• Registrarse
  • Iniciar sesión


  • Resultados 1 al 8 de 8

    Tengo muchos Trojanos, ya no se que hacer!

    Buenas Tardes Espero que me puedan ayudar, estoy teniendo muchos problemas con trojanos, ya me estoy volviendo loco por que no los puedo eliminar... son los siguientes: Agent. BA Trojan Patched. A. Gen Trojan Sirefef. ...

    1. #1
      Usuario Avatar de Daniel Rmz
      Registrado
      ene 2013
      Mensajes
      6

      Tengo muchos Trojanos, ya no se que hacer!

      Buenas Tardes

      Espero que me puedan ayudar, estoy teniendo muchos problemas con trojanos, ya me estoy volviendo loco por que no los puedo eliminar... son los siguientes:

      Agent. BA Trojan
      Patched. A. Gen Trojan
      Sirefef. AW
      Sirefef. EZ
      Sirefef. FD
      Conedex. C
      Conedex. B

      Estoy siguiendo los pasos de Leosolari que vi por ahi en una respuesta en un topic, ya corri lo que es el tdsskiller y guarde el reporte, ahorita estoy haciendo un analisis completo con Malwarebytes, guardare el reporte y seguire con Glary utilies y despues con Combo Fix... y pegare los reportes de lo que sea necesario...

      Saludos y espero que tengan un buen principio de año!

      Gracias!

    2. #2
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Tengo muchos Trojanos, ya no se que hacer!

      Hola


      Pasá por este Link, y hacé exactamente lo que ahí se te indica:


      Guía de cómo eliminar el Rootkit.ZeroAccess - Sirefef


      Cuando termines, Volves con los reportes de TDSSKiller y Malwarebytes, y Nos comentas como va Tu ordenador ahora.



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    3. #3
      Usuario Avatar de Daniel Rmz
      Registrado
      ene 2013
      Mensajes
      6

      Re: Tengo muchos Trojanos, ya no se que hacer!

      Creo que ya quedo al 100 mi compu, ya no me han aparecido ningun mensaje de los trojanos que mencione, valio la pena todaaaa la espera... aqui les dejo los informes, saludooos y milll gracias!!

