• Registrarse
  • Iniciar sesión


  • Resultados 1 al 10 de 10

    services.exe y sirefef2

    buenos dias mi problema esta en que hace unos 3 dias descarge un juego y mi gran sorpresa fue que venia con compañia yo tenia ESET nod 32 pero hace un tiempo no quiera actualizar ...

    1. #1
      Usuario Avatar de Matheo Londoño
      Registrado
      ene 2013
      Mensajes
      5

      Malware services.exe y sirefef2

      buenos dias

      mi problema esta en que hace unos 3 dias descarge un juego y mi gran sorpresa fue que venia con compañia
      yo tenia ESET nod 32 pero hace un tiempo no quiera actualizar y pudo detener que los virus se expandieran pero no pudo borrarlos.
      ya he intentado muchas cosas, avast, el nod 32, panda cloud cleaner. Estaba pensando en usar combo fix pero lei que necesitaba ser supervisado y pues... por eso estoy aqui


      ahi hay esta el sirefef2 que lo encontro panda cloud cleaner

      ohh... y el services.exe al parecer crea virus que hace que avast me avise que hay virus cada minutos (es muy molesto!! ) asi que por favor ayudenmen!! no quiero formatear mi pc porque tendria que guardar todo en dvds y bueno... serian muchos dvds por favor.... diganmen que hacer y lo hare!

    2. #2
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      re: services.exe y sirefef2

      Hola! realizalo siguiente:

      Primero ejecuta esta herramienta:

      Descarga

      Rkill (Disfrazado de Winlogon)

      1. Ejecuta Rkill (de usar windows vista o 7 ejecútalo como administrador) de preferencia colocandolo en el escriotrio primero .
        ICONO----> .

      2. Aparecera una ventana negra (si tienes que esperar hazlo) que indicara que la herramienta se ha ejecutado con exito. Si no sucede vuelve a ejecutarlo hasta que se ejecute correctamente (de ser necesario insiste, este paso es importante)

      3. Traes el reporte de Rkill (c:\rkill.log)
      Luego sigue esta GUIA

      Eliminar Rootkit.ZeroAccess - Sirefef (Mediashifting - Abnow)

      saludos

    3. #3
      Usuario Avatar de Matheo Londoño
      Registrado
      ene 2013
      Mensajes
      5

      re: services.exe y sirefef2

      ohh!!! gracias!! estaba esperando que respondieran :) gracias por responder rapido ^^ de verdad estoy de nervios porque saca a cada rato 5 virus... voy a hacer eso y ya subo el reporte gracias!!!!

      ::::::::RESULTADOS:::::::::

      Rkill 2.4.6 by Lawrence Abrams (Grinler)
      http://www.bleepingcomputer.com/
      Copyright 2008-2013 BleepingComputer.com
      More Information about Rkill can be found at this link:
      http://www.bleepingcomputer.com/forums/topic308364.html

      Program started at: 01/25/2013 10:51:26 AM in x64 mode.
      Windows Version: Windows 7 Home Basic Service Pack 1

      Checking for Windows services to stop:

      * No malware services found to stop.

      Checking for processes to terminate:

      * No malware processes found to kill.

      Possibly Patched Files.

      * C:\windows\system32\services.exe

      Checking Registry for malware related settings:

      * No issues found in the Registry.

      Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

      Performing miscellaneous checks:
      * C:\windows\assembly\GAC_32\Desktop.ini [ZA File]
      * C:\windows\assembly\GAC_64\Desktop.ini [ZA File]

      Checking Windows Service Integrity:

      * Controlador de autorización de Firewall de Windows (mpsdrv) is not Running.
      Startup Type set to: Manual

      * BFE [Missing Service]
      * BITS [Missing Service]
      * iphlpsvc [Missing Service]
      * MpsSvc [Missing Service]
      * WinDefend [Missing Service]
      * wscsvc [Missing Service]
      * wuauserv [Missing Service]

      * SharedAccess [Missing ImagePath]

      Searching for Missing Digital Signatures:

      * C:\windows\System32\services.exe [NoSig]
      +-> C:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe : 328.704 : 07/13/2009 08:39 PM : 24acb7e5be595468e3b9aa488b9b4fcb [Pos Repl]

      Checking HOSTS File:

      * No issues found.

      Program finished at: 01/25/2013 10:54:52 AM
      Execution time: 0 hours(s), 3 minute(s), and 25 seconds(s)

      :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

      eso fue lo que me salio
      Última edición por Matheo Londoño fecha: 25/01/13 a las 11:57:43

    4. #4
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      re: services.exe y sirefef2

      Cita Originalmente publicado por Matheo Londoño Ver Mensaje
      ohh!!! gracias!! estaba esperando que respondieran :) gracias por responder rapido ^^ de verdad estoy de nervios porque saca a cada rato 5 virus... voy a hacer eso y ya subo el reporte gracias!!!!
      Si amigio! xD! manten la calma y ten FE

    5. #5
      Usuario Avatar de Matheo Londoño
      Registrado
      ene 2013
      Mensajes
      5

      re: services.exe y sirefef2

      bueno use el MBAM y esto salio

      Malwarebytes Anti-Malware (Versión de Prueba) 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.01.25.05

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Lenovo :: LENOVO-PC [administrador]

      Protección: Habilitado

      25/01/2013 10:19:39 a.m.
      MBAM-log-2013-01-25 (12-35-10).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 576933
      Tiempo transcurrido: 2 hora(s), 7 minuto(s), 33 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 6
      C:\Program Files (x86)\Magicka\TDU2k.exe (Packer.ModifiedUPX) -> No se tomaron medidas.
      C:\Program Files (x86)\Shank 2\TDU2k.exe (Packer.ModifiedUPX) -> No se tomaron medidas.
      C:\Users\Lenovo\Downloads\winrar\Winrar\WinRAR_4.1.65_SetUp.exe (Spyware.Agent) -> No se tomaron medidas.
      C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> No se tomaron medidas.
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected] (Trojan.Dropper.BCMiner) -> No se tomaron medidas.
      C:\Users\Lenovo\Desktop\WiNlOgOn.exe (Heuristics.Reserved.Word.Exploit) -> No se tomaron medidas.

      fin)

      tambien use el TDSSKiller y pues... no se todavia me da aviso de que hay virus

    6. #6
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      re: services.exe y sirefef2

      Hola! pero NO HAS ELIMINADO LAS AMENAZAS elimina todo lo que encuentre el malwarebytes

      Saludos

      NOTA: si el reporte de TDSS es muy largo usa 2/3 respuestas

    7. #7
      Usuario Avatar de Matheo Londoño
      Registrado
      ene 2013
      Mensajes
      5

