#ThreadingModel
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\ProgID
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\Programmable
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\TypeLib
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\VersionIndependentProgID
      HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
      HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
      HKCR\bbylntlbr.bbylntlbrHlpr.1
      HKCR\bbylntlbr.bbylntlbrHlpr.1\CLSID
      HKCR\bbylntlbr.bbylntlbrHlpr
      HKCR\bbylntlbr.bbylntlbrHlpr\CLSID
      HKCR\bbylntlbr.bbylntlbrHlpr\CurVer
      HKCR\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
      HKU\S-1-5-21-709962578-3550812630-727566589-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
      HKU\S-1-5-21-709962578-3550812630-727566589-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

      Adware.Tracking Cookie
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /4porn ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /7.rotator.wigetmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /accounts.google ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /accounts.youtube ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ad.adnetwork ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ad.cadenatop ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ad.yieldmanager ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ad.yieldmanager ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /ad.yieldmanager ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][4].txt [ /ad.yieldmanager ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /ad.yieldmanager ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ad2.gammae ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /adbrite ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /adbrite ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /adbrite ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][4].txt [ /adbrite ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /adbrite ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /adform ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /adinterax ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /adinterax ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /adnetwork ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.adk2 ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /ads.adk2 ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.crakmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ads.crakmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /ads.crakmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][4].txt [ /ads.crakmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /ads.crakmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.dothads ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.e-planning ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.intergi ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.pointroll ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ads.pointroll ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ads.profitsdeluxe ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.saymedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.us.e-planning ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ads.us.e-planning ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /ads.us.e-planning ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /ads.us.e-planning ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads.whaleads ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ads1.zenoviaexchange ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ads2.zeusclicks ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /adserver.adtechus ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /adserver.staticyonkis ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /adserver2.exgfnetwork ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /adtech ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@*****************[1].txt [ /***************** ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@*****************[2].txt [ /***************** ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@*****************[3].txt [ /***************** ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@*****************[4].txt [ /***************** ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@*****************[5].txt [ /***************** ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@*****************[6].txt [ /***************** ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /advertising ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /apmebf ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /apmebf ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /at.atwola ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /at.atwola ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /atdmt.combing ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /atdmt.combing ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][4].txt [ /atdmt.combing ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /atdmt.combing ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][4].txt [ /atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][6].txt [ /atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][7].txt [ /atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][9].txt [ /atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /aunica.112.2o7 ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /banners.cinepolis ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /bookofsex ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /bs.serving-sys ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /bs.serving-sys ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /burstnet ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /c.atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /casalemedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /clicksor ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /collective-media ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /content.yieldmanager ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /content.yieldmanager ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /doubleclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /doubleclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][4].txt [ /doubleclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /doubleclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][6].txt [ /doubleclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ero-advertising ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ero-advertising ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected]*******[2].txt [ /es.******* ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /exoclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /exoclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][4].txt [ /exoclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /exoclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /fastclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /fastclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /fastclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /geobanner.sexfinder ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /gmmexico.112.2o7 ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /gr.burstnet ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /gruporpp.122.2o7 ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /h.atdmt ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /h2porn ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /hardsextube ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt [ /hardsextube ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][6].txt [ /hardsextube ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][8].txt [ /hardsextube ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@harrenmedianetwork[1].txt [ /harrenmedianetwork ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@histats[1].txt [ /histats ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@histats[2].txt [ /histats ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@imrworldwide[2].txt [ /imrworldwide ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@indieclick[2].txt [ /indieclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@insightexpressai[2].txt [ /insightexpressai ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@invitemedia[2].txt [ /invitemedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@legolas-media[2].txt [ /legolas-media ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@lucidmedia[1].txt [ /lucidmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@lucidmedia[2].txt [ /lucidmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@lucidmedia[4].txt [ /lucidmedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@maturetubeporn[1].txt [ /maturetubeporn ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@media.contextweb[1].txt [ /media.contextweb ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@media6degrees[2].txt [ /media6degrees ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@mediaplex[1].txt [ /mediaplex ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@mediaplex[2].txt [ /mediaplex ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@mommyfucktube[1].txt [ /mommyfucktube ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@mxe.sinfindejuegos[2].txt [ /mxe.sinfindejuegos ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@myroitracking[1].txt [ /myroitracking ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@optimize.indieclick[2].txt [ /optimize.indieclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@pointroll[2].txt [ /pointroll ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@pointroll[3].txt [ /pointroll ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@pornhublive[1].txt [ /pornhublive ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@pornhublive[3].txt [ /pornhublive ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@*******[1].txt [ /******* ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@*******[3].txt [ /******* ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@porntubenews[2].txt [ /porntubenews ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@prisacom.112.2o7[1].txt [ /prisacom.112.2o7 ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@pt.trafficjunky[2].txt [ /pt.trafficjunky ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@revsci[1].txt [ /revsci ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@revsci[2].txt [ /revsci ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@revsci[3].txt [ /revsci ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@rpc.trafficfactory[1].txt [ /rpc.trafficfactory ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@rpc.trafficfactory[2].txt [ /rpc.trafficfactory ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@ru4[2].txt [ /ru4 ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@server.cpmstar[2].txt [ /server.cpmstar ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@serving-sys[2].txt [ /serving-sys ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@serving-sys[3].txt [ /serving-sys ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@serving-sys[4].txt [ /serving-sys ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@serving-sys[5].txt [ /serving-sys ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@sexad[2].txt [ /sexad ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@sextubebox[1].txt [ /sextubebox ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@smartadserver[1].txt [ /smartadserver ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@smartadserver[3].txt [ /smartadserver ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@smartadserver[4].txt [ /smartadserver ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@specificclick[1].txt [ /specificclick ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@statcounter[1].txt [ /statcounter ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@statcounter[2].txt [ /statcounter ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@tacoda.at.atwola[1].txt [ /tacoda.at.atwola ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@tns-counter[1].txt [ /tns-counter ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@toplist[1].txt [ /toplist ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@track.adform[2].txt [ /track.adform ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@track.adjal[1].txt [ /track.adjal ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@track.lovefwd[2].txt [ /track.lovefwd ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@tracking.bucksense[1].txt [ /tracking.bucksense ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@tradedoubler[1].txt [ /tradedoubler ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@trafficholder[1].txt [ /trafficholder ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@trafficjunky.xtube[1].txt [ /trafficjunky.xtube ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@tribalfusion[1].txt [ /tribalfusion ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@witchsextube[1].txt [ /witchsextube ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.burstnet[2].txt [ /www.burstnet ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.chrumedia[2].txt [ /www.chrumedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.chrumedia[3].txt [ /www.chrumedia ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.googleadservices[10].txt [ /www.googleadservices ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.googleadservices[2].txt [ /www.googleadservices ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.googleadservices[3].txt [ /www.googleadservices ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.*******[1].txt [ /www.******* ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.*******[2].txt [ /www.******* ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@www.porntubenews[1].txt [ /www.porntubenews ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@xiti[1].txt [ /xiti ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@yadro[1].txt [ /yadro ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@yadro[2].txt [ /yadro ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@youporn[3].txt [ /youporn ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@zedo[1].txt [ /zedo ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@zedo[3].txt [ /zedo ]
      C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft\Windows\Cookies\jorge_luis@zedo[4].txt [ /zedo ]
      C:\USERS\JORGE LUIS\Cookies\jorge_luis@atdmt[7].txt [ Cookie:jorge luis@atdmt.com/ ]
      C:\USERS\JORGE LUIS\Cookies\jorge_luis@atdmt.combing[5].txt [ Cookie:jorge luis@atdmt.combing.com/ ]
      C:\USERS\JORGE LUIS\Cookies\jorge_luis@atdmt[9].txt [ Cookie:jorge luis@atdmt.com/ ]
      accounts.google.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .doubleclick.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .imrworldwide.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .imrworldwide.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .revsci.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .revsci.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .revsci.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .revsci.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .serving-sys.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .adserver.adtechus.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ads.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ads.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ads.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ads.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ads.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ads.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ads.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ads.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .revsci.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .revsci.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .revsci.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .t.pointroll.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .advertising.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .advertising.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .advertising.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .advertising.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .tacoda.at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .tacoda.at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .tacoda.at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .tacoda.at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .tacoda.at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .tacoda.at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .tacoda.at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .tacoda.at.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ar.atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .atwola.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .advertising.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .advertising.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .c1.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      ad.yieldmanager.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      ad.yieldmanager.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      ad.yieldmanager.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .serving-sys.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .h.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .h.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .h.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .h.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .c.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .c.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .apmebf.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .mediaplex.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .mediaplex.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .bs.serving-sys.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .collective-media.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .casalemedia.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .ru4.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .casalemedia.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .casalemedia.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .casalemedia.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .casalemedia.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .casalemedia.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .statcounter.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      ad.yieldmanager.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      ad.yieldmanager.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      ad.yieldmanager.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .xiti.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .serving-sys.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .serving-sys.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .serving-sys.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .doubleclick.net [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .c.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .c.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .c.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      .c.atdmt.com [ C:\USERS\JORGE LUIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
      account.goodgamestudios.com [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      cdn.pornsharia.com [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      cdn1.static.*******.phncdn.com [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      core.saymedia.com [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      media.trafficfactory.biz [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      player.multicastmedia.com [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      sunstatic.fuckandcdn.com [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      Alpha Porno - Free XXX porn TUBE MOVIES. Free Sex Video [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      PornTube ™ - Free Porn Movies [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      Rights management, broadcast and monetization of premium videos [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      XXX Movies, Adult Videos, Free Porn - XXXYMovies [ C:\USERS\JORGE LUIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHXTDWPX ]
      content.yieldmanager.edgesuite.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VDHNE65E ]
      C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICK.WEBQUICKFIND[1].TXT [ /CLICK.WEBQUICKFIND ]

      Adware.ZylomGames
      C:\PROGRAM FILES\ZYLOM GAMES\MONOPOLY DELUXE\MONOPOLY.EXE
      C:\PROGRAMDATA\MICROSOFT\WINDOWS\GAMEEXPLORER\{4D6F6E6F-706F-6C79-2044-656C75786500}\PLAYTASKS\0\JUGAR A MONOPOLY DELUXE.LNK
      C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ZYLOM GAMES\MONOPOLY DELUXE\MONOPOLY DELUXE.LNK
      C:\USERS\JORGE LUIS\DESKTOP\MONOPOLY DELUXE.LNK

      Trojan.Agent/Gen-Keygen
      C:\USERS\JORGE LUIS\MEMORIA\NERO 8\KEYGEN_NERO_8.EXE

      Trojan.Agent/Gen-HackPatch
      C:\USERS\JORGE LUIS\MEMORIA\NOD32\V.3.0\UTILIDADES Y CRACKS\NODUNLIMITED V1.2\NODUNLIMITED V1.2 FULL.EXE

      Trojan.Agent/Gen-Flemen
      C:\USERS\JORGE LUIS\PICTURES\JUEGOS\DOMINOP.EXE

    4. #4
      Usuario Avatar de fabiola86
      Registrado
      may 2006
      Ubicación
      México
      Mensajes
      10

      Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      y el log de Avira:
      24/12/2012,23:42:25 [INFORMACIÓN] ---------------------------------------------------------
      24/12/2012,23:42:25 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha iniciado correctamente
      24/12/2012,23:42:45 [INFORMACIÓN] Real-Time Protection Versión: 13.06.00.400, Versión de motor 8.2.10.214, Versión de VDF: 7.11.52.188
      24/12/2012,23:42:45 [INFORMACIÓN] Los servicios online están a disposición.
      24/12/2012,23:42:45 [INFORMACIÓN] Se activó Real-Time Protection.
      24/12/2012,23:42:45 [INFORMACIÓN] Configuración del Real-Time Protection usada:
      - Ficheros analizados: analizar ficheros de unidades locales
      - Ficheros analizados: Usar lista de extensiones de fichero: . .386 .?HT* .ACM .ADE .ADP .ANI .APK .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CPX .CRT .CSH .DEX .DLL .DLO .DO* .DRV .EMF .EML .EXE* .FAS .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT* .PPAM .PPS* .PPT* .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SLD? .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XAR .XL* .XML .XXX .ZIP
      - Modo de dispositivo: Analizar fichero al abrirlo, analizar fichero tras cerrarlo
      - Acción: Preguntar al usuario
      - Analizar archivos: Desactivado
      - Heurística de macrovirus: Activado
      - Heurística de ficheros Win32: Nivel de detección medio
      - Nivel de registro: Predeterminado
      24/12/2012,23:43:03 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:44:24 [INFORMACIÓN] Tarea de actualización iniciada.
      24/12/2012,23:44:54 [INFORMACIÓN] Versión actual del motor: 8.2.10.224
      24/12/2012,23:44:54 [INFORMACIÓN] Versión actual del fichero VDF: 7.11.54.200
      24/12/2012,23:46:36 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:47:08 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:47:19 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:48:15 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:50:57 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:50:59 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:51:31 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:51:39 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:55:06 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:55:10 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:55:47 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      24/12/2012,23:56:41 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha finalizado.
      25/12/2012,00:07:39 [INFORMACIÓN] ---------------------------------------------------------
      25/12/2012,00:07:39 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha iniciado correctamente
      25/12/2012,00:08:18 [INFORMACIÓN] Real-Time Protection Versión: 13.06.00.400, Versión de motor 8.2.10.224, Versión de VDF: 7.11.54.200
      25/12/2012,00:08:19 [INFORMACIÓN] Los servicios online están a disposición.
      25/12/2012,00:08:19 [INFORMACIÓN] Se activó Real-Time Protection.
      25/12/2012,00:08:19 [INFORMACIÓN] Configuración del Real-Time Protection usada:
      - Ficheros analizados: analizar ficheros de unidades locales
      - Ficheros analizados: Usar lista de extensiones de fichero: . .386 .?HT* .ACM .ADE .ADP .ANI .APK .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CPX .CRT .CSH .DEX .DLL .DLO .DO* .DRV .EMF .EML .EXE* .FAS .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT* .PPAM .PPS* .PPT* .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SLD? .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XAR .XL* .XML .XXX .ZIP
      - Modo de dispositivo: Analizar fichero al abrirlo, analizar fichero tras cerrarlo
      - Acción: Preguntar al usuario
      - Analizar archivos: Desactivado
      - Heurística de macrovirus: Activado
      - Heurística de ficheros Win32: Nivel de detección medio
      - Nivel de registro: Predeterminado
      25/12/2012,00:08:56 [DETECCIÓN] Contiene un patrón de detección del programa de puerta trasera BDS/ZeroAccess.Gen (peligroso)!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\n
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:09:57 [DETECCIÓN] Contiene un patrón de detección del programa de puerta trasera BDS/ZeroAccess.Gen (peligroso)!
      C:\$Recycle.Bin\S-1-5-21-709962578-3550812630-727566589-1000\$ce48abbb4dd3590fabd71803f38476ed\n
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:11:56 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SERVICIO DE RED
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:12:28 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      G:\dic 23\nodclean.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:14:14 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:14:20 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:15:06 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:17:56 [DETECCIÓN] Contiene un patrón de detección del programa de puerta trasera BDS/ZeroAccess.Gen (peligroso)!
      C:\$Recycle.Bin\S-1-5-21-709962578-3550812630-727566589-1000\$ce48abbb4dd3590fabd71803f38476ed\n
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:18:08 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha finalizado.
      25/12/2012,00:31:42 [INFORMACIÓN] ---------------------------------------------------------
      25/12/2012,00:31:42 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha iniciado correctamente
      25/12/2012,00:32:07 [INFORMACIÓN] Real-Time Protection Versión: 13.06.00.400, Versión de motor 8.2.10.224, Versión de VDF: 7.11.54.200
      25/12/2012,00:32:07 [INFORMACIÓN] Los servicios online están a disposición.
      25/12/2012,00:32:07 [INFORMACIÓN] Se activó Real-Time Protection.
      25/12/2012,00:32:07 [INFORMACIÓN] Configuración del Real-Time Protection usada:
      - Ficheros analizados: analizar ficheros de unidades locales
      - Ficheros analizados: Usar lista de extensiones de fichero: . .386 .?HT* .ACM .ADE .ADP .ANI .APK .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CPX .CRT .CSH .DEX .DLL .DLO .DO* .DRV .EMF .EML .EXE* .FAS .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT* .PPAM .PPS* .PPT* .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SLD? .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XAR .XL* .XML .XXX .ZIP
      - Modo de dispositivo: Analizar fichero al abrirlo, analizar fichero tras cerrarlo
      - Acción: Preguntar al usuario
      - Analizar archivos: Desactivado
      - Heurística de macrovirus: Activado
      - Heurística de ficheros Win32: Nivel de detección medio
      - Nivel de registro: Predeterminado
      25/12/2012,00:35:46 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SERVICIO DE RED
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,00:42:13 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha finalizado.
      25/12/2012,11:37:29 [INFORMACIÓN] ---------------------------------------------------------
      25/12/2012,11:37:29 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha iniciado correctamente
      25/12/2012,11:37:48 [INFORMACIÓN] Real-Time Protection Versión: 13.06.00.400, Versión de motor 8.2.10.224, Versión de VDF: 7.11.54.200
      25/12/2012,11:37:49 [INFORMACIÓN] Los servicios online están a disposición.
      25/12/2012,11:37:49 [INFORMACIÓN] Se activó Real-Time Protection.
      25/12/2012,11:37:49 [INFORMACIÓN] Configuración del Real-Time Protection usada:
      - Ficheros analizados: analizar ficheros de unidades locales
      - Ficheros analizados: Usar lista de extensiones de fichero: . .386 .?HT* .ACM .ADE .ADP .ANI .APK .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CPX .CRT .CSH .DEX .DLL .DLO .DO* .DRV .EMF .EML .EXE* .FAS .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT* .PPAM .PPS* .PPT* .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SLD? .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XAR .XL* .XML .XXX .ZIP
      - Modo de dispositivo: Analizar fichero al abrirlo, analizar fichero tras cerrarlo
      - Acción: Preguntar al usuario
      - Analizar archivos: Desactivado
      - Heurística de macrovirus: Activado
      - Heurística de ficheros Win32: Nivel de detección medio
      - Nivel de registro: Predeterminado
      25/12/2012,11:41:11 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000000.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:41:23 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:41:24 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:41:27 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000000.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:41:28 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:41:28 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:41:29 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SERVICIO DE RED
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:42:29 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:42:29 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:42:49 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:42:49 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:44:36 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:44:36 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,11:44:58 [INFORMACIÓN] Tarea de actualización iniciada.
      25/12/2012,11:45:28 [INFORMACIÓN] Versión actual del motor: 8.2.10.224
      25/12/2012,11:45:28 [INFORMACIÓN] Versión actual del fichero VDF: 7.11.54.210
      25/12/2012,12:38:57 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,12:39:30 [DETECCIÓN] Se trata del troyano TR/PSW.Agent.89!
      C:\Users\JoRgE lUiS\memoria\Nero 8\Nero 8_Ultra Edition v8.3.2.1b BY tomimaste\keymaker.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,12:39:30 [DETECCIÓN] Se trata del troyano TR/Agent.285696.C!
      C:\Users\JoRgE lUiS\memoria\Nero 8\Nero.v8.x.Universal.Path.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,12:39:32 [DETECCIÓN] Se trata del troyano TR/Agent.337984.A!
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NodClean 1.0\nodclean.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,12:39:32 [DETECCIÓN] Se trata del troyano TR/AdbPat.BF!
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NODUnlimited v1.2\NODUnlimited v1.2 Full.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,12:39:38 [DETECCIÓN] Se trata del troyano TR/Agent.660814.A!
      C:\Users\JoRgE lUiS\memoria\OFFICE 2007\Office2007 - 1\MicrosoftOffice2007.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,13:44:01 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,14:04:40 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,14:06:49 [DETECCIÓN] Se trata del troyano TR/AdbPat.BF!
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NODUnlimited v1.2\NODUnlimited v1.2 Full.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,14:08:25 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha finalizado.
      25/12/2012,14:09:20 [INFORMACIÓN] ---------------------------------------------------------
      25/12/2012,14:09:20 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha iniciado correctamente
      25/12/2012,14:09:42 [INFORMACIÓN] Real-Time Protection Versión: 13.06.00.400, Versión de motor 8.2.10.224, Versión de VDF: 7.11.54.210
      25/12/2012,14:09:42 [INFORMACIÓN] Los servicios online están a disposición.
      25/12/2012,14:09:42 [INFORMACIÓN] Se activó Real-Time Protection.
      25/12/2012,14:09:42 [INFORMACIÓN] Configuración del Real-Time Protection usada:
      - Ficheros analizados: analizar ficheros de unidades locales
      - Ficheros analizados: Usar lista de extensiones de fichero: . .386 .?HT* .ACM .ADE .ADP .ANI .APK .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CPX .CRT .CSH .DEX .DLL .DLO .DO* .DRV .EMF .EML .EXE* .FAS .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT* .PPAM .PPS* .PPT* .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SLD? .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XAR .XL* .XML .XXX .ZIP
      - Modo de dispositivo: Analizar fichero al abrirlo, analizar fichero tras cerrarlo
      - Acción: Preguntar al usuario
      - Analizar archivos: Desactivado
      - Heurística de macrovirus: Activado
      - Heurística de ficheros Win32: Nivel de detección medio
      - Nivel de registro: Predeterminado
      25/12/2012,14:13:23 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SERVICIO DE RED
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,14:29:42 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha finalizado.
      25/12/2012,14:30:46 [INFORMACIÓN] ---------------------------------------------------------
      25/12/2012,14:30:46 [INFORMACIÓN] El servicio de Avira Free Antivirus se ha iniciado correctamente
      25/12/2012,14:31:04 [INFORMACIÓN] Real-Time Protection Versión: 13.06.00.400, Versión de motor 8.2.10.224, Versión de VDF: 7.11.54.210
      25/12/2012,14:31:05 [INFORMACIÓN] Los servicios online están a disposición.
      25/12/2012,14:31:05 [INFORMACIÓN] Se activó Real-Time Protection.
      25/12/2012,14:31:05 [INFORMACIÓN] Configuración del Real-Time Protection usada:
      - Ficheros analizados: analizar ficheros de unidades locales
      - Ficheros analizados: Usar lista de extensiones de fichero: . .386 .?HT* .ACM .ADE .ADP .ANI .APK .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CPX .CRT .CSH .DEX .DLL .DLO .DO* .DRV .EMF .EML .EXE* .FAS .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT* .PPAM .PPS* .PPT* .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SLD? .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XAR .XL* .XML .XXX .ZIP
      - Modo de dispositivo: Analizar fichero al abrirlo, analizar fichero tras cerrarlo
      - Acción: Preguntar al usuario
      - Analizar archivos: Desactivado
      - Heurística de macrovirus: Activado
      - Heurística de ficheros Win32: Nivel de detección medio
      - Nivel de registro: Predeterminado
      25/12/2012,14:34:39 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SERVICIO DE RED
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,14:51:05 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,14:52:26 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,14:57:57 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,16:44:00 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:22:01 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:22:17 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:22:17 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:36:55 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:37:00 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:37:00 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:44:48 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:45:02 [INFORMACIÓN] Tarea de actualización iniciada.
      25/12/2012,17:45:16 [INFORMACIÓN] Versión actual del motor: 8.2.10.224
      25/12/2012,17:45:16 [INFORMACIÓN] Versión actual del fichero VDF: 7.11.54.212
      25/12/2012,17:45:23 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,17:45:30 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:12:04 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:12:12 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:12:12 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:22:08 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:22:17 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:22:17 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:29:56 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:29:56 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:32:05 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:32:07 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:32:07 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:36:54 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:36:55 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,18:36:55 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,1946 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:18:47 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:19:43 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:19:43 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:19:45 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:19:45 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:22:05 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:22:05 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:22:05 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:24:35 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:24:35 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:24:37 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:24:37 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:24:40 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:24:40 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:24:42 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:24:42 [DETECCIÓN] Se trata del troyano TR/Sirefef.A.37!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\000000cb.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:26:51 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:26:51 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:32:06 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:36:54 [DETECCIÓN] Se trata del troyano TR/ZAccess.H!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\00000004.@
      [INFORMACIÓN] Usuario: NT AUTHORITY\SYSTEM
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:39:47 [DETECCIÓN] Se trata del troyano TR/Agent.336764.A!
      C:\Users\JoRgE lUiS\Downloads\Anti-Virus\nodclean.exe
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.
      25/12/2012,19:44:00 [DETECCIÓN] Se trata del troyano TR/ATRAPS.Gen2!
      C:\$Recycle.Bin\S-1-5-18\$ce48abbb4dd3590fabd71803f38476ed\U\80000032.@
      [INFORMACIÓN] Usuario: JORGELUIS1\JORGE LUIS
      [INFORMACIÓN] Se denegó el acceso al fichero.