      12:32:39.0503 1224 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      12:32:41.0047 1224 ============================================================
      12:32:41.0047 1224 Current date / time: 2013/01/14 12:32:41.0047
      12:32:41.0047 1224 SystemInfo:
      12:32:41.0047 1224
      12:32:41.0047 1224 OS Version: 6.1.7601 ServicePack: 1.0
      12:32:41.0047 1224 Product type: Workstation
      12:32:41.0047 1224 ComputerName: DANIELRMZ-PC
      12:32:41.0047 1224 UserName: Daniel Rmz
      12:32:41.0047 1224 Windows directory: C:\windows
      12:32:41.0047 1224 System windows directory: C:\windows
      12:32:41.0047 1224 Running under WOW64
      12:32:41.0048 1224 Processor architecture: Intel x64
      12:32:41.0048 1224 Number of processors: 2
      12:32:41.0048 1224 Page size: 0x1000
      12:32:41.0048 1224 Boot type: Normal boot
      12:32:41.0048 1224 ============================================================
      12:32:42.0016 1224 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      12:32:42.0021 1224 ============================================================
      12:32:42.0021 1224 \Device\Harddisk0\DR0:
      12:32:42.0021 1224 MBR partitions:
      12:32:42.0021 1224 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38B3B800
      12:32:42.0021 1224 ============================================================
      12:32:42.0048 1224 C: <-> \Device\Harddisk0\DR0\Partition1
      12:32:42.0048 1224 ============================================================
      12:32:42.0048 1224 Initialize success
      12:32:42.0048 1224 ============================================================
      12:32:58.0853 4380 ============================================================
      12:32:58.0853 4380 Scan started
      12:32:58.0853 4380 Mode: Manual; SigCheck; TDLFS;
      12:32:58.0853 4380 ============================================================
      12:32:59.0259 4380 ================ Scan system memory ========================
      12:32:59.0259 4380 System memory - ok
      12:32:59.0260 4380 ================ Scan services =============================
      12:32:59.0505 4380 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
      12:32:59.0625 4380 1394ohci - ok
      12:32:59.0772 4380 [ A15069EEC83EBC54150564B2585CFDBA ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
      12:32:59.0813 4380 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
      12:32:59.0891 4380 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
      12:32:59.0921 4380 ACPI - ok
      12:32:59.0967 4380 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
      12:32:59.0997 4380 AcpiPmi - ok
      12:33:00.0112 4380 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      12:33:00.0129 4380 AdobeARMservice - ok
      12:33:00.0179 4380 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
      12:33:00.0243 4380 adp94xx - ok
      12:33:00.0344 4380 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
      12:33:00.0413 4380 adpahci - ok
      12:33:00.0444 4380 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
      12:33:00.0460 4380 adpu320 - ok
      12:33:00.0508 4380 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
      12:33:00.0547 4380 AeLookupSvc - ok
      12:33:00.0593 4380 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
      12:33:00.0613 4380 AFD - ok
      12:33:00.0680 4380 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
      12:33:00.0738 4380 AgereSoftModem - ok
      12:33:00.0784 4380 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
      12:33:00.0807 4380 agp440 - ok
      12:33:00.0841 4380 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
      12:33:00.0912 4380 ALG - ok
      12:33:00.0962 4380 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
      12:33:00.0990 4380 aliide - ok
      12:33:01.0008 4380 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
      12:33:01.0020 4380 amdide - ok
      12:33:01.0045 4380 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
      12:33:01.0061 4380 AmdK8 - ok
      12:33:01.0073 4380 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
      12:33:01.0092 4380 AmdPPM - ok
      12:33:01.0143 4380 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
      12:33:01.0199 4380 amdsata - ok
      12:33:01.0221 4380 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
      12:33:01.0252 4380 amdsbs - ok
      12:33:01.0266 4380 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
      12:33:01.0279 4380 amdxata - ok
      12:33:01.0314 4380 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
      12:33:01.0394 4380 AppID - ok
      12:33:01.0456 4380 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
      12:33:01.0493 4380 AppIDSvc - ok
      12:33:01.0545 4380 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
      12:33:01.0593 4380 Appinfo - ok
      12:33:01.0667 4380 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      12:33:01.0677 4380 Apple Mobile Device - ok
      12:33:01.0733 4380 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
      12:33:01.0776 4380 arc - ok
      12:33:01.0805 4380 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
      12:33:01.0819 4380 arcsas - ok
      12:33:01.0833 4380 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
      12:33:01.0870 4380 AsyncMac - ok
      12:33:01.0912 4380 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
      12:33:01.0926 4380 atapi - ok
      12:33:02.0001 4380 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\windows\system32\DRIVERS\athrx.sys
      12:33:02.0074 4380 athr - ok
      12:33:02.0148 4380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
      12:33:02.0207 4380 AudioEndpointBuilder - ok
      12:33:02.0218 4380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
      12:33:02.0261 4380 AudioSrv - ok
      12:33:02.0305 4380 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
      12:33:02.0371 4380 AxInstSV - ok
      12:33:02.0408 4380 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
      12:33:02.0447 4380 b06bdrv - ok
      12:33:02.0476 4380 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
      12:33:02.0508 4380 b57nd60a - ok
      12:33:02.0599 4380 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
      12:33:02.0623 4380 BBSvc - ok
      12:33:02.0669 4380 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
      12:33:02.0727 4380 BDESVC - ok
      12:33:02.0763 4380 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
      12:33:02.0800 4380 Beep - ok
      12:33:02.0856 4380 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
      12:33:02.0907 4380 BFE - ok
      12:33:02.0990 4380 [ 8DC837789BBF0E1BEF252A8F7C101F7B ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
      12:33:03.0023 4380 BingDesktopUpdate - ok
      12:33:03.0070 4380 BITCOMET_HELPER_SERVICE - ok
      12:33:03.0156 4380 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
      12:33:03.0211 4380 BITS - ok
      12:33:03.0233 4380 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
      12:33:03.0263 4380 blbdrive - ok
      12:33:03.0353 4380 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
      12:33:03.0370 4380 Bonjour Service - ok
      12:33:03.0421 4380 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
      12:33:03.0435 4380 bowser - ok
      12:33:03.0498 4380 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
      12:33:03.0522 4380 BrFiltLo - ok
      12:33:03.0546 4380 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
      12:33:03.0563 4380 BrFiltUp - ok
      12:33:03.0615 4380 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
      12:33:03.0631 4380 Browser - ok
      12:33:03.0688 4380 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
      12:33:03.0716 4380 Brserid - ok
      12:33:03.0729 4380 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
      12:33:03.0761 4380 BrSerWdm - ok
      12:33:03.0790 4380 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
      12:33:03.0806 4380 BrUsbMdm - ok
      12:33:03.0848 4380 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
      12:33:03.0862 4380 BrUsbSer - ok
      12:33:03.0916 4380 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
      12:33:03.0933 4380 BthEnum - ok
      12:33:03.0977 4380 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
      12:33:04.0066 4380 BTHMODEM - ok
      12:33:04.0096 4380 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
      12:33:04.0114 4380 BthPan - ok
      12:33:04.0175 4380 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
      12:33:04.0255 4380 BTHPORT - ok
      12:33:04.0283 4380 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
      12:33:04.0322 4380 bthserv - ok
      12:33:04.0357 4380 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
      12:33:04.0370 4380 BTHUSB - ok
      12:33:04.0397 4380 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
      12:33:04.0455 4380 cdfs - ok
      12:33:04.0581 4380 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
      12:33:04.0622 4380 cdrom - ok
      12:33:04.0670 4380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
      12:33:04.0707 4380 CertPropSvc - ok
      12:33:04.0821 4380 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
      12:33:04.0834 4380 cfWiMAXService - ok
      12:33:04.0887 4380 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
      12:33:04.0904 4380 circlass - ok
      12:33:04.0955 4380 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
      12:33:05.0006 4380 CLFS - ok
      12:33:05.0084 4380 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      12:33:05.0097 4380 clr_optimization_v2.0.50727_32 - ok
      12:33:05.0148 4380 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      12:33:05.0164 4380 clr_optimization_v2.0.50727_64 - ok
      12:33:05.0239 4380 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      12:33:05.0261 4380 clr_optimization_v4.0.30319_32 - ok
      12:33:05.0286 4380 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      12:33:05.0310 4380 clr_optimization_v4.0.30319_64 - ok
      12:33:05.0334 4380 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
      12:33:05.0382 4380 CmBatt - ok
      12:33:05.0407 4380 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
      12:33:05.0432 4380 cmdide - ok
      12:33:05.0476 4380 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
      12:33:05.0531 4380 CNG - ok
      12:33:05.0557 4380 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
      12:33:05.0585 4380 Compbatt - ok
      12:33:05.0627 4380 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
      12:33:05.0644 4380 CompositeBus - ok
      12:33:05.0651 4380 COMSysApp - ok
      12:33:05.0678 4380 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
      12:33:05.0687 4380 ConfigFree Gadget Service - ok
      12:33:05.0717 4380 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
      12:33:05.0727 4380 ConfigFree Service - ok
      12:33:05.0755 4380 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
      12:33:05.0769 4380 crcdisk - ok
      12:33:05.0815 4380 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
      12:33:05.0822 4380 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
      12:33:05.0822 4380 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
      12:33:05.0868 4380 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
      12:33:05.0894 4380 CryptSvc - ok
      12:33:05.0964 4380 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
      12:33:05.0981 4380 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
      12:33:05.0981 4380 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
      12:33:06.0067 4380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
      12:33:06.0109 4380 DcomLaunch - ok
      12:33:06.0154 4380 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
      12:33:06.0194 4380 defragsvc - ok
      12:33:06.0228 4380 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
      12:33:06.0267 4380 DfsC - ok
      12:33:06.0315 4380 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
      12:33:06.0327 4380 dg_ssudbus - ok
      12:33:06.0396 4380 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
      12:33:06.0453 4380 Dhcp - ok
      12:33:06.0483 4380 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
      12:33:06.0556 4380 discache - ok
      12:33:06.0588 4380 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
      12:33:06.0618 4380 Disk - ok
      12:33:06.0674 4380 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
      12:33:06.0702 4380 Dnscache - ok
      12:33:06.0749 4380 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
      12:33:06.0788 4380 dot3svc - ok
      12:33:06.0836 4380 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
      12:33:06.0885 4380 Dot4 - ok
      12:33:06.0927 4380 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
      12:33:06.0955 4380 Dot4Print - ok
      12:33:06.0997 4380 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
      12:33:07.0044 4380 dot4usb - ok
      12:33:07.0093 4380 [ 32DFFB0F96F0978606BC1043B50D54CD ] DpHost C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
      12:33:07.0158 4380 DpHost ( UnsignedFile.Multi.Generic ) - warning
      12:33:07.0158 4380 DpHost - detected UnsignedFile.Multi.Generic (1)
      12:33:07.0234 4380 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
      12:33:07.0280 4380 DPS - ok
      12:33:07.0321 4380 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
      12:33:07.0338 4380 drmkaud - ok
      12:33:07.0397 4380 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
      12:33:07.0444 4380 DXGKrnl - ok
      12:33:07.0504 4380 [ A2D551A61EC9E8A4BC5DF17BC1FEFEAD ] eamon C:\windows\system32\DRIVERS\eamon.sys
      12:33:07.0525 4380 eamon - ok
      12:33:07.0578 4380 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
      12:33:07.0654 4380 EapHost - ok
      12:33:07.0738 4380 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
      12:33:07.0802 4380 ebdrv - ok
      12:33:07.0843 4380 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
      12:33:07.0858 4380 EFS - ok
      12:33:07.0917 4380 [ F3448EE861344636DA8ED1B3F5E8E1A8 ] ehdrv C:\windows\system32\DRIVERS\ehdrv.sys
      12:33:07.0938 4380 ehdrv - ok
      12:33:08.0041 4380 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
      12:33:08.0104 4380 ehRecvr - ok
      12:33:08.0130 4380 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
      12:33:08.0211 4380 ehSched - ok
      12:33:08.0294 4380 [ D881E29C2973427406A1B506F636C971 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
      12:33:08.0312 4380 EhttpSrv - ok
      12:33:08.0369 4380 [ FDDAD27E9A20D0DAC04FACBF67AFBFC1 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
      12:33:08.0402 4380 ekrn - ok
      12:33:08.0440 4380 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
      12:33:08.0461 4380 elxstor - ok
      12:33:08.0535 4380 [ 0794D2FA7C69C4ACF3AD3439B6FC8745 ] EMP_UDSA C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
      12:33:08.0547 4380 EMP_UDSA - ok
      12:33:08.0596 4380 [ 869C98321F4B468A077CE8A8B385E8F3 ] epfw C:\windows\system32\DRIVERS\epfw.sys
      12:33:08.0609 4380 epfw - ok
      12:33:08.0622 4380 [ BE1F150790123E1077CF95990394339D ] Epfwndis C:\windows\system32\DRIVERS\Epfwndis.sys
      12:33:08.0633 4380 Epfwndis - ok
      12:33:08.0643 4380 [ B9800EC450DB12C7ADF05B67E1AB8A48 ] epfwwfp C:\windows\system32\DRIVERS\epfwwfp.sys
      12:33:08.0653 4380 epfwwfp - ok