      re: services.exe y sirefef2

      13:14:06.0312 2496 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      13:14:07.0186 2496 ============================================================
      13:14:07.0186 2496 Current date / time: 2013/01/25 13:14:07.0186
      13:14:07.0186 2496 SystemInfo:
      13:14:07.0186 2496
      13:14:07.0186 2496 OS Version: 6.1.7601 ServicePack: 1.0
      13:14:07.0186 2496 Product type: Workstation
      13:14:07.0186 2496 ComputerName: LENOVO-PC
      13:14:07.0186 2496 UserName: Lenovo
      13:14:07.0186 2496 Windows directory: C:\windows
      13:14:07.0186 2496 System windows directory: C:\windows
      13:14:07.0186 2496 Running under WOW64
      13:14:07.0186 2496 Processor architecture: Intel x64
      13:14:07.0186 2496 Number of processors: 4
      13:14:07.0186 2496 Page size: 0x1000
      13:14:07.0186 2496 Boot type: Normal boot
      13:14:07.0186 2496 ============================================================
      13:14:08.0465 2496 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      13:14:08.0465 2496 ============================================================
      13:14:08.0465 2496 \Device\Harddisk0\DR0:
      13:14:08.0465 2496 MBR partitions:
      13:14:08.0465 2496 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
      13:14:08.0465 2496 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x44D40000
      13:14:08.0496 2496 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x44DA5000, BlocksNum 0x3D30800
      13:14:08.0496 2496 ============================================================
      13:14:08.0590 2496 C: <-> \Device\Harddisk0\DR0\Partition2
      13:14:08.0746 2496 D: <-> \Device\Harddisk0\DR0\Partition3
      13:14:08.0746 2496 ============================================================
      13:14:08.0746 2496 Initialize success
      13:14:08.0746 2496 ============================================================
      13:14:10.0789 4100 ============================================================
      13:14:10.0789 4100 Scan started
      13:14:10.0789 4100 Mode: Manual;
      13:14:10.0789 4100 ============================================================
      13:14:11.0663 4100 ================ Scan system memory ========================
      13:14:11.0663 4100 System memory - ok
      13:14:11.0663 4100 ================ Scan services =============================
      13:14:12.0178 4100 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
      13:14:12.0178 4100 1394ohci - ok
      13:14:12.0256 4100 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
      13:14:12.0256 4100 ACPI - ok
      13:14:12.0303 4100 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
      13:14:12.0303 4100 AcpiPmi - ok
      13:14:12.0349 4100 [ 5BBFF8B826EC38D32C26334E079C7EFC ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
      13:14:12.0349 4100 ACPIVPC - ok
      13:14:12.0599 4100 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      13:14:12.0599 4100 AdobeARMservice - ok
      13:14:13.0083 4100 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      13:14:13.0083 4100 AdobeFlashPlayerUpdateSvc - ok
      13:14:13.0363 4100 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
      13:14:13.0363 4100 adp94xx - ok
      13:14:13.0551 4100 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
      13:14:13.0566 4100 adpahci - ok
      13:14:13.0566 4100 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
      13:14:13.0566 4100 adpu320 - ok
      13:14:13.0629 4100 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
      13:14:13.0629 4100 AeLookupSvc - ok
      13:14:13.0800 4100 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
      13:14:13.0800 4100 AFD - ok
      13:14:13.0909 4100 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
      13:14:13.0909 4100 agp440 - ok
      13:14:14.0003 4100 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
      13:14:14.0003 4100 ALG - ok
      13:14:14.0143 4100 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
      13:14:14.0143 4100 aliide - ok
      13:14:14.0221 4100 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
      13:14:14.0237 4100 amdide - ok
      13:14:14.0315 4100 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
      13:14:14.0315 4100 AmdK8 - ok
      13:14:14.0331 4100 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
      13:14:14.0331 4100 AmdPPM - ok
      13:14:14.0455 4100 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
      13:14:14.0455 4100 amdsata - ok
      13:14:14.0580 4100 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
      13:14:14.0580 4100 amdsbs - ok
      13:14:14.0689 4100 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
      13:14:14.0689 4100 amdxata - ok
      13:14:14.0845 4100 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
      13:14:14.0861 4100 AppID - ok
      13:14:14.0908 4100 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
      13:14:14.0923 4100 AppIDSvc - ok
      13:14:15.0033 4100 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
      13:14:15.0064 4100 Appinfo - ok
      13:14:15.0157 4100 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
      13:14:15.0157 4100 arc - ok
      13:14:15.0157 4100 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
      13:14:15.0157 4100 arcsas - ok
      13:14:15.0391 4100 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
      13:14:15.0391 4100 aspnet_state - ok
      13:14:15.0563 4100 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
      13:14:15.0563 4100 aswFsBlk - ok
      13:14:15.0781 4100 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
      13:14:15.0781 4100 aswMonFlt - ok
      13:14:15.0797 4100 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
      13:14:15.0797 4100 aswRdr - ok
      13:14:15.0859 4100 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
      13:14:15.0859 4100 aswSnx - ok
      13:14:15.0906 4100 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
      13:14:15.0906 4100 aswSP - ok
      13:14:15.0922 4100 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
      13:14:15.0922 4100 aswTdi - ok
      13:14:15.0984 4100 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
      13:14:15.0984 4100 AsyncMac - ok
      13:14:16.0093 4100 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
      13:14:16.0093 4100 atapi - ok
      13:14:16.0171 4100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
      13:14:16.0171 4100 AudioEndpointBuilder - ok
      13:14:16.0187 4100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
      13:14:16.0187 4100 AudioSrv - ok
      13:14:16.0312 4100 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      13:14:16.0327 4100 avast! Antivirus - ok
      13:14:16.0390 4100 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
      13:14:16.0390 4100 AxInstSV - ok
      13:14:16.0452 4100 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
      13:14:16.0468 4100 b06bdrv - ok
      13:14:16.0499 4100 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
      13:14:16.0499 4100 b57nd60a - ok
      13:14:16.0546 4100 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
      13:14:16.0546 4100 BDESVC - ok
      13:14:16.0562 4100 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
      13:14:16.0562 4100 Beep - ok
      13:14:16.0593 4100 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
      13:14:16.0593 4100 blbdrive - ok
      13:14:16.0671 4100 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
      13:14:16.0671 4100 bowser - ok
      13:14:16.0702 4100 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\windows\system32\drivers\BPntDrv.sys
      13:14:16.0702 4100 BPntDrv - ok
      13:14:16.0749 4100 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
      13:14:16.0749 4100 BrFiltLo - ok
      13:14:16.0749 4100 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
      13:14:16.0749 4100 BrFiltUp - ok
      13:14:16.0780 4100 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
      13:14:16.0780 4100 Browser - ok
      13:14:16.0796 4100 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
      13:14:16.0796 4100 Brserid - ok
      13:14:16.0796 4100 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
      13:14:16.0796 4100 BrSerWdm - ok
      13:14:16.0811 4100 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
      13:14:16.0811 4100 BrUsbMdm - ok
      13:14:16.0827 4100 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
      13:14:16.0827 4100 BrUsbSer - ok
      13:14:16.0858 4100 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
      13:14:16.0858 4100 BthEnum - ok
      13:14:16.0889 4100 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
      13:14:16.0889 4100 BTHMODEM - ok
      13:14:16.0920 4100 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
      13:14:16.0920 4100 BthPan - ok
      13:14:16.0967 4100 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
      13:14:16.0967 4100 BTHPORT - ok
      13:14:16.0998 4100 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
      13:14:16.0998 4100 bthserv - ok
      13:14:17.0014 4100 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
      13:14:17.0030 4100 BTHUSB - ok
      13:14:17.0108 4100 [ 9DE56FA4533E485AE5409D3C11747143 ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys
      13:14:17.0108 4100 BTWAMPFL - ok
      13:14:17.0108 4100 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
      13:14:17.0108 4100 btwaudio - ok
      13:14:17.0139 4100 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
      13:14:17.0139 4100 btwavdt - ok
      13:14:17.0451 4100 [ 7987FFFDA812ABC69047D1B029D446A2 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
      13:14:17.0498 4100 btwdins - ok
      13:14:17.0544 4100 [ E8D2BCD080EA91E74775B9F5EA051F97 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
      13:14:17.0544 4100 btwl2cap - ok
      13:14:17.0576 4100 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
      13:14:17.0576 4100 btwrchid - ok
      13:14:17.0638 4100 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
      13:14:17.0638 4100 cdfs - ok
      13:14:17.0685 4100 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
      13:14:17.0685 4100 cdrom - ok
      13:14:17.0747 4100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
      13:14:17.0747 4100 CertPropSvc - ok
      13:14:17.0810 4100 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
      13:14:17.0810 4100 circlass - ok
      13:14:17.0841 4100 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
      13:14:17.0841 4100 CLFS - ok
      13:14:18.0168 4100 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      13:14:18.0168 4100 clr_optimization_v2.0.50727_32 - ok
      13:14:18.0246 4100 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      13:14:18.0262 4100 clr_optimization_v2.0.50727_64 - ok
      13:14:18.0356 4100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      13:14:18.0356 4100 clr_optimization_v4.0.30319_32 - ok
      13:14:18.0465 4100 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      13:14:18.0465 4100 clr_optimization_v4.0.30319_64 - ok