    5. #5
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Bien Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      Oks TENEMOS PROBLEMAS!

      no eliminastes las amenazas de malwarebytes y como lo sospechaba tienes el Rookit Zero Acces hagamos lo isguiente

      NOTA: (vamos a usar ESET online si ya lo tienes dejalo pero el reporte lo necesitamos completo SIEMPRE en cualquier herramienta; La herramienta TDSS hace reportes muy largos asi que si no te entra usa 2 o 3 respuestas )

      Ahora tienes una buena infeccion por eso son varios pasos pero tranquilo la mayoria de las herramientas trabajan rapido y es FUDAMENTAL seguir el orden de los pasos NOTA: (en la herramienta TDSS recuerda seguir bien las instrucciones a la hora de eliminar las distintas amenazas )

      Realiza Los Siguientes Pasos (si no puedes con uno salta al siguiente)

      EN MODO SEGURO CON FUNCIONES DE RED

      Descarga,actualiza y realiza un escaneo completo con el malwarebytes:Manual de Malwarebytes Anti-Malware 2

      -Instala el programa con idioma español.
      -Vete a la pestaña actualizar y actualizas a la ultima version
      -Vete a la pestaña Escáner y realizas un Ánalisis completo.
      -Una vez finalizado, pulsa sobre "Mostrar los Resultados " y "Eliminar Seleccionadas" como se demuestra en esta FOTO
      -Todas las amenazas tienen que estar marcadas con un visto ()
      -En el caso de que te pida reiniciar,reinicia.
      -Peganos el reporte del escaneo del malwarebytes despues de reiniciar,esta en la pestaña Registros.


      Descarga Ccleaner:Manual de CCleaner <------------ Este paso es MUY IMPORTANTE

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad

      Realiza un análisis completo con Eset Nod32 online ----------> Version Descargable E Instalable: Eset Smart Installer Y mas aca su manual ---------->MANUAL DE ESET ONLINE

      1- Lo ejecutas.

      2-Marcas las casillas de Eliminar las amenazas detectadas y analizar archivos.

      3- Haces clic en Configuración adicional y ahi marcas las casillas:

      - Analizar en busca de aplicaciones potencialmente indeseables.

      - Analizar en busca de aplicaciones potencialmente peligrosas.

      - Activar la tecnolgía Anti-Stealth.



      4- Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Cuando acabe haz clic en Finalizar

      5- Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log
      Descarga TDSSKiller ---->MANUAL

      • Desconecta tu ordenador de Internet (Desconecta el cable).

      • Descomprime el archivo tdsskiller.zip

      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      Presiona clic sobre

      Presiona clic sobre el botón


      • TDSSKiller comenzara a analizar el equipo.


      Si el equipo no está infectado:
      • Mostrara

      • No threats found.

      • Presiona clic sobre el botón "Close"
      Si el equipo está infectado:
      • Mostrara:

      • Threats detected.

      • Select action for found objects:


      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".

      • Suspicious object, medium risk. Usa siempre la opción "Skip"

      El programa selecciona de forma automática la acción a tomar.

      • Presiona clic sobre el botón "Continue"

      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.

      • Presiona clic sobre el botón.



      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.
      Nos comentas.
      Descarga USBFIX-------->Manual de UsbFix.

      Ejecuta USBFix de la siguiente manera:

      * Conecta todos tus dispositivos extraibles, (pendrive, disco duro externo, Micro SD, etc)
      * Haga doble Click sobre USBFix
      * Pulsa la opción Supresión
      * El proceso de desinfección se iniciará, el ordenador se reiniciará si es necesario.
      * Cuando Windows inicie, USBFix, arrancará en automático, para complementar el proceso de desinfección y vacunación.
      * USBFix, genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt

      Nota: UsbFix creará una carpeta oculta llamada "autorun.inf" en cada partición y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudará a proteger sus dispositivos USB de futuras infecciones
      Descarga Ccleaner:Manual de CCleaner <------------ Este paso es MUY IMPORTANTE

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad

      º El reporte del Malwarebytes, que se encuentra en su pestaña REGISTROS
      º El reporte del Eset Nod32
      º El reporte de TDSS killer (nota es bastante largo si necesitas usa varias respuestas)
      º El reporte de USB-FIX
      º Nos cuentas como funciona tu pc ahora

      *Si tienes alguna duda,te puedes imprimir las instrucciones para hacer un mejor seguimiento.


    6. #6
      Usuario Avatar de fabiola86
      Registrado
      may 2006
      Ubicación
      México
      Mensajes
      10

      Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      hola de nuevo, ya hice todo lo que me pediste, a continuación pego los reportes:
      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.26.03

      Windows Vista Service Pack 1 x86 NTFS (Modo Seguro/Red)
      Internet Explorer 8.0.6001.19088
      JoRgE lUiS :: JORGELUIS1 [administrador]

      Protección: Personas de movilidad reducida

      25/12/2012 09:55:23 p.m.
      mbam-log-2012-12-25 (21-55-23).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 366294
      Tiempo transcurrido: 1 hora(s), 1 minuto(s), 22 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

      en el paso 2 ejecuté el Ccleaner y limpié el registro. luego ejecuté el eset scanner:

      ESETSmartInstaller@High as downloader log:
      all ok
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.6844
      # api_version=3.0.2
      # EOSSerial=9cb3a2584e3d80489af6920dd8c0da20
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2012-12-26 07:29:34
      # local_time=2012-12-26 01:29:34 (-0600, Hora estándar central (México))
      # country="Mexico"
      # lang=3082
      # osver=6.0.6001 NT Service Pack 1
      # compatibility_mode=1799 16775166 100 97 0 126231480 0 0
      # compatibility_mode=5892 16776574 66 100 81006 193118103 0 0
      # scanned=171509
      # found=6
      # cleaned=6
      # scan_time=6347
      C:\Program Files\Zylom Games\Monopoly Deluxe\Patch.exe una variante de Win32/HackTool.Patcher.AF aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 9EAAEC2D7F733F82D17FB29E441763FEE82AAF77 C
      C:\Users\JoRgE lUiS\memoria\Nero 8\Nero.v8.x.Universal.Path.exe Win32/HackTool.Patcher.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 1474C76825DD48F0640B07947906AFB7C545D3B4 C
      C:\Users\JoRgE lUiS\memoria\Nero 8\Nero 8_Ultra Edition v8.3.2.1b BY tomimaste\Nero-8.3.2.1b_esl_trial.exe Win32/Toolbar.AskSBar aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 9C82141DD003791102E5F7A74D04784D33394CFB C
      C:\Users\JoRgE lUiS\memoria\Nero 8\v.8.3.6.0 esp\Nero-8.3.6.0_esp.exe Win32/Toolbar.AskSBar aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 634332B377D5A876C286CC06DD2B89DBB8435164 C
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NodClean 1.0\nodclean.exe Win32/Packed.Autoit.A.Gen aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 9A3E4D561C30605795C36EB29A142AD9ABC72660 C
      C:\Users\JoRgE lUiS\memoria\Nod32\v.3.0\Utilidades y Cracks\NodGen 1.0 para el Nod32 2.7.39\nodgen.exe Win32/Packed.Autoit.A.Gen aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 53355697667FE82EFB873E3E35F787172388078D C


      luego el reporte del TDSSKiller:

      10:46:18.0990 1568 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      10:46:19.0021 1568 ============================================================
      10:46:19.0021 1568 Current date / time: 2012/12/26 10:46:19.0021
      10:46:19.0021 1568 SystemInfo:
      10:46:19.0021 1568
      10:46:19.0021 1568 OS Version: 6.0.6001 ServicePack: 1.0
      10:46:19.0021 1568 Product type: Workstation
      10:46:19.0021 1568 ComputerName: JORGELUIS1
      10:46:19.0021 1568 UserName: JoRgE lUiS
      10:46:19.0021 1568 Windows directory: C:\Windows
      10:46:19.0021 1568 System windows directory: C:\Windows
      10:46:19.0021 1568 Processor architecture: Intel x86
      10:46:19.0021 1568 Number of processors: 2
      10:46:19.0021 1568 Page size: 0x1000
      10:46:19.0021 1568 Boot type: Safe boot with network
      10:46:19.0021 1568 ============================================================
      10:46:20.0004 1568 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
      10:46:20.0020 1568 Drive \Device\Harddisk1\DR1 - Size: 0x1DD2EA000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      10:46:20.0020 1568 ============================================================
      10:46:20.0020 1568 \Device\Harddisk0\DR0:
      10:46:20.0020 1568 MBR partitions:
      10:46:20.0020 1568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x162D800, BlocksNum 0x15E719B0
      10:46:20.0020 1568 \Device\Harddisk1\DR1:
      10:46:20.0020 1568 MBR partitions:
      10:46:20.0020 1568 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEE9641
      10:46:20.0020 1568 ============================================================
      10:46:20.0051 1568 C: <-> \Device\Harddisk0\DR0\Partition1
      10:46:20.0051 1568 ============================================================
      10:46:20.0051 1568 Initialize success
      10:46:20.0051 1568 ============================================================
      10:48:59.0615 1316 ============================================================
      10:48:59.0615 1316 Scan started
      10:48:59.0615 1316 Mode: Manual; SigCheck; TDLFS;
      10:48:59.0615 1316 ============================================================
      10:48:59.0959 1316 ================ Scan system memory ========================
      10:48:59.0959 1316 System memory - ok
      10:48:59.0959 1316 ================ Scan services =============================
      10:49:00.0037 1316 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
      10:49:00.0130 1316 !SASCORE - ok
      10:49:00.0333 1316 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
      10:49:00.0349 1316 ACPI - ok
      10:49:00.0427 1316 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
      10:49:00.0427 1316 AdobeActiveFileMonitor6.0 - ok
      10:49:00.0520 1316 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      10:49:00.0567 1316 AdobeFlashPlayerUpdateSvc - ok
      10:49:00.0629 1316 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
      10:49:00.0645 1316 adp94xx - ok
      10:49:00.0676 1316 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
      10:49:00.0692 1316 adpahci - ok
      10:49:00.0707 1316 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
      10:49:00.0723 1316 adpu160m - ok
      10:49:00.0739 1316 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
      10:49:00.0754 1316 adpu320 - ok
      10:49:00.0785 1316 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      10:49:00.0941 1316 AeLookupSvc - ok
      10:49:00.0988 1316 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
      10:49:01.0066 1316 AFD - ok
      10:49:01.0113 1316 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
      10:49:01.0129 1316 agp440 - ok
      10:49:01.0160 1316 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
      10:49:01.0160 1316 aic78xx - ok
      10:49:01.0207 1316 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
      10:49:01.0347 1316 ALG - ok
      10:49:01.0363 1316 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
      10:49:01.0363 1316 aliide - ok
      10:49:01.0394 1316 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
      10:49:01.0409 1316 amdagp - ok
      10:49:01.0409 1316 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
      10:49:01.0425 1316 amdide - ok
      10:49:01.0456 1316 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
      10:49:01.0628 1316 AmdK7 - ok
      10:49:01.0659 1316 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
      10:49:01.0721 1316 AmdK8 - ok
      10:49:01.0799 1316 [ BFCC72EDC79F58CB0D9D18D75F8B69E4 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
      10:49:01.0831 1316 AntiVirSchedulerService - ok
      10:49:01.0846 1316 [ 331B55D22B729B0B7C752E6E1256C908 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      10:49:01.0862 1316 AntiVirService - ok
      10:49:01.0924 1316 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
      10:49:01.0987 1316 Appinfo - ok
      10:49:02.0002 1316 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
      10:49:02.0002 1316 arc - ok
      10:49:02.0049 1316 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
      10:49:02.0049 1316 arcsas - ok
      10:49:02.0096 1316 [ 97422DA56910A24B7AC8D295F5FD9535 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
      10:49:02.0205 1316 ArcSoftKsUFilter - ok
      10:49:02.0267 1316 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      10:49:02.0314 1316 AsyncMac - ok
      10:49:02.0345 1316 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
      10:49:02.0361 1316 atapi - ok
      10:49:02.0423 1316 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      10:49:02.0470 1316 AudioEndpointBuilder - ok
      10:49:02.0470 1316 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
      10:49:02.0501 1316 Audiosrv - ok
      10:49:02.0533 1316 [ D57E60FF40E858B653C404605BBDD6FC ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
      10:49:02.0533 1316 avgntflt - ok
      10:49:02.0564 1316 [ 50BF7E785BDA0ED2BAD61A66897AAE4D ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
      10:49:02.0564 1316 avipbb - ok
      10:49:02.0595 1316 [ C304F287CE162CBA8AAF3CF1D31A64BD ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
      10:49:02.0595 1316 avkmgr - ok
      10:49:02.0657 1316 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
      10:49:02.0720 1316 Beep - ok
      10:49:02.0720 1316 blbdrive - ok
      10:49:02.0782 1316 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      10:49:02.0798 1316 bowser - ok
      10:49:02.0829 1316 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
      10:49:02.0845 1316 BrFiltLo - ok
      10:49:02.0860 1316 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
      10:49:02.0907 1316 BrFiltUp - ok
      10:49:02.0954 1316 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
      10:49:03.0001 1316 Browser - ok
      10:49:03.0032 1316 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
      10:49:03.0094 1316 Brserid - ok
      10:49:03.0125 1316 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
      10:49:03.0188 1316 BrSerWdm - ok
      10:49:03.0219 1316 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
      10:49:03.0281 1316 BrUsbMdm - ok
      10:49:03.0313 1316 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
      10:49:03.0391 1316 BrUsbSer - ok
      10:49:03.0484 1316 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
      10:49:03.0531 1316 BthEnum - ok
      10:49:03.0593 1316 [ 5FFA6988FF9597986FF2ADA736CC90C0 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
      10:49:03.0625 1316 BTHMODEM - ok
      10:49:03.0671 1316 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
      10:49:03.0734 1316 BthPan - ok
      10:49:03.0812 1316 [ 73D53F8E90550BA81E2CF44A0873B410 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
      10:49:03.0859 1316 BTHPORT - ok
      10:49:03.0890 1316 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
      10:49:03.0952 1316 BthServ - ok
      10:49:03.0983 1316 [ 32045A4BB143BBC5BAB1298C4E9E309A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
      10:49:04.0015 1316 BTHUSB - ok
      10:49:04.0093 1316 [ 7F256D9FFF384FAA40DF5DB1CB8531D9 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
      10:49:04.0093 1316 btwaudio - ok
      10:49:04.0108 1316 [ D87D990131AAABB27D4046790292366D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
      10:49:04.0124 1316 btwavdt - ok
      10:49:04.0155 1316 [ D02F4D18AA4A38F781BEEFEB1892E144 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
      10:49:04.0155 1316 btwl2cap - ok
      10:49:04.0186 1316 [ E1771C0FB49E747AB2B2D29DA50510F9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
      10:49:04.0186 1316 btwrchid - ok
      10:49:04.0249 1316 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      10:49:04.0280 1316 cdfs - ok
      10:49:04.0342 1316 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      10:49:04.0389 1316 cdrom - ok
      10:49:04.0451 1316 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
      10:49:04.0561 1316 CertPropSvc - ok
      10:49:04.0592 1316 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
      10:49:04.0670 1316 circlass - ok
      10:49:04.0701 1316 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
      10:49:04.0717 1316 CLFS - ok
      10:49:04.0795 1316 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      10:49:04.0795 1316 clr_optimization_v2.0.50727_32 - ok
      10:49:04.0873 1316 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      10:49:04.0888 1316 clr_optimization_v4.0.30319_32 - ok
      10:49:04.0935 1316 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      10:49:04.0982 1316 CmBatt - ok
      10:49:05.0029 1316 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
      10:49:05.0044 1316 cmdide - ok
      10:49:05.0060 1316 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      10:49:05.0075 1316 Compbatt - ok
      10:49:05.0075 1316 COMSysApp - ok
      10:49:05.0091 1316 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
      10:49:05.0091 1316 crcdisk - ok
      10:49:05.0122 1316 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
      10:49:05.0185 1316 Crusoe - ok
      10:49:05.0247 1316 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
      10:49:05.0278 1316 CryptSvc - ok
      10:49:05.0325 1316 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
      10:49:05.0450 1316 DcomLaunch - ok
      10:49:05.0497 1316 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      10:49:05.0559 1316 DfsC - ok
      10:49:05.0668 1316 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
      10:49:05.0824 1316 DFSR - ok
      10:49:05.0887 1316 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
      10:49:05.0949 1316 Dhcp - ok
      10:49:06.0011 1316 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
      10:49:06.0027 1316 disk - ok
      10:49:06.0058 1316 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
      10:49:06.0058 1316 DMICall - ok
      10:49:06.0105 1316 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
      10:49:06.0167 1316 Dnscache - ok
      10:49:06.0214 1316 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
      10:49:06.0277 1316 dot3svc - ok
      10:49:06.0339 1316 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
      10:49:06.0386 1316 DPS - ok
      10:49:06.0464 1316 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      10:49:06.0479 1316 drmkaud - ok
      10:49:06.0620 1316 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      10:49:06.0729 1316 DXGKrnl - ok
      10:49:06.0776 1316 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
      10:49:06.0838 1316 E1G60 - ok
      10:49:06.0885 1316 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
      10:49:06.0932 1316 EapHost - ok
      10:49:06.0979 1316 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
      10:49:06.0994 1316 Ecache - ok
      10:49:07.0072 1316 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      10:49:07.0119 1316 ehRecvr - ok
      10:49:07.0150 1316 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
      10:49:07.0213 1316 ehSched - ok
      10:49:07.0228 1316 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
      10:49:07.0228 1316 ehstart - ok
      10:49:07.0259 1316 ekrn - ok
      10:49:07.0291 1316 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
      10:49:07.0306 1316 elxstor - ok
      10:49:07.0337 1316 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
      10:49:07.0415 1316 EMDMgmt - ok
      10:49:07.0462 1316 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
      10:49:07.0509 1316 EventSystem - ok
      10:49:07.0556 1316 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
      10:49:07.0603 1316 exfat - ok
      10:49:07.0649 1316 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
      10:49:07.0696 1316 fastfat - ok
      10:49:07.0727 1316 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      10:49:07.0774 1316 fdc - ok
      10:49:07.0821 1316 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
      10:49:07.0883 1316 fdPHost - ok
      10:49:07.0915 1316 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
      10:49:07.0977 1316 FDResPub - ok
      10:49:08.0024 1316 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      10:49:08.0024 1316 FileInfo - ok
      10:49:08.0071 1316 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      10:49:08.0102 1316 Filetrace - ok
      10:49:08.0180 1316 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      10:49:08.0258 1316 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
      10:49:08.0258 1316 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
      10:49:08.0289 1316 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      10:49:08.0367 1316 flpydisk - ok
      10:49:08.0429 1316 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      10:49:08.0445 1316 FltMgr - ok
      10:49:08.0507 1316 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      10:49:08.0507 1316 FontCache3.0.0.0 - ok
      10:49:08.0554 1316 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
      10:49:08.0554 1316 fssfltr - ok
      10:49:08.0663 1316 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
      10:49:08.0710 1316 fsssvc - ok
      10:49:08.0741 1316 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      10:49:08.0788 1316 Fs_Rec - ok
      10:49:08.0819 1316 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
      10:49:08.0835 1316 gagp30kx - ok
      10:49:08.0866 1316 [ 4AC51459805264AFFD5F6FDFB9D9235F ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
      10:49:08.0882 1316 GEARAspiWDM - ok
      10:49:08.0929 1316 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
      10:49:09.0022 1316 gpsvc - ok
      10:49:09.0147 1316 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
      10:49:09.0163 1316 gupdate - ok
      10:49:09.0163 1316 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
      10:49:09.0178 1316 gupdatem - ok
      10:49:09.0225 1316 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      10:49:09.0287 1316 HdAudAddService - ok
      10:49:09.0334 1316 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
      10:49:09.0381 1316 HDAudBus - ok
      10:49:09.0459 1316 [ 204C3B1846E9CBAAEF88B8E1F86782F8 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
      10:49:09.0506 1316 HidBth - ok
      10:49:09.0537 1316 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
      10:49:09.0584 1316 HidIr - ok
      10:49:09.0615 1316 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
      10:49:09.0677 1316 hidserv - ok
      10:49:09.0709 1316 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      10:49:09.0755 1316 HidUsb - ok
      10:49:09.0787 1316 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
      10:49:09.0833 1316 hkmsvc - ok
      10:49:09.0865 1316 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
      10:49:09.0880 1316 HpCISSs - ok
      10:49:09.0911 1316 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
      10:49:09.0958 1316 HSFHWAZL - ok
      10:49:10.0036 1316 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
      10:49:10.0145 1316 HSF_DPV - ok
      10:49:10.0177 1316 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
      10:49:10.0208 1316 HSXHWAZL - ok
      10:49:10.0255 1316 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
      10:49:10.0286 1316 HTTP - ok
      10:49:10.0333 1316 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
      10:49:10.0333 1316 i2omp - ok
      10:49:10.0411 1316 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
      10:49:10.0457 1316 i8042prt - ok
      10:49:10.0504 1316 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
      10:49:10.0520 1316 iaStorV - ok
      10:49:10.0582 1316 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      10:49:10.0613 1316 IDriverT ( UnsignedFile.Multi.Generic ) - warning
      10:49:10.0613 1316 IDriverT - detected UnsignedFile.Multi.Generic (1)
      10:49:10.0691 1316 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      10:49:10.0769 1316 idsvc - ok
      10:49:10.0847 1316 [ 62448322731AC1BEDA52E2B3327046EE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
      10:49:10.0988 1316 igfx - ok
      10:49:11.0003 1316 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
      10:49:11.0003 1316 iirsp - ok
      10:49:11.0066 1316 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
      10:49:11.0128 1316 IKEEXT - ok
      10:49:11.0222 1316 [ 2BD6633DB50A98534AA3262E0F9F5A14 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
      10:49:11.0315 1316 IntcAzAudAddService - ok
      10:49:11.0393 1316 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
      10:49:11.0409 1316 intelide - ok
      10:49:11.0456 1316 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      10:49:11.0503 1316 intelppm - ok
      10:49:11.0549 1316 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      10:49:11.0596 1316 IPBusEnum - ok
      10:49:11.0659 1316 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      10:49:11.0705 1316 IpFilterDriver - ok
      10:49:11.0721 1316 IpInIp - ok
      10:49:11.0737 1316 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
      10:49:11.0783 1316 IPMIDRV - ok
      10:49:11.0830 1316 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
      10:49:11.0877 1316 IPNAT - ok
      10:49:11.0924 1316 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      10:49:11.0955 1316 IRENUM - ok
      10:49:11.0955 1316 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      10:49:11.0971 1316 isapnp - ok
      10:49:12.0017 1316 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
      10:49:12.0033 1316 iScsiPrt - ok
      10:49:12.0049 1316 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
      10:49:12.0049 1316 iteatapi - ok
      10:49:12.0080 1316 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
      10:49:12.0095 1316 iteraid - ok
      10:49:12.0142 1316 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
      10:49:12.0142 1316 IviRegMgr - ok
      10:49:12.0189 1316 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
      10:49:12.0189 1316 kbdclass - ok
      10:49:12.0205 1316 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
      10:49:12.0236 1316 kbdhid - ok
      10:49:12.0267 1316 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
      10:49:12.0283 1316 KeyIso - ok
      10:49:12.0314 1316 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      10:49:12.0329 1316 KSecDD - ok
      10:49:12.0361 1316 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
      10:49:12.0423 1316 KtmRm - ok
      10:49:12.0470 1316 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
      10:49:12.0517 1316 LanmanServer - ok
      10:49:12.0579 1316 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      10:49:12.0641 1316 LanmanWorkstation - ok
      10:49:12.0688 1316 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      10:49:12.0751 1316 lltdio - ok
      10:49:12.0797 1316 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
      10:49:12.0844 1316 lltdsvc - ok
      10:49:12.0875 1316 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
      10:49:12.0938 1316 lmhosts - ok
      10:49:12.0985 1316 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
      10:49:13.0000 1316 LSI_FC - ok
      10:49:13.0016 1316 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
      10:49:13.0016 1316 LSI_SAS - ok
      10:49:13.0031 1316 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
      10:49:13.0047 1316 LSI_SCSI - ok
      10:49:13.0094 1316 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
      10:49:13.0141 1316 luafv - ok
      10:49:13.0172 1316 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
      10:49:13.0187 1316 MBAMProtector - ok
      10:49:13.0219 1316 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      10:49:13.0234 1316 MBAMScheduler - ok
      10:49:13.0312 1316 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      10:49:13.0359 1316 MBAMService - ok
      10:49:13.0437 1316 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      10:49:13.0484 1316 Mcx2Svc - ok
      10:49:13.0515 1316 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
      10:49:13.0515 1316 mdmxsdk - ok
      10:49:13.0562 1316 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
      10:49:13.0577 1316 megasas - ok
      10:49:13.0593 1316 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
      10:49:13.0640 1316 MMCSS - ok
      10:49:13.0671 1316 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
      10:49:13.0702 1316 Modem - ok
      10:49:13.0749 1316 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      10:49:13.0796 1316 monitor - ok
      10:49:13.0827 1316 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      10:49:13.0827 1316 mouclass - ok
      10:49:13.0874 1316 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      10:49:13.0921 1316 mouhid - ok
      10:49:13.0952 1316 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
      10:49:13.0967 1316 MountMgr - ok
      10:49:14.0014 1316 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
      10:49:14.0014 1316 mpio - ok
      10:49:14.0077 1316 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      10:49:14.0108 1316 mpsdrv - ok
      10:49:14.0139 1316 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
      10:49:14.0155 1316 Mraid35x - ok
      10:49:14.0201 1316 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      10:49:14.0233 1316 MRxDAV - ok
      10:49:14.0264 1316 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      10:49:14.0279 1316 mrxsmb - ok
      10:49:14.0311 1316 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      10:49:14.0357 1316 mrxsmb10 - ok
      10:49:14.0389 1316 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      10:49:14.0404 1316 mrxsmb20 - ok
      10:49:14.0435 1316 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
      10:49:14.0435 1316 msahci - ok
      10:49:14.0498 1316 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
      10:49:14.0513 1316 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
      10:49:14.0513 1316 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
      10:49:14.0545 1316 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      10:49:14.0560 1316 msdsm - ok
      10:49:14.0607 1316 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
      10:49:14.0638 1316 MSDTC - ok
      10:49:14.0685 1316 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      10:49:14.0701 1316 Msfs - ok
      10:49:14.0763 1316 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      10:49:14.0763 1316 msisadrv - ok
      10:49:14.0810 1316 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      10:49:14.0857 1316 MSiSCSI - ok
      10:49:14.0857 1316 msiserver - ok
      10:49:14.0903 1316 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      10:49:14.0935 1316 MSKSSRV - ok
      10:49:15.0013 1316 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      10:49:15.0059 1316 MSPCLOCK - ok
      10:49:15.0075 1316 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      10:49:15.0122 1316 MSPQM - ok
      10:49:15.0169 1316 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      10:49:15.0184 1316 MsRPC - ok
      10:49:15.0231 1316 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
      10:49:15.0231 1316 mssmbios - ok
      10:49:15.0247 1316 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      10:49:15.0262 1316 MSTEE - ok
      10:49:15.0278 1316 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
      10:49:15.0278 1316 Mup - ok
      10:49:15.0340 1316 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
      10:49:15.0403 1316 napagent - ok
      10:49:15.0449 1316 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      10:49:15.0481 1316 NativeWifiP - ok
      10:49:15.0527 1316 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
      10:49:15.0543 1316 NDIS - ok
      10:49:15.0590 1316 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      10:49:15.0637 1316 NdisTapi - ok
      10:49:15.0683 1316 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      10:49:15.0730 1316 Ndisuio - ok
      10:49:15.0777 1316 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      10:49:15.0824 1316 NdisWan - ok
      10:49:15.0871 1316 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      10:49:15.0886 1316 NDProxy - ok
      10:49:15.0886 1316 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      10:49:15.0933 1316 NetBIOS - ok
      10:49:16.0011 1316 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
      10:49:16.0058 1316 netbt - ok
      10:49:16.0089 1316 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
      10:49:16.0105 1316 Netlogon - ok
      10:49:16.0120 1316 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
      10:49:16.0167 1316 Netman - ok
      10:49:16.0198 1316 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
      10:49:16.0229 1316 netprofm - ok
      10:49:16.0261 1316 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      10:49:16.0276 1316 NetTcpPortSharing - ok
      10:49:16.0354 1316 [ 25ACCCFC33DD448B9D3037C5E439E830 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
      10:49:16.0510 1316 NETw4v32 - ok
      10:49:16.0526 1316 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
      10:49:16.0541 1316 nfrd960 - ok
      10:49:16.0588 1316 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
      10:49:16.0635 1316 NlaSvc - ok
      10:49:16.0682 1316 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
      10:49:16.0729 1316 Npfs - ok
      10:49:16.0760 1316 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
      10:49:16.0775 1316 nsi - ok
      10:49:16.0822 1316 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      10:49:16.0869 1316 nsiproxy - ok
      10:49:16.0931 1316 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      10:49:17.0041 1316 Ntfs - ok
      10:49:17.0134 1316 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
      10:49:17.0197 1316 ntrigdigi - ok
      10:49:17.0212 1316 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
      10:49:17.0243 1316 Null - ok
      10:49:17.0275 1316 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
      10:49:17.0275 1316 nvraid - ok
      10:49:17.0290 1316 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
      10:49:17.0306 1316 nvstor - ok
      10:49:17.0321 1316 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      10:49:17.0321 1316 nv_agp - ok
      10:49:17.0337 1316 NwlnkFlt - ok
      10:49:17.0337 1316 NwlnkFwd - ok
      10:49:17.0446 1316 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      10:49:17.0462 1316 odserv - ok
      10:49:17.0524 1316 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
      10:49:17.0571 1316 ohci1394 - ok
      10:49:17.0618 1316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      10:49:17.0633 1316 ose - ok
      10:49:17.0696 1316 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
      10:49:17.0758 1316 p2pimsvc - ok
      10:49:17.0774 1316 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
      10:49:17.0805 1316 p2psvc - ok
      10:49:17.0836 1316 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
      10:49:17.0867 1316 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
      10:49:17.0867 1316 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
      10:49:17.0914 1316 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
      10:49:17.0977 1316 Parport - ok
      10:49:18.0008 1316 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
      10:49:18.0023 1316 partmgr - ok
      10:49:18.0039 1316 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
      10:49:18.0086 1316 Parvdm - ok
      10:49:18.0117 1316 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
      10:49:18.0164 1316 PcaSvc - ok
      10:49:18.0179 1316 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
      10:49:18.0195 1316 pci - ok
      10:49:18.0226 1316 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys
      10:49:18.0242 1316 pciide - ok
      10:49:18.0289 1316 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
      10:49:18.0304 1316 pcmcia - ok
      10:49:18.0367 1316 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      10:49:18.0476 1316 PEAUTH - ok
      10:49:18.0554 1316 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
      10:49:18.0647 1316 pla - ok
      10:49:18.0710 1316 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      10:49:18.0741 1316 PlugPlay - ok
      10:49:18.0772 1316 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
      10:49:18.0803 1316 PNRPAutoReg - ok
      10:49:18.0850 1316 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
      10:49:18.0866 1316 PNRPsvc - ok
      10:49:19.0006 1316 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      10:49:19.0069 1316 PolicyAgent - ok
      10:49:19.0115 1316 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      10:49:19.0162 1316 PptpMiniport - ok
      10:49:19.0209 1316 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
      10:49:19.0271 1316 Processor - ok
      10:49:19.0303 1316 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
      10:49:19.0349 1316 ProfSvc - ok
      10:49:19.0381 1316 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
      10:49:19.0381 1316 ProtectedStorage - ok
      10:49:19.0427 1316 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
      10:49:19.0490 1316 PSched - ok
      10:49:19.0505 1316 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
      10:49:19.0505 1316 PxHelp20 - ok
      10:49:19.0552 1316 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
      10:49:19.0615 1316 ql2300 - ok
      10:49:19.0661 1316 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
      10:49:19.0677 1316 ql40xx - ok
      10:49:19.0739 1316 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
      10:49:19.0771 1316 QWAVE - ok
      10:49:19.0802 1316 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      10:49:19.0817 1316 QWAVEdrv - ok
      10:49:19.0849 1316 [ 68E04F3944E6F82C64B53F8A8F13FB3A ] R5U870FLx86 C:\Windows\system32\Drivers\R5U870FLx86.sys
      10:49:19.0864 1316 R5U870FLx86 - ok
      10:49:19.0895 1316 [ 7F1356060D1894B46554A0D8E6F13958 ] R5U870FUx86 C:\Windows\system32\Drivers\R5U870FUx86.sys
      10:49:19.0927 1316 R5U870FUx86 - ok
      10:49:19.0973 1316 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      10:49:20.0020 1316 RasAcd - ok
      10:49:20.0067 1316 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
      10:49:20.0114 1316 RasAuto - ok
      10:49:20.0145 1316 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      10:49:20.0192 1316 Rasl2tp - ok
      10:49:20.0270 1316 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
      10:49:20.0317 1316 RasMan - ok
      10:49:20.0395 1316 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      10:49:20.0410 1316 RasPppoe - ok
      10:49:20.0426 1316 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      10:49:20.0473 1316 RasSstp - ok
      10:49:20.0504 1316 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      10:49:20.0535 1316 rdbss - ok
      10:49:20.0582 1316 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      10:49:20.0597 1316 RDPCDD - ok
      10:49:20.0629 1316 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
      10:49:20.0691 1316 rdpdr - ok
      10:49:20.0707 1316 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      10:49:20.0738 1316 RDPENCDD - ok
      10:49:20.0769 1316 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      10:49:20.0816 1316 RDPWD - ok
      10:49:20.0863 1316 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
      10:49:20.0863 1316 regi - ok
      10:49:20.0909 1316 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
      10:49:20.0925 1316 RemoteAccess - ok
      10:49:20.0972 1316 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      10:49:21.0019 1316 RemoteRegistry - ok
      10:49:21.0065 1316 [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
      10:49:21.0097 1316 RFCOMM - ok
      10:49:21.0175 1316 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
      10:49:21.0190 1316 RimUsb - ok
      10:49:21.0221 1316 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
      10:49:21.0268 1316 RimVSerPort - ok
      10:49:21.0315 1316 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
      10:49:21.0362 1316 ROOTMODEM - ok
      10:49:21.0409 1316 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
      10:49:21.0424 1316 Roxio UPnP Renderer 9 - ok
      10:49:21.0440 1316 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
      10:49:21.0455 1316 Roxio Upnp Server 9 - ok
      10:49:21.0533 1316 [ E06224CF971D33A680E852DFA212A8AB ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
      10:49:21.0549 1316 RoxLiveShare9 - ok
      10:49:21.0611 1316 [ FB68FD9505AB89416D70A0E8A5C49E45 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      10:49:21.0705 1316 RoxMediaDB9 - ok
      10:49:21.0721 1316 [ D6BDB50D2A28FF70CE60B4D995F0143A ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      10:49:21.0736 1316 RoxWatch9 - ok
      10:49:21.0767 1316 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
      10:49:21.0783 1316 RpcLocator - ok
      10:49:21.0814 1316 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
      10:49:21.0845 1316 RpcSs - ok
      10:49:21.0892 1316 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      10:49:21.0939 1316 rspndr - ok
      10:49:21.0986 1316 [ B7E1C523E2F7787D700766FC78E01F77 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
      10:49:22.0001 1316 RTL8169 - ok
      10:49:22.0017 1316 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
      10:49:22.0017 1316 SamSs - ok
      10:49:22.0079 1316 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
      10:49:22.0079 1316 SASDIFSV - ok
      10:49:22.0095 1316 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
      10:49:22.0111 1316 SASKUTIL - ok
      10:49:22.0126 1316 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      10:49:22.0142 1316 sbp2port - ok
      10:49:22.0204 1316 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
      10:49:22.0251 1316 SCardSvr - ok
      10:49:22.0298 1316 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
      10:49:22.0391 1316 Schedule - ok
      10:49:22.0438 1316 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
      10:49:22.0454 1316 SCPolicySvc - ok
      10:49:22.0516 1316 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      10:49:22.0532 1316 SDRSVC - ok
      10:49:22.0563 1316 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      10:49:22.0610 1316 secdrv - ok
      10:49:22.0610 1316 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
      10:49:22.0657 1316 seclogon - ok
      10:49:22.0703 1316 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
      10:49:22.0750 1316 SENS - ok
      10:49:22.0766 1316 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
      10:49:22.0813 1316 Serenum - ok
      10:49:22.0828 1316 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
      10:49:22.0891 1316 Serial - ok
      10:49:22.0922 1316 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
      10:49:22.0953 1316 sermouse - ok
      10:49:23.0000 1316 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
      10:49:23.0031 1316 SessionEnv - ok
      10:49:23.0062 1316 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
      10:49:23.0078 1316 SFEP - ok
      10:49:23.0093 1316 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      10:49:23.0156 1316 sffdisk - ok
      10:49:23.0187 1316 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      10:49:23.0249 1316 sffp_mmc - ok
      10:49:23.0265 1316 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      10:49:23.0312 1316 sffp_sd - ok
      10:49:23.0327 1316 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
      10:49:23.0359 1316 sfloppy - ok
      10:49:23.0405 1316 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      10:49:23.0437 1316 ShellHWDetection - ok
      10:49:23.0452 1316 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
      10:49:23.0468 1316 sisagp - ok
      10:49:23.0483 1316 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
      10:49:23.0483 1316 SiSRaid2 - ok
      10:49:23.0499 1316 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
      10:49:23.0515 1316 SiSRaid4 - ok
      10:49:23.0639 1316 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
      10:49:23.0795 1316 slsvc - ok
      10:49:23.0858 1316 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
      10:49:23.0889 1316 SLUINotify - ok
      10:49:23.0936 1316 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      10:49:23.0983 1316 Smb - ok
      10:49:24.0029 1316 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      10:49:24.0061 1316 SNMPTRAP - ok
      10:49:24.0092 1316 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
      10:49:24.0107 1316 spldr - ok
      10:49:24.0139 1316 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
      10:49:24.0201 1316 Spooler - ok
      10:49:24.0217 1316 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
      10:49:24.0248 1316 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
      10:49:24.0248 1316 SPTISRV - detected UnsignedFile.Multi.Generic (1)
      10:49:24.0295 1316 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
      10:49:24.0373 1316 srv - ok
      10:49:24.0404 1316 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      10:49:24.0419 1316 srv2 - ok
      10:49:24.0513 1316 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      10:49:24.0560 1316 srvnet - ok
      10:49:24.0607 1316 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      10:49:24.0622 1316 SSDPSRV - ok
      10:49:24.0653 1316 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
      10:49:24.0669 1316 ssmdrv - ok
      10:49:24.0731 1316 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
      10:49:24.0794 1316 SstpSvc - ok
      10:49:24.0825 1316 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
      10:49:24.0872 1316 StillCam - ok
      10:49:24.0934 1316 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
      10:49:24.0981 1316 stisvc - ok
      10:49:25.0012 1316 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
      10:49:25.0028 1316 swenum - ok
      10:49:25.0075 1316 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
      10:49:25.0121 1316 swprv - ok
      10:49:25.0168 1316 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
      10:49:25.0184 1316 Symc8xx - ok
      10:49:25.0199 1316 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
      10:49:25.0199 1316 Sym_hi - ok
      10:49:25.0215 1316 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
      10:49:25.0231 1316 Sym_u3 - ok
      10:49:25.0262 1316 [ 99DA94793332AADBB17BBB521AE56E21 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
      10:49:25.0262 1316 SynTP - ok
      10:49:25.0371 1316 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
      10:49:25.0433 1316 SysMain - ok
      10:49:25.0465 1316 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
      10:49:25.0527 1316 TabletInputService - ok
      10:49:25.0574 1316 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
      10:49:25.0605 1316 TapiSrv - ok
      10:49:25.0636 1316 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
      10:49:25.0667 1316 TBS - ok
      10:49:25.0730 1316 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      10:49:25.0823 1316 Tcpip - ok
      10:49:25.0870 1316 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
      10:49:25.0901 1316 Tcpip6 - ok
      10:49:25.0948 1316 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      10:49:25.0995 1316 tcpipreg - ok
      10:49:26.0026 1316 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      10:49:26.0073 1316 TDPIPE - ok
      10:49:26.0104 1316 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      10:49:26.0151 1316 TDTCP - ok
      10:49:26.0198 1316 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      10:49:26.0229 1316 tdx - ok
      10:49:26.0245 1316 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
      10:49:26.0260 1316 TermDD - ok
      10:49:26.0307 1316 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
      10:49:26.0385 1316 TermService - ok
      10:49:26.0416 1316 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
      10:49:26.0432 1316 Themes - ok
      10:49:26.0447 1316 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
      10:49:26.0463 1316 THREADORDER - ok
      10:49:26.0525 1316 [ 030F439AC1CCDA7AC6CE01CC02102045 ] ti21sony C:\Windows\system32\drivers\ti21sony.sys
      10:49:26.0619 1316 ti21sony - ok
      10:49:26.0666 1316 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
      10:49:26.0713 1316 TrkWks - ok
      10:49:26.0791 1316 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      10:49:26.0822 1316 TrustedInstaller - ok
      10:49:26.0869 1316 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      10:49:26.0915 1316 tssecsrv - ok
      10:49:26.0947 1316 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
      10:49:27.0009 1316 tunmp - ok
      10:49:27.0025 1316 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      10:49:27.0087 1316 tunnel - ok
      10:49:27.0103 1316 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
      10:49:27.0118 1316 uagp35 - ok
      10:49:27.0149 1316 [ 5704B9BF52BD0B611FE871F47A3230B9 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
      10:49:27.0165 1316 uCamMonitor - ok
      10:49:27.0212 1316 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      10:49:27.0243 1316 udfs - ok
      10:49:27.0290 1316 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      10:49:27.0321 1316 UI0Detect - ok
      10:49:27.0337 1316 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      10:49:27.0337 1316 uliagpkx - ok
      10:49:27.0352 1316 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
      10:49:27.0368 1316 uliahci - ok
      10:49:27.0383 1316 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
      10:49:27.0399 1316 UlSata - ok
      10:49:27.0415 1316 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
      10:49:27.0430 1316 ulsata2 - ok
      10:49:27.0461 1316 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
      10:49:27.0508 1316 umbus - ok
      10:49:27.0571 1316 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
      10:49:27.0617 1316 upnphost - ok
      10:49:27.0695 1316 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      10:49:27.0727 1316 usbccgp - ok
      10:49:27.0773 1316 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      10:49:27.0836 1316 usbcir - ok
      10:49:27.0867 1316 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      10:49:27.0898 1316 usbehci - ok
      10:49:27.0945 1316 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      10:49:27.0976 1316 usbhub - ok
      10:49:27.0992 1316 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
      10:49:28.0023 1316 usbohci - ok
      10:49:28.0054 1316 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      10:49:28.0101 1316 usbprint - ok
      10:49:28.0117 1316 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      10:49:28.0163 1316 USBSTOR - ok
      10:49:28.0195 1316 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
      10:49:28.0226 1316 usbuhci - ok
      10:49:28.0288 1316 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
      10:49:28.0335 1316 usbvideo - ok
      10:49:28.0366 1316 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
      10:49:28.0413 1316 UxSms - ok
      10:49:28.0475 1316 [ AFBCD738DF9DE3B6D71AFC704E7F27FB ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
      10:49:28.0491 1316 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
      10:49:28.0491 1316 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
      10:49:28.0538 1316 [ 8A9F18ADAD471402236CA931553BF79B ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
      10:49:28.0553 1316 VAIO Event Service - ok
      10:49:28.0678 1316 [ 0A4CD617ED1F03C8B7310FC4871173A4 ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
      10:49:28.0897 1316 VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
      10:49:28.0897 1316 VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic (1)
      10:49:28.0943 1316 [ 56E33AAA46CBA8431E72486196AFB3A1 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
      10:49:28.0975 1316 VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
      10:49:28.0975 1316 VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic (1)
      10:49:29.0037 1316 [ ADDF0E4E19BD2FF0A0B852D324FDC281 ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
      10:49:29.0099 1316 VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
      10:49:29.0099 1316 VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic (1)
      10:49:29.0162 1316 [ 52D4F568FE7D05AE5026B8717EEB59EB ] VAIOMediaPlatform-UCLS-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
      10:49:29.0224 1316 VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - warning
      10:49:29.0224 1316 VAIOMediaPlatform-UCLS-AppServer - detected UnsignedFile.Multi.Generic (1)
      10:49:29.0255 1316 [ 56E33AAA46CBA8431E72486196AFB3A1 ] VAIOMediaPlatform-UCLS-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
      10:49:29.0271 1316 VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - warning
      10:49:29.0271 1316 VAIOMediaPlatform-UCLS-HTTP - detected UnsignedFile.Multi.Generic (1)
      10:49:29.0318 1316 [ ADDF0E4E19BD2FF0A0B852D324FDC281 ] VAIOMediaPlatform-UCLS-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
      10:49:29.0349 1316 VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - warning
      10:49:29.0349 1316 VAIOMediaPlatform-UCLS-UPnP - detected UnsignedFile.Multi.Generic (1)
      10:49:29.0443 1316 [ 6EF45DF2FCC4AE35C715A6C9B5C68B17 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
      10:49:29.0443 1316 VcmIAlzMgr - ok
      10:49:29.0489 1316 [ C4DE5BA157FD83BBDAEB70EE27417E0E ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
      10:49:29.0489 1316 VcmXmlIfHelper - ok
      10:49:29.0489 1316 Vcsw - ok
      10:49:29.0552 1316 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
      10:49:29.0645 1316 vds - ok
      10:49:29.0677 1316 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      10:49:29.0739 1316 vga - ok
      10:49:29.0864 1316 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
      10:49:29.0879 1316 VgaSave - ok
      10:49:29.0895 1316 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
      10:49:29.0911 1316 viaagp - ok
      10:49:29.0926 1316 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
      10:49:29.0989 1316 ViaC7 - ok
      10:49:30.0020 1316 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
      10:49:30.0020 1316 viaide - ok
      10:49:30.0035 1316 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      10:49:30.0051 1316 volmgr - ok
      10:49:30.0113 1316 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      10:49:30.0129 1316 volmgrx - ok
      10:49:30.0176 1316 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      10:49:30.0191 1316 volsnap - ok
      10:49:30.0207 1316 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
      10:49:30.0223 1316 vsmraid - ok
      10:49:30.0301 1316 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
      10:49:30.0379 1316 VSS - ok
      10:49:30.0441 1316 [ 2E785F4F92C4C67CEBB61DD55ED1F6A1 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
      10:49:30.0441 1316 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
      10:49:30.0441 1316 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
      10:49:30.0457 1316 [ 2D876CAD8C7FFB08179DFF361FF851E6 ] VzFw C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
      10:49:30.0472 1316 VzFw ( UnsignedFile.Multi.Generic ) - warning
      10:49:30.0472 1316 VzFw - detected UnsignedFile.Multi.Generic (1)
      10:49:30.0535 1316 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
      10:49:30.0581 1316 W32Time - ok
      10:49:30.0613 1316 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
      10:49:30.0675 1316 WacomPen - ok
      10:49:30.0722 1316 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
      10:49:30.0769 1316 Wanarp - ok
      10:49:30.0769 1316 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      10:49:30.0784 1316 Wanarpv6 - ok
      10:49:30.0831 1316 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
      10:49:30.0878 1316 wcncsvc - ok
      10:49:30.0909 1316 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      10:49:30.0940 1316 WcsPlugInService - ok
      10:49:30.0971 1316 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
      10:49:30.0971 1316 Wd - ok
      10:49:31.0003 1316 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      10:49:31.0034 1316 Wdf01000 - ok
      10:49:31.0112 1316 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
      10:49:31.0143 1316 WdiServiceHost - ok
      10:49:31.0159 1316 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
      10:49:31.0174 1316 WdiSystemHost - ok
      10:49:31.0221 1316 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
      10:49:31.0268 1316 WebClient - ok
      10:49:31.0299 1316 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
      10:49:31.0330 1316 Wecsvc - ok
      10:49:31.0377 1316 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      10:49:31.0408 1316 wercplsupport - ok
      10:49:31.0455 1316 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
      10:49:31.0471 1316 WerSvc - ok
      10:49:31.0517 1316 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
      10:49:31.0533 1316 WimFltr - ok
      10:49:31.0564 1316 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
      10:49:31.0611 1316 winachsf - ok
      10:49:31.0611 1316 WinHttpAutoProxySvc - ok
      10:49:31.0705 1316 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      10:49:31.0751 1316 Winmgmt - ok
      10:49:31.0814 1316 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
      10:49:31.0939 1316 WinRM - ok
      10:49:32.0001 1316 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
      10:49:32.0063 1316 Wlansvc - ok
      10:49:32.0095 1316 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      10:49:32.0157 1316 WmiAcpi - ok
      10:49:32.0204 1316 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      10:49:32.0235 1316 wmiApSrv - ok
      10:49:32.0329 1316 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
      10:49:32.0422 1316 WMPNetworkSvc - ok
      10:49:32.0469 1316 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
      10:49:32.0500 1316 WPCSvc - ok
      10:49:32.0547 1316 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      10:49:32.0578 1316 WPDBusEnum - ok
      10:49:32.0625 1316 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
      10:49:32.0656 1316 WpdUsb - ok
      10:49:32.0750 1316 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
      10:49:32.0797 1316 WPFFontCache_v0400 - ok
      10:49:32.0843 1316 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      10:49:32.0859 1316 ws2ifsl - ok
      10:49:32.0859 1316 WSearch - ok
      10:49:32.0921 1316 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      10:49:32.0968 1316 WUDFRd - ok
      10:49:32.0999 1316 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      10:49:33.0046 1316 wudfsvc - ok
      10:49:33.0077 1316 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
      10:49:33.0093 1316 XAudio - ok
      10:49:33.0124 1316 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
      10:49:33.0140 1316 XAudioService - ok
      10:49:33.0171 1316 ================ Scan global ===============================
      10:49:33.0218 1316 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
      10:49:33.0265 1316 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
      10:49:33.0280 1316 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
      10:49:33.0327 1316 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
      10:49:33.0327 1316 [Global] - ok
      10:49:33.0327 1316 ================ Scan MBR ==================================
      10:49:33.0343 1316 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
      10:49:33.0857 1316 \Device\Harddisk0\DR0 - ok
      10:49:33.0873 1316 ================ Scan VBR ==================================
      10:49:33.0873 1316 [ C421F5ED9017743ADD089E3A63D7DDB5 ] \Device\Harddisk0\DR0\Partition1
      10:49:33.0873 1316 \Device\Harddisk0\DR0\Partition1 - ok
      10:49:33.0873 1316 ============================================================
      10:49:33.0873 1316 Scan finished
      10:49:33.0873 1316 ============================================================
      10:49:33.0904 1716 Detected object count: 14
      10:49:33.0904 1716 Actual detected object count: 14
      10:53:05.0680 1716 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0680 1716 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0680 1716 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0680 1716 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0680 1716 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0695 1716 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0695 1716 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0695 1716 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0695 1716 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0695 1716 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0695 1716 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0695 1716 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0695 1716 VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0695 1716 VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0695 1716 VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0695 1716 VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0695 1716 VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0695 1716 VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0695 1716 VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0695 1716 VAIOMediaPlatform-UCLS-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0711 1716 VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0711 1716 VAIOMediaPlatform-UCLS-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0711 1716 VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0711 1716 VAIOMediaPlatform-UCLS-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0711 1716 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0711 1716 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:05.0711 1716 VzFw ( UnsignedFile.Multi.Generic ) - skipped by user
      10:53:05.0711 1716 VzFw ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:53:41.0575 1452 Deinitialize success


      Por último el USB-killer no lo usé porque no tengo memorias usb a la mano.
      después de usar la pc un rato vi que está más rápida, pero Avira sigue con los mensajes, ahora
      dice que detecta: TR/Agent.336764.A y TR/Crypt.CFI.Gen.