      12:33:08.0674 4380 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
      12:33:08.0728 4380 ErrDev - ok
      12:33:08.0779 4380 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
      12:33:08.0821 4380 EventSystem - ok
      12:33:08.0847 4380 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
      12:33:08.0916 4380 exfat - ok
      12:33:08.0940 4380 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
      12:33:09.0011 4380 fastfat - ok
      12:33:09.0094 4380 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
      12:33:09.0168 4380 Fax - ok
      12:33:09.0214 4380 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
      12:33:09.0258 4380 fdc - ok
      12:33:09.0327 4380 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
      12:33:09.0372 4380 fdPHost - ok
      12:33:09.0408 4380 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
      12:33:09.0447 4380 FDResPub - ok
      12:33:09.0486 4380 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
      12:33:09.0500 4380 FileInfo - ok
      12:33:09.0551 4380 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
      12:33:09.0623 4380 Filetrace - ok
      12:33:09.0649 4380 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
      12:33:09.0663 4380 flpydisk - ok
      12:33:09.0708 4380 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
      12:33:09.0757 4380 FltMgr - ok
      12:33:09.0811 4380 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
      12:33:09.0882 4380 FontCache - ok
      12:33:09.0964 4380 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      12:33:09.0981 4380 FontCache3.0.0.0 - ok
      12:33:10.0027 4380 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
      12:33:10.0051 4380 FsDepends - ok
      12:33:10.0088 4380 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
      12:33:10.0098 4380 fssfltr - ok
      12:33:10.0202 4380 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
      12:33:10.0238 4380 fsssvc - ok
      12:33:10.0280 4380 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
      12:33:10.0293 4380 Fs_Rec - ok
      12:33:10.0336 4380 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
      12:33:10.0387 4380 fvevol - ok
      12:33:10.0418 4380 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
      12:33:10.0430 4380 FwLnk - ok
      12:33:10.0460 4380 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
      12:33:10.0519 4380 gagp30kx - ok
      12:33:10.0577 4380 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
      12:33:10.0598 4380 GameConsoleService - ok
      12:33:10.0650 4380 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
      12:33:10.0727 4380 GEARAspiWDM - ok
      12:33:10.0766 4380 [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt C:\windows\system32\DRIVERS\ggflt.sys
      12:33:10.0784 4380 ggflt - ok
      12:33:10.0807 4380 [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc C:\windows\system32\DRIVERS\ggsemc.sys
      12:33:10.0833 4380 ggsemc - ok
      12:33:10.0880 4380 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
      12:33:10.0947 4380 gpsvc - ok
      12:33:11.0056 4380 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      12:33:11.0079 4380 gupdate - ok
      12:33:11.0085 4380 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      12:33:11.0099 4380 gupdatem - ok
      12:33:11.0127 4380 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
      12:33:11.0139 4380 gusvc - ok
      12:33:11.0144 4380 hakhvpea - ok
      12:33:11.0170 4380 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
      12:33:11.0199 4380 hcw85cir - ok
      12:33:11.0250 4380 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
      12:33:11.0281 4380 HdAudAddService - ok
      12:33:11.0308 4380 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
      12:33:11.0325 4380 HDAudBus - ok
      12:33:11.0348 4380 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
      12:33:11.0415 4380 HidBatt - ok
      12:33:11.0446 4380 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
      12:33:11.0464 4380 HidBth - ok
      12:33:11.0505 4380 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
      12:33:11.0553 4380 HidIr - ok
      12:33:11.0598 4380 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
      12:33:11.0655 4380 hidserv - ok
      12:33:11.0689 4380 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
      12:33:11.0719 4380 HidUsb - ok
      12:33:11.0757 4380 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
      12:33:11.0806 4380 hkmsvc - ok
      12:33:11.0859 4380 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
      12:33:11.0929 4380 HomeGroupListener - ok
      12:33:11.0985 4380 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
      12:33:12.0037 4380 HomeGroupProvider - ok
      12:33:12.0164 4380 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
      12:33:12.0229 4380 hpqcxs08 - ok
      12:33:12.0264 4380 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
      12:33:12.0273 4380 hpqddsvc - ok
      12:33:12.0315 4380 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
      12:33:12.0329 4380 HpSAMD - ok
      12:33:12.0381 4380 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
      12:33:12.0399 4380 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
      12:33:12.0399 4380 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
      12:33:12.0442 4380 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\windows\system32\Drivers\ANDROIDUSB.sys
      12:33:12.0516 4380 HTCAND64 - ok
      12:33:12.0553 4380 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\windows\system32\DRIVERS\htcnprot.sys
      12:33:12.0565 4380 htcnprot - ok
      12:33:12.0614 4380 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
      12:33:12.0675 4380 HTTP - ok
      12:33:12.0716 4380 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
      12:33:12.0744 4380 hwpolicy - ok
      12:33:12.0778 4380 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
      12:33:12.0793 4380 i8042prt - ok
      12:33:12.0827 4380 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
      12:33:12.0844 4380 iaStor - ok
      12:33:12.0868 4380 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
      12:33:12.0887 4380 iaStorV - ok
      12:33:12.0959 4380 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      12:33:12.0991 4380 idsvc - ok
      12:33:13.0162 4380 [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
      12:33:13.0290 4380 igfx - ok
      12:33:13.0317 4380 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
      12:33:13.0330 4380 iirsp - ok
      12:33:13.0387 4380 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
      12:33:13.0453 4380 IKEEXT - ok
      12:33:13.0534 4380 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
      12:33:13.0577 4380 IntcAzAudAddService - ok
      12:33:13.0608 4380 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys
      12:33:13.0620 4380 IntcHdmiAddService - ok
      12:33:13.0662 4380 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
      12:33:13.0674 4380 intelide - ok
      12:33:13.0702 4380 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
      12:33:13.0733 4380 intelppm - ok
      12:33:13.0801 4380 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
      12:33:13.0840 4380 IPBusEnum - ok
      12:33:13.0921 4380 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
      12:33:13.0970 4380 IpFilterDriver - ok
      12:33:14.0036 4380 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
      12:33:14.0069 4380 iphlpsvc - ok
      12:33:14.0131 4380 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
      12:33:14.0156 4380 IPMIDRV - ok
      12:33:14.0196 4380 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
      12:33:14.0253 4380 IPNAT - ok
      12:33:14.0314 4380 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
      12:33:14.0335 4380 iPod Service - ok
      12:33:14.0360 4380 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
      12:33:14.0380 4380 IRENUM - ok
      12:33:14.0425 4380 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
      12:33:14.0468 4380 isapnp - ok
      12:33:14.0487 4380 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
      12:33:14.0504 4380 iScsiPrt - ok
      12:33:14.0520 4380 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
      12:33:14.0534 4380 kbdclass - ok
      12:33:14.0577 4380 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
      12:33:14.0602 4380 kbdhid - ok
      12:33:14.0622 4380 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
      12:33:14.0637 4380 KeyIso - ok
      12:33:14.0694 4380 [ 64801398A9EA492548703CC5F0109F87 ] ksaud C:\windows\system32\drivers\ksaud.sys
      12:33:14.0743 4380 ksaud - ok
      12:33:14.0782 4380 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
      12:33:14.0808 4380 KSecDD - ok
      12:33:14.0831 4380 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
      12:33:14.0846 4380 KSecPkg - ok
      12:33:14.0874 4380 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
      12:33:14.0911 4380 ksthunk - ok
      12:33:14.0956 4380 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
      12:33:14.0998 4380 KtmRm - ok
      12:33:15.0047 4380 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
      12:33:15.0136 4380 LanmanServer - ok
      12:33:15.0181 4380 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
      12:33:15.0220 4380 LanmanWorkstation - ok
      12:33:15.0253 4380 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
      12:33:15.0307 4380 lltdio - ok
      12:33:15.0374 4380 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
      12:33:15.0415 4380 lltdsvc - ok
      12:33:15.0454 4380 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
      12:33:15.0493 4380 lmhosts - ok
      12:33:15.0527 4380 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
      12:33:15.0557 4380 LSI_FC - ok
      12:33:15.0603 4380 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
      12:33:15.0644 4380 LSI_SAS - ok
      12:33:15.0663 4380 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
      12:33:15.0677 4380 LSI_SAS2 - ok
      12:33:15.0695 4380 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
      12:33:15.0726 4380 LSI_SCSI - ok
      12:33:15.0751 4380 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
      12:33:15.0789 4380 luafv - ok
      12:33:15.0794 4380 lxbv_device - ok
      12:33:15.0819 4380 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
      12:33:15.0829 4380 MBAMProtector - ok
      12:33:15.0855 4380 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      12:33:15.0872 4380 MBAMScheduler - ok
      12:33:15.0904 4380 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      12:33:15.0923 4380 MBAMService - ok
      12:33:15.0959 4380 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
      12:33:15.0976 4380 Mcx2Svc - ok
      12:33:16.0004 4380 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
      12:33:16.0048 4380 megasas - ok
      12:33:16.0069 4380 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
      12:33:16.0104 4380 MegaSR - ok
      12:33:16.0145 4380 Microsoft SharePoint Workspace Audit Service - ok
      12:33:16.0194 4380 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
      12:33:16.0270 4380 MMCSS - ok
      12:33:16.0275 4380 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
      12:33:16.0315 4380 Modem - ok
      12:33:16.0348 4380 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
      12:33:16.0380 4380 monitor - ok
      12:33:16.0484 4380 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
      12:33:16.0507 4380 mouclass - ok
      12:33:16.0526 4380 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
      12:33:16.0546 4380 mouhid - ok
      12:33:16.0590 4380 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
      12:33:16.0632 4380 mountmgr - ok
      12:33:16.0673 4380 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
      12:33:16.0688 4380 mpio - ok
      12:33:16.0733 4380 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
      12:33:16.0784 4380 mpsdrv - ok
      12:33:16.0844 4380 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
      12:33:16.0904 4380 MpsSvc - ok
      12:33:16.0956 4380 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
      12:33:16.0986 4380 MRxDAV - ok
      12:33:17.0036 4380 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
      12:33:17.0083 4380 mrxsmb - ok
      12:33:17.0139 4380 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
      12:33:17.0204 4380 mrxsmb10 - ok
      12:33:17.0273 4380 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
      12:33:17.0288 4380 mrxsmb20 - ok
      12:33:17.0354 4380 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
      12:33:17.0367 4380 msahci - ok
      12:33:17.0398 4380 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
      12:33:17.0414 4380 msdsm - ok
      12:33:17.0456 4380 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
      12:33:17.0474 4380 MSDTC - ok
      12:33:17.0512 4380 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
      12:33:17.0551 4380 Msfs - ok
      12:33:17.0567 4380 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
      12:33:17.0605 4380 mshidkmdf - ok
      12:33:17.0651 4380 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
      12:33:17.0664 4380 msisadrv - ok
      12:33:17.0691 4380 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
      12:33:17.0733 4380 MSiSCSI - ok
      12:33:17.0738 4380 msiserver - ok
      12:33:17.0770 4380 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
      12:33:17.0810 4380 MSKSSRV - ok
      12:33:17.0850 4380 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
      12:33:17.0889 4380 MSPCLOCK - ok
      12:33:17.0915 4380 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
      12:33:17.0969 4380 MSPQM - ok
      12:33:18.0021 4380 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
      12:33:18.0041 4380 MsRPC - ok
      12:33:18.0086 4380 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
      12:33:18.0110 4380 mssmbios - ok
      12:33:18.0211 4380 MSSQL$SQLEXPRESS - ok
      12:33:18.0256 4380 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
      12:33:18.0313 4380 MSSQLServerADHelper - ok
      12:33:18.0347 4380 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
      12:33:18.0386 4380 MSTEE - ok
      12:33:18.0410 4380 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
      12:33:18.0430 4380 MTConfig - ok
      12:33:18.0455 4380 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
      12:33:18.0486 4380 Mup - ok
      12:33:18.0533 4380 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
      12:33:18.0576 4380 napagent - ok
      12:33:18.0631 4380 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
      12:33:18.0654 4380 NativeWifiP - ok
      12:33:18.0705 4380 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
      12:33:18.0745 4380 NDIS - ok
      12:33:18.0798 4380 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
      12:33:18.0857 4380 NdisCap - ok
      12:33:18.0892 4380 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
      12:33:18.0939 4380 NdisTapi - ok
      12:33:18.0987 4380 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
      12:33:19.0027 4380 Ndisuio - ok
      12:33:19.0072 4380 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
      12:33:19.0136 4380 NdisWan - ok
      12:33:19.0174 4380 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