      13:14:18.0512 4100 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
      13:14:18.0512 4100 clwvd - ok
      13:14:18.0543 4100 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
      13:14:18.0543 4100 CmBatt - ok
      13:14:18.0574 4100 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
      13:14:18.0574 4100 cmdide - ok
      13:14:18.0621 4100 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
      13:14:18.0621 4100 CNG - ok
      13:14:18.0668 4100 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
      13:14:18.0668 4100 Compbatt - ok
      13:14:18.0714 4100 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
      13:14:18.0714 4100 CompositeBus - ok
      13:14:18.0730 4100 COMSysApp - ok
      13:14:18.0746 4100 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
      13:14:18.0746 4100 crcdisk - ok
      13:14:18.0870 4100 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
      13:14:18.0870 4100 CryptSvc - ok
      13:14:18.0933 4100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
      13:14:18.0948 4100 DcomLaunch - ok
      13:14:18.0980 4100 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
      13:14:18.0980 4100 defragsvc - ok
      13:14:19.0026 4100 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
      13:14:19.0026 4100 DfsC - ok
      13:14:19.0089 4100 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
      13:14:19.0089 4100 Dhcp - ok
      13:14:19.0120 4100 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
      13:14:19.0120 4100 discache - ok
      13:14:19.0136 4100 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
      13:14:19.0136 4100 Disk - ok
      13:14:19.0167 4100 [ 37C936FF32950D4235F6C71ACEC54B65 ] diskperf64 C:\windows\system32\DRIVERS\diskperf64.sys
      13:14:19.0167 4100 diskperf64 - ok
      13:14:19.0276 4100 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
      13:14:19.0292 4100 Dnscache - ok
      13:14:19.0338 4100 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
      13:14:19.0354 4100 dot3svc - ok
      13:14:19.0416 4100 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
      13:14:19.0416 4100 DPS - ok
      13:14:19.0479 4100 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
      13:14:19.0479 4100 drmkaud - ok
      13:14:19.0510 4100 [ 9F98D7AFA293947A0DFC6FFD4671FE70 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
      13:14:19.0510 4100 dtsoftbus01 - ok
      13:14:19.0697 4100 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
      13:14:19.0697 4100 DXGKrnl - ok
      13:14:19.0728 4100 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
      13:14:19.0744 4100 EapHost - ok
      13:14:20.0056 4100 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
      13:14:20.0118 4100 ebdrv - ok
      13:14:20.0181 4100 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
      13:14:20.0181 4100 EFS - ok
      13:14:20.0352 4100 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
      13:14:20.0368 4100 elxstor - ok
      13:14:20.0430 4100 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
      13:14:20.0430 4100 ErrDev - ok
      13:14:20.0493 4100 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
      13:14:20.0493 4100 EventSystem - ok
      13:14:20.0633 4100 [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      13:14:20.0820 4100 EvtEng - ok
      13:14:20.0836 4100 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
      13:14:20.0852 4100 exfat - ok
      13:14:20.0883 4100 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
      13:14:20.0883 4100 fastfat - ok
      13:14:21.0070 4100 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
      13:14:21.0070 4100 Fax - ok
      13:14:21.0117 4100 [ 3191ACA33088EE2481044FC0DB736442 ] fbfmon C:\windows\system32\drivers\fbfmon.sys
      13:14:21.0117 4100 fbfmon - ok
      13:14:21.0148 4100 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
      13:14:21.0148 4100 fdc - ok
      13:14:21.0179 4100 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
      13:14:21.0195 4100 fdPHost - ok
      13:14:21.0195 4100 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
      13:14:21.0195 4100 FDResPub - ok
      13:14:21.0226 4100 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
      13:14:21.0226 4100 FileInfo - ok
      13:14:21.0242 4100 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
      13:14:21.0242 4100 Filetrace - ok
      13:14:21.0242 4100 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
      13:14:21.0242 4100 flpydisk - ok
      13:14:21.0288 4100 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
      13:14:21.0304 4100 FltMgr - ok
      13:14:21.0351 4100 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
      13:14:21.0382 4100 FontCache - ok
      13:14:21.0491 4100 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      13:14:21.0507 4100 FontCache3.0.0.0 - ok
      13:14:21.0538 4100 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
      13:14:21.0538 4100 FsDepends - ok
      13:14:21.0569 4100 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
      13:14:21.0569 4100 Fs_Rec - ok
      13:14:21.0632 4100 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
      13:14:21.0632 4100 fvevol - ok
      13:14:21.0663 4100 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
      13:14:21.0663 4100 gagp30kx - ok
      13:14:21.0725 4100 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
      13:14:21.0725 4100 gpsvc - ok
      13:14:21.0881 4100 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      13:14:21.0881 4100 gupdate - ok
      13:14:21.0881 4100 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      13:14:21.0897 4100 gupdatem - ok
      13:14:21.0928 4100 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
      13:14:21.0928 4100 hcw85cir - ok
      13:14:22.0084 4100 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
      13:14:22.0100 4100 HdAudAddService - ok
      13:14:22.0162 4100 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
      13:14:22.0162 4100 HDAudBus - ok
      13:14:22.0193 4100 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
      13:14:22.0193 4100 HidBatt - ok
      13:14:22.0224 4100 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
      13:14:22.0224 4100 HidBth - ok
      13:14:22.0240 4100 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
      13:14:22.0240 4100 HidIr - ok
      13:14:22.0271 4100 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
      13:14:22.0271 4100 hidserv - ok
      13:14:22.0334 4100 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
      13:14:22.0334 4100 HidUsb - ok
      13:14:22.0380 4100 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
      13:14:22.0396 4100 hkmsvc - ok
      13:14:22.0427 4100 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
      13:14:22.0443 4100 HomeGroupListener - ok
      13:14:22.0490 4100 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
      13:14:22.0490 4100 HomeGroupProvider - ok
      13:14:22.0521 4100 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
      13:14:22.0536 4100 HpSAMD - ok
      13:14:22.0599 4100 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
      13:14:22.0599 4100 HTTP - ok
      13:14:22.0661 4100 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
      13:14:22.0661 4100 hwpolicy - ok
      13:14:22.0708 4100 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
      13:14:22.0708 4100 i8042prt - ok
      13:14:22.0755 4100 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
      13:14:22.0755 4100 iaStor - ok
      13:14:22.0802 4100 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
      13:14:22.0802 4100 iaStorV - ok
      13:14:22.0911 4100 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      13:14:22.0911 4100 idsvc - ok
      13:14:23.0441 4100 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
      13:14:23.0644 4100 igfx - ok
      13:14:23.0691 4100 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
      13:14:23.0691 4100 iirsp - ok
      13:14:23.0769 4100 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
      13:14:23.0769 4100 IKEEXT - ok
      13:14:23.0894 4100 [ 72A253EFCA059D8CF303371255624890 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
      13:14:23.0894 4100 IntcAzAudAddService - ok
      13:14:23.0987 4100 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
      13:14:24.0003 4100 IntcDAud - ok
      13:14:24.0034 4100 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
      13:14:24.0050 4100 intelide - ok
      13:14:24.0065 4100 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
      13:14:24.0065 4100 intelppm - ok
      13:14:24.0096 4100 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
      13:14:24.0096 4100 IPBusEnum - ok
      13:14:24.0143 4100 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
      13:14:24.0143 4100 IpFilterDriver - ok
      13:14:24.0190 4100 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
      13:14:24.0190 4100 IPMIDRV - ok
      13:14:24.0237 4100 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
      13:14:24.0237 4100 IPNAT - ok
      13:14:24.0252 4100 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
      13:14:24.0268 4100 IRENUM - ok
      13:14:24.0284 4100 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
      13:14:24.0284 4100 isapnp - ok
      13:14:24.0299 4100 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
      13:14:24.0315 4100 iScsiPrt - ok
      13:14:24.0346 4100 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
      13:14:24.0346 4100 k57nd60a - ok
      13:14:24.0377 4100 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
      13:14:24.0377 4100 kbdclass - ok
      13:14:24.0408 4100 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
      13:14:24.0408 4100 kbdhid - ok
      13:14:24.0424 4100 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
      13:14:24.0424 4100 KeyIso - ok
      13:14:24.0471 4100 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
      13:14:24.0471 4100 KSecDD - ok
      13:14:24.0471 4100 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
      13:14:24.0471 4100 KSecPkg - ok
      13:14:24.0486 4100 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
      13:14:24.0502 4100 ksthunk - ok
      13:14:24.0564 4100 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
      13:14:24.0564 4100 KtmRm - ok
      13:14:24.0658 4100 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
      13:14:24.0658 4100 LanmanServer - ok
      13:14:24.0705 4100 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
      13:14:24.0705 4100 LanmanWorkstation - ok
      13:14:24.0720 4100 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
      13:14:24.0720 4100 LHDmgr - ok
      13:14:24.0736 4100 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
      13:14:24.0736 4100 lltdio - ok
      13:14:24.0783 4100 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
      13:14:24.0783 4100 lltdsvc - ok
      13:14:24.0798 4100 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
      13:14:24.0814 4100 lmhosts - ok
      13:14:24.0876 4100 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      13:14:24.0876 4100 LMS - ok