      Gracias por su ayuda.

    7. #7
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      Oks tienes la direccion de las detecciones?

      El USBFIX pasalo asi no conectes memorias

      haz esto tambien:

      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer como administrador.
      • Elige la Opcion #1 (Buscar y Destruir)
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • Si algún programa no inicia, reiniciar la PC.
      Descarga Ccleaner:Manual de CCleaner <------------ Este paso es MUY IMPORTANTE

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad
      Descarga DrWeb Cureit:

      Dr.Web CureIt! 6 | InfoSpyware Manual de Dr.Web CureIt!

      Ejecuta Drweb según su manual y con estas especificaciones:
      • Cuando inicie el programa ejecutalo en su modo de proteccion mejorada preferentemente.
      • Al iniciarlo siguiendo el manual, comenzara un Escaneo rápido por defecto, espera a que termine:
      • Eliges la opción Escaneo completo y pulsas el botón de Play para iniciar.



      • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
      • Si te detecta el archivo Hosts modificado pulsa en Si para restaurarlo.
      • Guarda un reporte al finalizar como lo indica la imagen

      Nos traerias el reporte de DrWeb ( de no poder guardarlo como se indica, un reporte se genera sobre %userprofile%\DoctorWeb\CureIt.log, del cual deberas traer solo la seccion del final de estadisticas) y nos comentarias el estado del sistema.

      Saludos
      espero ese reporte y el de usbfix y el dr web estas bastante infectado

    8. #8
      Usuario Avatar de fabiola86
      Registrado
      may 2006
      Ubicación
      México
      Mensajes
      10

      Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      Mando el reporte de USBfix y AT-Destroyer:

      ############################## | UsbFix V 7.096 | [Supresión]

      Usuario: JoRgE lUiS (Administrador) # JORGELUIS1
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 15:58:37 | 26/12/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus &bull; Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: contact@eldesaparecido.com

      PC: Sony Corporation (VGN-CR360F) (X86-based PC) # Notebook
      CPU: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz (1995)
      RAM -> [Total : 2038 | Free : 1581]
      BIOS: Ver 1.00PARTTBL
      BOOT: Fail-safe with network boot

      OS: Microsoft® Windows Vista™ Home Premium (6.0.6001 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 8.0.6001.19088

      SC: Security Center Service [(!) Disabled]
      WU: Windows Update Service [(!) Disabled]
      AS: Windows Defender [(!) Disabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 175 Gb (121 Mb libre(s) - 69%) [] # NTFS
      F:\ -> CD-ROM

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (380)
      C:\Windows\system32\csrss.exe (416)
      C:\Windows\system32\wininit.exe (424)
      C:\Windows\system32\winlogon.exe (468)
      C:\Windows\system32\services.exe (496)
      C:\Windows\system32\lsass.exe (512)
      C:\Windows\system32\lsm.exe (520)
      C:\Windows\system32\svchost.exe (664)
      C:\Windows\system32\svchost.exe (720)
      C:\Windows\System32\svchost.exe (796)
      C:\Windows\system32\svchost.exe (836)
      C:\Windows\System32\svchost.exe (880)
      C:\Windows\system32\svchost.exe (904)
      C:\Windows\system32\svchost.exe (920)
      C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (1100)
      C:\Windows\Explorer.EXE (1336)
      C:\Program Files\Google\Chrome\Application\chrome.exe (1920)
      C:\Program Files\Google\Chrome\Application\chrome.exe (188)
      C:\UsbFix\Go.exe (1056)
      C:\Windows\system32\wbem\wmiprvse.exe (1408)

      ################## | Procesos Parados |

      Parado! C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (1100)
      Parado! C:\Windows\Explorer.EXE (1336)

      ################## | Archivos # Carpetas infectadas |

      No suprimido ! C:\$RECYCLE.BIN\S-1-5-18
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-20
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-2152478756-3922319563-605102323-500
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-248509183-3095564210-1948053307-500
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-617259000-2813533748-2012829774-500
      No suprimido ! C:\$RECYCLE.BIN\S-1-5-21-709962578-3550812630-727566589-1000
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-7586134-693155072-22198425-500

      (!) Archivos temporales suprimido.

      ################## | Registro |


      ################## | Mountpoints2 |

      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{37641031-4490-11e2-b9f0-001e3d019f83}

      ################## | Listing |

      [26/12/2012 - 16:03:27 | SHD ] C:\$Recycle.Bin
      [06/08/2008 - 21:41:16 | D ] C:\Archivos de programa
      [18/09/2006 - 15:43:36 | N | 24] C:\autoexec.bat
      [10/08/2008 - 23:33:06 | SHD ] C:\Boot
      [19/01/2008 - 01:45:45 | RASH | 333203] C:\bootmgr
      [11/12/2007 - 20:18:25 | N | 8192] C:\BOOTSECT.BAK
      [18/09/2006 - 15:43:37 | N | 10] C:\config.sys
      [02/11/2006 - 07:02:03 | SHD ] C:\Documents and Settings
      [03/01/2005 - 06:37:18 | N | 17] C:\initrd.pam
      [17/01/2008 - 23:59:46 | D ] C:\InstantON
      [24/08/2008 - 11:36:36 | N | 0] C:\IO.SYS
      [15/01/2007 - 18:13:14 | N | 68] C:\kernel.pam
      [24/08/2008 - 11:36:36 | N | 0] C:\MSDOS.SYS
      [11/08/2008 - 22:56:27 | RHD ] C:\MSOCache
      [26/12/2012 - 15:55:11 | ASH | 2451243008] C:\pagefile.sys
      [10/08/2008 - 23:18:27 | D ] C:\PerfLogs
      [25/12/2012 - 21:51:03 | D ] C:\Program Files
      [25/12/2012 - 21:51:04 | HD ] C:\ProgramData
      [08/08/2008 - 14:19:33 | N | 0] C:\ProgramData.LOG1
      [08/08/2008 - 14:19:33 | N | 0] C:\ProgramData.LOG2
      [26/12/2012 - 01:29:18 | N | 1617] C:\scu.dat
      [09/06/2009 - 14:47:54 | N | 268] C:\sqmdata00.sqm
      [17/06/2009 - 10:55:33 | N | 268] C:\sqmdata01.sqm
      [17/06/2009 - 11:15:09 | N | 304] C:\sqmdata02.sqm
      [17/06/2009 - 12:34:11 | N | 268] C:\sqmdata03.sqm
      [17/06/2009 - 15:46:16 | N | 268] C:\sqmdata04.sqm
      [18/06/2009 - 17:01:54 | N | 268] C:\sqmdata05.sqm
      [19/06/2009 - 11:06:36 | N | 268] C:\sqmdata06.sqm
      [19/06/2009 - 14:36:42 | N | 268] C:\sqmdata07.sqm
      [19/06/2009 - 14:55:23 | N | 268] C:\sqmdata08.sqm
      [04/07/2009 - 02:00:24 | N | 268] C:\sqmdata09.sqm
      [07/07/2009 - 10:21:06 | N | 268] C:\sqmdata10.sqm
      [28/07/2009 - 15:08:36 | N | 268] C:\sqmdata11.sqm
      [23/08/2009 - 20:19:45 | N | 268] C:\sqmdata12.sqm
      [03/09/2009 - 16:07:48 | N | 268] C:\sqmdata13.sqm
      [29/05/2009 - 09:30:05 | N | 268] C:\sqmdata14.sqm
      [01/06/2009 - 12:26:05 | N | 268] C:\sqmdata15.sqm
      [03/06/2009 - 22:44:17 | N | 304] C:\sqmdata16.sqm
      [04/06/2009 - 09:15:55 | N | 268] C:\sqmdata17.sqm
      [04/06/2009 - 17:16:24 | N | 304] C:\sqmdata18.sqm
      [06/06/2009 - 08:31:26 | N | 268] C:\sqmdata19.sqm
      [09/06/2009 - 14:47:54 | N | 244] C:\sqmnoopt00.sqm
      [17/06/2009 - 10:55:33 | N | 244] C:\sqmnoopt01.sqm
      [17/06/2009 - 11:15:09 | N | 244] C:\sqmnoopt02.sqm
      [17/06/2009 - 12:34:11 | N | 244] C:\sqmnoopt03.sqm
      [17/06/2009 - 15:46:16 | N | 172] C:\sqmnoopt04.sqm
      [18/06/2009 - 17:01:54 | N | 172] C:\sqmnoopt05.sqm
      [19/06/2009 - 11:06:36 | N | 244] C:\sqmnoopt06.sqm
      [19/06/2009 - 14:36:42 | N | 244] C:\sqmnoopt07.sqm
      [19/06/2009 - 14:55:23 | N | 244] C:\sqmnoopt08.sqm
      [04/07/2009 - 02:00:24 | N | 244] C:\sqmnoopt09.sqm
      [07/07/2009 - 10:21:05 | N | 244] C:\sqmnoopt10.sqm
      [28/07/2009 - 15:08:36 | N | 244] C:\sqmnoopt11.sqm
      [23/08/2009 - 20:19:44 | N | 244] C:\sqmnoopt12.sqm
      [03/09/2009 - 16:07:48 | N | 244] C:\sqmnoopt13.sqm
      [29/05/2009 - 09:30:05 | N | 244] C:\sqmnoopt14.sqm
      [01/06/2009 - 12:26:05 | N | 172] C:\sqmnoopt15.sqm
      [03/06/2009 - 22:44:17 | N | 172] C:\sqmnoopt16.sqm
      [04/06/2009 - 09:15:55 | N | 244] C:\sqmnoopt17.sqm
      [04/06/2009 - 17:16:24 | N | 172] C:\sqmnoopt18.sqm
      [06/06/2009 - 08:31:26 | N | 244] C:\sqmnoopt19.sqm
      [24/12/2012 - 23:52:26 | SHD ] C:\System Volume Information
      [26/12/2012 - 10:53:41 | N | 138608] C:\TDSSKiller.2.8.15.0_26.12.2012_10.46.18_log.txt
      [02/09/2009 - 21:14:44 | D ] C:\Temp
      [26/12/2012 - 16:03:27 | D ] C:\UsbFix
      [26/12/2012 - 15:59:00 | A | 2065] C:\UsbFix.txt
      [08/08/2008 - 14:19:33 | D ] C:\Users
      [18/01/2008 - 00:25:28 | N | 392988] C:\vcredist_x86.log
      [26/12/2012 - 10:27:20 | D ] C:\Windows

      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | Upload |

      Por favor, envie el archivo: C:\UsbFix_Upload_Me_JORGELUIS1.zip
      http://eldesaparecido.com/upload.php
      Gracias por su contribución.

      ################## | E.O.F |


      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 16:09:40 \\\ 26/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:8.0.6001.19088
      Google Chrome:23.0.1271.97
      Privilegios: JoRgE lUiS - Administrador
      Modo Actual: Modo Seguro.
      Nombre del pc: JORGELUIS1
      Información del sistema operativo:X86-WIN_VISTA-Service Pack 1
      nombre del usuario:JoRgE lUiS
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Program Files\Conduit\Community Alerts 92
      C:\Program Files\Conduit\Community Alerts\Alert.dll 92
      C:\Program Files\Conduit\Community Alerts\Alert0.dll 92
      C:\Program Files\Conduit 92


      >>>>>> Archivos <<<<<<

      C:\Windows\System32\ezsidmv.dat


      >>>>>> Registro <<<<<<

      HKEY_CLASSES_ROOT\AppID\escort.DLL
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_Page_URL==http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_Page_URL==http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome


      HKEY_USERS\S-1-5-21-709962578-3550812630-727566589-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_Page_URL==http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\JoRgE lUiS\AppData\Local\Google\Chrome\User Data\Default\Extensions\3
      C:\Users\JoRgE lUiS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\JoRgE lUiS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\JoRgE lUiS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ======== Listado ===========

      [07/08/2008 04:47 p.m.] [07/08/2008 04:47 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\ArcSoft
      [06/11/2008 09:50 p.m.] [06/11/2008 09:50 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\AutoTransfer
      [24/12/2012 11:48 p.m.] [24/12/2012 11:48 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Avira
      C:\Users\JoRgE lUiS\AppData\Roaming\BBMS_EXCEPTION.txt [AN] 341 bytes ( )
      C:\Users\JoRgE lUiS\AppData\Roaming\desktop.ini [HSAN] 6 bytes ( )
      [06/08/2008 09:55 p.m.] [06/08/2008 09:53 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Google
      [04/06/2009 10:06 p.m.] [04/06/2009 10:06 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\HP
      [16/01/2012 08:35 p.m.] [16/01/2012 08:35 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\HpUpdate
      [07/06/2009 08:00 p.m.] [06/08/2008 09:45 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Identities
      [17/10/2010 08:17 p.m.] [17/10/2010 08:17 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\InstallShield
      [27/08/2008 09:55 p.m.] [27/08/2008 09:55 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\InterVideo
      [01/05/2011 08:09 p.m.] [01/05/2011 08:09 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\J River
      [28/03/2011 10:07 p.m.] [06/08/2008 10:59 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\LimeWire
      [14/07/2012 02:50 p.m.] [06/08/2008 11:15 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Macromedia
      [25/12/2012 09:51 p.m.] [25/12/2012 09:51 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Malwarebytes
      [02/11/2006 06:37 a.m.] [06/08/2008 09:45 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Media Center Programs
      [24/12/2012 02:44 p.m.] [06/08/2008 09:45 p.m.] [SN] C:\Users\JoRgE lUiS\AppData\Roaming\Microsoft
      [23/12/2012 11:24 p.m.] [23/12/2012 11:24 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\PeerNetworking
      [15/11/2008 09:00 a.m.] [10/08/2008 11:52 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Real
      [17/10/2010 08:19 p.m.] [17/10/2010 07:52 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Research In Motion
      [22/11/2010 09:11 p.m.] [22/11/2010 09:11 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Roxio
      [01/05/2011 07:55 p.m.] [24/02/2011 10:22 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Skype
      [01/05/2011 06:36 p.m.] [24/02/2011 10:25 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\skypePM
      [07/08/2008 09:45 p.m.] [06/08/2008 09:45 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Sony Corporation
      [25/12/2012 11:45 a.m.] [25/12/2012 11:45 a.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\SUPERAntiSpyware.com
      C:\Users\JoRgE lUiS\AppData\Roaming\UserTile.png [AN] 16.6 KB ( )
      [06/08/2008 09:46 p.m.] [06/08/2008 09:46 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Webroot
      [07/06/2009 08:00 p.m.] [07/06/2009 08:00 p.m.] [N] C:\Users\JoRgE lUiS\AppData\Roaming\Zylom
      [09/07/2012 05:14 p.m.] [09/07/2012 05:14 p.m.] [0] C:\Program Files\Adult Website Filter
      [06/08/2008 09:41 p.m.] [06/08/2008 09:41 p.m.] [HSN] C:\Program Files\Archivos comunes
      [18/01/2008 12:02 a.m.] [18/01/2008 12:02 a.m.] [0] C:\Program Files\ArcSoft
      [01/04/2011 08:19 p.m.] [01/04/2011 08:18 p.m.] [0] C:\Program Files\Ares
      [24/12/2012 11:41 p.m.] [24/12/2012 11:41 p.m.] [0] C:\Program Files\Avira
      [01/05/2011 07:55 p.m.] [02/11/2006 05:18 a.m.] [0] C:\Program Files\Common Files
      [12/12/2007 03:46 a.m.] [12/12/2007 03:46 a.m.] [0] C:\Program Files\CONEXANT
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [25/12/2012 11:36 p.m.] [24/12/2012 11:10 p.m.] [0] C:\Program Files\ESET
      [01/05/2011 08:04 p.m.] [17/01/2008 11:59 p.m.] [0] C:\Program Files\Google
      [13/02/2012 09:34 a.m.] [13/02/2012 09:30 a.m.] [0] C:\Program Files\Graphmatica
      [16/01/2012 08:36 p.m.] [04/06/2009 09:59 p.m.] [0] C:\Program Files\HP
      [16/01/2012 08:36 p.m.] [16/01/2012 08:36 p.m.] [0] C:\Program Files\HP Photo Creations
      [01/05/2011 08:07 p.m.] [01/04/2011 08:15 p.m.] [0] C:\Program Files\Iminent
      [23/01/2012 10:39 p.m.] [12/12/2007 05:19 a.m.] [H] C:\Program Files\InstallShield Installation Information
      [12/12/2007 05:13 a.m.] [12/12/2007 05:13 a.m.] [0] C:\Program Files\intel
      [16/06/2011 10:18 p.m.] [02/11/2006 05:18 a.m.] [0] C:\Program Files\Internet Explorer
      [18/01/2008 12:27 a.m.] [18/01/2008 12:26 a.m.] [0] C:\Program Files\InterVideo
      [18/01/2008 12:16 a.m.] [18/01/2008 12:16 a.m.] [0] C:\Program Files\J River
      [01/05/2011 07:21 p.m.] [12/12/2007 05:28 a.m.] [0] C:\Program Files\Java
      [08/10/2008 10:37 a.m.] [08/10/2008 10:37 a.m.] [0] C:\Program Files\JuegosMania
      [25/12/2012 09:51 p.m.] [25/12/2012 09:51 p.m.] [0] C:\Program Files\Malwarebytes' Anti-Malware
      [10/11/2009 08:58 p.m.] [06/08/2008 11:44 p.m.] [0] C:\Program Files\Messenger Plus! Live
      [10/04/2012 09:02 a.m.] [17/09/2009 10:38 p.m.] [0] C:\Program Files\Microsoft
      [07/08/2008 12:36 a.m.] [07/08/2008 12:36 a.m.] [0] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [02/11/2006 06:37 a.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Microsoft Games
      [11/08/2008 11:02 p.m.] [18/01/2008 12:01 a.m.] [0] C:\Program Files\Microsoft Office
      [21/05/2012 09:46 a.m.] [17/09/2009 10:44 p.m.] [0] C:\Program Files\Microsoft Silverlight
      [17/09/2009 10:40 p.m.] [17/09/2009 10:40 p.m.] [0] C:\Program Files\Microsoft SQL Server Compact Edition
      [17/09/2009 10:43 p.m.] [17/09/2009 10:43 p.m.] [0] C:\Program Files\Microsoft Sync Framework
      [11/08/2008 11:02 p.m.] [11/08/2008 11:02 p.m.] [0] C:\Program Files\Microsoft Visual Studio
      [10/10/2012 12:21 p.m.] [18/01/2008 12:00 a.m.] [0] C:\Program Files\Microsoft Works
      [08/02/2011 06:48 p.m.] [11/08/2008 11:01 p.m.] [0] C:\Program Files\Microsoft.NET
      [13/08/2010 04:48 p.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Movie Maker
      [02/11/2006 06:37 a.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\MSBuild
      [12/12/2007 04:33 a.m.] [12/12/2007 04:33 a.m.] [0] C:\Program Files\MSXML 4.0
      [26/12/2012 10:44 a.m.] [10/08/2008 09:20 p.m.] [0] C:\Program Files\PowerArchiver
      [10/08/2008 11:53 p.m.] [10/08/2008 11:52 p.m.] [0] C:\Program Files\Real Alternative
      [02/11/2006 06:37 a.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Reference Assemblies
      [17/10/2010 08:23 p.m.] [17/10/2010 07:29 p.m.] [0] C:\Program Files\Research In Motion
      [17/10/2010 08:14 p.m.] [17/10/2010 08:14 p.m.] [0] C:\Program Files\Roxio
      [23/01/2012 10:40 p.m.] [01/04/2011 08:21 p.m.] [0] C:\Program Files\shARES
      [18/01/2008 12:27 a.m.] [12/12/2007 05:23 a.m.] [0] C:\Program Files\Sony
      [12/12/2007 05:40 a.m.] [12/12/2007 05:40 a.m.] [0] C:\Program Files\Sony Corporation
      [25/12/2012 02:25 p.m.] [25/12/2012 11:44 a.m.] [0] C:\Program Files\SUPERAntiSpyware
      [12/12/2007 03:47 a.m.] [12/12/2007 03:47 a.m.] [0] C:\Program Files\Synaptics
      [31/03/2009 11:54 a.m.] [31/03/2009 11:15 a.m.] [0] C:\Program Files\Total Video Converter
      [02/11/2006 07:01 a.m.] [02/11/2006 07:01 a.m.] [H] C:\Program Files\Uninstall Information
      [12/12/2007 05:13 a.m.] [12/12/2007 05:13 a.m.] [0] C:\Program Files\WIDCOMM
      [10/08/2008 11:22 p.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Windows Calendar
      [10/08/2008 11:22 p.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Windows Collaboration
      [10/08/2008 11:22 p.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Windows Defender
      [10/08/2008 11:22 p.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Windows Journal
      [03/02/2011 05:17 p.m.] [06/08/2008 11:44 p.m.] [0] C:\Program Files\Windows Live
      [17/09/2009 10:38 p.m.] [17/09/2009 10:38 p.m.] [0] C:\Program Files\Windows Live SkyDrive
      [16/06/2011 01:21 p.m.] [02/11/2006 05:18 a.m.] [0] C:\Program Files\Windows Mail
      [15/10/2010 09:26 p.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Windows Media Player
      [06/08/2008 09:41 p.m.] [02/11/2006 05:18 a.m.] [0] C:\Program Files\Windows NT
      [10/08/2008 11:22 p.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Windows Photo Gallery
      [10/08/2008 11:22 p.m.] [02/11/2006 06:37 a.m.] [0] C:\Program Files\Windows Sidebar
      [08/06/2009 09:28 a.m.] [07/06/2009 07:56 p.m.] [0] C:\Program Files\Zylom Games
      [02/11/2006 07:02 a.m.] [02/11/2006 07:02 a.m.] [HSN] C:\ProgramData\Application Data
      [24/12/2012 11:41 p.m.] [24/12/2012 11:41 p.m.] [N] C:\ProgramData\Avira
      [10/08/2008 09:21 p.m.] [10/08/2008 09:21 p.m.] [N] C:\ProgramData\ConeXware
      [06/08/2008 09:41 p.m.] [06/08/2008 09:41 p.m.] [HSN] C:\ProgramData\Datos de programa
      [02/11/2006 07:02 a.m.] [02/11/2006 07:02 a.m.] [HSN] C:\ProgramData\Desktop
      [06/08/2008 09:41 p.m.] [06/08/2008 09:41 p.m.] [HSN] C:\ProgramData\Documentos
      [02/11/2006 07:02 a.m.] [02/11/2006 07:02 a.m.] [HSN] C:\ProgramData\Documents
      [06/08/2008 09:41 p.m.] [06/08/2008 09:41 p.m.] [HSN] C:\ProgramData\Escritorio
      [23/12/2012 11:51 p.m.] [23/12/2012 11:51 p.m.] [N] C:\ProgramData\ESET
      [02/11/2006 07:02 a.m.] [02/11/2006 07:02 a.m.] [HSN] C:\ProgramData\Favorites
      [06/08/2008 09:41 p.m.] [06/08/2008 09:41 p.m.] [HSN] C:\ProgramData\Favoritos
      [08/08/2008 07:56 p.m.] [08/08/2008 07:56 p.m.] [N] C:\ProgramData\FLEXnet
      [01/05/2011 08:04 p.m.] [17/01/2008 11:59 p.m.] [N] C:\ProgramData\Google
      [04/06/2009 10:06 p.m.] [04/06/2009 10:06 p.m.] [N] C:\ProgramData\Hewlett-Packard
      [16/01/2012 09:03 p.m.] [04/06/2009 09:46 p.m.] [N] C:\ProgramData\HP
      [16/01/2012 09:03 p.m.] [16/01/2012 08:36 p.m.] [N] C:\ProgramData\HP Photo Creations
      C:\ProgramData\hpzinstall.log [AN] 1.07 KB 0
      [17/10/2010 08:17 p.m.] [17/10/2010 08:17 p.m.] [N] C:\ProgramData\InstallShield
      [25/12/2012 09:51 p.m.] [25/12/2012 09:51 p.m.] [N] C:\ProgramData\Malwarebytes
      [11/06/2010 01:21 p.m.] [11/06/2010 01:21 p.m.] [N] C:\ProgramData\McAfee
      [06/08/2008 09:41 p.m.] [06/08/2008 09:41 p.m.] [HSN] C:\ProgramData\Menú Inicio
      [22/09/2008 08:05 p.m.] [07/08/2008 12:54 a.m.] [N] C:\ProgramData\Messenger Plus!
      [11/04/2012 06:47 p.m.] [02/11/2006 05:18 a.m.] [SN] C:\ProgramData\Microsoft
      [13/12/2012 07:43 a.m.] [18/01/2008 12:03 a.m.] [N] C:\ProgramData\Microsoft Help
      [06/08/2008 09:41 p.m.] [06/08/2008 09:41 p.m.] [HSN] C:\ProgramData\Plantillas
      [10/08/2008 11:52 p.m.] [10/08/2008 11:52 p.m.] [N] C:\ProgramData\Real
      C:\ProgramData\ReminderNextRun [AN] 12 bytes 0
      [17/10/2010 08:23 p.m.] [17/10/2010 08:23 p.m.] [N] C:\ProgramData\Research In Motion
      [30/08/2012 06:38 a.m.] [17/10/2010 08:14 p.m.] [N] C:\ProgramData\Roxio
      [24/02/2011 10:22 p.m.] [24/02/2011 10:22 p.m.] [N] C:\ProgramData\Skype
      [17/10/2010 08:16 p.m.] [12/12/2007 05:35 a.m.] [N] C:\ProgramData\Sonic
      [02/09/2009 09:14 p.m.] [12/12/2007 05:24 a.m.] [N] C:\ProgramData\Sony Corporation
      [02/11/2006 07:02 a.m.] [02/11/2006 07:02 a.m.] [HSN] C:\ProgramData\Start Menu
      [01/05/2011 07:23 p.m.] [01/05/2011 07:23 p.m.] [N] C:\ProgramData\Sun
      [25/12/2012 11:44 a.m.] [25/12/2012 11:44 a.m.] [N] C:\ProgramData\SUPERAntiSpyware.com
      [11/08/2008 10:40 p.m.] [18/01/2008 12:28 a.m.] [N] C:\ProgramData\Symantec
      [02/11/2006 07:02 a.m.] [02/11/2006 07:02 a.m.] [HSN] C:\ProgramData\Templates
      [18/01/2008 12:21 a.m.] [18/01/2008 12:21 a.m.] [N] C:\ProgramData\VAIO Media Platform
      [04/06/2009 10:08 p.m.] [04/06/2009 10:08 p.m.] [N] C:\ProgramData\WEBREG
      [23/01/2012 10:35 p.m.] [23/01/2012 10:35 p.m.] [N] C:\ProgramData\WindowsSearch
      [07/06/2009 07:59 p.m.] [07/06/2009 07:59 p.m.] [N] C:\ProgramData\Zylom