      12:33:19.0247 4380 NDProxy - ok
      12:33:19.0316 4380 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
      12:33:19.0339 4380 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      12:33:19.0339 4380 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      12:33:19.0377 4380 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
      12:33:19.0401 4380 Netaapl - ok
      12:33:19.0437 4380 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
      12:33:19.0492 4380 NetBIOS - ok
      12:33:19.0538 4380 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
      12:33:19.0597 4380 NetBT - ok
      12:33:19.0623 4380 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
      12:33:19.0638 4380 Netlogon - ok
      12:33:19.0676 4380 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
      12:33:19.0743 4380 Netman - ok
      12:33:19.0793 4380 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
      12:33:19.0885 4380 netprofm - ok
      12:33:19.0941 4380 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
      12:33:19.0954 4380 NetTcpPortSharing - ok
      12:33:20.0007 4380 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
      12:33:20.0027 4380 nfrd960 - ok
      12:33:20.0068 4380 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
      12:33:20.0086 4380 NlaSvc - ok
      12:33:20.0100 4380 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
      12:33:20.0165 4380 Npfs - ok
      12:33:20.0193 4380 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
      12:33:20.0245 4380 nsi - ok
      12:33:20.0279 4380 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
      12:33:20.0337 4380 nsiproxy - ok
      12:33:20.0414 4380 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
      12:33:20.0472 4380 Ntfs - ok
      12:33:20.0496 4380 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
      12:33:20.0551 4380 Null - ok
      12:33:20.0595 4380 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
      12:33:20.0626 4380 nvraid - ok
      12:33:20.0639 4380 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
      12:33:20.0656 4380 nvstor - ok
      12:33:20.0670 4380 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
      12:33:20.0686 4380 nv_agp - ok
      12:33:20.0720 4380 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
      12:33:20.0742 4380 ohci1394 - ok
      12:33:20.0786 4380 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      12:33:20.0798 4380 ose64 - ok
      12:33:21.0006 4380 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      12:33:21.0096 4380 osppsvc - ok
      12:33:21.0136 4380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
      12:33:21.0189 4380 p2pimsvc - ok
      12:33:21.0220 4380 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
      12:33:21.0241 4380 p2psvc - ok
      12:33:21.0283 4380 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
      12:33:21.0299 4380 Parport - ok
      12:33:21.0363 4380 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
      12:33:21.0377 4380 partmgr - ok
      12:33:21.0442 4380 [ A1E779A0CF7A21B42E8FD3E8856D8481 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
      12:33:21.0450 4380 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
      12:33:21.0451 4380 PassThru Service - detected UnsignedFile.Multi.Generic (1)
      12:33:21.0485 4380 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
      12:33:21.0508 4380 PcaSvc - ok
      12:33:21.0549 4380 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
      12:33:21.0597 4380 pci - ok
      12:33:21.0614 4380 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
      12:33:21.0643 4380 pciide - ok
      12:33:21.0677 4380 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
      12:33:21.0693 4380 pcmcia - ok
      12:33:21.0708 4380 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
      12:33:21.0738 4380 pcw - ok
      12:33:21.0762 4380 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
      12:33:21.0834 4380 PEAUTH - ok
      12:33:21.0933 4380 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
      12:33:21.0960 4380 PerfHost - ok
      12:33:22.0022 4380 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
      12:33:22.0039 4380 PGEffect - ok
      12:33:22.0116 4380 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
      12:33:22.0175 4380 pla - ok
      12:33:22.0222 4380 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
      12:33:22.0254 4380 PlugPlay - ok
      12:33:22.0285 4380 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
      12:33:22.0291 4380 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      12:33:22.0291 4380 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      12:33:22.0342 4380 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
      12:33:22.0358 4380 PNRPAutoReg - ok
      12:33:22.0392 4380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
      12:33:22.0411 4380 PNRPsvc - ok
      12:33:22.0460 4380 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
      12:33:22.0529 4380 PolicyAgent - ok
      12:33:22.0581 4380 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
      12:33:22.0625 4380 Power - ok
      12:33:22.0679 4380 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
      12:33:22.0718 4380 PptpMiniport - ok
      12:33:22.0753 4380 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
      12:33:22.0767 4380 Processor - ok
      12:33:22.0816 4380 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
      12:33:22.0847 4380 ProfSvc - ok
      12:33:22.0856 4380 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
      12:33:22.0871 4380 ProtectedStorage - ok
      12:33:22.0921 4380 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
      12:33:22.0962 4380 Psched - ok
      12:33:23.0002 4380 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
      12:33:23.0013 4380 PxHlpa64 - ok
      12:33:23.0079 4380 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
      12:33:23.0125 4380 ql2300 - ok
      12:33:23.0142 4380 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
      12:33:23.0157 4380 ql40xx - ok
      12:33:23.0187 4380 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
      12:33:23.0214 4380 QWAVE - ok
      12:33:23.0244 4380 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
      12:33:23.0313 4380 QWAVEdrv - ok
      12:33:23.0352 4380 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
      12:33:23.0405 4380 RasAcd - ok
      12:33:23.0434 4380 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
      12:33:23.0476 4380 RasAgileVpn - ok
      12:33:23.0508 4380 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
      12:33:23.0553 4380 RasAuto - ok
      12:33:23.0595 4380 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
      12:33:23.0631 4380 Rasl2tp - ok
      12:33:23.0680 4380 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
      12:33:23.0722 4380 RasMan - ok
      12:33:23.0760 4380 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
      12:33:23.0799 4380 RasPppoe - ok
      12:33:23.0819 4380 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
      12:33:23.0873 4380 RasSstp - ok
      12:33:23.0936 4380 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
      12:33:24.0018 4380 rdbss - ok
      12:33:24.0061 4380 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
      12:33:24.0121 4380 rdpbus - ok
      12:33:24.0169 4380 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
      12:33:24.0220 4380 RDPCDD - ok
      12:33:24.0265 4380 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
      12:33:24.0331 4380 RDPENCDD - ok
      12:33:24.0372 4380 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
      12:33:24.0410 4380 RDPREFMP - ok
      12:33:24.0466 4380 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
      12:33:24.0509 4380 RDPWD - ok
      12:33:24.0553 4380 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
      12:33:24.0580 4380 rdyboost - ok
      12:33:24.0618 4380 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
      12:33:24.0673 4380 RemoteAccess - ok
      12:33:24.0692 4380 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
      12:33:24.0733 4380 RemoteRegistry - ok
      12:33:24.0769 4380 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
      12:33:24.0804 4380 RFCOMM - ok
      12:33:24.0827 4380 [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci C:\windows\system32\DRIVERS\rimspe64.sys
      12:33:24.0841 4380 rimspci - ok
      12:33:24.0907 4380 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\windows\system32\Drivers\RimUsb_AMD64.sys
      12:33:24.0999 4380 RimUsb - ok
      12:33:25.0057 4380 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
      12:33:25.0069 4380 RimVSerPort - ok
      12:33:25.0093 4380 [ 7DDA2E5CF452DAD24B1BE704225C18EE ] risdpcie C:\windows\system32\DRIVERS\risdpe64.sys
      12:33:25.0105 4380 risdpcie - ok
      12:33:25.0138 4380 [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie C:\windows\system32\DRIVERS\rixdpe64.sys
      12:33:25.0198 4380 rixdpcie - ok
      12:33:25.0240 4380 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
      12:33:25.0279 4380 ROOTMODEM - ok
      12:33:25.0525 4380 [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
      12:33:25.0565 4380 RoxMediaDB12 - ok
      12:33:25.0618 4380 [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
      12:33:25.0643 4380 RoxWatch12 - ok
      12:33:25.0677 4380 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
      12:33:25.0740 4380 RpcEptMapper - ok
      12:33:25.0790 4380 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
      12:33:25.0807 4380 RpcLocator - ok
      12:33:25.0869 4380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
      12:33:25.0911 4380 RpcSs - ok
      12:33:25.0922 4380 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
      12:33:25.0976 4380 rspndr - ok
      12:33:26.0039 4380 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
      12:33:26.0068 4380 RTL8167 - ok
      12:33:26.0138 4380 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
      12:33:26.0173 4380 rtl8192se - ok
      12:33:26.0215 4380 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\windows\system32\Drivers\Sahdad64.sys
      12:33:26.0234 4380 Sahdad64 - ok
      12:33:26.0249 4380 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\windows\system32\Drivers\Saibad64.sys
      12:33:26.0260 4380 Saibad64 - ok
      12:33:26.0301 4380 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\windows\system32\Drivers\SaibVdAd64.sys
      12:33:26.0342 4380 SaibVdAd64 - ok
      12:33:26.0356 4380 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
      12:33:26.0370 4380 SamSs - ok
      12:33:26.0430 4380 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
      12:33:26.0472 4380 sbp2port - ok
      12:33:26.0502 4380 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
      12:33:26.0560 4380 SCardSvr - ok
      12:33:26.0615 4380 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
      12:33:26.0663 4380 scfilter - ok
      12:33:26.0714 4380 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
      12:33:26.0764 4380 Schedule - ok
      12:33:26.0817 4380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
      12:33:26.0864 4380 SCPolicySvc - ok
      12:33:26.0902 4380 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys
      12:33:26.0920 4380 sdbus - ok
      12:33:26.0971 4380 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
      12:33:27.0069 4380 SDRSVC - ok
      12:33:27.0166 4380 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
      12:33:27.0193 4380 SeaPort - ok
      12:33:27.0247 4380 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
      12:33:27.0303 4380 secdrv - ok
      12:33:27.0337 4380 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
      12:33:27.0375 4380 seclogon - ok
      12:33:27.0404 4380 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
      12:33:27.0445 4380 SENS - ok
      12:33:27.0457 4380 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
      12:33:27.0541 4380 SensrSvc - ok
      12:33:27.0589 4380 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
      12:33:27.0638 4380 Serenum - ok
      12:33:27.0667 4380 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
      12:33:27.0739 4380 Serial - ok
      12:33:27.0780 4380 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
      12:33:27.0795 4380 sermouse - ok
      12:33:27.0843 4380 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
      12:33:27.0882 4380 SessionEnv - ok
      12:33:27.0925 4380 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
      12:33:27.0961 4380 sffdisk - ok
      12:33:28.0000 4380 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
      12:33:28.0013 4380 sffp_mmc - ok
      12:33:28.0027 4380 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
      12:33:28.0044 4380 sffp_sd - ok
      12:33:28.0079 4380 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
      12:33:28.0109 4380 sfloppy - ok
      12:33:28.0159 4380 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
      12:33:28.0201 4380 SharedAccess - ok
      12:33:28.0257 4380 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
      12:33:28.0312 4380 ShellHWDetection - ok
      12:33:28.0342 4380 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
      12:33:28.0387 4380 SiSRaid2 - ok
      12:33:28.0418 4380 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
      12:33:28.0448 4380 SiSRaid4 - ok
      12:33:28.0484 4380 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
      12:33:28.0496 4380 SkypeUpdate - ok
      12:33:28.0539 4380 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
      12:33:28.0579 4380 Smb - ok
      12:33:28.0613 4380 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
      12:33:28.0630 4380 SNMPTRAP - ok
      12:33:28.0636 4380 Sony PC Companion - ok
      12:33:28.0663 4380 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
      12:33:28.0692 4380 spldr - ok
      12:33:28.0762 4380 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
      12:33:28.0801 4380 Spooler - ok
      12:33:28.0927 4380 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
      12:33:29.0007 4380 sppsvc - ok
      12:33:29.0058 4380 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
      12:33:29.0119 4380 sppuinotify - ok
      12:33:29.0256 4380 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
      12:33:29.0281 4380 SQLBrowser - ok
      12:33:29.0399 4380 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      12:33:29.0419 4380 SQLWriter - ok
      12:33:29.0485 4380 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
      12:33:29.0539 4380 srv - ok
      12:33:29.0592 4380 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
      12:33:29.0610 4380 srv2 - ok
      12:33:29.0632 4380 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
      12:33:29.0649 4380 srvnet - ok
      12:33:29.0716 4380 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
      12:33:29.0757 4380 SSDPSRV - ok
      12:33:29.0767 4380 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
      12:33:29.0807 4380 SstpSvc - ok
      12:33:29.0850 4380 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
      12:33:29.0891 4380 ssudmdm - ok
      12:33:29.0938 4380 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
      12:33:29.0962 4380 stexstor - ok
      12:33:29.0999 4380 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys

      -------------------------------------------------------------------------------------------------------------------

    4. #4
      Usuario Avatar de Daniel Rmz
      Registrado
      ene 2013
      Mensajes
      6

      Re: Tengo muchos Trojanos, ya no se que hacer!

      12:33:30.0049 4380 StillCam - ok
      12:33:30.0114 4380 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
      12:33:30.0141 4380 stisvc - ok
      12:33:30.0181 4380 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
      12:33:30.0220 4380 swenum - ok
      12:33:30.0274 4380 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
      12:33:30.0327 4380 swprv - ok
      12:33:30.0358 4380 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
      12:33:30.0372 4380 SynTP - ok
      12:33:30.0468 4380 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
      12:33:30.0510 4380 SysMain - ok
      12:33:30.0570 4380 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
      12:33:30.0604 4380 TabletInputService - ok
      12:33:30.0680 4380 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
      12:33:30.0721 4380 TapiSrv - ok
      12:33:30.0749 4380 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
      12:33:30.0789 4380 TBS - ok
      12:33:30.0873 4380 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
      12:33:30.0922 4380 Tcpip - ok
      12:33:30.0989 4380 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
      12:33:31.0030 4380 TCPIP6 - ok
      12:33:31.0089 4380 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
      12:33:31.0103 4380 tcpipreg - ok
      12:33:31.0137 4380 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
      12:33:31.0147 4380 tdcmdpst - ok
      12:33:31.0185 4380 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
      12:33:31.0202 4380 TDPIPE - ok
      12:33:31.0235 4380 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
      12:33:31.0257 4380 TDTCP - ok
      12:33:31.0294 4380 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
      12:33:31.0348 4380 tdx - ok
      12:33:31.0399 4380 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
      12:33:31.0412 4380 TermDD - ok
      12:33:31.0466 4380 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
      12:33:31.0510 4380 TermService - ok
      12:33:31.0553 4380 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\windows\system32\themeservice.dll
      12:33:31.0559 4380 Themes ( UnsignedFile.Multi.Generic ) - warning
      12:33:31.0559 4380 Themes - detected UnsignedFile.Multi.Generic (1)
      12:33:31.0591 4380 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
      12:33:31.0603 4380 Thpdrv - ok
      12:33:31.0615 4380 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
      12:33:31.0626 4380 Thpevm - ok
      12:33:31.0662 4380 [ 6146EAC71AE3C9DA17B0E33632082B7B ] Thpsrv C:\windows\system32\ThpSrv.exe
      12:33:31.0681 4380 Thpsrv - ok
      12:33:31.0740 4380 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
      12:33:31.0778 4380 THREADORDER - ok
      12:33:31.0844 4380 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
      12:33:31.0862 4380 TMachInfo - ok
      12:33:31.0896 4380 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
      12:33:31.0913 4380 TODDSrv - ok
      12:33:31.0996 4380 [ 4DB8C79BCEA76063B83B13410366A1F7 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
      12:33:32.0015 4380 TosCoSrv - ok
      12:33:32.0063 4380 [ 32FF64D06A91DAA0331C624AFF442679 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
      12:33:32.0078 4380 TOSHIBA eco Utility Service - ok
      12:33:32.0114 4380 [ EDA12E9BC9A0F104C24101720EEC4785 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
      12:33:32.0125 4380 TOSHIBA HDD SSD Alert Service - ok
      12:33:32.0155 4380 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
      12:33:32.0172 4380 tos_sps64 - ok
      12:33:32.0222 4380 [ DE64C52BD0671165CF2EEBF2A728A3E2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
      12:33:32.0254 4380 TPCHSrv - ok
      12:33:32.0290 4380 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
      12:33:32.0342 4380 TrkWks - ok
      12:33:32.0412 4380 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
      12:33:32.0467 4380 TrustedInstaller - ok
      12:33:32.0515 4380 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
      12:33:32.0585 4380 tssecsrv - ok
      12:33:32.0616 4380 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
      12:33:32.0662 4380 TsUsbFlt - ok
      12:33:32.0714 4380 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
      12:33:32.0767 4380 tunnel - ok
      12:33:32.0852 4380 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
      12:33:32.0863 4380 TVALZ - ok
      12:33:32.0890 4380 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
      12:33:32.0903 4380 TVALZFL - ok
      12:33:32.0929 4380 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
      12:33:32.0960 4380 uagp35 - ok
      12:33:33.0000 4380 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
      12:33:33.0050 4380 udfs - ok
      12:33:33.0103 4380 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
      12:33:33.0121 4380 UI0Detect - ok
      12:33:33.0130 4380 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
      12:33:33.0144 4380 uliagpkx - ok
      12:33:33.0185 4380 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
      12:33:33.0221 4380 umbus - ok
      12:33:33.0254 4380 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
      12:33:33.0269 4380 UmPass - ok
      12:33:33.0327 4380 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
      12:33:33.0465 4380 upnphost - ok
      12:33:33.0513 4380 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
      12:33:33.0542 4380 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
      12:33:33.0542 4380 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
      12:33:33.0584 4380 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
      12:33:33.0620 4380 usbaudio - ok
      12:33:33.0657 4380 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
      12:33:33.0686 4380 usbccgp - ok
      12:33:33.0729 4380 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
      12:33:33.0768 4380 usbcir - ok
      12:33:33.0831 4380 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
      12:33:33.0860 4380 usbehci - ok
      12:33:33.0916 4380 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
      12:33:33.0953 4380 usbhub - ok
      12:33:33.0973 4380 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
      12:33:33.0988 4380 usbohci - ok
      12:33:34.0011 4380 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
      12:33:34.0027 4380 usbprint - ok
      12:33:34.0072 4380 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
      12:33:34.0089 4380 usbscan - ok
      12:33:34.0127 4380 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
      12:33:34.0149 4380 USBSTOR - ok
      12:33:34.0198 4380 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
      12:33:34.0221 4380 usbuhci - ok
      12:33:34.0269 4380 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
      12:33:34.0287 4380 usbvideo - ok
      12:33:34.0344 4380 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
      12:33:34.0396 4380 UxSms - ok
      12:33:34.0413 4380 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
      12:33:34.0427 4380 VaultSvc - ok
      12:33:34.0470 4380 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
      12:33:34.0494 4380 vdrvroot - ok
      12:33:34.0548 4380 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
      12:33:34.0613 4380 vds - ok
      12:33:34.0666 4380 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
      12:33:34.0685 4380 vga - ok
      12:33:34.0710 4380 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
      12:33:34.0763 4380 VgaSave - ok
      12:33:34.0802 4380 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
      12:33:34.0818 4380 vhdmp - ok
      12:33:34.0865 4380 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
      12:33:34.0877 4380 viaide - ok
      12:33:34.0895 4380 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
      12:33:34.0909 4380 volmgr - ok
      12:33:34.0955 4380 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
      12:33:34.0974 4380 volmgrx - ok
      12:33:35.0021 4380 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
      12:33:35.0038 4380 volsnap - ok
      12:33:35.0065 4380 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
      12:33:35.0097 4380 vsmraid - ok
      12:33:35.0174 4380 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
      12:33:35.0234 4380 VSS - ok
      12:33:35.0260 4380 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
      12:33:35.0276 4380 vwifibus - ok
      12:33:35.0292 4380 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
      12:33:35.0340 4380 vwififlt - ok
      12:33:35.0376 4380 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
      12:33:35.0410 4380 vwifimp - ok
      12:33:35.0455 4380 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
      12:33:35.0497 4380 W32Time - ok
      12:33:35.0533 4380 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
      12:33:35.0548 4380 WacomPen - ok
      12:33:35.0585 4380 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
      12:33:35.0637 4380 WANARP - ok
      12:33:35.0643 4380 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
      12:33:35.0680 4380 Wanarpv6 - ok
      12:33:35.0744 4380 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
      12:33:35.0775 4380 WatAdminSvc - ok
      12:33:35.0856 4380 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
      12:33:35.0914 4380 wbengine - ok
      12:33:35.0947 4380 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
      12:33:35.0969 4380 WbioSrvc - ok
      12:33:36.0019 4380 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
      12:33:36.0043 4380 wcncsvc - ok
      12:33:36.0077 4380 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
      12:33:36.0103 4380 WcsPlugInService - ok
      12:33:36.0131 4380 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
      12:33:36.0144 4380 Wd - ok
      12:33:36.0198 4380 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
      12:33:36.0240 4380 Wdf01000 - ok
      12:33:36.0278 4380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
      12:33:36.0335 4380 WdiServiceHost - ok
      12:33:36.0339 4380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
      12:33:36.0361 4380 WdiSystemHost - ok
      12:33:36.0410 4380 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
      12:33:36.0433 4380 WebClient - ok
      12:33:36.0462 4380 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
      12:33:36.0503 4380 Wecsvc - ok
      12:33:36.0534 4380 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
      12:33:36.0574 4380 wercplsupport - ok
      12:33:36.0592 4380 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
      12:33:36.0632 4380 WerSvc - ok
      12:33:36.0669 4380 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
      12:33:36.0722 4380 WfpLwf - ok
      12:33:36.0739 4380 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
      12:33:36.0753 4380 WIMMount - ok
      12:33:36.0784 4380 WinDefend - ok
      12:33:36.0790 4380 WinHttpAutoProxySvc - ok
      12:33:36.0841 4380 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
      12:33:36.0896 4380 Winmgmt - ok
      12:33:36.0998 4380 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
      12:33:37.0086 4380 WinRM - ok
      12:33:37.0159 4380 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
      12:33:37.0183 4380 WinUsb - ok
      12:33:37.0220 4380 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
      12:33:37.0256 4380 Wlansvc - ok
      12:33:37.0328 4380 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
      12:33:37.0346 4380 wlcrasvc - ok
      12:33:37.0466 4380 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      12:33:37.0510 4380 wlidsvc - ok
      12:33:37.0546 4380 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
      12:33:37.0560 4380 WmiAcpi - ok
      12:33:37.0596 4380 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
      12:33:37.0613 4380 wmiApSrv - ok
      12:33:37.0639 4380 WMPNetworkSvc - ok
      12:33:37.0677 4380 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
      12:33:37.0713 4380 WPCSvc - ok
      12:33:37.0745 4380 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
      12:33:37.0783 4380 WPDBusEnum - ok
      12:33:37.0812 4380 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
      12:33:37.0850 4380 ws2ifsl - ok
      12:33:37.0877 4380 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
      12:33:37.0899 4380 wscsvc - ok
      12:33:37.0903 4380 WSearch - ok
      12:33:38.0076 4380 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
      12:33:38.0132 4380 wuauserv - ok
      12:33:38.0176 4380 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
      12:33:38.0217 4380 WudfPf - ok
      12:33:38.0246 4380 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
      12:33:38.0261 4380 WUDFRd - ok
      12:33:38.0319 4380 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
      12:33:38.0346 4380 wudfsvc - ok
      12:33:38.0392 4380 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
      12:33:38.0422 4380 WwanSvc - ok
      12:33:38.0437 4380 ================ Scan global ===============================
      12:33:38.0483 4380 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
      12:33:38.0521 4380 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
      12:33:38.0529 4380 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
      12:33:38.0563 4380 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
      12:33:38.0613 4380 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\windows\system32\services.exe
      12:33:38.0616 4380 Suspicious file (NoAccess): C:\windows\system32\services.exe. md5: 50BEA589F7D7958BDD2528A8F69D05CC
      12:33:38.0616 4380 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
      12:33:38.0616 4380 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
      12:33:38.0617 4380 ================ Scan MBR ==================================
      12:33:38.0633 4380 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
      12:33:38.0900 4380 \Device\Harddisk0\DR0 - ok
      12:33:38.0901 4380 ================ Scan VBR ==================================
      12:33:38.0935 4380 [ 98938257E2B2777836945F7021FA03B3 ] \Device\Harddisk0\DR0\Partition1
      12:33:38.0937 4380 \Device\Harddisk0\DR0\Partition1 - ok
      12:33:38.0938 4380 ============================================================
      12:33:38.0938 4380 Scan finished
      12:33:38.0938 4380 ============================================================
      12:33:38.0957 1844 Detected object count: 10
      12:33:38.0957 1844 Actual detected object count: 10
      12:34:07.0130 1844 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0130 1844 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0130 1844 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0130 1844 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0133 1844 DpHost ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0133 1844 DpHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0136 1844 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0136 1844 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0138 1844 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0138 1844 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0140 1844 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0141 1844 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0143 1844 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0143 1844 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0146 1844 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0146 1844 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0151 1844 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
      12:34:07.0151 1844 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:34:07.0188 1844 C:\windows\system32\services.exe - copied to quarantine
      12:34:07.0752 1844 C:\windows\installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\@ - copied to quarantine
      12:34:07.0756 1844 C:\windows\installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L\00000004.@ - copied to quarantine
      12:34:07.0759 1844 C:\windows\installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L\201d3dde - copied to quarantine
      12:34:07.0770 1844 C:\windows\installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U\80000032.@ - copied to quarantine
      12:34:08.0370 1844 C:\windows\installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U\80000064.@ - copied to quarantine
      12:34:11.0821 1844 Backup copy not found, trying to cure infected file..
      12:34:11.0821 1844 C:\windows\system32\services.exe - Cure failed (FFFFFFFF)
      12:34:11.0821 1844 C:\windows\system32\services.exe - processing error
      12:34:11.0821 1844 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure

      -------------------------------------------------------------------------------------------------------------

    5. #5
      Usuario Avatar de Daniel Rmz
      Registrado
      ene 2013
      Mensajes
      6

      Re: Tengo muchos Trojanos, ya no se que hacer!