      13:14:24.0908 4100 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
      13:14:24.0908 4100 LSI_FC - ok
      13:14:24.0923 4100 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
      13:14:24.0939 4100 LSI_SAS - ok
      13:14:24.0939 4100 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
      13:14:24.0954 4100 LSI_SAS2 - ok
      13:14:24.0954 4100 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
      13:14:24.0954 4100 LSI_SCSI - ok
      13:14:24.0986 4100 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
      13:14:24.0986 4100 luafv - ok
      13:14:25.0032 4100 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
      13:14:25.0032 4100 MBAMProtector - ok
      13:14:25.0079 4100 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      13:14:25.0095 4100 MBAMScheduler - ok
      13:14:25.0142 4100 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      13:14:25.0142 4100 MBAMService - ok
      13:14:25.0142 4100 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
      13:14:25.0142 4100 megasas - ok
      13:14:25.0188 4100 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
      13:14:25.0204 4100 MegaSR - ok
      13:14:25.0220 4100 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
      13:14:25.0220 4100 MEIx64 - ok
      13:14:25.0266 4100 Microsoft SharePoint Workspace Audit Service - ok
      13:14:25.0282 4100 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
      13:14:25.0282 4100 MMCSS - ok
      13:14:25.0298 4100 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
      13:14:25.0298 4100 Modem - ok
      13:14:25.0298 4100 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
      13:14:25.0313 4100 monitor - ok
      13:14:25.0344 4100 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
      13:14:25.0344 4100 mouclass - ok
      13:14:25.0360 4100 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
      13:14:25.0360 4100 mouhid - ok
      13:14:25.0391 4100 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
      13:14:25.0391 4100 mountmgr - ok
      13:14:25.0454 4100 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
      13:14:25.0454 4100 mpio - ok
      13:14:25.0469 4100 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
      13:14:25.0469 4100 mpsdrv - ok
      13:14:25.0516 4100 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
      13:14:25.0516 4100 MRxDAV - ok
      13:14:25.0547 4100 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
      13:14:25.0563 4100 mrxsmb - ok
      13:14:25.0563 4100 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
      13:14:25.0563 4100 mrxsmb10 - ok
      13:14:25.0625 4100 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
      13:14:25.0625 4100 mrxsmb20 - ok
      13:14:25.0672 4100 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
      13:14:25.0672 4100 msahci - ok
      13:14:25.0703 4100 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
      13:14:25.0703 4100 msdsm - ok
      13:14:25.0734 4100 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
      13:14:25.0734 4100 MSDTC - ok
      13:14:25.0734 4100 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
      13:14:25.0734 4100 Msfs - ok
      13:14:25.0750 4100 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
      13:14:25.0750 4100 mshidkmdf - ok
      13:14:25.0766 4100 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
      13:14:25.0766 4100 msisadrv - ok
      13:14:25.0812 4100 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
      13:14:25.0812 4100 MSiSCSI - ok
      13:14:25.0828 4100 msiserver - ok
      13:14:25.0844 4100 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
      13:14:25.0844 4100 MSKSSRV - ok
      13:14:25.0859 4100 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
      13:14:25.0859 4100 MSPCLOCK - ok
      13:14:25.0859 4100 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
      13:14:25.0859 4100 MSPQM - ok
      13:14:25.0984 4100 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
      13:14:25.0984 4100 MsRPC - ok
      13:14:26.0046 4100 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
      13:14:26.0046 4100 mssmbios - ok
      13:14:26.0046 4100 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
      13:14:26.0046 4100 MSTEE - ok
      13:14:26.0062 4100 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
      13:14:26.0062 4100 MTConfig - ok
      13:14:26.0078 4100 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
      13:14:26.0078 4100 Mup - ok
      13:14:26.0109 4100 [ 6ED8935257672F4CD04A88A0F3DE093D ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
      13:14:26.0109 4100 MyWiFiDHCPDNS - ok
      13:14:26.0280 4100 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
      13:14:26.0296 4100 napagent - ok
      13:14:26.0343 4100 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
      13:14:26.0343 4100 NativeWifiP - ok
      13:14:26.0452 4100 [ 1BBBF640BC0E0B750537BAECE8D66C18 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
      13:14:26.0452 4100 NAUpdate - ok
      13:14:26.0468 4100 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\windows\system32\DRIVERS\NBVol.sys
      13:14:26.0468 4100 NBVol - ok
      13:14:26.0468 4100 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\windows\system32\DRIVERS\NBVolUp.sys
      13:14:26.0468 4100 NBVolUp - ok
      13:14:26.0530 4100 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
      13:14:26.0530 4100 NDIS - ok
      13:14:26.0592 4100 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
      13:14:26.0592 4100 NdisCap - ok
      13:14:26.0624 4100 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
      13:14:26.0624 4100 NdisTapi - ok
      13:14:26.0670 4100 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
      13:14:26.0686 4100 Ndisuio - ok
      13:14:26.0717 4100 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
      13:14:26.0717 4100 NdisWan - ok
      13:14:26.0764 4100 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
      13:14:26.0764 4100 NDProxy - ok
      13:14:26.0780 4100 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
      13:14:26.0780 4100 NetBIOS - ok
      13:14:26.0858 4100 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
      13:14:26.0873 4100 NetBT - ok
      13:14:26.0904 4100 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
      13:14:26.0904 4100 Netlogon - ok
      13:14:26.0951 4100 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
      13:14:26.0951 4100 Netman - ok
      13:14:26.0998 4100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      13:14:26.0998 4100 NetMsmqActivator - ok
      13:14:27.0045 4100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      13:14:27.0045 4100 NetPipeActivator - ok
      13:14:27.0076 4100 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
      13:14:27.0076 4100 netprofm - ok
      13:14:27.0123 4100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      13:14:27.0123 4100 NetTcpActivator - ok
      13:14:27.0123 4100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      13:14:27.0123 4100 NetTcpPortSharing - ok
      13:14:27.0669 4100 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
      13:14:27.0762 4100 netw5v64 - ok
      13:14:28.0137 4100 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
      13:14:28.0340 4100 NETwNs64 - ok
      13:14:28.0386 4100 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
      13:14:28.0386 4100 nfrd960 - ok
      13:14:28.0527 4100 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
      13:14:28.0527 4100 NlaSvc - ok
      13:14:28.0558 4100 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
      13:14:28.0558 4100 Npfs - ok
      13:14:28.0620 4100 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
      13:14:28.0620 4100 nsi - ok
      13:14:28.0652 4100 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
      13:14:28.0652 4100 nsiproxy - ok
      13:14:28.0745 4100 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
      13:14:28.0776 4100 Ntfs - ok
      13:14:28.0808 4100 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
      13:14:28.0808 4100 Null - ok
      13:14:30.0851 4100 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
      13:14:30.0914 4100 nvlddmkm - ok
      13:14:30.0960 4100 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
      13:14:30.0960 4100 nvpciflt - ok
      13:14:31.0038 4100 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
      13:14:31.0038 4100 nvraid - ok
      13:14:31.0070 4100 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
      13:14:31.0070 4100 nvstor - ok
      13:14:31.0116 4100 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\windows\system32\nvvsvc.exe
      13:14:31.0132 4100 NVSvc - ok
      13:14:31.0397 4100 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      13:14:31.0413 4100 nvUpdatusService - ok
      13:14:31.0460 4100 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
      13:14:31.0460 4100 nv_agp - ok
      13:14:31.0506 4100 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
      13:14:31.0506 4100 ohci1394 - ok
      13:14:31.0600 4100 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      13:14:31.0600 4100 ose - ok
      13:14:32.0099 4100 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      13:14:32.0177 4100 osppsvc - ok
      13:14:32.0255 4100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
      13:14:32.0271 4100 p2pimsvc - ok
      13:14:32.0302 4100 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
      13:14:32.0302 4100 p2psvc - ok
      13:14:32.0396 4100 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
      13:14:32.0396 4100 Parport - ok
      13:14:32.0427 4100 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
      13:14:32.0427 4100 partmgr - ok
      13:14:32.0442 4100 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
      13:14:32.0458 4100 PcaSvc - ok
      13:14:32.0489 4100 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
      13:14:32.0489 4100 pci - ok
      13:14:32.0520 4100 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
      13:14:32.0520 4100 pciide - ok
      13:14:32.0520 4100 PCloudCleanerService - ok
      13:14:32.0552 4100 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
      13:14:32.0552 4100 pcmcia - ok
      13:14:32.0567 4100 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
      13:14:32.0567 4100 pcw - ok
      13:14:32.0583 4100 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
      13:14:32.0598 4100 PEAUTH - ok
      13:14:32.0801 4100 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
      13:14:32.0817 4100 PerfHost - ok
      13:14:33.0051 4100 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
      13:14:33.0066 4100 pla - ok
      13:14:33.0113 4100 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
      13:14:33.0129 4100 PlugPlay - ok
      13:14:33.0176 4100 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
      13:14:33.0176 4100 PNRPAutoReg - ok
      13:14:33.0191 4100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
      13:14:33.0191 4100 PNRPsvc - ok
      13:14:33.0285 4100 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