      ==================== EOF ==================


      A continuación ejecuté Ccleaner.
      Luego bajé el Dr. Web cureit de su link, pero resultó no ser la misma versión que la de sus
      imágenes, la interfaz es diferente. Solo hice el escaneo rápido porque no pude encontrar
      la opción de escaneo completo. Igual te mando el log:

    9. #9
      Usuario Avatar de fabiola86
      Registrado
      may 2006
      Ubicación
      México
      Mensajes
      10

      Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      log de dr. web cureit:
      =============================================================================
      Dr.Web Scanner SE for Windows v7.0.100.12030
      (c) Doctor Web, Ltd., 1992-2012
      Scan session started 2012/12/26 16:27:10
      Module location : c:\users\jorge luis\appdata\local\temp\AD1BFE48-4C7DEA98-4EF585C8-D9B28158\
      =============================================================================
      OPTION [Automatic Apply Actions] NO
      OPTION [Turn Off Computer After Scan] NO
      OPTION [Use Sound Alerts] NO
      OPTION [Block Network] NO
      OPTION [Protect Process] NO
      OPTION [Protect Raw Disk] NO
      Using language: "Spanish (Español)"
      Available instances: 6
      Instances used: 6
      Platform: Windows Vista Premium x86 (Build 6001), Service Pack 1
      API Version: 2.2
      Scanning Engine version: 8.0.1.11280
      Virus Finding Engine version: 7.0.4.9250
      Total 88 virus bases are loaded from c:\users\jorge luis\appdata\local\temp\AD1BFE48-4C7DEA98-4EF585C8-D9B28158
      3ua6i02a 7.0 235b0c69e299c488208c58efadbd7898b21b92cb 2012/12/26 1425 873 records - OK
      1wmvklki 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OK
      ue5d1af0 7.0 05f8eb9f9826508ef8fbd04fefb1e4cece9891fe 2012/12/26 13:02:47 7225 records - OK
      vumdzg54 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OK
      gm9pv4a9 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OK
      yatw7abw 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OK
      17qeqbqc 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OK
      kj3vutm7 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OK
      xqey7adg 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK
      ff82xqs8 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OK
      4l7k47vl 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK
      fvturlg0 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 21:06:37 30226 records - OK
      eqj0mqzh 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OK
      ip6j1hw5 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OK
      k2prpbac 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OK
      puknpbo6 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OK
      ogvaaoil 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK
      5ovncm6g 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OK
      vlw7smbr 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK
      z3s4e4nn 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK
      tmyq7684 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OK
      bg4eedrt 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK
      yiu3b4ez 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OK
      wf8upz1v 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK
      50szecj7 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK
      mt0gfbob 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OK
      xxoo2ogs 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OK
      tmoh3zjn 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OK
      4lttvr0s 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OK
      opnpo02u 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OK
      h47uk1j8 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OK
      whulyyzx 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OK
      al1aaif3 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OK
      r5yt5fh5 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OK
      jo5xcyah 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OK
      fb1vcmoo 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OK
      udn0zhwj 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OK
      v56orw4l 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OK
      zx70t1xm 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK
      jnlhsaco 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK
      3n297q6q 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK
      uq70c96g 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OK
      jjqtfqn9 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 21:04:43 19126 records - OK
      x1b16sa1 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 21:03:23 14920 records - OK
      u7pqquxc 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 21:03:25 19017 records - OK
      t2wyh12w 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OK
      jlttsgf3 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OK
      moxt3m1r 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK
      5h9fd484 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OK
      y96yvfiu 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK
      kvgk65xo 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OK
      cr883xug 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OK
      vkalbe69 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OK
      f1ltuxcl 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK
      2xgwiij1 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OK
      vh9jqk1m 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OK
      aek5bjgo 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OK
      3nzf9u3j 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OK
      khsjqvtr 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK
      sfmmv19p 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK
      gi5vj7tu 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OK
      ouh6rh8w 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK
      ld4pce5l 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OK
      dfup1cxa 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK
      kvdjyx1l 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OK
      g4zue8hl 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 19:00:00 353582 records - OK
      xjauughh 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 18:00:00 852776 records - OK
      xlhrp2dg 7.0 c8240106293ef4a2895569079854e4fe18549d5a 2012/12/26 1454 553 records - OK
      mpk3qmn8 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 21:14:14 1725 records - OK
      nmyqhh5a 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 21:12:52 2050 records - OK
      dkzzzwdk 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 22:13:14 1456 records - OK
      xabkp50o 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 22:12:36 1421 records - OK
      kb9ovhpa 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 21:12:30 1385 records - OK
      6f86p2an 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 22:56:09 1653 records - OK
      x6cmtt5f 7.0 ba0581b1e4e39000003c5b1ef2cd65619d234139 2012/12/26 1442 980 records - OK
      7z7eenne 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 21:23:23 1620 records - OK
      y7zpu77g 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 21:23:16 1658 records - OK
      ou1dwiid 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 22:23:20 1465 records - OK
      ovtmyyoy 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 22:23:14 1588 records - OK
      izb27fpy 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 22:22:36 1702 records - OK
      u8uuthka 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 22:22:36 1659 records - OK
      w3abzwui 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 22:22:34 1670 records - OK
      1vpl4ed2 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 21:22:28 1729 records - OK
      r7ucbt0z 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 21:23:00 1523 records - OK
      ayflwaqm 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 21:22:29 1805 records - OK
      1szk9eif 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 17:00:00 26456 records - OK
      3knanctv 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 16:00:00 74279 records - OK
      kivkficn 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 15:00:00 1 record - OK
      Total records count: 3511701
      Anti-rootkit module version (API 5.00 / 5.00)

      Using c:\users\jorge luis\appdata\local\temp\AD1BFE48-4C7DEA98-4EF585C8-D9B28158\ipwdrjuw.key as Dr.Web (R) Key file
      This Dr.Web (R) Key is for 1 computer (A User)

    10. #10
      Usuario Avatar de fabiola86
      Registrado
      may 2006
      Ubicación
      México
      Mensajes
      10

      Re: TR/ATRAPS.Gen2 - TR/Sirefef.H y avira

      -----------------------------------------------------------------------------
      Start scanning
      -----------------------------------------------------------------------------
      Command line used:-rpcep:\pipe\1E0AA1237 -rpcpr:np /protmode

      Object(s) to scan:
      - Scan processes in memory
      - Scan boot sectors
      - Scan startup directory
      - Scanning for rootkits
      - C:\AT-Cuarentena
      - C:\AT-Destroyer.txt
      - C:\autoexec.bat
      - C:\bootmgr
      - C:\BOOTSECT.BAK
      - C:\config.sys
      - C:\initrd.pam
      - C:\IO.SYS
      - C:\kernel.pam
      - C:\MSDOS.SYS
      - C:\pagefile.sys
      - C:\ProgramData.LOG1
      - C:\ProgramData.LOG2
      - C:\scu.dat
      - C:\sqmdata00.sqm
      - C:\sqmdata01.sqm
      - C:\sqmdata02.sqm
      - C:\sqmdata03.sqm
      - C:\sqmdata04.sqm
      - C:\sqmdata05.sqm
      - C:\sqmdata06.sqm
      - C:\sqmdata07.sqm
      - C:\sqmdata08.sqm
      - C:\sqmdata09.sqm
      - C:\sqmdata10.sqm
      - C:\sqmdata11.sqm
      - C:\sqmdata12.sqm
      - C:\sqmdata13.sqm
      - C:\sqmdata14.sqm
      - C:\sqmdata15.sqm
      - C:\sqmdata16.sqm
      - C:\sqmdata17.sqm
      - C:\sqmdata18.sqm
      - C:\sqmdata19.sqm
      - C:\sqmnoopt00.sqm
      - C:\sqmnoopt01.sqm
      - C:\sqmnoopt02.sqm
      - C:\sqmnoopt03.sqm
      - C:\sqmnoopt04.sqm
      - C:\sqmnoopt05.sqm
      - C:\sqmnoopt06.sqm
      - C:\sqmnoopt07.sqm
      - C:\sqmnoopt08.sqm
      - C:\sqmnoopt09.sqm
      - C:\sqmnoopt10.sqm
      - C:\sqmnoopt11.sqm
      - C:\sqmnoopt12.sqm
      - C:\sqmnoopt13.sqm
      - C:\sqmnoopt14.sqm
      - C:\sqmnoopt15.sqm
      - C:\sqmnoopt16.sqm
      - C:\sqmnoopt17.sqm
      - C:\sqmnoopt18.sqm
      - C:\sqmnoopt19.sqm
      - C:\TDSSKiller.2.8.15.0_26.12.2012_10.46.18_log.txt
      - C:\UsbFix.txt
      - C:\UsbFix_Upload_Me_JORGELUIS1.zip
      - C:\vcredist_x86.log
      - C:\Windows\system32\
      - C:\Users\JoRgE lUiS\Documents\
      - C:\Windows\TEMP\
      - C:\Users\JORGEL~1\AppData\Local\Temp\