      Malwarebytes Anti-Malware 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.01.14.09

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Daniel Rmz :: DANIELRMZ-PC [administrador]

      14/01/2013 12:36:24 p.m.
      mbam-log-2013-01-14 (12-36-24).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 543070
      Tiempo transcurrido: 2 hora(s), 3 minuto(s), 3 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

    6. #6
      Usuario Avatar de Daniel Rmz
      Registrado
      ene 2013
      Mensajes
      6

      Re: Tengo muchos Trojanos, ya no se que hacer!

      ComboFix 13-01-14.01 - Daniel Rmz 14/01/2013 14:55:18.1.2 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.1033.18.3964.2738 [GMT -6:00]
      Running from: c:\users\Daniel Rmz\Downloads\Downloads of Chrome\ComboFix.exe
      AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
      FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
      SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Resident AV is active
      .
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\Program Files
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18chs.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18cht.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18csy.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18deu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18enu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18esp.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18fra.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18hun.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18ita.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18jpn.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18kor.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18plk.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18ptb.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcAuthEntities18rus.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18chs.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18cht.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18csy.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18deu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18enu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18esp.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18fra.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18hun.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18ita.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18jpn.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18kor.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18plk.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18ptb.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acax18rus.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcDgnCOM18.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\acETransmit18.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcFocusCtrl16.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcHelp.exe
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcInetEngine18.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcInetEngineps18.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcIpps16.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18chs.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18cht.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18csy.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18deu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18enu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18esp.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18fra.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18hun.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18ita.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18jpn.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18kor.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18plk.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18ptb.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcMPolygon18rus.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcObjClassImp18.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcShellEx\AcLauncher.exe
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AcSmComponents18.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AdComFolderWatch18.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AdDynHelp1.ocx
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\AdHelpSearch1.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\adresc16.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18chs.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18cht.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18csy.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18deu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18enu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18esp.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18fra.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18hun.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18ita.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18jpn.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18kor.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18plk.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18ptb.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\axdb18rus.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16chs.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16cht.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16csy.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16deu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16enu.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16esp.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16fra.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16hun.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16ita.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16jpn.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16kor.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16plk.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16ptb.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\cao16rus.tlb
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\ISYS8\ISYS.CWD
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\ISYS8\ISYS.NLI
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\ISYS8\ISYS8.DLL
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\ISYS8\ISYS8.KEY
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\ISYS8\ISYSPDF6.DLL
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\ISYS8\ISYSPDFL.DAT
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\ISYS8\ISYSPDFL.DLL
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\ISYS8\ISYSU8.DLL
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\mtstack16.exe
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\samlite_ug.chm
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\Thumbnail\AcWipeoutObj18.dbx
      c:\program files (x86)\Program Files\Common Files\Autodesk Shared\WebServices1.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ac1st18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcAnimationVideo.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcApp.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcBGPlot.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acblock.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acblockRes.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\acbr18.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acbrowse.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcCalcEngine.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcCalcUi.xml
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcCommandToolTips.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\acctrl.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\accui.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDashboard.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acdb18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\Acdbmgd.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDgnio.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDialogToolTips.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDim.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acdimx18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDmPropertyEditors.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDwfMarkupCore.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDwfMarkupUi.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDx.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDxNotify.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDxPublishUi.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDxViewer.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcDynInput.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\aceplotx.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcETransmit.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcETransmitUi.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcFdEval.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcFdUi.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acge18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\acgradient18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\acgs.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcGsConfig.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\achapi18.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcIdViewObj.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcInetUI.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\acismobj18.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acismui.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcLayer.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcLayerTools.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\Acmgd.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcMPolygonCom.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcMPolyGonMgd.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcMPolyGonObj18.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcOpmExt.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcPEXCtl.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcPi.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcPlDetails.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acPlotGui.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acpltstamp.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcProject18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcPropertySetters.xml
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcPTPCParser.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcPublish.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcSceneOE.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acsiui.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcSmDwgMine.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcStar.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcTaskDialogs.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcTc.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcTcUi.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\acui18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcUnderlay.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcUrlutl18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcUt.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcViewMgr.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\acvlobj.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcVMTools.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcWebDAV18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\acWebPublish.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcWindows.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcWipeoutObj18.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcXrefEsw.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcXrefService.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcXrefUtil.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AcXrefVaultUi.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ad18asm215.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\adapplicationframe.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\adctrls.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\addplwiz.exe
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdDwfPdk.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdDwfPdkAppSinklw.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdDwfPdkCommon.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdDwfPdkDLLongLW.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdDwfPdkEPlotCommon.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdDwfPdkEPlotCore.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdDwfPdkEPlotRenderer.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdDwfPdkImagingServices1.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\adfactry.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdFTP.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdImaging.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdIntImgServices.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\adui18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdWindows.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AdWindowsInterop.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecArchBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecArchDACHBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecAreaCalculationBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecBaseEx.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecbBldSrv.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecbCol.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecbElecBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecbHvacBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecbPartBase.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecbPipeBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecbPlumbingBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecbTools.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecLoader.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecModeler60.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecProjectBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecResMgr.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecResUi.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecSchedule.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecScheduleData.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecScript.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecSolidModeler.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecStructureBase.dbx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AecSystemTools.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\aecuibase.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\anav.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\apperr.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\architectural.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\architectural.mi
      c:\program files (x86)\Program Files\DWG TrueView 2010\AsdkPublishApi.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\AsdkPublishApi.tlb
      c:\program files (x86)\Program Files\DWG TrueView 2010\AsdkPublishRes.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMahl215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMbase215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMblnd215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMblnd215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMbool215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMconstrctobj215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMcovr215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMcstr215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMct215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMDatax215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMeulr215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMfct215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMga215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMHEAL215A.DLL
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMHEAL215B.DLL
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMIMPORT215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMIMPORT215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMintr215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMkern215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMlaw215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMlop215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMlopt215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMMATRIX215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMofst215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMOPER215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMOPER215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\asmrb215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMrbi215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMrem215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMsbool215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ASMSKIN215A.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\asmswp215B.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\asmtopt215a.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\axdb.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\BCSPSE.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\BzLocation.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\CER\client.css
      c:\program files (x86)\Program Files\DWG TrueView 2010\CER\img\Autodesk_logo_blue_TY.gif
      c:\program files (x86)\Program Files\DWG TrueView 2010\CER\img\connecting.gif
      c:\program files (x86)\Program Files\DWG TrueView 2010\color.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\dbghelp.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\dcutd3e38.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\dcuthlm38.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\ddelib.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\AcadDM10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\buffer10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\CalComp10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\dgwintbn.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\direct3d10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\dither10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\dwffont10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\dwfplot10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\Dwfxplot10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\dxb10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\eov10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\gdi10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\gdifont10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\gdiplot10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\hlr10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\hpgdi10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\hpgl10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\hpgl210.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\jitter10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\mentalray10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\monochrome10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\null10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\ocegdi10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\overhang10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\paint10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\pdffont10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\pdfplot10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\ps10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\raster10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\rblast10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\rfx10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\select10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\select3d10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\slide10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\szb10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\tuner10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\xes10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\Drv\xesgdi10.hdi
      c:\program files (x86)\Program Files\DWG TrueView 2010\dswhip.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\dunzip32.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\dwgaids.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\DWGVIEWR.exe.config
      c:\program files (x86)\Program Files\DWG TrueView 2010\dzip32.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\fontcap.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\@extfont2.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\AcadEref.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\aehalf.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\AMDTSymbols.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\amgdt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\amgdtans.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\bigfont.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\bold.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\Cdm.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\CDM_NC.SHX
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\chineset.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\complex.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\dim.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\extfont.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\extfont2.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\exthalf2.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\extslim2.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\g12f13.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\g13f12d.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\g13f12w.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\gbcbig.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\gbeitc.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\gbenor.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\GENISO.SHX
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\geniso12.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\GENLTSHP.SHX
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\GENPRESE.SHX
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\gothice.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\gothicg.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\gothici.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\greekc.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\greeks.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\hand1.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\iges1001.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\iges1002.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\iges1003.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\ISO.SHX
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\isocp.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\isocp2.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\isocp3.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\isoct.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\isoct2.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\isoct3.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\italic.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\ITALIC8.SHX
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\italicc.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\italict.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\monotxt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\MONOTXT8.SHX
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\romanc.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\romand.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\romans.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\romant.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\sas_____.pfb
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\scriptc.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\scripts.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\SIMPLEX8.SHX
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\spec_bar.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\spec_sl.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\special.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\syastro.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\symap.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\symath.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\symeteo.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\symusic.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\times.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\timesout.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\txt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\whgdtxt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\whgtxt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\whtgtxt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Fonts\whtmtxt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\GAC221\Autodesk.AutoCAD.Interop.Common.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\GAC222\Autodesk.AutoCAD.Interop.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\GAC223\Autodesk.AutoCAD.Interop.Common.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\GAC224\Autodesk.AutoCAD.Interop.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\GAC225\Autodesk.AutoCAD.Interop.Common.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\GAC226\Autodesk.AutoCAD.Interop.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\gdiplus.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\HaveDisk.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\hcreg10.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\heidi10.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\hpsetup.exe