      13:14:33.0285 4100 PolicyAgent - ok
      13:14:33.0378 4100 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
      13:14:33.0378 4100 Power - ok
      13:14:33.0456 4100 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
      13:14:33.0456 4100 PptpMiniport - ok
      13:14:33.0519 4100 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
      13:14:33.0519 4100 Processor - ok
      13:14:33.0550 4100 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
      13:14:33.0550 4100 ProfSvc - ok
      13:14:33.0581 4100 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
      13:14:33.0581 4100 ProtectedStorage - ok
      13:14:33.0644 4100 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
      13:14:33.0644 4100 Psched - ok
      13:14:33.0909 4100 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
      13:14:33.0924 4100 ql2300 - ok
      13:14:34.0018 4100 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
      13:14:34.0018 4100 ql40xx - ok
      13:14:34.0065 4100 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
      13:14:34.0065 4100 QWAVE - ok
      13:14:34.0065 4100 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
      13:14:34.0065 4100 QWAVEdrv - ok
      13:14:34.0080 4100 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
      13:14:34.0080 4100 RasAcd - ok
      13:14:34.0143 4100 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
      13:14:34.0143 4100 RasAgileVpn - ok
      13:14:34.0158 4100 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
      13:14:34.0174 4100 RasAuto - ok
      13:14:34.0205 4100 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
      13:14:34.0221 4100 Rasl2tp - ok
      13:14:34.0268 4100 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
      13:14:34.0283 4100 RasMan - ok
      13:14:34.0330 4100 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
      13:14:34.0330 4100 RasPppoe - ok
      13:14:34.0361 4100 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
      13:14:34.0361 4100 RasSstp - ok
      13:14:34.0424 4100 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
      13:14:34.0424 4100 rdbss - ok
      13:14:34.0439 4100 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
      13:14:34.0439 4100 rdpbus - ok
      13:14:34.0455 4100 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
      13:14:34.0455 4100 RDPCDD - ok
      13:14:34.0486 4100 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
      13:14:34.0486 4100 RDPENCDD - ok
      13:14:34.0502 4100 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
      13:14:34.0502 4100 RDPREFMP - ok
      13:14:34.0533 4100 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
      13:14:34.0548 4100 RDPWD - ok
      13:14:34.0611 4100 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
      13:14:34.0611 4100 rdyboost - ok
      13:14:34.0736 4100 [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      13:14:34.0736 4100 RegSrvc - ok
      13:14:34.0782 4100 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
      13:14:34.0782 4100 RemoteAccess - ok
      13:14:34.0814 4100 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
      13:14:34.0829 4100 RemoteRegistry - ok
      13:14:34.0860 4100 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
      13:14:34.0860 4100 RFCOMM - ok
      13:14:34.0892 4100 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
      13:14:34.0892 4100 RpcEptMapper - ok
      13:14:34.0923 4100 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
      13:14:34.0923 4100 RpcLocator - ok
      13:14:35.0032 4100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
      13:14:35.0048 4100 RpcSs - ok
      13:14:35.0079 4100 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
      13:14:35.0079 4100 rspndr - ok
      13:14:35.0157 4100 [ 56167466597BA2911F06FFCF91275E20 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
      13:14:35.0157 4100 RSUSBVSTOR - ok
      13:14:35.0188 4100 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
      13:14:35.0204 4100 RTL8167 - ok
      13:14:35.0219 4100 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
      13:14:35.0219 4100 SamSs - ok
      13:14:35.0266 4100 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
      13:14:35.0266 4100 sbp2port - ok
      13:14:35.0282 4100 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
      13:14:35.0297 4100 SCardSvr - ok
      13:14:35.0360 4100 [ E25632DF954CE70928946BB36F829CF4 ] SCDEmu C:\windows\system32\drivers\SCDEmu.sys
      13:14:35.0375 4100 SCDEmu - ok
      13:14:35.0453 4100 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
      13:14:35.0453 4100 scfilter - ok
      13:14:35.0531 4100 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
      13:14:35.0547 4100 Schedule - ok
      13:14:35.0594 4100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
      13:14:35.0594 4100 SCPolicySvc - ok
      13:14:35.0625 4100 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
      13:14:35.0625 4100 SDRSVC - ok
      13:14:35.0672 4100 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
      13:14:35.0672 4100 secdrv - ok
      13:14:35.0703 4100 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
      13:14:35.0718 4100 seclogon - ok
      13:14:35.0734 4100 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
      13:14:35.0750 4100 SENS - ok
      13:14:35.0765 4100 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
      13:14:35.0765 4100 SensrSvc - ok
      13:14:35.0812 4100 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
      13:14:35.0812 4100 Serenum - ok
      13:14:35.0812 4100 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
      13:14:35.0812 4100 Serial - ok
      13:14:35.0859 4100 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
      13:14:35.0859 4100 sermouse - ok
      13:14:35.0906 4100 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
      13:14:35.0921 4100 SessionEnv - ok
      13:14:35.0937 4100 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
      13:14:35.0937 4100 sffdisk - ok
      13:14:35.0952 4100 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
      13:14:35.0952 4100 sffp_mmc - ok
      13:14:35.0952 4100 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
      13:14:35.0952 4100 sffp_sd - ok
      13:14:35.0952 4100 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
      13:14:35.0968 4100 sfloppy - ok
      13:14:36.0046 4100 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
      13:14:36.0077 4100 ShellHWDetection - ok
      13:14:36.0077 4100 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
      13:14:36.0077 4100 SiSRaid2 - ok
      13:14:36.0093 4100 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
      13:14:36.0093 4100 SiSRaid4 - ok
      13:14:36.0140 4100 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
      13:14:36.0140 4100 Smb - ok
      13:14:36.0186 4100 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
      13:14:36.0186 4100 SNMPTRAP - ok
      13:14:36.0218 4100 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
      13:14:36.0218 4100 spldr - ok
      13:14:36.0311 4100 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
      13:14:36.0311 4100 Spooler - ok
      13:14:36.0467 4100 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
      13:14:36.0545 4100 sppsvc - ok
      13:14:36.0576 4100 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
      13:14:36.0576 4100 sppuinotify - ok
      13:14:36.0623 4100 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
      13:14:36.0623 4100 srv - ok
      13:14:36.0748 4100 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
      13:14:36.0748 4100 srv2 - ok
      13:14:36.0795 4100 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
      13:14:36.0795 4100 srvnet - ok
      13:14:36.0810 4100 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
      13:14:36.0810 4100 SSDPSRV - ok
      13:14:36.0826 4100 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
      13:14:36.0826 4100 SstpSvc - ok
      13:14:36.0857 4100 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
      13:14:36.0857 4100 stexstor - ok
      13:14:36.0920 4100 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
      13:14:36.0935 4100 stisvc - ok
      13:14:37.0060 4100 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
      13:14:37.0060 4100 swenum - ok
      13:14:37.0122 4100 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
      13:14:37.0138 4100 swprv - ok
      13:14:37.0200 4100 [ 09E811486038F1C06F9E00DFFAAB7A4E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
      13:14:37.0200 4100 SynTP - ok
      13:14:37.0497 4100 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
      13:14:37.0512 4100 SysMain - ok
      13:14:37.0559 4100 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
      13:14:37.0575 4100 TabletInputService - ok
      13:14:37.0606 4100 tandpl - ok
      13:14:37.0668 4100 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
      13:14:37.0684 4100 TapiSrv - ok
      13:14:37.0700 4100 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
      13:14:37.0715 4100 TBS - ok
      13:14:37.0871 4100 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
      13:14:37.0887 4100 Tcpip - ok
      13:14:37.0934 4100 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
      13:14:37.0949 4100 TCPIP6 - ok
      13:14:38.0012 4100 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
      13:14:38.0012 4100 tcpipreg - ok
      13:14:38.0027 4100 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
      13:14:38.0043 4100 TDPIPE - ok
      13:14:38.0074 4100 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
      13:14:38.0074 4100 TDTCP - ok
      13:14:38.0121 4100 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
      13:14:38.0121 4100 tdx - ok
      13:14:38.0152 4100 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
      13:14:38.0152 4100 TermDD - ok
      13:14:38.0246 4100 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
      13:14:38.0261 4100 TermService - ok
      13:14:38.0339 4100 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
      13:14:38.0339 4100 Themes - ok
      13:14:38.0370 4100 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
      13:14:38.0370 4100 THREADORDER - ok
      13:14:38.0402 4100 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
      13:14:38.0402 4100 TrkWks - ok
      13:14:38.0526 4100 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
      13:14:38.0542 4100 TrustedInstaller - ok
      13:14:38.0604 4100 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
      13:14:38.0604 4100 tssecsrv - ok
      13:14:38.0636 4100 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
      13:14:38.0651 4100 TsUsbFlt - ok
      13:14:38.0714 4100 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
      13:14:38.0714 4100 tunnel - ok
      13:14:38.0760 4100 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
      13:14:38.0760 4100 uagp35 - ok
      13:14:38.0838 4100 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
      13:14:38.0838 4100 udfs - ok
      13:14:38.0870 4100 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