      Computer\Motherboard\SYSTEM BIOS - Ok
      c:\windows\system32\drivers\ntfs.sys - Ok
      c:\windows\system32\drivers\fastfat.sys - Ok
      c:\windows\system32\drivers\ndis.sys - Ok
      c:\windows\system32\drivers\ksecdd.sys - Ok
      c:\windows\system32\drivers\beep.sys - Ok
      c:\windows\system32\drivers\mouclass.sys - Ok
      c:\windows\system32\drivers\kbdclass.sys - Ok
      c:\windows\system32\drivers\ndproxy.sys - Ok
      c:\windows\system32\drivers\vga.sys - Ok
      c:\windows\system32\drivers\msisadrv.sys - Ok
      c:\windows\system32\drivers\compbatt.sys - Ok
      c:\windows\system32\drivers\mountmgr.sys - Ok
      c:\windows\system32\drivers\ecache.sys - Ok
      c:\windows\system32\drivers\ohci1394.sys - Ok
      c:\windows\system32\drivers\rtlh86.sys - Ok
      c:\windows\system32\drivers\atapi.sys - Ok
      c:\windows\system32\drivers\volmgrx.sys - Ok
      c:\windows\system32\drivers\rasacd.sys - Ok
      >c:\windows\system32\drivers\pacer.sys - packed by FLY-CODE
      >>c:\windows\system32\drivers\pacer.sys - packed by FLY-CODE
      c:\windows\system32\drivers\pacer.sys - Ok
      c:\windows\system32\drivers\tunmp.sys - Ok
      c:\windows\system32\drivers\mouhid.sys - Ok
      c:\windows\system32\drivers\usbuhci.sys - Ok
      c:\windows\system32\win32k.sys - Ok
      c:\windows\system32\drivers\usbhub.sys - Ok
      c:\windows\system32\drivers\tunnel.sys - Ok
      >c:\windows\system32\drivers\rassstp.sys - packed by PESTUB
      c:\windows\system32\drivers\rassstp.sys - Ok
      c:\windows\system32\drivers\swenum.sys - Ok
      c:\windows\system32\drivers\usbccgp.sys - Ok
      c:\windows\system32\drivers\raspppoe.sys - Ok
      c:\windows\system32\drivers\termdd.sys - Ok
      c:\windows\system32\drivers\rasl2tp.sys - Ok
      >c:\windows\system32\drivers\umbus.sys - packed by FLY-CODE
      c:\windows\system32\drivers\umbus.sys - Ok
      c:\windows\system32\drivers\raspptp.sys - Ok
      c:\windows\system32\drivers\crcdisk.sys - Ok
      c:\windows\system32\drivers\netw4v32.sys - Ok
      c:\windows\system32\hal.dll - Ok
      c:\windows\system32\clfs.sys - Ok
      c:\windows\system32\drivers\smb.sys - Ok
      c:\windows\system32\drivers\nwifi.sys - Ok
      c:\windows\system32\drivers\netbt.sys - Ok
      c:\windows\system32\drivers\cdrom.sys - Ok
      >c:\windows\system32\drivers\rdpencdd.sys - packed by FLY-CODE
      >>c:\windows\system32\drivers\rdpencdd.sys - packed by FLY-CODE
      c:\windows\system32\drivers\rdpencdd.sys - Ok
      >c:\windows\system32\drivers\pciide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\pciide.sys - Ok
      c:\windows\system32\drivers\mssmbios.sys - Ok
      c:\windows\system32\drivers\msiscsi.sys - Ok
      c:\windows\system32\drivers\pcmcia.sys - Ok
      c:\windows\system32\drivers\tdx.sys - Ok
      c:\windows\system32\drivers\tcpip.sys - Ok
      c:\windows\system32\drivers\kbdhid.sys - Ok
      c:\windows\system32\drivers\nsiproxy.sys - Ok
      c:\windows\system32\drivers\volmgr.sys - Ok
      c:\windows\system32\drivers\volsnap.sys - Ok
      c:\windows\system32\drivers\usbehci.sys - Ok
      >c:\windows\system32\drivers\null.sys - packed by FLY-CODE
      c:\windows\system32\drivers\null.sys - Ok
      c:\windows\system32\drivers\disk.sys - Ok
      c:\windows\system32\drivers\gearaspiwdm.sys - Ok
      c:\windows\system32\drivers\pci.sys - Ok
      c:\windows\system32\drivers\ndistapi.sys - Ok
      c:\windows\system32\drivers\ndiswan.sys - Ok
      c:\windows\system32\drivers\partmgr.sys - Ok
      c:\windows\system32\drivers\hdaudbus.sys - Ok
      >c:\windows\system32\drivers\wdf01000.sys - packed by FLY-CODE
      c:\windows\system32\drivers\wdf01000.sys - Ok
      c:\windows\system32\drivers\sfep.sys - Ok
      c:\windows\system32\drivers\acpi.sys - Ok
      c:\windows\system32\drivers\ndisuio.sys - Ok
      c:\windows\system32\drivers\afd.sys - Ok
      c:\windows\system32\drivers\hidusb.sys - Ok
      c:\windows\system32\drivers\syntp.sys - Ok
      c:\windows\system32\drivers\pxhelp20.sys - Ok
      c:\windows\system32\drivers\i8042prt.sys - Ok
      c:\windows\system32\drivers\netbios.sys - Ok
      c:\windows\system32\drivers\dfsc.sys - Ok
      c:\windows\system32\drivers\rdbss.sys - Ok
      c:\users\jorge luis\appdata\local\temp\20e4be64b.sys - file not found
      c:\users\jorge luis\appdata\local\temp\1e15e69e0.sys - file not found
      c:\windows\system32\drivers\mup.sys - Ok
      c:\windows\system32\drivers\bowser.sys - Ok
      c:\windows\system32\drivers\npfs.sys - Ok
      c:\windows\system32\drivers\msfs.sys - Ok
      c:\windows\system32\drivers\fileinfo.sys - Ok
      c:\windows\system32\drivers\fs_rec.sys - Ok
      c:\windows\system32\drivers\mrxsmb.sys - Ok
      c:\windows\system32\drivers\fltmgr.sys - Ok
      c:\windows\system32\drivers\mrxsmb10.sys - Ok
      >c:\windows\system32\drivers\cdfs.sys - packed by FLY-CODE
      c:\windows\system32\drivers\cdfs.sys - Ok
      c:\windows\system32\drivers\mrxsmb20.sys - Ok
      c:\windows\system32\ntkrnlpa.exe - Ok
      c:\windows\system32\kdcom.dll - Ok
      >c:\windows\system32\mcupdate_genuineintel.dll - packed by FLY-CODE
      c:\windows\system32\mcupdate_genuineintel.dll - Ok
      c:\windows\system32\pshed.dll - Ok
      c:\windows\system32\bootvid.dll - Ok
      c:\windows\system32\ci.dll - Ok
      >c:\windows\system32\drivers\wdfldr.sys - packed by FLY-CODE
      c:\windows\system32\drivers\wdfldr.sys - Ok
      >c:\windows\system32\drivers\wmilib.sys - packed by FLY-CODE
      c:\windows\system32\drivers\wmilib.sys - Ok
      >c:\windows\system32\drivers\battc.sys - packed by FLY-CODE
      c:\windows\system32\drivers\battc.sys - Ok
      >c:\windows\system32\drivers\pciidex.sys - packed by FLY-CODE
      c:\windows\system32\drivers\pciidex.sys - Ok
      >c:\windows\system32\drivers\ataport.sys - packed by FLY-CODE
      c:\windows\system32\drivers\ataport.sys - Ok
      c:\windows\system32\drivers\msrpc.sys - Ok
      >c:\windows\system32\drivers\netio.sys - packed by FLY-CODE
      c:\windows\system32\drivers\netio.sys - Ok
      >c:\windows\system32\drivers\fwpkclnt.sys - packed by PESTUB
      c:\windows\system32\drivers\fwpkclnt.sys - Ok
      >c:\windows\system32\drivers\classpnp.sys - packed by FLY-CODE
      c:\windows\system32\drivers\classpnp.sys - Ok
      c:\windows\system32\drivers\usbport.sys - Ok
      c:\windows\system32\drivers\1394bus.sys - Ok
      c:\windows\system32\drivers\usbd.sys - Ok
      >c:\windows\system32\drivers\storport.sys - packed by FLY-CODE
      c:\windows\system32\drivers\storport.sys - Ok
      >c:\windows\system32\drivers\tdi.sys - packed by FLY-CODE
      c:\windows\system32\drivers\tdi.sys - Ok
      c:\windows\system32\drivers\ks.sys - Ok
      >c:\windows\system32\drivers\videoprt.sys - packed by FLY-CODE
      c:\windows\system32\drivers\videoprt.sys - Ok
      >c:\windows\system32\drivers\watchdog.sys - packed by FLY-CODE
      c:\windows\system32\drivers\watchdog.sys - Ok
      c:\windows\system32\drivers\hidclass.sys - Ok
      c:\windows\system32\drivers\hidparse.sys - Ok
      c:\windows\system32\drivers\crashdmp.sys - Ok
      c:\windows\system32\drivers\dump_dumpata.sys - file not found
      c:\windows\system32\drivers\dump_atapi.sys - file not found
      >c:\windows\system32\drivers\dxapi.sys - packed by FLY-CODE
      c:\windows\system32\drivers\dxapi.sys - Ok
      >c:\windows\system32\drivers\dxg.sys - packed by FLY-CODE
      c:\windows\system32\drivers\dxg.sys - Ok
      c:\windows\system32\tsddd.dll - Ok
      c:\windows\system32\framebuf.dll - Ok
      System Process - file not found
      c:\windows\system32\smss.exe - Ok
      c:\windows\system32\csrss.exe - Ok
      c:\windows\system32\wininit.exe - Ok
      c:\windows\system32\winlogon.exe - Ok
      c:\windows\system32\services.exe - Ok
      c:\windows\system32\lsass.exe - Ok
      c:\windows\system32\lsm.exe - Ok
      >c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\r9sl4e8z.exe is BINARYRES container
      c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\r9sl4e8z.exe - container
      c:\windows\system32\svchost.exe - Ok
      c:\program files\superantispyware\sascore.exe - Ok
      >c:\users\jorge luis\downloads\anti-virus\tdl19eig.exe is BINARYRES container
      >>c:\users\jorge luis\downloads\anti-virus\tdl19eig.exe\data001 - packed by BINARYRES
      >>c:\users\jorge luis\downloads\anti-virus\tdl19eig.exe\data002 - packed by BINARYRES
      c:\users\jorge luis\downloads\anti-virus\tdl19eig.exe - container
      c:\windows\explorer.exe - Ok
      c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\wnf45dzl.exe - Ok
      c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\h1u2z4pt.exe - Ok
      c:\windows\system32\ntdll.dll - Ok
      c:\windows\system32\sxs.dll - Ok
      c:\windows\system32\winsrv.dll - Ok
      c:\windows\system32\basesrv.dll - Ok
      c:\windows\system32\csrsrv.dll - Ok
      c:\windows\system32\user32.dll - Ok
      c:\windows\system32\gdi32.dll - Ok
      c:\windows\system32\rpcrt4.dll - Ok
      c:\windows\system32\lpk.dll - Ok
      c:\windows\system32\kernel32.dll - Ok
      c:\windows\system32\advapi32.dll - Ok
      c:\windows\system32\usp10.dll - Ok
      c:\windows\system32\msvcrt.dll - Ok
      c:\windows\system32\wshtcpip.dll - Ok
      c:\windows\system32\schannel.dll - Ok
      c:\windows\system32\mswsock.dll - Ok
      c:\windows\system32\wship6.dll - Ok
      >c:\windows\system32\credssp.dll - packed by FLY-CODE
      c:\windows\system32\credssp.dll - Ok
      c:\windows\system32\crypt32.dll - Ok
      c:\windows\system32\msasn1.dll - Ok
      c:\windows\system32\netapi32.dll - Ok
      c:\windows\system32\secur32.dll - Ok
      c:\windows\system32\userenv.dll - Ok
      c:\windows\system32\psapi.dll - Ok
      c:\windows\system32\msctf.dll - Ok
      c:\windows\system32\ws2_32.dll - Ok
      c:\windows\system32\imm32.dll - Ok
      >c:\windows\system32\nsi.dll - packed by FLY-CODE
      c:\windows\system32\nsi.dll - Ok
      c:\windows\system32\shsvcs.dll - Ok
      c:\windows\system32\ntmarta.dll - Ok
      c:\windows\system32\mpr.dll - Ok
      c:\windows\system32\slc.dll - Ok
      c:\windows\system32\samlib.dll - Ok
      c:\windows\system32\winsta.dll - Ok
      >c:\windows\system32\ole32.dll is BINARYRES container
      c:\windows\system32\ole32.dll - container
      c:\windows\system32\wldap32.dll - Ok
      c:\windows\system32\ncobjapi.dll - Ok
      c:\windows\system32\authz.dll - Ok
      c:\windows\system32\scesrv.dll - Ok
      c:\windows\system32\dssenh.dll - Ok
      c:\windows\system32\keyiso.dll - Ok
      c:\windows\system32\scecli.dll - Ok
      c:\windows\system32\gpapi.dll - Ok
      c:\windows\system32\tspkg.dll - Ok
      c:\windows\system32\rsaenh.dll - Ok
      c:\windows\system32\winbrand.dll - Ok
      c:\windows\system32\netlogon.dll - Ok
      c:\windows\system32\msv1_0.dll - Ok
      c:\windows\system32\wdigest.dll - Ok
      c:\windows\system32\kerberos.dll - Ok
      c:\windows\system32\bcrypt.dll - Ok
      c:\windows\system32\ncrypt.dll - Ok
      c:\windows\system32\msprivs.dll - Ok
      c:\windows\system32\dhcpcsvc6.dll - Ok
      c:\windows\system32\cngaudit.dll - Ok
      >c:\windows\system32\winnsi.dll - packed by FLY-CODE
      c:\windows\system32\winnsi.dll - Ok
      c:\windows\system32\dhcpcsvc.dll - Ok
      c:\windows\system32\wevtapi.dll - Ok
      c:\windows\system32\iphlpapi.dll - Ok
      c:\windows\system32\ntdsapi.dll - Ok
      c:\windows\system32\feclient.dll - Ok
      c:\windows\system32\dnsapi.dll - Ok
      c:\windows\system32\cryptdll.dll - Ok
      c:\windows\system32\samsrv.dll - Ok
      c:\windows\system32\lsasrv.dll - Ok
      c:\windows\system32\sysntfy.dll - Ok
      c:\windows\system32\setupapi.dll - Ok
      c:\windows\system32\oleaut32.dll - Ok
      c:\windows\system32\wmsgapi.dll - Ok
      c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll - Ok
      c:\windows\system32\pnrpnsp.dll - Ok
      c:\windows\system32\wshbth.dll - Ok
      c:\windows\system32\winrnr.dll - Ok
      c:\windows\system32\napinsp.dll - Ok
      c:\windows\system32\wbem\wbemprox.dll - Ok
      c:\windows\system32\wbem\fastprox.dll - Ok
      c:\windows\system32\wbem\wbemsvc.dll - Ok
      c:\windows\system32\tapi32.dll - Ok
      c:\windows\system32\rasapi32.dll - Ok
      c:\windows\system32\rasadhlp.dll - Ok
      c:\windows\system32\windowscodecs.dll - Ok
      c:\windows\system32\shdocvw.dll - Ok
      c:\windows\system32\winmm.dll - Ok
      c:\windows\system32\iconcodecservice.dll - Ok
      c:\windows\system32\dwmapi.dll - Ok
      c:\windows\system32\wbemcomn.dll - Ok
      c:\windows\system32\rasman.dll - Ok
      c:\windows\system32\rtutils.dll - Ok
      c:\windows\system32\oleacc.dll - Ok
      c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll - Ok
      c:\windows\system32\uxtheme.dll - Ok
      >c:\windows\system32\msimg32.dll - packed by FLY-CODE
      c:\windows\system32\msimg32.dll - Ok
      c:\windows\system32\version.dll - Ok
      c:\windows\system32\clbcatq.dll - Ok
      c:\windows\system32\urlmon.dll - Ok
      c:\windows\system32\shlwapi.dll - Ok
      c:\windows\system32\normaliz.dll - Ok
      c:\windows\system32\shell32.dll - Ok
      c:\windows\system32\comdlg32.dll - Ok
      c:\windows\system32\wininet.dll - Ok
      c:\windows\system32\iertutil.dll - Ok
      c:\windows\system32\cabinet.dll - Ok
      c:\windows\system32\wtsapi32.dll - Ok
      c:\windows\system32\rpcss.dll - Ok
      c:\windows\system32\firewallapi.dll - Ok
      c:\windows\system32\umpnpmgr.dll - Ok
      c:\windows\system32\powrprof.dll - Ok
      c:\windows\system32\wbem\winmgmtr.dll - Ok
      c:\windows\system32\wevtsvc.dll - Ok
      c:\windows\system32\profsvc.dll - Ok
      c:\windows\system32\lmhsvc.dll - Ok
      c:\windows\system32\wbem\wbemess.dll - Ok
      c:\windows\system32\wbem\wmiprvsd.dll - Ok
      c:\windows\system32\wbem\repdrvfs.dll - Ok
      c:\windows\system32\wbem\wbemcore.dll - Ok
      c:\windows\system32\wbem\esscli.dll - Ok
      c:\windows\system32\wbem\ncprov.dll - Ok
      c:\windows\system32\wbem\wmiutils.dll - Ok
      c:\windows\system32\vssapi.dll - Ok
      c:\windows\system32\wbem\wmisvc.dll - Ok
      c:\windows\system32\vsstrace.dll - Ok
      c:\windows\system32\xmllite.dll - Ok
      c:\windows\system32\umb.dll - Ok
      c:\windows\system32\eapphost.dll - Ok
      c:\windows\system32\wintrust.dll - Ok
      c:\windows\system32\eapsvc.dll - Ok
      c:\windows\system32\atl.dll - Ok
      c:\windows\system32\nlaapi.dll - Ok
      c:\windows\system32\imagehlp.dll - Ok
      c:\windows\system32\upnp.dll - Ok
      c:\windows\system32\hnetcfg.dll - Ok
      c:\windows\system32\adsldpc.dll - Ok
      c:\windows\system32\activeds.dll - Ok
      c:\windows\system32\rasdlg.dll - Ok
      c:\windows\system32\netshell.dll - Ok
      c:\windows\system32\credui.dll - Ok
      c:\windows\system32\netman.dll - Ok
      c:\windows\system32\mprapi.dll - Ok
      c:\windows\system32\netcfgx.dll - Ok
      c:\windows\system32\winhttp.dll - Ok
      c:\windows\system32\ssdpapi.dll - Ok
      c:\windows\system32\msxml6.dll - Ok
      c:\windows\system32\winscard.dll - Ok
      c:\windows\system32\wlanutil.dll - Ok
      c:\windows\system32\onex.dll - Ok
      c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll - Ok
      c:\windows\system32\l2gpstore.dll - Ok
      c:\windows\system32\wlgpclnt.dll - Ok
      c:\windows\system32\eappcfg.dll - Ok
      c:\windows\system32\wlansec.dll - Ok
      c:\windows\system32\wlanmsm.dll - Ok
      c:\windows\system32\duser.dll - Ok
      c:\windows\system32\wlansvc.dll - Ok
      c:\windows\system32\eappprxy.dll - Ok
      c:\windows\system32\esent.dll - Ok
      c:\windows\system32\nlasvc.dll - Ok
      c:\windows\system32\cryptsvc.dll - Ok
      c:\windows\system32\ncsi.dll - Ok
      c:\windows\system32\cfgmgr32.dll - Ok
      c:\windows\system32\dnsrslvr.dll - Ok
      c:\windows\system32\netprofm.dll - Ok
      c:\windows\system32\npmproxy.dll - Ok
      c:\windows\system32\wkssvc.dll - Ok
      c:\windows\system32\nsisvc.dll - Ok
      c:\windows\system32\btwpimif.dll - Ok
      c:\windows\system32\igfxpph.dll - Ok
      c:\windows\system32\hccutils.dll - Ok
      c:\program files\superantispyware\sasctxmn.dll - Ok
      c:\windows\system32\btosif.dll - Ok
      c:\windows\system32\btwnelib.dll - Ok
      c:\windows\system32\btwnamespaceext.dll - Ok
      c:\windows\system32\btwapi.dll - Ok
      c:\program files\powerarchiver\pashlext.dll - Ok
      c:\windows\system32\btncopy.dll - Ok
      >c:\windows\system32\mfc100u.dll is ZLIB container
      c:\windows\system32\mfc100u.dll - container
      c:\program files\common files\microsoft shared\office11\msxml5.dll - Ok
      c:\windows\system32\zipfldr.dll - Ok
      c:\windows\system32\msvcr100.dll - Ok
      c:\windows\system32\wmvcore.dll - Ok
      c:\windows\system32\msvcp100.dll - Ok
      c:\windows\system32\imapi2.dll - Ok
      c:\windows\system32\portabledeviceapi.dll - Ok
      c:\windows\system32\synccenter.dll - Ok
      c:\program files\avira\antivir desktop\shlext.dll - Ok
      c:\windows\system32\syncui.dll - Ok
      c:\windows\system32\msvfw32.dll - Ok
      c:\windows\system32\mediametadatahandler.dll - Ok
      c:\program files\malwarebytes' anti-malware\mbamext.dll - Ok
      c:\windows\system32\wmasf.dll - Ok
      c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - Ok
      c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - Ok
      c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - Ok
      c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - Ok
      c:\program files\common files\microsoft shared\ink\tiptsf.dll - Ok
      c:\windows\system32\actxprxy.dll - Ok
      c:\program files\microsoft office\office12\msohevi.dll - Ok
      c:\windows\system32\winspool.drv - Ok
      c:\windows\system32\ieframe.dll - Ok
      c:\windows\system32\nlslexicons000a.dll - Ok
      c:\windows\system32\ntlanman.dll - Ok
      c:\windows\system32\fwpuclnt.dll - Ok
      c:\windows\system32\qagent.dll - Ok
      c:\windows\system32\portabledevicetypes.dll - Ok
      c:\windows\system32\synceng.dll - Ok
      c:\windows\system32\msacm32.dll - Ok
      c:\windows\system32\bthprops.cpl - Ok
      c:\windows\system32\webcheck.dll - Ok
      c:\windows\system32\srchadmin.dll - Ok
      c:\windows\system32\avifil32.dll - Ok
      c:\windows\system32\thumbcache.dll - Ok
      c:\windows\system32\davclnt.dll - Ok
      c:\windows\system32\wpdshserviceobj.dll - Ok
      c:\windows\system32\mlang.dll - Ok
      c:\windows\system32\wlanapi.dll - Ok
      c:\windows\system32\msi.dll - Ok
      c:\windows\system32\mfc100esn.dll - Ok
      c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\atl80.dll - Ok
      c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80esp.dll - Ok
      c:\windows\system32\msxml3.dll - Ok
      c:\windows\system32\nlsdata000a.dll - Ok
      c:\windows\system32\ntshrui.dll - Ok
      c:\windows\system32\fundisc.dll - Ok
      c:\windows\system32\pnidui.dll - Ok
      c:\windows\system32\batmeter.dll - Ok
      c:\windows\system32\stobject.dll - Ok
      c:\windows\system32\alttab.dll - Ok
      c:\windows\system32\es.dll - Ok
      c:\windows\system32\naturallanguage6.dll - Ok
      c:\windows\ehome\ehsso.dll - Ok
      c:\windows\system32\sndvolsso.dll - Ok
      c:\windows\system32\drprov.dll - Ok
      c:\windows\system32\qutil.dll - Ok
      c:\windows\system32\msiltcfg.dll - Ok
      c:\windows\system32\hid.dll - Ok
      c:\windows\system32\msshsq.dll - Ok
      c:\windows\system32\explorerframe.dll - Ok
      c:\windows\system32\mmdevapi.dll - Ok
      c:\windows\system32\apphelp.dll - Ok
      >c:\windows\system32\timedate.cpl is ZLIB container
      c:\windows\system32\timedate.cpl - container
      c:\windows\system32\browseui.dll - Ok
      c:\windows\system32\avrt.dll - Ok
      c:\windows\system32\ksuser.dll - Ok
      c:\windows\system32\wdmaud.drv - Ok
      c:\windows\system32\linkinfo.dll - Ok
      c:\windows\system32\propsys.dll - Ok
      c:\windows\system32\shacct.dll - Ok
      c:\windows\system32\cscapi.dll - Ok
      c:\windows\system32\fdproxy.dll - Ok
      c:\windows\system32\authui.dll - Ok
      >c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\yn7j07qv.dll is BINARYRES container
      >>c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\yn7j07qv.dll\data003 - packed by BINARYRES
      >>c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\yn7j07qv.dll\data004 - packed by BINARYRES
      c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\yn7j07qv.dll - container
      c:\windows\system32\pdh.dll - Ok
      c:\windows\system32\taskschd.dll - Ok
      c:\windows\system32\mstask.dll - Ok
      c:\users\jorge luis\appdata\roaming\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
      c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
      c:\programdata\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
      c:\programdata\microsoft\windows\start menu\programs\startup\bttray.lnk - Ok
      c:\windows\system32\pautoenr.dll - Ok
      c:\windows\system32\qmgr.dll - Ok
      c:\windows\system32\apds.dll - Ok
      c:\windows\system32\efsadu.dll - Ok
      c:\windows\system32\spoolss.dll - Ok
      c:\windows\system32\powercpl.dll - Ok
      c:\windows\system32\mssha.dll - Ok
      c:\windows\system32\wpd_ci.dll - Ok
      c:\windows\system32\werfault.exe - Ok
      c:\windows\system32\ocsetup.exe - Ok
      c:\windows\system32\wsmres.dll - Ok
      c:\windows\system32\ipnathlp.dll - Ok
      c:\windows\system32\wsqmcons.exe - Ok
      c:\windows\system32\windowspowershell\v1.0\psevents.dll - Ok
      c:\windows\system32\powercfg.cpl - Ok
      c:\windows\system32\racagent.exe - Ok
      c:\windows\system32\perfctrs.dll - Ok
      c:\windows\system32\quartz.dll - Ok
      c:\windows\system32\wuaueng.dll - Ok
      c:\windows\system32\dimsroam.dll - Ok
      c:\windows\system32\l2nacp.dll - Ok
      c:\windows\system32\napipsec.dll - Ok
      c:\windows\system32\wbem\win32_tpm.dll - Ok
      c:\windows\system32\hotstartuseragent.dll - Ok
      c:\windows\system32\mdsched.exe - Ok
      c:\windows\system32\dimsjob.dll - Ok
      c:\windows\system32\lpksetup.exe - Ok
      c:\windows\system32\mciavi32.dll - Ok
      c:\windows\system32\dfdwiz.exe - Ok
      c:\windows\system32\wevtfwd.dll - Ok
      c:\windows\system32\sud.dll - Ok
      c:\windows\system32\osbaseln.dll - Ok
      c:\windows\system32\relpost.exe - Ok
      c:\windows\system32\rdrleakdiag.exe - Ok
      c:\windows\system32\printfilterpipelinesvc.exe - Ok
      c:\windows\system32\msra.exe - Ok
      >c:\windows\system32\wscui.cpl is ZLIB container
      c:\windows\system32\wscui.cpl - container
      c:\windows\system32\adtschema.dll - Ok
      c:\windows\system32\firewall.cpl - Ok
      c:\windows\system32\certenroll.dll - Ok
      c:\windows\system32\pcaui.dll - Ok
      c:\windows\system32\racengn.dll - Ok
      c:\windows\system32\mpssvc.dll - Ok
      c:\windows\system32\wbem\ntevt.dll - Ok
      c:\windows\system32\wudfplatform.dll - Ok
      c:\windows\system32\mstscax.dll - Ok
      c:\windows\system32\drivers\umdf\wpdmtpdr.dll - Ok
      c:\windows\system32\msdt.exe - Ok
      c:\program files\windows collaboration\wincollabres.dll - Ok
      c:\windows\system32\oleres.dll - Ok
      c:\windows\system32\msdtcvsp1res.dll - Ok
      c:\windows\system32\prflbmsg.dll - Ok
      >c:\windows\system32\speech\speechux\speechux.dll is ZLIB container
      c:\windows\system32\speech\speechux\speechux.dll - container
      c:\windows\system32\loadperf.dll - Ok
      c:\windows\system32\comres.dll - Ok
      c:\windows\system32\wusa.exe - Ok
      c:\windows\system32\rstrtmgr.dll - Ok