      c:\program files (x86)\Program Files\DWG TrueView 2010\ManagedMC3.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\modlrrgn18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\Nexus.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\OGSDeviceDX9.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\OGSDevices.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\OGSObjects.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\OGSWin32Integration.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\oletohdi10.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\passwordUI.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\pc3edit.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\pc3exe.exe
      c:\program files (x86)\Program Files\DWG TrueView 2010\pdfnet.res
      c:\program files (x86)\Program Files\DWG TrueView 2010\PDFNetC.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\physpen.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\plcalwiz.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\plcfmgr.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\plotcfg10.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\plotgrad.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\pltcmdln.arx
      c:\program files (x86)\Program Files\DWG TrueView 2010\pm10.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\pmutil10.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\prntprog.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\PROJECTPOINTCLIENTLib.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\psizewiz.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\r14pskit.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\regDWGVIEWR18.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\resize.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\senddmp.exe
      c:\program files (x86)\Program Files\DWG TrueView 2010\sfttabac.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\sfxfe32.exe
      c:\program files (x86)\Program Files\DWG TrueView 2010\sfxfe32.exe.manifest
      c:\program files (x86)\Program Files\DWG TrueView 2010\shareMFC.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\styedit.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\styexe.exe
      c:\program files (x86)\Program Files\DWG TrueView 2010\styleeng.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\styshwiz.exe
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\africa.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\asia.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\aust.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\canada.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\europe.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\india.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\namer.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\samer.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\txt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\Support\world.map
      c:\program files (x86)\Program Files\DWG TrueView 2010\unicows.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\Unlocked\dwgviewr.exe
      c:\program files (x86)\Program Files\DWG TrueView 2010\UPI\UPI.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\UPI\UPICA.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\UPI\upiconfig.xml
      c:\program files (x86)\Program Files\DWG TrueView 2010\userdata.dll
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Default Windows System Printer.pc3
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\DWF6 ePlot.pc3
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\DWFx ePlot (XPS Compatible).pc3
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\DWG To PDF.pc3
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\acad.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\acad.stb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\Autodesk-Color.stb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\Autodesk-MONO.stb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\DWF Virtual Pens.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\DWGVIEWR.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\DWGVIEWR.stb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\Fill Patterns.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\Grayscale.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\monochrome.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\monochrome.stb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\Screening 100%.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\Screening 25%.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\Screening 50%.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\Plot Styles\Screening 75%.ctb
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\PMP Files\PublishToWeb JPG.pmp
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\PMP Files\PublishToWeb PNG.pmp
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\PublishToWeb JPG.pc3
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Plotters\PublishToWeb PNG.pc3
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\AcFields.fdc
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\AuthorPalette\AcApCatalog.atc
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\DWF6_ePlot_HiRes.pc3
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\dwgviewr.cuix
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\DWGVIEWR.fmp
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\DWGVIEWR.psf
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\gdt.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\Inches.pss
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\ltypeshp.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\MM.pss
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\Profiles\Unnamed Profile\Profile.aws
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Support\simplex.shx
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Template\PTWTemplates\Support\adsk_ptw_array_of_thumbnails.js
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Template\PTWTemplates\Support\adsk_ptw_contents_text.js
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Template\PTWTemplates\Support\adsk_ptw_image_and_idrop.js
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Template\PTWTemplates\Support\adsk_ptw_list_of_drawings.js
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Template\PTWTemplates\Support\adsk_ptw_page_description.js
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Template\PTWTemplates\Support\adsk_ptw_page_title.js
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Template\PTWTemplates\Support\adsk_ptw_validate_vview.js
      c:\program files (x86)\Program Files\DWG TrueView 2010\UserDataCache\Template\PTWTemplates\Support\iDropButton.gif
      c:\program files (x86)\Program Files\DWG TrueView 2010\xerces-c_2_8_AEC.dll
      c:\program files (x86)\Setup.exe
      c:\users\Daniel Rmz\Documents\~WRL0001.tmp
      c:\users\Daniel Rmz\Documents\~WRL0003.tmp
      c:\users\Daniel Rmz\Documents\~WRL0753.tmp
      c:\users\Daniel Rmz\Documents\~WRL1922.tmp
      c:\users\Daniel Rmz\Documents\~WRL2601.tmp
      c:\users\Public\sdelevURL.tmp
      c:\windows\assembly\GAC_64\Desktop.ini
      c:\windows\Downloaded Program Files\popcaploader.dll
      c:\windows\Downloaded Program Files\popcaploader.inf
      c:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\@
      c:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L\00000004.@
      c:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L\201d3dde
      c:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\L\76603ac3
      c:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U\00000008.@
      c:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U\000000cb.@
      c:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U\80000032.@
      c:\windows\Installer\{679f1631-04bc-87f6-12e2-e903a5b90c5b}\U\80000064.@
      c:\windows\SysWow64\muzapp.exe
      .
      Infected copy of c:\windows\system32\services.exe was found and disinfected
      Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-12-14 to 2013-01-14 )))))))))))))))))))))))))))))))
      .
      .
      2013-01-14 20:45 . 2013-01-14 20:45 -------- d-----w- c:\users\Daniel Rmz\AppData\Roaming\GlarySoft
      2013-01-14 20:42 . 2013-01-14 20:42 -------- d-----w- c:\program files (x86)\Glary Utilities
      2013-01-14 18:30 . 2013-01-14 18:34 -------- d-----w- C:\TDSSKiller_Quarantine
      2013-01-13 08:55 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC92C434-D1B4-41EE-8670-A1CF53F961A4}\mpengine.dll
      2013-01-04 03:57 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
      2013-01-04 03:57 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      2013-01-04 03:57 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
      2013-01-04 03:57 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
      2012-12-29 06:50 . 2012-12-29 06:50 -------- d-----w- c:\users\Daniel Rmz\AppData\Roaming\Malwarebytes
      2012-12-29 06:49 . 2012-12-29 06:49 -------- d-----w- c:\programdata\Malwarebytes
      2012-12-29 06:49 . 2012-12-29 06:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-12-29 06:49 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-12-29 06:30 . 2012-12-29 06:30 -------- d-----w- c:\program files\CCleaner
      2012-12-29 03:00 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
      2012-12-29 02:58 . 2012-12-29 09:08 -------- d-----w- c:\programdata\AVAST Software
      2012-12-29 02:58 . 2012-12-29 02:58 -------- d-----w- c:\program files\AVAST Software
      2012-12-29 01:31 . 2012-12-29 02:11 -------- d-----w- c:\users\Daniel Rmz\Doctor Web
      2012-12-27 05:31 . 2013-01-14 20:51 -------- d-----w- c:\windows\system32\wbem\repository
      2012-12-23 05:16 . 2012-12-23 05:16 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-12-23 05:16 . 2012-12-27 05:15 -------- d-----w- c:\windows\system32\Macromed
      2012-12-23 04:51 . 2012-12-27 05:15 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
      2012-12-23 04:45 . 2012-12-23 04:45 -------- d-----w- c:\users\Daniel Rmz\AppData\Roaming\HPAppData
      2012-12-23 04:44 . 2012-12-27 05:16 -------- d-----w- c:\program files (x86)\Mega Codec Pack
      2012-12-23 03:53 . 2012-12-26 05:58 -------- d-----w- c:\program files (x86)\MyFree Codec
      2012-12-23 03:25 . 2012-12-27 05:16 -------- d-----w- c:\program files (x86)\MarkAny
      2012-12-20 17:57 . 2012-12-27 05:16 -------- d-----w- c:\program files\iPod
      2012-12-20 17:57 . 2012-12-27 05:16 -------- d-----w- c:\program files (x86)\iTunes
      2012-12-20 17:57 . 2012-12-27 05:16 -------- d-----w- c:\program files\iTunes
      2012-12-20 17:57 . 2012-12-27 05:16 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
      2012-12-18 18:39 . 2012-12-29 07:54 -------- d-----w- C:\Temp
      2012-12-18 18:35 . 2012-12-27 05:15 -------- d-----w- c:\users\Daniel Rmz\AppData\Local\Samsung
      2012-12-18 18:35 . 2012-12-23 03:23 -------- d-----w- c:\users\Daniel Rmz\AppData\Roaming\Samsung
      2012-12-18 18:34 . 2012-12-18 18:19 80314880 ----a-w- c:\program files (x86)\Samsung Kies.msi
      2012-12-18 18:34 . 2012-09-20 04:35 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
      2012-12-18 18:34 . 2012-09-20 04:35 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
      2012-12-18 18:32 . 2012-11-28 20:18 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
      2012-12-18 18:32 . 2012-11-28 20:17 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
      2012-12-18 18:30 . 2012-12-18 18:33 -------- d-----w- c:\program files (x86)\Samsung
      2012-12-18 18:30 . 2012-12-18 18:32 -------- d-----w- c:\programdata\Samsung
      2012-12-18 17:59 . 2012-03-30 19:41 83560 ----a-w- c:\programdata\Microsoft\BingDesktop\Updater\BingDesktopRestarter.exe
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-12-23 05:16 . 2011-06-21 04:23 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-12-12 01:02 . 2009-12-24 06:31 67413224 ----a-w- c:\windows\system32\MRT.exe
      2012-12-04 18:25 . 2012-12-04 18:25 466456 ----a-w- c:\windows\system32\wrap_oal.dll
      2012-12-04 18:25 . 2012-12-04 18:25 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
      2012-12-04 18:25 . 2012-12-04 18:25 122904 ----a-w- c:\windows\system32\OpenAL32.dll
      2012-12-04 18:25 . 2012-12-04 18:25 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
      2012-11-28 20:17 . 2012-11-28 20:17 90112 ----a-w- c:\windows\MAMCityDownload.ocx
      2012-11-28 20:17 . 2012-11-28 20:17 330240 ----a-w- c:\windows\MASetupCaller.dll
      2012-11-28 20:17 . 2012-11-28 20:17 30568 ----a-w- c:\windows\MusiccityDownload.exe
      2012-11-28 20:17 . 2012-11-28 20:17 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
      2012-11-28 20:17 . 2012-11-28 20:17 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
      2012-11-28 20:17 . 2012-11-28 20:17 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
      2012-11-28 20:17 . 2012-11-28 20:17 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
      2012-11-28 20:17 . 2012-11-28 20:17 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
      2012-11-28 20:17 . 2012-11-28 20:17 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
      2012-11-28 20:17 . 2012-11-28 20:17 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
      2012-11-28 20:17 . 2012-11-28 20:17 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
      2012-11-28 20:17 . 2012-11-28 20:17 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
      2012-11-28 20:17 . 2012-11-28 20:17 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
      2012-11-28 20:17 . 2012-11-28 20:17 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
      2012-11-28 20:17 . 2012-11-28 20:17 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
      2012-11-28 20:17 . 2012-11-28 20:17 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
      2012-11-28 20:17 . 2012-11-28 20:17 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
      2012-11-28 20:17 . 2012-11-28 20:17 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
      2012-11-28 20:17 . 2012-11-28 20:17 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
      2012-11-28 20:17 . 2012-11-28 20:17 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
      2012-11-28 20:17 . 2012-11-28 20:17 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
      2012-11-28 20:17 . 2012-11-28 20:17 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
      2012-11-28 20:17 . 2012-11-28 20:17 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
      2012-11-28 20:17 . 2012-11-28 20:17 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
      2012-11-28 20:17 . 2012-11-28 20:17 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
      2012-11-28 20:17 . 2012-11-28 20:17 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
      2012-11-28 20:17 . 2012-11-28 20:17 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
      2012-11-28 20:17 . 2012-11-28 20:17 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
      2012-11-22 03:26 . 2012-12-11 22:51 3149824 ----a-w- c:\windows\system32\win32k.sys
      2012-11-14 07:06 . 2012-12-12 01:00 17811968 ----a-w- c:\windows\system32\mshtml.dll
      2012-11-14 06:32 . 2012-12-12 01:00 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-11-14 06:11 . 2012-12-12 01:00 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-11-14 06:04 . 2012-12-12 01:00 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-11-14 06:04 . 2012-12-12 01:00 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-11-14 06:02 . 2012-12-12 01:00 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-11-14 06:02 . 2012-12-12 01:00 237056 ----a-w- c:\windows\system32\url.dll
      2012-11-14 05:59 . 2012-12-12 01:00 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-11-14 05:58 . 2012-12-12 01:00 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-11-14 05:57 . 2012-12-12 01:00 599040 ----a-w- c:\windows\system32\vbscript.dll
      2012-11-14 05:57 . 2012-12-12 01:00 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-11-14 05:55 . 2012-12-12 01:00 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-11-14 05:55 . 2012-12-12 01:00 729088 ----a-w- c:\windows\system32\msfeeds.dll
      2012-11-14 05:53 . 2012-12-12 01:00 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-11-14 05:52 . 2012-12-12 01:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-11-14 05:46 . 2012-12-12 01:00 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-11-14 02:09 . 2012-12-12 01:00 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-11-14 01:58 . 2012-12-12 01:00 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-11-14 01:57 . 2012-12-12 01:00 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-11-14 01:49 . 2012-12-12 01:00 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-11-14 01:48 . 2012-12-12 01:00 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-11-14 01:44 . 2012-12-12 01:00 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-11-09 05:45 . 2012-12-11 22:53 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-11-09 04:42 . 2012-12-11 22:53 2048 ----a-w- c:\windows\SysWow64\tzres.dll
      2012-11-02 05:59 . 2012-12-11 22:51 478208 ----a-w- c:\windows\system32\dpnet.dll
      2012-11-02 05:11 . 2012-12-11 22:51 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
      2012-10-25 19:09 . 2012-10-25 19:09 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-10-25 19:08 . 2012-09-17 21:29 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
      2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
      2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
      2009-02-09 11:00 . 2010-11-04 17:19 4912128 ----a-w- c:\program files (x86)\DWGVIEWR.msi
      2009-02-09 11:00 . 2010-11-04 17:19 3584 ----a-w- c:\program files (x86)\AcSetupRes.dll
      2009-02-09 07:14 . 2010-11-04 17:19 87704 ----a-w- c:\program files (x86)\AcSetup.dll
      2009-02-04 04:39 . 2010-11-04 17:19 674664 ----a-w- c:\program files (x86)\SetupUi.dll
      2009-02-04 04:39 . 2010-11-04 17:19 672616 ----a-w- c:\program files (x86)\SetupAcadUi.dll
      2009-02-04 04:39 . 2010-11-04 17:19 664424 ----a-w- c:\program files (x86)\SetupRes.dll
      2009-02-04 04:39 . 2010-11-04 17:19 106344 ----a-w- c:\program files (x86)\LiteHtml.dll
      2009-02-04 04:39 . 2010-11-04 17:19 161640 ----a-w- c:\program files (x86)\AcDelTree.exe
      2008-12-03 08:56 . 2010-11-04 17:19 1477912 ----a-w- c:\program files (x86)\ProjectPointClient.dll
      2008-12-03 08:07 . 2010-11-04 17:19 62464 ----a-w- c:\program files (x86)\PPZlib123.dll
      2008-12-03 08:06 . 2010-11-04 17:19 1407488 ----a-w- c:\program files (x86)\xerces-c_1_6_0.dll
      2007-11-07 07:19 . 2010-11-04 17:19 655872 ----a-w- c:\program files (x86)\msvcr90.dll
      2007-11-07 07:19 . 2010-11-04 17:19 568832 ----a-w- c:\program files (x86)\msvcp90.dll
      2007-11-07 02:23 . 2010-11-04 17:19 224768 ----a-w- c:\program files (x86)\msvcm90.dll
      2004-05-04 17:53 . 2010-11-04 17:19 1645320 ----a-w- c:\program files (x86)\gdiplus.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\Daniel Rmz\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\Daniel Rmz\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\Daniel Rmz\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-03 39408]
      .
      c:\users\Daniel Rmz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dropbox.lnk - c:\users\Daniel Rmz\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-28 28539392]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      R1 hakhvpea;hakhvpea;c:\windows\system32\drivers\hakhvpea.sys [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
      R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
      R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
      R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-01-17 79360]
      R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
      R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-09-11 14448]
      R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
      R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
      R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
      R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
      R3 RoxMediaDB12;RoxMediaDB12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656]
      R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
      R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
      R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
      R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-09-17 137560]
      R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
      R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-06 1255736]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
      S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [2009-06-02 27120]
      S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [2009-06-02 19952]
      S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
      S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-30 14784]
      S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
      S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-09-11 136584]
      S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [2009-06-02 27632]
      S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [2009-06-03 457200]
      S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-11-22 166424]
      S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
      S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
      S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
      S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-09-11 735960]
      S2 EMP_UDSA;EMP_UDSA;c:\program files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [2010-06-09 104424]
      S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-09-11 44944]
      S2 lxbv_device;lxbv_device;c:\windows\system32\lxbvcoms.exe [2007-04-25 566704]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
      S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-03-31 80896]
      S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
      S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-07-29 81408]
      S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-07-05 55808]
      S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-12 252272]
      S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
      S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
      S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
      S3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2011-07-06 1148288]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
      S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
      S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
      hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
      2009-08-06 16:15 264048 ----a-w- c:\program files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-01-14 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 05:16]
      .
      2013-01-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273612700-1701634972-4178638160-1000Core.job
      - c:\users\Daniel Rmz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-25 21:15]
      .
      2013-01-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273612700-1701634972-4178638160-1000UA.job
      - c:\users\Daniel Rmz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-25 21:15]
      .
      2013-01-14 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2013-01-14 06:26]
      .
      2013-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-05 05:12]
      .
      2013-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-05 05:12]
      .
      2013-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273612700-1701634972-4178638160-1000Core.job
      - c:\users\Daniel Rmz\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-19 05:12]
      .
      2013-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273612700-1701634972-4178638160-1000UA.job
      - c:\users\Daniel Rmz\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-19 05:12]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
      @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
      [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
      2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
      @="{64174815-8D98-4CE6-8646-4C039977D808}"
      [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
      2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
      @="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
      [HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
      2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\Daniel Rmz\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\Daniel Rmz\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\Daniel Rmz\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\Daniel Rmz\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2716216]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
      mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
      mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = local;<local>
      IE: Display All Images with Full Quality - "c:\program files (x86)\NetZero\qsacc\appres.dll/228"
      IE: Display Image with Full Quality - "c:\program files (x86)\NetZero\qsacc\appres.dll/227"
      IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
      IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
      TCP: DhcpNameServer = 201.167.125.2 8.8.8.8 200.53.250.1 201.130.193.15
      TCP: Interfaces\{D8AA09B9-0800-4210-A6D9-964040DFC688}: DhcpNameServer = 201.167.125.2 8.8.8.8 200.53.250.1 201.130.193.15
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      Toolbar-Locked - (no file)
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
      @="?????????????????? v1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
      @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
      @="?????????????????? v2"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
      @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2013-01-14 15:12:35
      ComboFix-quarantined-files.txt 2013-01-14 21:12
      .
      Pre-Run: 55,458,045,952 bytes free
      Post-Run: 55,276,171,264 bytes free
      .
      - - End Of File - - B38B61586CA01269FDB76493B22F7E8E