      13:14:38.0870 4100 UI0Detect - ok
      13:14:38.0885 4100 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
      13:14:38.0885 4100 uliagpkx - ok
      13:14:38.0932 4100 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
      13:14:38.0932 4100 umbus - ok
      13:14:38.0948 4100 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
      13:14:38.0948 4100 UmPass - ok
      13:14:39.0275 4100 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      13:14:39.0291 4100 UNS - ok
      13:14:39.0369 4100 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
      13:14:39.0384 4100 upnphost - ok
      13:14:39.0431 4100 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
      13:14:39.0431 4100 usbccgp - ok
      13:14:39.0525 4100 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
      13:14:39.0525 4100 usbcir - ok
      13:14:39.0556 4100 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
      13:14:39.0556 4100 usbehci - ok
      13:14:39.0587 4100 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
      13:14:39.0603 4100 usbhub - ok
      13:14:39.0665 4100 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
      13:14:39.0665 4100 usbohci - ok
      13:14:39.0696 4100 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
      13:14:39.0696 4100 usbprint - ok
      13:14:39.0712 4100 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
      13:14:39.0712 4100 USBSTOR - ok
      13:14:39.0728 4100 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
      13:14:39.0728 4100 usbuhci - ok
      13:14:39.0759 4100 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
      13:14:39.0759 4100 usbvideo - ok
      13:14:39.0774 4100 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
      13:14:39.0790 4100 UxSms - ok
      13:14:39.0790 4100 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
      13:14:39.0806 4100 VaultSvc - ok
      13:14:39.0806 4100 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
      13:14:39.0806 4100 vdrvroot - ok
      13:14:39.0884 4100 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
      13:14:39.0899 4100 vds - ok
      13:14:39.0930 4100 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
      13:14:39.0930 4100 vga - ok
      13:14:39.0930 4100 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
      13:14:39.0946 4100 VgaSave - ok
      13:14:39.0962 4100 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
      13:14:39.0977 4100 vhdmp - ok
      13:14:39.0993 4100 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
      13:14:39.0993 4100 viaide - ok
      13:14:40.0024 4100 [ 5CB80AFA98111FC6ED6E8702A0D7AC5B ] vm2uvcflt C:\windows\system32\Drivers\vm2uvcflt.sys
      13:14:40.0024 4100 vm2uvcflt - ok
      13:14:40.0055 4100 [ FE75ED0244AEDFF9B278A2A09AC06CA9 ] vm332avs C:\windows\system32\Drivers\vm332avs.sys
      13:14:40.0055 4100 vm332avs - ok
      13:14:40.0086 4100 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
      13:14:40.0086 4100 volmgr - ok
      13:14:40.0149 4100 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
      13:14:40.0164 4100 volmgrx - ok
      13:14:40.0227 4100 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
      13:14:40.0227 4100 volsnap - ok
      13:14:40.0336 4100 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
      13:14:40.0336 4100 vsmraid - ok
      13:14:40.0461 4100 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
      13:14:40.0508 4100 VSS - ok
      13:14:40.0523 4100 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
      13:14:40.0523 4100 vwifibus - ok
      13:14:40.0539 4100 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
      13:14:40.0539 4100 vwififlt - ok
      13:14:40.0554 4100 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
      13:14:40.0554 4100 vwifimp - ok
      13:14:40.0586 4100 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
      13:14:40.0601 4100 W32Time - ok
      13:14:40.0617 4100 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
      13:14:40.0617 4100 WacomPen - ok
      13:14:40.0679 4100 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
      13:14:40.0679 4100 WANARP - ok
      13:14:40.0679 4100 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
      13:14:40.0679 4100 Wanarpv6 - ok
      13:14:40.0835 4100 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
      13:14:40.0851 4100 wbengine - ok
      13:14:40.0882 4100 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
      13:14:40.0882 4100 WbioSrvc - ok
      13:14:40.0929 4100 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
      13:14:40.0944 4100 wcncsvc - ok
      13:14:40.0960 4100 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
      13:14:40.0960 4100 WcsPlugInService - ok
      13:14:40.0976 4100 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
      13:14:40.0976 4100 Wd - ok
      13:14:41.0100 4100 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
      13:14:41.0116 4100 Wdf01000 - ok
      13:14:41.0132 4100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
      13:14:41.0132 4100 WdiServiceHost - ok
      13:14:41.0132 4100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
      13:14:41.0147 4100 WdiSystemHost - ok
      13:14:41.0178 4100 [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd C:\windows\system32\DRIVERS\WDKMD.sys
      13:14:41.0194 4100 wdkmd - ok
      13:14:41.0256 4100 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
      13:14:41.0272 4100 WebClient - ok
      13:14:41.0288 4100 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
      13:14:41.0288 4100 Wecsvc - ok
      13:14:41.0303 4100 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
      13:14:41.0303 4100 wercplsupport - ok
      13:14:41.0319 4100 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
      13:14:41.0319 4100 WerSvc - ok
      13:14:41.0334 4100 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
      13:14:41.0334 4100 WfpLwf - ok
      13:14:41.0366 4100 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
      13:14:41.0366 4100 WIMMount - ok
      13:14:41.0366 4100 WinHttpAutoProxySvc - ok
      13:14:41.0490 4100 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
      13:14:41.0490 4100 Winmgmt - ok
      13:14:41.0537 4100 WinRing0_1_2_0 - ok
      13:14:42.0114 4100 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
      13:14:42.0146 4100 WinRM - ok
      13:14:42.0255 4100 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
      13:14:42.0255 4100 WinUsb - ok
      13:14:42.0302 4100 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
      13:14:42.0317 4100 Wlansvc - ok
      13:14:42.0380 4100 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
      13:14:42.0380 4100 wlcrasvc - ok
      13:14:42.0660 4100 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      13:14:42.0676 4100 wlidsvc - ok
      13:14:42.0723 4100 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
      13:14:42.0723 4100 WmiAcpi - ok
      13:14:42.0754 4100 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
      13:14:42.0754 4100 wmiApSrv - ok
      13:14:42.0801 4100 WMPNetworkSvc - ok
      13:14:42.0848 4100 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
      13:14:42.0848 4100 WPCSvc - ok
      13:14:42.0910 4100 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
      13:14:42.0910 4100 WPDBusEnum - ok
      13:14:42.0957 4100 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
      13:14:42.0957 4100 ws2ifsl - ok
      13:14:42.0957 4100 WSearch - ok
      13:14:42.0988 4100 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
      13:14:42.0988 4100 wsvd - ok
      13:14:43.0035 4100 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
      13:14:43.0050 4100 WudfPf - ok
      13:14:43.0082 4100 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
      13:14:43.0082 4100 WUDFRd - ok
      13:14:43.0128 4100 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
      13:14:43.0128 4100 wudfsvc - ok
      13:14:43.0160 4100 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
      13:14:43.0160 4100 WwanSvc - ok
      13:14:43.0206 4100 ================ Scan global ===============================
      13:14:43.0238 4100 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
      13:14:43.0284 4100 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
      13:14:43.0284 4100 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
      13:14:43.0316 4100 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
      13:14:43.0362 4100 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\windows\system32\services.exe
      13:14:43.0378 4100 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
      13:14:43.0378 4100 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
      13:14:43.0378 4100 ================ Scan MBR ==================================
      13:14:43.0394 4100 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
      13:14:43.0752 4100 \Device\Harddisk0\DR0 - ok
      13:14:43.0752 4100 ================ Scan VBR ==================================
      13:14:43.0799 4100 [ F83711BD67965330246FB511D45C0B48 ] \Device\Harddisk0\DR0\Partition1
      13:14:43.0799 4100 \Device\Harddisk0\DR0\Partition1 - ok
      13:14:43.0877 4100 [ 42F885264CEED7F9CF1FEBD85D005FB7 ] \Device\Harddisk0\DR0\Partition2
      13:14:43.0877 4100 \Device\Harddisk0\DR0\Partition2 - ok
      13:14:43.0877 4100 [ 370D824DBBCF15639D6139578F9AA37F ] \Device\Harddisk0\DR0\Partition3
      13:14:43.0877 4100 \Device\Harddisk0\DR0\Partition3 - ok
      13:14:43.0877 4100 ============================================================
      13:14:43.0877 4100 Scan finished
      13:14:43.0877 4100 ============================================================
      13:14:43.0893 3828 Detected object count: 1
      13:14:43.0893 3828 Actual detected object count: 1
      13:14:48.0276 3828 C:\windows\system32\services.exe - copied to quarantine
      13:14:52.0398 3828 C:\windows\assembly\GAC_32\desktop.ini - copied to quarantine
      13:14:56.0298 3828 C:\windows\assembly\GAC_64\desktop.ini - copied to quarantine
      13:14:56.0444 3828 C:\windows\installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\@ - copied to quarantine
      13:14:56.0444 3828 C:\windows\installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected] - copied to quarantine
      13:14:56.0464 3828 C:\windows\installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected] - copied to quarantine
      13:14:56.0547 3828 C:\windows\installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected] - copied to quarantine
      13:14:56.0567 3828 C:\windows\installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected] - copied to quarantine
      13:14:56.0598 3828 C:\windows\installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected] - copied to quarantine
      13:16:10.0867 3828 Backup copy not found, trying to cure infected file..
      13:16:10.0867 3828 C:\windows\system32\services.exe - Cure failed (FFFFFFFF)
      13:16:10.0867 3828 C:\windows\system32\services.exe - processing error
      13:16:10.0867 3828 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure


      ahi esta en del TDSS

    8. #8
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: services.exe y sirefef2

      Buenas.


      Con permiso, yo continuare el tema.



      @Matheo Londoño



      Realiza lo siguiente:


      Herramientas necesarias.:

      • Un ordenador limpio con conexión a Internet.
      • Un USB, debe estar formateado.
      • Imprima estas instrucciones para su seguridad.


      Desde el ordenador limpio:.



      Desde el equipo infectado:

      Ingresa en las opciones de reparación del sistema.

      Para acceder a las Opciones de Recuperación del Sistema de las opciones de inicio avanzadas:

      • Reinicie el equipo. Tan pronto como se carga el BIOS presione la tecla F8 hasta que aparezcan las Opciones avanzadas de arranque.
      • Selecciona Reparar el Equipo y presione enter.
      • Espere a que cargue, seleccione el Idioma y configuración de teclado, clic en Siguiente.
      • Seleccione el sistema operativo que desee reparar y haga clic en Siguiente.
      • Seleccione su cuenta de Usuario haga clic en Siguiente.


      En el menú de Opciones de Recuperación del Sistema vera las siguientes opciones:




      • Seleccione el Símbolo del Sistema.
      • En la Ventana de comandos, escriba Notepad y presione enter.
      • En la parte superior del Bloc de notas vaya a Archivo > Abrir > Seleccione "Equipo" anota la letra correspondientemente a la unidad extraible USB.
      • Cierra el Bloc de notas para regresar a la ventana de comandos.