      c:\windows\system32\wdc.dll - Ok
      c:\windows\system32\wpc.dll - Ok
      c:\program files\windows mail\windowsmailgadget.exe - Ok
      c:\program files\windows media player\wmpsideshowgadget.exe - Ok
      c:\program files\windows media player\wmpnscfg.exe - Ok
      c:\windows\system32\p2pcollab.dll - Ok
      c:\windows\system32\p2pnetsh.dll - Ok
      >c:\windows\system32\wlancfg.dll - packed by PESTUB
      c:\windows\system32\wlancfg.dll - Ok
      c:\windows\system32\nshipsec.dll - Ok
      c:\windows\system32\napmontr.dll - Ok
      >c:\windows\system32\dot3cfg.dll - packed by PESTUB
      c:\windows\system32\dot3cfg.dll - Ok
      c:\windows\system32\rpcnsh.dll - Ok
      >c:\windows\system32\hnetmon.dll - packed by PESTUB
      c:\windows\system32\hnetmon.dll - Ok
      c:\windows\system32\whhelper.dll - Ok
      c:\windows\system32\netiohlp.dll - Ok
      >c:\windows\system32\ifmon.dll - packed by PESTUB
      c:\windows\system32\ifmon.dll - Ok
      c:\windows\system32\authfwcfg.dll - Ok
      >c:\windows\system32\fwcfg.dll - packed by PESTUB
      c:\windows\system32\fwcfg.dll - Ok
      c:\windows\system32\nshhttp.dll - Ok
      c:\windows\system32\wshelper.dll - Ok
      c:\windows\system32\rasmontr.dll - Ok
      c:\windows\system32\dhcpcmonitor.dll - Ok
      c:\windows\system32\rasplap.dll - Ok
      c:\windows\system32\smartcardcredentialprovider.dll - Ok
      >c:\windows\system32\dfrgui.exe is ZLIB container
      c:\windows\system32\dfrgui.exe - container
      c:\windows\system32\cleanmgr.exe - Ok
      c:\windows\system32\sdclt.exe - Ok
      c:\windows\system32\calc.exe - Ok
      c:\windows\system32\rdpwsx.dll - Ok
      c:\windows\system32\rdpcfgex.dll - Ok
      c:\windows\system32\osk.exe - Ok
      c:\windows\system32\narrator.exe - Ok
      c:\windows\system32\magnify.exe - Ok
      c:\program files\microsoft office\office12\mspub.exe - Ok
      >c:\windows\system32\pots.dll - packed by PESTUB
      c:\windows\system32\pots.dll - Ok
      c:\windows\system32\msdt.dll - Ok
      c:\windows\system32\netdiagfx.dll - Ok
      c:\windows\system32\pnpts.dll - Ok
      >c:\windows\system32\whealogr.dll - packed by PESTUB
      c:\windows\system32\whealogr.dll - Ok
      >c:\windows\system32\cofiredm.dll - packed by PESTUB
      c:\windows\system32\cofiredm.dll - Ok
      c:\windows\system32\apphlpdm.dll - Ok
      c:\windows\system32\radarrs.dll - Ok
      c:\windows\system32\pcadm.dll - Ok
      c:\windows\system32\radardt.dll - Ok
      c:\windows\system32\diagperf.dll - Ok
      c:\windows\system32\bitsigd.dll - Ok
      c:\windows\system32\cmd.exe - Ok
      c:\windows\system32\msobjs.dll - Ok
      c:\windows\system32\msaudite.dll - Ok
      c:\windows\system32\iassvcs.dll - Ok
      c:\windows\system32\dfdts.dll - Ok
      c:\windows\system32\vdsdyn.dll - Ok
      c:\windows\system32\vdsbas.dll - Ok
      c:\windows\system32\ntprint.dll - Ok
      c:\windows\system32\netmsg.dll - Ok
      >c:\windows\servicing\cbsmsg.dll - packed by PESTUB
      c:\windows\servicing\cbsmsg.dll - Ok
      c:\windows\system32\iscsilog.dll - Ok
      c:\windows\system32\rtm.dll - Ok
      c:\windows\system32\dispci.dll - Ok
      c:\windows\system32\dhcpqec.dll - Ok
      c:\windows\system32\win32spl.dll - Ok
      c:\windows\system32\netevent.dll - Ok
      c:\windows\system32\iologmsg.dll - Ok
      c:\windows\microsoft.net\framework\v4.0.30319\eventlogmessages.dll - Ok
      c:\windows\system32\wsepno.dll - Ok
      c:\windows\system32\sdengin2.dll - Ok
      c:\program files\windows defender\mpevmsg.dll - Ok
      c:\windows\system32\msvbvm60.dll - Ok
      >c:\windows\system32\usbperf.dll - packed by FLY-CODE
      c:\windows\system32\usbperf.dll - Ok
      c:\windows\system32\srcore.dll - Ok
      c:\program files\research in motion\blackberry\desktopmgr.exe - Ok
      c:\program files\common files\sony shared\avlib\sptisrvmsg.dll - Ok
      c:\windows\system32\sxproxy.dll - Ok
      c:\windows\system32\wscsvc.dll - Ok
      c:\windows\system32\mprmsg.dll - Ok
      c:\windows\system32\msimsg.dll - Ok
      c:\windows\system32\dfrgres.dll - Ok
      c:\program files\intervideo\dvd8\uveventmessage.dll - Ok
      c:\windows\microsoft.net\framework\v2.0.50727\eventlogmessages.dll - Ok
      c:\program files\common files\microsoft shared\dw\dw20.exe - Ok
      c:\program files\movie maker\dvdmaker.exe - Ok
      c:\windows\system32\dwm.exe - Ok
      c:\program files\common files\research in motion\rimdevicemanager\rimdevicemanager.exe - Ok
      c:\windows\system32\ulib.dll - Ok
      c:\windows\system32\wer.dll - Ok
      c:\program files\adobe\photoshop elements 6.0\platform.dll - Ok
      c:\windows\system32\tquery.dll - Ok
      c:\program files\sony\vaio media integrated server\platform\upnpframeworkmsg.dll - Ok
      c:\program files\common files\microsoft shared\office12\mssoap30.dll - Ok
      c:\program files\common files\system\ole db\msdmine.dll - Ok
      c:\windows\microsoft.net\framework\v4.0.30319\servicemodelevents.dll - Ok
      c:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelevents.dll - Ok
      c:\program files\common files\microsoft shared\ink\ipseventlogmsg.dll - Ok
      c:\windows\system32\icardres.dll - Ok
      c:\program files\avira\antivir desktop\avevtrc.dll - Ok
      c:\windows\microsoft.net\framework\v2.0.50727\es\aspnet_rc.dll - Ok
      c:\program files\java\jre6\bin\jp2ssv.dll - Ok
      c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll - Ok
      c:\program files\common files\adobe\acrobat\activex\pdfshell.dll - Ok
      >c:\program files\windows live\toolbar\wltcore.dll is BINARYRES container
      >>c:\program files\windows live\toolbar\wltcore.dll\data001 is JS-HTML container
      c:\program files\windows live\toolbar\wltcore.dll - container
      c:\program files\shares\prxtbsha2.dll - Ok
      c:\program files\windows live\photo gallery\photoviewershim.dll - Ok
      c:\program files\common files\microsoft shared\office12\msoshext.dll - Ok
      c:\program files\sony\vaio power management\spmpanel.dll - Ok
      c:\program files\synaptics\syntp\syntpcpl.dll - Ok
      c:\windows\system32\wlanpref.dll - Ok
      c:\program files\windows sidebar\sbdrop.dll - Ok
      c:\program files\common files\microsoft shared\ink\tipband.dll - Ok
      c:\windows\system32\wpdshext.dll - Ok
      c:\windows\system32\sdshext.dll - Ok
      c:\program files\windows defender\mpoav.dll - Ok
      c:\windows\system32\touchx.dll - Ok
      c:\windows\system32\wmpshell.dll - Ok
      c:\windows\system32\gameux.dll - Ok
      c:\program files\windows photo gallery\photoacq.dll - Ok
      c:\windows\system32\audiodev.dll - Ok
      c:\windows\system32\photowiz.dll - Ok
      c:\windows\system32\mssvp.dll - Ok
      c:\program files\windows media player\wmpband.dll - Ok
      >c:\program files\windows photo gallery\photoviewer.dll is ZLIB container
      c:\program files\windows photo gallery\photoviewer.dll - container
      >c:\windows\system32\ncdprop.dll - packed by PESTUB
      c:\windows\system32\ncdprop.dll - Ok
      c:\windows\system32\photometadatahandler.dll - Ok
      c:\windows\system32\dfsshlex.dll - Ok
      c:\windows\system32\ntlanui2.dll - Ok
      c:\windows\system32\cabview.dll - Ok
      c:\windows\system32\msieftp.dll - Ok
      >c:\windows\system32\fontext.dll - packed by BINARYRES
      >>c:\windows\system32\fontext.dll - packed by MS COMPRESS
      c:\windows\system32\fontext.dll - Ok
      c:\windows\system32\dskquoui.dll - Ok
      c:\windows\system32\docprop.dll - Ok
      c:\windows\system32\deskperf.dll - Ok
      c:\windows\system32\deskmon.dll - Ok
      c:\windows\system32\deskadp.dll - Ok
      c:\windows\msagent\agentpsh.dll - Ok
      c:\windows\system32\wshext.dll - Ok
      c:\windows\system32\remotepg.dll - Ok
      c:\windows\system32\acppage.dll - Ok
      c:\windows\system32\cryptext.dll - Ok
      c:\program files\windows mail\wabfind.dll - Ok
      c:\program files\common files\system\wab32.dll - Ok
      c:\windows\system32\xpsshhdr.dll - Ok
      c:\windows\system32\oleprn.dll - Ok
      c:\windows\system32\dfshim.dll - Ok
      c:\windows\system32\occache.dll - Ok
      c:\windows\system32\mydocs.dll - Ok
      c:\windows\system32\diskcopy.dll - Ok
      c:\windows\system32\appwiz.cpl - Ok
      c:\windows\system32\devmgr.dll - Ok
      >c:\windows\system32\dssec.dll - packed by PESTUB
      c:\windows\system32\dssec.dll - Ok
      c:\windows\system32\printui.dll - Ok
      c:\windows\system32\rshx32.dll - Ok
      c:\windows\system32\dsquery.dll - Ok
      c:\windows\system32\dsuiext.dll - Ok
      c:\windows\system32\colorui.dll - Ok
      c:\windows\system32\shwebsvc.dll - Ok
      c:\windows\system32\sendmail.dll - Ok
      >c:\windows\system32\icsigd.dll - packed by FLY-CODE
      c:\windows\system32\icsigd.dll - Ok
      c:\windows\system32\mmcshext.dll - Ok
      c:\windows\system32\networkexplorer.dll - Ok
      c:\program files\common files\system\ole db\oledb32.dll - Ok
      c:\program files\superantispyware\sasseh.dll - Ok
      c:\program files\windows live\mail\mailcomm.dll - Ok
      c:\program files\common files\microsoft shared\information retrieval\msitss.dll - Ok
      c:\program files\common files\microsoft shared\help\hxds.dll - Ok
      c:\windows\system32\inetcomm.dll - Ok
      c:\program files\windows live\messenger\msgrapp.14.0.8117.0416.dll - Ok
      c:\windows\system32\itss.dll - Ok
      c:\windows\system32\msvidctl.dll - Ok
      c:\windows\system32\mshtml.dll - Ok
      c:\program files\common files\microsoft shared\office12\msoxmlmf.dll - Ok
      c:\windows\system32\mscoree.dll - Ok
      c:\windows\system32\wsdmon.dll - Ok
      c:\windows\system32\usbmon.dll - Ok
      c:\windows\system32\tcpmon.dll - Ok
      c:\windows\system32\localspl.dll - Ok
      c:\windows\system32\hpzll5mu.dll - Ok
      c:\windows\system32\hpdiscopm9911.dll - Ok
      c:\windows\system32\hpinksts9911lm.dll - Ok
      c:\windows\system32\veswinlogon.dll - Ok
      c:\windows\system32\igfxdev.dll - Ok
      c:\windows\system32\drivers\xaudio.exe - Ok
      c:\windows\system32\drivers\xaudio.sys - Ok
      >c:\windows\system32\wudfsvc.dll - packed by PESTUB
      c:\windows\system32\wudfsvc.dll - Ok
      c:\windows\system32\drivers\wudfrd.sys - Ok
      c:\windows\system32\searchindexer.exe - Ok
      c:\windows\system32\drivers\ws2ifsl.sys - Ok
      c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe - Ok
      c:\windows\system32\drivers\wpdusb.sys - Ok
      c:\windows\system32\wpdbusenum.dll - Ok
      c:\windows\system32\wpcsvc.dll - Ok
      >c:\program files\windows media player\wmpnetwk.exe is ZLIB container
      c:\program files\windows media player\wmpnetwk.exe - container
      c:\windows\system32\wbem\wmiapsrv.exe - Ok
      c:\windows\system32\wbem\wmiaprpl.dll - Ok
      c:\windows\system32\drivers\wmiacpi.sys - Ok
      c:\windows\system32\winsock.dll - Ok
      c:\windows\system32\wsmsvc.dll - Ok
      c:\windows\system32\drivers\hsx_cnxt.sys - Ok
      c:\windows\system32\drivers\wimfltr.sys - Ok
      c:\windows\system32\wersvc.dll - Ok
      c:\windows\system32\wercplsupport.dll - Ok
      c:\windows\system32\wecsvc.dll - Ok
      c:\windows\system32\webclnt.dll - Ok
      c:\windows\system32\wdi.dll - Ok
      c:\windows\system32\drivers\wd.sys - Ok
      c:\windows\system32\wcspluginservice.dll - Ok
      c:\windows\system32\wcncsvc.dll - Ok
      c:\windows\system32\drivers\wanarp.sys - Ok
      c:\windows\system32\drivers\wacompen.sys - Ok
      c:\windows\system32\w32time.dll - Ok
      c:\program files\common files\sony shared\vaio entertainment platform\vzcdb\vzfw.exe - Ok
      c:\program files\common files\sony shared\vaio entertainment platform\vzcdb\vzcdbsvc.exe - Ok
      c:\windows\system32\vssvc.exe - Ok
      c:\windows\system32\drivers\vsmraid.sys - Ok
      >c:\windows\system32\drivers\viaide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\viaide.sys - Ok
      c:\windows\system32\drivers\viac7.sys - Ok
      c:\windows\system32\drivers\viaagp.sys - Ok
      c:\windows\system32\drivers\vgapnp.sys - Ok
      c:\windows\system32\vds.exe - Ok
      c:\program files\common files\sony shared\vaio entertainment platform\vcsw\vcsw.exe - Ok
      c:\program files\common files\sony shared\vcmxml\vcmxmlifhelper.exe - Ok
      c:\program files\sony\vcm intelligent analyzing manager\vcmialzmgr.exe - Ok
      c:\program files\sony\vaio media integrated server\ucls.exe - Ok
      c:\program files\sony\vaio media integrated server\platform\vmgateway.exe - Ok
      >c:\program files\sony\vaio media integrated server\platform\upnpframework.exe is BINARYRES container
      c:\program files\sony\vaio media integrated server\platform\upnpframework.exe - container
      c:\program files\sony\vaio media integrated server\platform\sv_httpd.exe - Ok
      c:\program files\sony\vaio media integrated server\vmisrv.exe - Ok
      c:\program files\sony\vaio event service\vesmgr.exe - Ok
      c:\program files\common files\sony shared\vaio entertainment platform\vzcs\vzhardwareresourcemanager\vzhardwareresourcemanager.exe - Ok
      c:\windows\system32\uxsms.dll - Ok
      c:\windows\system32\drivers\usbvideo.sys - Ok
      c:\windows\system32\drivers\usbstor.sys - Ok
      c:\windows\system32\drivers\usbprint.sys - Ok
      c:\windows\system32\drivers\usbohci.sys - Ok
      c:\windows\system32\drivers\usbcir.sys - Ok
      c:\windows\system32\upnphost.dll - Ok
      c:\windows\system32\drivers\ulsata2.sys - Ok
      c:\windows\system32\drivers\ulsata.sys - Ok
      c:\windows\system32\drivers\uliahci.sys - Ok
      c:\windows\system32\drivers\uliagpkx.sys - Ok
      c:\windows\system32\ui0detect.exe - Ok
      c:\windows\system32\drivers\udfs.sys - Ok
      c:\program files\arcsoft\magic-i visual effects\ucammonitor.exe - Ok
      c:\windows\system32\drivers\uagp35.sys - Ok
      >c:\windows\system32\drivers\tssecsrv.sys - packed by FLY-CODE
      c:\windows\system32\drivers\tssecsrv.sys - Ok
      c:\windows\servicing\trustedinstaller.exe - Ok
      c:\windows\system32\trkwks.dll - Ok
      c:\windows\system32\drivers\ti21sony.sys - Ok
      c:\windows\system32\termsrv.dll - Ok
      c:\windows\system32\drivers\tdtcp.sys - Ok
      c:\windows\system32\drivers\tdpipe.sys - Ok
      >c:\windows\system32\drivers\tcpipreg.sys - packed by FLY-CODE
      c:\windows\system32\drivers\tcpipreg.sys - Ok
      c:\windows\system32\tbssvc.dll - Ok
      c:\windows\system32\tapisrv.dll - Ok
      c:\windows\system32\tabsvc.dll - Ok
      c:\windows\system32\sysmain.dll - Ok
      c:\windows\system32\drivers\sym_u3.sys - Ok
      c:\windows\system32\drivers\sym_hi.sys - Ok
      c:\windows\system32\drivers\symc8xx.sys - Ok
      c:\windows\system32\swprv.dll - Ok
      c:\windows\system32\wiaservc.dll - Ok
      c:\windows\system32\drivers\serscan.sys - Ok
      c:\windows\system32\sstpsvc.dll - Ok
      c:\windows\system32\drivers\ssmdrv.sys - Ok
      c:\windows\system32\ssdpsrv.dll - Ok
      c:\windows\system32\drivers\srvnet.sys - Ok
      c:\windows\system32\drivers\srv2.sys - Ok
      c:\windows\system32\drivers\srv.sys - Ok
      c:\program files\common files\sony shared\avlib\sptisrv.exe - Ok
      c:\windows\system32\spoolsv.exe - Ok
      c:\windows\system32\drivers\spldr.sys - Ok
      >c:\windows\system32\snmptrap.exe - packed by FLY-CODE
      c:\windows\system32\snmptrap.exe - Ok
      c:\windows\system32\sluinotify.dll - Ok
      >c:\windows\system32\slsvc.exe - packed by FLY-CODE
      c:\windows\system32\slsvc.exe - Ok
      c:\windows\system32\drivers\sisraid4.sys - Ok
      c:\windows\system32\drivers\sisraid2.sys - Ok
      c:\windows\system32\drivers\sisagp.sys - Ok
      c:\windows\system32\drivers\sfloppy.sys - Ok
      c:\windows\system32\drivers\sffp_sd.sys - Ok
      >c:\windows\system32\drivers\sffp_mmc.sys - packed by FLY-CODE
      c:\windows\system32\drivers\sffp_mmc.sys - Ok
      c:\windows\system32\drivers\sffdisk.sys - Ok
      c:\windows\system32\sessenv.dll - Ok
      c:\windows\system32\drivers\sermouse.sys - Ok
      c:\windows\system32\drivers\serial.sys - Ok
      c:\windows\system32\drivers\serenum.sys - Ok
      c:\windows\system32\sens.dll - Ok
      c:\windows\system32\seclogon.dll - Ok
      c:\windows\system32\drivers\secdrv.sys - Ok
      c:\windows\system32\sdrsvc.dll - Ok
      c:\windows\system32\schedsvc.dll - Ok
      c:\windows\system32\scardsvr.dll - Ok
      c:\windows\system32\drivers\sbp2port.sys - Ok
      c:\program files\superantispyware\saskutil.sys - Ok
      c:\program files\superantispyware\sasdifsv.sys - Ok
      >c:\windows\system32\drivers\rspndr.sys - packed by FLY-CODE
      c:\windows\system32\drivers\rspndr.sys - Ok
      c:\windows\system32\locator.exe - Ok
      c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe - Ok
      c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe - Ok
      c:\program files\common files\roxio shared\9.0\sharedcom\roxliveshare9.exe - Ok
      >c:\program files\roxio\digital home 9\roxioupnpservice9.exe is BINARYRES container
      c:\program files\roxio\digital home 9\roxioupnpservice9.exe - container
      c:\program files\roxio\digital home 9\roxioupnprenderer9.exe - Ok
      c:\windows\system32\drivers\rootmdm.sys - Ok
      c:\windows\system32\drivers\rimserial.sys - Ok
      c:\windows\system32\drivers\rimusb.sys - Ok
      c:\windows\system32\drivers\rfcomm.sys - Ok
      c:\windows\system32\regsvc.dll - Ok
      c:\windows\system32\mprdim.dll - Ok
      c:\windows\system32\drivers\regi.sys - Ok
      c:\windows\system32\drivers\rdpwd.sys - Ok
      c:\windows\system32\drivers\rdpdr.sys - Ok
      >c:\windows\system32\rdpdd.dll - packed by FLY-CODE
      c:\windows\system32\rdpdd.dll - Ok
      >c:\windows\system32\drivers\rdpcdd.sys - packed by FLY-CODE
      >>c:\windows\system32\drivers\rdpcdd.sys - packed by FLY-CODE
      c:\windows\system32\drivers\rdpcdd.sys - Ok
      c:\windows\system32\rasmans.dll - Ok
      c:\windows\system32\rasauto.dll - Ok
      c:\windows\system32\drivers\r5u870fux86.sys - Ok
      c:\windows\system32\drivers\r5u870flx86.sys - Ok
      c:\windows\system32\drivers\qwavedrv.sys - Ok
      c:\windows\system32\qwave.dll - Ok
      c:\windows\system32\drivers\ql40xx.sys - Ok
      c:\windows\system32\drivers\ql2300.sys - Ok
      c:\windows\system32\drivers\processr.sys - Ok
      c:\windows\system32\ipsecsvc.dll - Ok
      c:\windows\system32\pla.dll - Ok
      c:\windows\system32\perfproc.dll - Ok
      c:\windows\system32\perfos.dll - Ok
      c:\windows\system32\perfnet.dll - Ok
      c:\windows\system32\perfdisk.dll - Ok
      >c:\windows\system32\drivers\peauth.sys - packed by FLY-CODE
      c:\windows\system32\drivers\peauth.sys - Ok
      >c:\windows\system32\pcasvc.dll - packed by PESTUB
      c:\windows\system32\pcasvc.dll - Ok
      c:\windows\system32\drivers\parvdm.sys - Ok
      c:\windows\system32\drivers\parport.sys - Ok
      c:\program files\common files\sony shared\avlib\pacsptisvr.exe - Ok
      c:\windows\system32\p2psvc.dll - Ok
      c:\program files\common files\microsoft shared\source engine\ose.exe - Ok
      c:\program files\common files\microsoft shared\office12\odserv.exe - Ok
      c:\windows\system32\drivers\nv_agp.sys - Ok
      c:\windows\system32\drivers\nvstor.sys - Ok
      c:\windows\system32\drivers\nvraid.sys - Ok
      c:\windows\system32\drivers\ntrigdigi.sys - Ok
      c:\windows\system32\drivers\nfrd960.sys - Ok
      c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe - Ok
      c:\windows\system32\qagentrt.dll - Ok
      c:\windows\system32\drivers\mstee.sys - Ok
      c:\windows\system32\msscntrs.dll - Ok
      c:\windows\system32\drivers\mspqm.sys - Ok
      c:\windows\system32\drivers\mspclock.sys - Ok
      c:\windows\system32\drivers\mskssrv.sys - Ok
      c:\windows\system32\iscsiexe.dll - Ok
      >c:\windows\system32\drivers\bridge.sys - packed by FLY-CODE
      c:\windows\system32\drivers\bridge.sys - Ok
      c:\windows\system32\msdtc.exe - Ok
      c:\windows\system32\drivers\msdsm.sys - Ok
      c:\program files\common files\sony shared\avlib\mscsptisrv.exe - Ok
      c:\windows\system32\drivers\msahci.sys - Ok
      c:\windows\system32\drivers\mrxdav.sys - Ok
      c:\windows\system32\drivers\mraid35x.sys - Ok
      c:\windows\system32\drivers\mpsdrv.sys - Ok
      c:\windows\system32\drivers\mpio.sys - Ok
      >c:\windows\system32\drivers\monitor.sys - packed by FLY-CODE
      c:\windows\system32\drivers\monitor.sys - Ok
      c:\windows\system32\drivers\modem.sys - Ok
      c:\windows\system32\mmcss.dll - Ok
      c:\windows\system32\drivers\megasas.sys - Ok
      c:\windows\system32\drivers\mdmxsdk.sys - Ok
      c:\windows\system32\mcx2svc.dll - Ok
      c:\program files\malwarebytes' anti-malware\mbamservice.exe - Ok
      c:\program files\malwarebytes' anti-malware\mbamscheduler.exe - Ok
      c:\windows\system32\drivers\mbam.sys - Ok
      c:\windows\system32\drivers\luafv.sys - Ok
      c:\windows\system32\drivers\lsi_scsi.sys - Ok
      c:\windows\system32\drivers\lsi_sas.sys - Ok
      c:\windows\system32\drivers\lsi_fc.sys - Ok
      c:\windows\system32\lltdsvc.dll - Ok
      c:\windows\system32\drivers\lltdio.sys - Ok
      c:\windows\system32\srvsvc.dll - Ok
      c:\windows\system32\msdtckrm.dll - Ok
      c:\program files\common files\intervideo\regmgr\iviregmgr.exe - Ok
      c:\windows\system32\drivers\iteraid.sys - Ok
      c:\windows\system32\drivers\iteatapi.sys - Ok
      c:\windows\system32\drivers\isapnp.sys - Ok
      c:\windows\system32\drivers\irenum.sys - Ok
      c:\windows\system32\drivers\ipnat.sys - Ok
      c:\windows\system32\drivers\ipmidrv.sys - Ok
      c:\windows\system32\drivers\ipfltdrv.sys - Ok
      c:\windows\system32\ipbusenum.dll - Ok
      c:\windows\system32\drivers\intelppm.sys - Ok
      >c:\windows\system32\drivers\intelide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\intelide.sys - Ok
      c:\windows\system32\drivers\rtkvhda.sys - Ok
      c:\windows\system32\ikeext.dll - Ok
      c:\windows\system32\drivers\iirsp.sys - Ok
      c:\windows\system32\drivers\igdkmd32.sys - Ok
      c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe - Ok
      c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe - Ok
      c:\windows\system32\drivers\iastorv.sys - Ok
      c:\windows\system32\drivers\i2omp.sys - Ok
      >c:\windows\system32\drivers\http.sys is BINARYRES container
      c:\windows\system32\drivers\http.sys - container
      c:\windows\system32\drivers\hsxhwazl.sys - Ok
      c:\windows\system32\drivers\hsx_dpv.sys - Ok
      c:\windows\system32\drivers\vstazl3.sys - Ok
      c:\windows\system32\drivers\hpcisss.sys - Ok
      c:\windows\system32\kmsvc.dll - Ok
      c:\windows\system32\hidserv.dll - Ok
      c:\windows\system32\drivers\hidir.sys - Ok
      c:\windows\system32\drivers\hidbth.sys - Ok
      c:\windows\system32\drivers\hdaudio.sys - Ok
      c:\program files\google\update\googleupdate.exe - Ok
      c:\windows\system32\gpsvc.dll - Ok
      c:\windows\system32\drivers\gagp30kx.sys - Ok
      >c:\program files\windows live\family safety\fsssvc.exe is BINARYRES container
      >>c:\program files\windows live\family safety\fsssvc.exe\data001 is JS-HTML container
      c:\program files\windows live\family safety\fsssvc.exe - container
      c:\windows\system32\drivers\fssfltr.sys - Ok
      c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe - Ok
      c:\windows\system32\drivers\flpydisk.sys - Ok
      c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe - Ok
      >c:\windows\system32\drivers\filetrace.sys - packed by FLY-CODE
      >>c:\windows\system32\drivers\filetrace.sys - packed by FLY-CODE
      c:\windows\system32\drivers\filetrace.sys - Ok