    7. #7
      Usuario Avatar de Daniel Rmz
      Registrado
      ene 2013
      Mensajes
      6

      Re: Tengo muchos Trojanos, ya no se que hacer!

      Siento mucho haberlo mandado en partes, pero no me dejaba mandarlo en uno solo por que eran muchos caracteres.... Espero que este todo bien, mil gracias por los consejos!!

    8. #8
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Tengo muchos Trojanos, ya no se que hacer!

      Hola

      Desinstalá CF de la siguiente manera:
      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /Uninstall como muestra la imagen debajo:

      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")



      Si No podes desinstalalrlo asì, Descargá OTC.exe en el escritorio.

      Lo ejecutás y presionás Cleanup para Desinstalar ComboFix y sus carpetas creadas.

      Eso reiniciará tu pc.






      Descargá ESET Smart Installer

      º Lo ejecutás, Aceptas los Términos de Uso y le das a Iniciar.

      º Marcas las casillas Eliminar las amenazas detectadas y analizar archivos.

      º Haces clic en Configuración adicional y ahi marcas las casillas:

      Analizar en busca de aplicaciones potencialmente indeseables,
      Analizar en busca de aplicaciones potencialmente peligrosas
      Activar la tecnoligía Anti-Stealth.

      º Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Cuandotermine, hacé clic en Finalizar

      El reporte generado se localiza en C:\Archivos de programa\ESET\ESET Online Scanner\log


      En tu próxima respuesta, pones el reporte generado.


      Saludos.
      Síguenos en Twitter y hazte nuestro amigo en Facebook.