      c:\windows\system32\fdrespub.dll - Ok
      c:\windows\system32\fdphost.dll - Ok
      c:\windows\system32\drivers\fdc.sys - Ok
      c:\windows\system32\drivers\exfat.sys - Ok
      c:\windows\system32\emdmgmt.dll - Ok
      c:\windows\system32\drivers\elxstor.sys - Ok
      c:\windows\ehome\ehstart.dll - Ok
      c:\windows\ehome\ehsched.exe - Ok
      c:\windows\ehome\ehrecvr.exe - Ok
      c:\windows\system32\drivers\e1g60i32.sys - Ok
      c:\windows\system32\drivers\dxgkrnl.sys - Ok
      >c:\windows\system32\drivers\drmkaud.sys - packed by FLY-CODE
      c:\windows\system32\drivers\drmkaud.sys - Ok
      c:\windows\system32\dps.dll - Ok
      c:\windows\system32\dot3svc.dll - Ok
      c:\windows\system32\drivers\dmicall.sys - Ok
      c:\windows\system32\dfsr.exe - Ok
      c:\windows\system32\drivers\crusoe.sys - Ok
      c:\windows\system32\dllhost.exe - Ok
      >c:\windows\system32\drivers\cmdide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\cmdide.sys - Ok
      c:\windows\system32\drivers\cmbatt.sys - Ok
      c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe - Ok
      c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - Ok
      c:\windows\system32\drivers\circlass.sys - Ok
      c:\windows\system32\certprop.dll - Ok
      c:\windows\system32\drivers\btwrchid.sys - Ok
      c:\windows\system32\drivers\btwl2cap.sys - Ok
      c:\windows\system32\drivers\btwavdt.sys - Ok
      c:\windows\system32\drivers\btwaudio.sys - Ok
      c:\windows\system32\drivers\bthusb.sys - Ok
      c:\windows\system32\bthserv.dll - Ok
      c:\windows\system32\drivers\bthport.sys - Ok
      c:\windows\system32\drivers\bthpan.sys - Ok
      c:\windows\system32\drivers\bthmodem.sys - Ok
      c:\windows\system32\drivers\bthenum.sys - Ok
      c:\windows\system32\drivers\brusbser.sys - Ok
      c:\windows\system32\drivers\brusbmdm.sys - Ok
      c:\windows\system32\drivers\brserwdm.sys - Ok
      c:\windows\system32\drivers\brserid.sys - Ok
      c:\windows\system32\browser.dll - Ok
      c:\windows\system32\drivers\brfiltup.sys - Ok
      c:\windows\system32\drivers\brfiltlo.sys - Ok
      c:\windows\system32\drivers\avkmgr.sys - Ok
      c:\windows\system32\drivers\avipbb.sys - Ok
      c:\windows\system32\drivers\avgntflt.sys - Ok
      c:\windows\system32\audiosrv.dll - Ok
      c:\windows\system32\drivers\asyncmac.sys - Ok
      c:\windows\system32\drivers\arcsoftksufilter.sys - Ok
      c:\windows\system32\drivers\arcsas.sys - Ok
      c:\windows\system32\drivers\arc.sys - Ok
      c:\windows\system32\appinfo.dll - Ok
      c:\program files\avira\antivir desktop\avguard.exe - Ok
      c:\program files\avira\antivir desktop\sched.exe - Ok
      c:\windows\system32\drivers\amdk8.sys - Ok
      c:\windows\system32\drivers\amdk7.sys - Ok
      >c:\windows\system32\drivers\amdide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\amdide.sys - Ok
      c:\windows\system32\drivers\amdagp.sys - Ok
      >c:\windows\system32\drivers\aliide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\aliide.sys - Ok
      c:\windows\system32\alg.exe - Ok
      c:\windows\system32\drivers\djsvs.sys - Ok
      c:\windows\system32\drivers\agp440.sys - Ok
      c:\windows\system32\aelupsvc.dll - Ok
      c:\windows\system32\drivers\adpu320.sys - Ok
      c:\windows\system32\drivers\adpu160m.sys - Ok
      c:\windows\system32\drivers\adpahci.sys - Ok
      c:\windows\system32\drivers\adp94xx.sys - Ok
      c:\windows\system32\macromed\flash\flashplayerupdateservice.exe - Ok
      c:\program files\adobe\photoshop elements 6.0\photoshopelementsfileagent.exe - Ok
      c:\windows\system32\mscories.dll - Ok
      c:\program files\windows mail\winmail.exe - Ok
      c:\windows\system32\themeui.dll - Ok
      >c:\windows\system32\regsvr32.exe - packed by FLY-CODE
      c:\windows\system32\regsvr32.exe - Ok
      c:\windows\system32\ie4uinit.exe - Ok
      c:\windows\system32\unregmp2.exe - Ok
      c:\windows\ehome\ehtray.exe - Ok
      c:\windows\system32\oobefldr.dll - Ok
      c:\windows\system32\rundll32.exe - Ok
      c:\program files\windows sidebar\sidebar.exe - Ok
      c:\program files\avira\antivir desktop\avgnt.exe - Ok
      c:\program files\sony\isb utility\isbmgr.exe - Ok
      c:\program files\synaptics\syntp\syntpenh.exe - Ok
      c:\windows\system32\igfxpers.exe - Ok
      c:\windows\system32\hkcmd.exe - Ok
      c:\windows\system32\igfxtray.exe - Ok
      >c:\windows\rthdvcpl.exe - packed by BINARYRES
      c:\windows\rthdvcpl.exe - Ok
      c:\windows\system32\aurora.scr - Ok
      c:\windows\system32\logon.scr - Ok
      c:\windows\system32\polstore.dll - Ok
      c:\windows\system32\dot3gpclnt.dll - Ok
      c:\windows\system32\iedkcs32.dll - Ok
      c:\windows\system32\gptext.dll - Ok
      c:\windows\system32\dskquota.dll - Ok
      c:\windows\system32\fdeploy.dll - Ok
      c:\program files\java\jre6\bin\npjpi160_24.dll - Ok
      c:\program files\java\jre6\bin\jp2iexp.dll - Ok
      c:\windows\downloaded program files\photouploader55.ocx - Ok
      >c:\program files\eset\eset online scanner\onlinescanner.ocx is ZLIB container
      c:\program files\eset\eset online scanner\onlinescanner.ocx - container
      >c:\program files\widcomm\bluetooth software\btsendto_ie.htm is JS-HTML container
      c:\program files\widcomm\bluetooth software\btsendto_ie.htm - container
      c:\program files\windows live\writer\writerbrowserextension.dll - Ok
      c:\windows\system32\speech\speechux\sapi.cpl - Ok
      c:\windows\system32\autochk.exe - Ok
      c:\windows\system32\userinit.exe - Ok
      c:\windows\system32\sirenacm.dll - Ok
      c:\program files\common files\sony shared\videolib\sonydv.dll - Ok
      c:\windows\system32\vfwwdm32.dll - Ok
      c:\windows\system32\iccvid.dll - Ok
      c:\windows\system32\l3codeca.acm - Ok
      c:\windows\system32\tsbyuv.dll - Ok
      >c:\windows\system32\iyuv_32.dll - packed by FLY-CODE
      c:\windows\system32\iyuv_32.dll - Ok
      c:\windows\system32\msyuv.dll - Ok
      c:\windows\system32\msacm32.drv - Ok
      c:\windows\system32\midimap.dll - Ok
      c:\windows\system32\msadp32.acm - Ok
      c:\windows\system32\msgsm32.acm - Ok
      c:\windows\system32\msg711.acm - Ok
      >c:\windows\system32\imaadp32.acm - packed by FLY-CODE
      c:\windows\system32\imaadp32.acm - Ok
      c:\windows\system32\msvidc32.dll - Ok
      c:\windows\system32\msrle32.dll - Ok
      Process :0 - read error
      Process System:4 - read error
      Process C:\Windows\System32\smss.exe:320 - Ok
      Process C:\Windows\System32\csrss.exe:380 - Ok
      Process C:\Windows\System32\csrss.exe:416 - Ok
      Process C:\Windows\System32\wininit.exe:424 - Ok
      Process C:\Windows\System32\winlogon.exe:468 - Ok
      Process C:\Windows\System32\services.exe:496 - Ok
      Process C:\Windows\System32\lsass.exe:512 - Ok
      Process C:\Windows\System32\lsm.exe:520 - Ok
      Process C:\Windows\System32\svchost.exe:672 - Ok
      Process C:\Windows\System32\svchost.exe:728 - Ok
      Process C:\Windows\System32\svchost.exe:816 - Ok
      Process C:\Windows\System32\svchost.exe:840 - Ok
      Process C:\Windows\System32\svchost.exe:884 - Ok
      Process C:\Windows\System32\svchost.exe:908 - Ok
      Process C:\Windows\System32\svchost.exe:924 - Ok
      Process C:\Program Files\SUPERAntiSpyware\SASCore.exe:1104 - Ok
      Process C:\Windows\explorer.exe:1328 - Ok
      Process C:\Users\JoRgE lUiS\Downloads\Anti-Virus\tdl19eig.exe:1140 - Ok
      Process C:\Users\JoRgE lUiS\AppData\Local\Temp\AD1BFE48-4C7DEA98-4EF585C8-D9B28158\h1u2z4pt.exe:1412 - Ok
      Process C:\Users\JoRgE lUiS\AppData\Local\Temp\AD1BFE48-4C7DEA98-4EF585C8-D9B28158\r9sl4e8z.exe:616 - Ok
      Process C:\Users\JoRgE lUiS\AppData\Local\Temp\AD1BFE48-4C7DEA98-4EF585C8-D9B28158\wnf45dzl.exe:1408 - Ok
      HDD0 MBR - Ok
      HDD0 Unknown Boot Sector - Ok
      HDD0 Active OS\2 or WinNT Boot Sector - Ok
      c:\program files\avira\antivir desktop\avevtrc.dll - Ok
      c:\program files\adobe\photoshop elements 6.0\platform.dll - Ok
      c:\program files\avira\antivir desktop\sched.exe - Ok
      c:\program files\adobe\photoshop elements 6.0\photoshopelementsfileagent.exe - Ok
      c:\program files\avira\antivir desktop\avgnt.exe - Ok
      c:\program files\arcsoft\magic-i visual effects\ucammonitor.exe - Ok
      c:\program files\avira\antivir desktop\avguard.exe - Ok
      c:\program files\avira\antivir desktop\shlext.dll - Ok
      c:\program files\common files\adobe\acrobat\activex\pdfshell.dll - Ok
      c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe - Ok
      c:\program files\common files\microsoft shared\information retrieval\msitss.dll - Ok
      c:\program files\common files\intervideo\regmgr\iviregmgr.exe - Ok
      c:\program files\common files\microsoft shared\ink\ipseventlogmsg.dll - Ok
      c:\program files\common files\microsoft shared\ink\tipband.dll - Ok
      c:\program files\common files\microsoft shared\ink\tiptsf.dll - Ok
      c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe - Ok
      c:\program files\common files\microsoft shared\office12\msoxmlmf.dll - Ok
      c:\program files\common files\microsoft shared\dw\dw20.exe - Ok
      c:\program files\common files\microsoft shared\office12\msoshext.dll - Ok
      c:\program files\common files\microsoft shared\help\hxds.dll - Ok
      c:\program files\common files\microsoft shared\office12\mssoap30.dll - Ok
      c:\program files\common files\microsoft shared\source engine\ose.exe - Ok
      c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll - Ok
      c:\program files\common files\microsoft shared\office12\odserv.exe - Ok
      c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe - Ok
      c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe - Ok
      c:\program files\common files\roxio shared\9.0\sharedcom\roxliveshare9.exe - Ok
      c:\program files\common files\sony shared\avlib\mscsptisrv.exe - Ok
      c:\program files\common files\sony shared\avlib\sptisrv.exe - Ok
      c:\program files\common files\microsoft shared\office11\msxml5.dll - Ok
      c:\program files\common files\sony shared\vaio entertainment platform\vzcdb\vzfw.exe - Ok
      c:\program files\common files\sony shared\avlib\sptisrvmsg.dll - Ok
      c:\program files\common files\sony shared\vaio entertainment platform\vzcdb\vzcdbsvc.exe - Ok
      c:\program files\common files\sony shared\vaio entertainment platform\vzcs\vzhardwareresourcemanager\vzhardwareresourcemanager.exe - Ok
      c:\program files\common files\sony shared\videolib\sonydv.dll - Ok
      c:\program files\common files\sony shared\vaio entertainment platform\vcsw\vcsw.exe - Ok
      c:\program files\common files\sony shared\vcmxml\vcmxmlifhelper.exe - Ok
      c:\program files\common files\system\wab32.dll - Ok
      c:\program files\common files\sony shared\avlib\pacsptisvr.exe - Ok
      c:\program files\intervideo\dvd8\uveventmessage.dll - Ok
      c:\program files\java\jre6\bin\jp2iexp.dll - Ok
      c:\program files\google\update\googleupdate.exe - Ok
      c:\program files\java\jre6\bin\jp2ssv.dll - Ok
      >c:\program files\eset\eset online scanner\onlinescanner.ocx is ZLIB container
      c:\program files\malwarebytes' anti-malware\mbamext.dll - Ok
      c:\program files\java\jre6\bin\npjpi160_24.dll - Ok
      c:\program files\common files\research in motion\rimdevicemanager\rimdevicemanager.exe - Ok
      c:\program files\microsoft office\office12\msohevi.dll - Ok
      c:\program files\malwarebytes' anti-malware\mbamscheduler.exe - Ok
      c:\program files\common files\system\ole db\msdmine.dll - Ok
      c:\program files\malwarebytes' anti-malware\mbamservice.exe - Ok
      c:\program files\eset\eset online scanner\onlinescanner.ocx - container
      c:\program files\roxio\digital home 9\roxioupnprenderer9.exe - Ok
      c:\program files\powerarchiver\pashlext.dll - Ok
      c:\program files\sony\vaio event service\vesmgr.exe - Ok
      c:\program files\movie maker\dvdmaker.exe - Ok
      c:\program files\sony\isb utility\isbmgr.exe - Ok
      c:\program files\sony\vaio media integrated server\platform\upnpframeworkmsg.dll - Ok
      c:\program files\sony\vaio media integrated server\platform\sv_httpd.exe - Ok
      >c:\program files\roxio\digital home 9\roxioupnpservice9.exe is BINARYRES container
      c:\program files\roxio\digital home 9\roxioupnpservice9.exe - container
      c:\program files\sony\vaio media integrated server\platform\vmgateway.exe - Ok
      c:\program files\sony\vaio media integrated server\ucls.exe - Ok
      c:\program files\sony\vaio media integrated server\vmisrv.exe - Ok
      c:\program files\sony\vaio power management\spmpanel.dll - Ok
      c:\program files\superantispyware\sasctxmn.dll - Ok
      c:\program files\common files\system\ole db\oledb32.dll - Ok
      c:\program files\superantispyware\sasdifsv.sys - Ok
      c:\program files\superantispyware\saskutil.sys - Ok
      c:\program files\sony\vcm intelligent analyzing manager\vcmialzmgr.exe - Ok
      c:\program files\superantispyware\sasseh.dll - Ok
      >c:\program files\widcomm\bluetooth software\btsendto_ie.htm is JS-HTML container
      c:\program files\superantispyware\sascore.exe - Ok
      c:\program files\windows defender\mpevmsg.dll - Ok
      c:\program files\widcomm\bluetooth software\btsendto_ie.htm - container
      >c:\program files\sony\vaio media integrated server\platform\upnpframework.exe is BINARYRES container
      c:\program files\sony\vaio media integrated server\platform\upnpframework.exe - container
      c:\program files\windows defender\mpoav.dll - Ok
      c:\program files\windows live\messenger\msgrapp.14.0.8117.0416.dll - Ok
      c:\program files\windows live\photo gallery\photoviewershim.dll - Ok
      c:\program files\windows live\mail\mailcomm.dll - Ok
      c:\program files\synaptics\syntp\syntpenh.exe - Ok
      c:\program files\research in motion\blackberry\desktopmgr.exe - Ok
      c:\program files\windows live\writer\writerbrowserextension.dll - Ok
      c:\program files\windows mail\wabfind.dll - Ok
      c:\program files\synaptics\syntp\syntpcpl.dll - Ok
      c:\program files\windows media player\wmpband.dll - Ok
      >c:\program files\windows media player\wmpnetwk.exe is ZLIB container
      c:\program files\windows mail\winmail.exe - Ok
      c:\program files\windows media player\wmpnetwk.exe - container
      c:\program files\windows sidebar\sbdrop.dll - Ok
      >c:\program files\windows live\toolbar\wltcore.dll is BINARYRES container
      >>c:\program files\windows live\toolbar\wltcore.dll\data001 is JS-HTML container
      c:\program files\windows live\toolbar\wltcore.dll - container
      c:\programdata\microsoft\windows\start menu\programs\startup\bttray.lnk - Ok
      c:\programdata\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
      c:\program files\windows photo gallery\photoacq.dll - Ok
      >c:\program files\windows live\family safety\fsssvc.exe is BINARYRES container
      >>c:\program files\windows live\family safety\fsssvc.exe\data001 is JS-HTML container
      c:\program files\windows live\family safety\fsssvc.exe - container
      c:\users\jorge luis\appdata\roaming\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
      c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\wnf45dzl.exe - Ok
      >c:\program files\windows photo gallery\photoviewer.dll is ZLIB container
      >c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\yn7j07qv.dll is BINARYRES container
      c:\program files\windows photo gallery\photoviewer.dll - container
      >c:\users\jorge luis\downloads\anti-virus\tdl19eig.exe is BINARYRES container
      >>c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\yn7j07qv.dll\data003 - packed by BINARYRES
      >>c:\users\jorge luis\downloads\anti-virus\tdl19eig.exe\data001 - packed by BINARYRES
      >>c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\yn7j07qv.dll\data004 - packed by BINARYRES
      >>c:\users\jorge luis\downloads\anti-virus\tdl19eig.exe\data002 - packed by BINARYRES
      c:\users\jorge luis\downloads\anti-virus\tdl19eig.exe - container
      c:\windows\ehome\ehrecvr.exe - Ok
      c:\windows\ehome\ehsso.dll - Ok
      c:\windows\ehome\ehsched.exe - Ok
      c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\yn7j07qv.dll - container
      c:\windows\ehome\ehstart.dll - Ok
      c:\windows\downloaded program files\photouploader55.ocx - Ok
      c:\windows\microsoft.net\framework\v2.0.50727\eventlogmessages.dll - Ok
      c:\windows\microsoft.net\framework\v2.0.50727\es\aspnet_rc.dll - Ok
      c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\h1u2z4pt.exe - Ok
      c:\windows\ehome\ehtray.exe - Ok
      c:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelevents.dll - Ok
      c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - Ok
      c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe - Ok
      c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe - Ok
      c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe - Ok
      c:\windows\microsoft.net\framework\v4.0.30319\eventlogmessages.dll - Ok
      >c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\r9sl4e8z.exe is BINARYRES container
      c:\users\jorge luis\appdata\local\temp\ad1bfe48-4c7dea98-4ef585c8-d9b28158\r9sl4e8z.exe - container
      c:\windows\microsoft.net\framework\v4.0.30319\servicemodelevents.dll - Ok
      >c:\windows\servicing\cbsmsg.dll - packed by PESTUB
      c:\windows\servicing\cbsmsg.dll - Ok
      c:\windows\msagent\agentpsh.dll - Ok
      c:\windows\system32\acppage.dll - Ok
      c:\windows\explorer.exe - Ok
      c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe - Ok
      c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe - Ok
      c:\windows\system32\actxprxy.dll - Ok
      c:\windows\system32\activeds.dll - Ok
      c:\windows\system32\aelupsvc.dll - Ok
      c:\windows\system32\adsldpc.dll - Ok
      c:\windows\system32\alttab.dll - Ok
      c:\windows\servicing\trustedinstaller.exe - Ok
      c:\windows\system32\apphelp.dll - Ok
      c:\windows\system32\advapi32.dll - Ok
      c:\windows\system32\appinfo.dll - Ok
      c:\windows\system32\alg.exe - Ok
      c:\windows\system32\atl.dll - Ok
      c:\windows\system32\audiodev.dll - Ok
      c:\windows\system32\authz.dll - Ok
      c:\windows\system32\aurora.scr - Ok
      c:\windows\system32\audiosrv.dll - Ok
      c:\windows\system32\avifil32.dll - Ok
      c:\windows\system32\avrt.dll - Ok
      c:\windows\system32\autochk.exe - Ok
      c:\windows\system32\basesrv.dll - Ok
      c:\windows\system32\bcrypt.dll - Ok
      c:\windows\system32\batmeter.dll - Ok
      c:\windows\system32\appwiz.cpl - Ok
      c:\windows\system32\browser.dll - Ok
      c:\windows\system32\bthserv.dll - Ok
      c:\windows\system32\authui.dll - Ok
      c:\windows\system32\browseui.dll - Ok
      >c:\windows\rthdvcpl.exe - packed by BINARYRES
      c:\windows\system32\bthprops.cpl - Ok
      c:\windows\system32\btncopy.dll - Ok
      c:\windows\system32\btosif.dll - Ok
      c:\windows\system32\btwnelib.dll - Ok
      c:\windows\system32\btwapi.dll - Ok
      c:\windows\system32\bfe.dll - Ok
      c:\windows\system32\cabinet.dll - Ok
      c:\windows\system32\cfgmgr32.dll - Ok
      c:\windows\system32\btwpimif.dll - Ok
      c:\windows\system32\certprop.dll - Ok
      c:\windows\system32\cabview.dll - Ok
      c:\windows\system32\cngaudit.dll - Ok
      c:\windows\system32\clbcatq.dll - Ok
      >c:\windows\system32\credssp.dll - packed by FLY-CODE
      c:\windows\rthdvcpl.exe - Ok
      c:\windows\system32\btwnamespaceext.dll - Ok
      c:\windows\system32\credssp.dll - Ok
      c:\windows\system32\comdlg32.dll - Ok
      c:\windows\system32\colorui.dll - Ok
      c:\windows\system32\credui.dll - Ok
      c:\windows\system32\cryptdll.dll - Ok
      c:\windows\system32\crypt32.dll - Ok
      c:\windows\system32\cscapi.dll - Ok
      c:\windows\system32\csrsrv.dll - Ok
      c:\windows\system32\cryptsvc.dll - Ok
      c:\windows\system32\csrss.exe - Ok
      c:\windows\system32\davclnt.dll - Ok
      c:\windows\system32\cryptext.dll - Ok
      c:\windows\system32\cmd.exe - Ok
      c:\windows\system32\deskadp.dll - Ok
      c:\windows\system32\deskmon.dll - Ok
      c:\windows\system32\dfdts.dll - Ok
      c:\windows\system32\dfrgres.dll - Ok
      c:\windows\system32\devmgr.dll - Ok
      c:\windows\system32\deskperf.dll - Ok
      c:\windows\system32\dhcpcsvc.dll - Ok
      c:\windows\system32\dhcpqec.dll - Ok
      c:\windows\system32\dispci.dll - Ok
      c:\windows\system32\dllhost.exe - Ok
      c:\windows\system32\dnsapi.dll - Ok
      c:\windows\system32\dhcpcsvc6.dll - Ok
      c:\windows\system32\dnsrslvr.dll - Ok
      c:\windows\system32\docprop.dll - Ok
      c:\windows\system32\dfshim.dll - Ok
      c:\windows\system32\dfsshlex.dll - Ok
      c:\windows\system32\dps.dll - Ok
      c:\windows\system32\diskcopy.dll - Ok
      c:\windows\system32\dot3gpclnt.dll - Ok
      c:\windows\system32\drivers\adp94xx.sys - Ok
      c:\windows\system32\dot3svc.dll - Ok
      c:\windows\system32\drivers\afd.sys - Ok
      c:\windows\system32\drivers\agp440.sys - Ok
      >c:\windows\system32\drivers\aliide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\adpu160m.sys - Ok
      >c:\windows\system32\drivers\amdide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\amdagp.sys - Ok
      c:\windows\system32\drivers\amdk7.sys - Ok
      c:\windows\system32\drivers\adpu320.sys - Ok
      c:\windows\system32\drivers\amdide.sys - Ok
      c:\windows\system32\drivers\aliide.sys - Ok
      c:\windows\system32\drivers\amdk8.sys - Ok
      >c:\windows\system32\drivers\battc.sys - packed by FLY-CODE
      c:\windows\system32\drivers\avgntflt.sys - Ok
      c:\windows\system32\drivers\beep.sys - Ok
      c:\windows\system32\drivers\arcsas.sys - Ok
      c:\windows\system32\drivers\brfiltlo.sys - Ok
      c:\windows\system32\drivers\brfiltup.sys - Ok
      c:\windows\system32\drivers\bowser.sys - Ok
      c:\windows\system32\drivers\arc.sys - Ok
      c:\windows\system32\drivers\battc.sys - Ok
      c:\windows\system32\drivers\brserid.sys - Ok
      c:\windows\system32\drivers\brusbser.sys - Ok
      c:\windows\system32\drivers\brusbmdm.sys - Ok
      c:\windows\system32\drivers\circlass.sys - Ok
      c:\windows\system32\drivers\crusoe.sys - Ok
      c:\windows\system32\drivers\brserwdm.sys - Ok
      >c:\windows\system32\drivers\cmdide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\dfsc.sys - Ok
      c:\windows\system32\drivers\djsvs.sys - Ok
      >c:\windows\system32\drivers\bridge.sys - packed by FLY-CODE
      c:\windows\system32\drivers\disk.sys - Ok
      c:\windows\system32\drivers\adpahci.sys - Ok
      c:\windows\system32\drivers\cmdide.sys - Ok
      c:\windows\system32\drivers\dxgkrnl.sys - Ok
      c:\windows\system32\drivers\fs_rec.sys - Ok
      c:\windows\system32\drivers\fastfat.sys - Ok
      c:\windows\system32\drivers\hidir.sys - Ok
      c:\windows\system32\drivers\gagp30kx.sys - Ok
      c:\windows\system32\drivers\i2omp.sys - Ok
      c:\windows\system32\drivers\hpcisss.sys - Ok
      c:\windows\system32\drivers\iirsp.sys - Ok
      >c:\windows\system32\drivers\intelide.sys - packed by FLY-CODE
      c:\windows\system32\drivers\iastorv.sys - Ok
      c:\windows\system32\drivers\ipmidrv.sys - Ok
      c:\windows\system32\drivers\bridge.sys - Ok
      c:\windows\system32\drivers\ipnat.sys - Ok
      c:\windows\system32\drivers\exfat.sys - Ok
      c:\windows\system32\drivers\iteatapi.sys - Ok
      c:\windows\system32\dfsr.exe - Ok
      c:\windows\system32\drivers\lsi_fc.sys - Ok

      y asi hasta... Total records count: 3511701 (el texto es muy largo)
      Anti-rootkit module version (API 5.00 / 5.00)

    Página 1 de 2 12 ÚltimoÚltimo