      • Una vez dentro de la Ventana de Comandos escribe tal cual x:frst64.exe donde X debe ser reemplazada por la letra de su unidad USB.
      • Presionas enter para que a herramienta comience a correr.
      • Cuando la herramienta se abra le mostrara la ventana Disclaimer, haga clic en Sí.


      Luego abrirá la ventana del programa:




      • Pulse el botón Scan para comenzar el análisis.
      • Al finalizar el escaneo se creara un reporte Frst.txt en el dispositivo USB.



      Buscando un reemplazo para el archivo comprometido.


      • Luego ejecute nuevamente Farbar Recovery Scan Tool.
      • Cuando se abra la interfaz escriba services.exe en el recuadro Search
      • Seguidamente clic en el botón Search Files(s) para comenzar la búsqueda.
      • Un reporte quedara guardado en el dispositivo USB con el nombre de Search.txt



      Conecte de nuevo el USB en el ordenador limpio, abra los archivos Frst.txt y Search.txt, copie y pegue su contenido en su próxima respuesta.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de Matheo Londoño
      Registrado
      ene 2013
      Mensajes
      5
      esta bien... lo hare mañana por que en este momento no tengo la USB entonces mañana estaran aqui los resultados :) gracias por responder!! :) ojala funcione por que he usado el TDSSkiller y no funciona igual que el MBAM ni avast :S
      gracias de ante mano! :)

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2013 02
      Ran by SYSTEM at 26-01-2013 11:00:24
      Running from G:\
      Windows 7 Home Basic (X64) OS Language: English(US)
      The current controlset is ControlSet001

      ==================== Registry (Whitelisted) ===================

      HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11775592 2011-01-25] (Realtek Semiconductor)
      HKLM\...\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1933584 2010-12-17] (Intel(R) Corporation)
      HKLM\...\Run: [S_Monitor] C:\Program Files (x86)\BisonCam\Monitor.exe [258936 2011-01-03] ()
      HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated)
      HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-04-18] (Lenovo)
      HKLM\...\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-04-18] (Lenovo)
      HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9745312 2011-04-18] (Lenovo (Beijing) Limited)
      HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5374880 2011-04-18] (Lenovo(beijing) Limited)
      HKLM-x32\...\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~1\MuteSync.exe [336384 2009-12-27] (Lenovo)
      HKLM-x32\...\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
      HKLM-x32\...\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)
      HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2010-12-04] (CyberLink)
      HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [224352 2010-12-04] (CyberLink Corp.)
      HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-04-18] (Lenovo)
      HKLM-x32\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
      HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
      HKLM-x32\...\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart [1493288 2011-09-20] (Nero AG)
      HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
      HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup [336992 2012-12-09] (Power Software Ltd)
      HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4297136 2012-10-30] (AVAST Software)
      HKU\Lenovo\...\Run: [Google Update] "C:\Users\Lenovo\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-07-18] (Google Inc.)
      HKU\Lenovo\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-05] (DT Soft Ltd)
      HKU\Lenovo\...\Run: [Facebook Update] "C:\Users\Lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-09-14] (Facebook Inc.)
      HKU\UpdatusUser\...\Run: [FactoryTest] C:\Windows\Test.bat [x]
      HKU\UpdatusUser\...\Run: [Power2GoExpress] NA [x]
      HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1091432 2012-12-14] (Malwarebytes Corporation)
      Tcpip\Parameters: [DhcpNameServer] 200.13.249.101 200.13.224.254
      AppInit_DLLs: C:\windows\system32\nvinitx.dll

      ==================== Services (Whitelisted) ===================

      2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-10-30] (AVAST Software)
      2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953632 2010-12-14] (Broadcom Corporation.)
      2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
      2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
      3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
      2 PCloudCleanerService; C:\windows\SysWow64\PCloudCleanerService.EXE [53616 2013-01-08] (Panda Security S.L.)

      ==================== Drivers (Whitelisted) =====================

      2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
      2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
      1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
      1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
      1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
      1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
      3 diskperf64; C:\Windows\System32\Drivers\diskperf64.sys [17512 2010-11-10] (Realtek Semiconductor Corp.)
      1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [254528 2012-07-19] (DT Soft Ltd)
      3 MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
      2 tandpl; C:\Windows\SysWow64\Drivers\tandpl.sys [4736 2003-04-18] ()
      3 BcmSqlStartupSvc; [x]
      2 CLKMSVC10_3A60B698; [x]
      2 CLKMSVC10_C3B3B687; [x]
      2 DriverService; [x]
      2 IAStorDataMgrSvc; [x]
      2 iATAgentService; [x]
      2 idealife Update Service; [x]
      3 IGRS; [x]
      2 IviRegMgr; [x]
      2 Oasis2Service; [x]
      2 PCCarerService; [x]
      2 ReadyComm.DirectRouter; [x]
      2 RichVideo; [x]
      2 RtLedService; [x]
      2 SoftwareService; [x]
      3 SQLWriter; [x]
      2 Stereo Service; [x]
      3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]

      ==================== NetSvcs (Whitelisted) ====================


      ==================== One Month Created Files and Folders ========

      2013-01-26 11:00 - 2013-01-26 11:00 - 00000000 ____D C:\FRST
      2013-01-25 13:28 - 2013-01-25 13:28 - 00000000 ____D C:\Users\Lenovo\Desktop\Avast License Hasta 2050 ZeNiX 2012-03-14
      2013-01-25 13:25 - 2013-01-25 13:25 - 00700870 ____A C:\Users\Lenovo\Desktop\Avast License Hasta 2050 ZeNiX 2012-03-14.rar
      2013-01-25 12:54 - 2013-01-25 12:54 - 00121512 ____A C:\Users\Lenovo\AppData\Local\GDIPFONTCACHEV1.DAT
      2013-01-25 12:52 - 2013-01-26 06:08 - 00000224 ____A C:\Windows\setupact.log
      2013-01-25 12:52 - 2013-01-25 12:52 - 00000000 ____A C:\Windows\setuperr.log
      2013-01-25 12:51 - 2013-01-26 06:07 - 00007306 ____A C:\Windows\PFRO.log
      2013-01-25 12:51 - 2013-01-25 12:52 - 00437144 ____A C:\Windows\System32\FNTCACHE.DAT
      2013-01-25 11:34 - 2013-01-25 11:34 - 00079686 ____A C:\Users\Lenovo\Downloads\windowsupdate.diagcab
      2013-01-25 10:11 - 2013-01-25 10:12 - 04009167 ____A C:\Users\Lenovo\Desktop\ServicesRepair.exe
      2013-01-25 10:00 - 2013-01-25 14:28 - 00000000 ____D C:\TDSSKiller_Quarantine
      2013-01-25 07:35 - 2013-01-25 07:54 - 00003504 ____A C:\Users\Lenovo\Desktop\Rkill.txt
      2013-01-25 07:35 - 2013-01-25 07:38 - 00958368 ____A (Bleeping Computer, LLC) C:\Users\Lenovo\Desktop\WiNlOgOn64.exe
      2013-01-25 07:32 - 2013-01-25 07:32 - 00002091 ____A C:\Users\Lenovo\Desktop\Minecraft.lnk
      2013-01-25 07:20 - 2013-01-25 07:20 - 00000000 ____D C:\Users\Lenovo\Desktop\tdsskiller
      2013-01-25 06:52 - 2013-01-08 10:15 - 00053616 ____A (Panda Security S.L.) C:\Windows\SysWOW64\PCloudCleanerService.EXE
      2013-01-25 06:40 - 2013-01-25 06:40 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      2013-01-25 06:40 - 2013-01-25 06:40 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Malwarebytes
      2013-01-25 06:40 - 2013-01-25 06:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2013-01-25 06:40 - 2012-12-14 13:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
      2013-01-25 05:57 - 2013-01-25 05:58 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Lenovo\Desktop\mbam-setup-1.70.0.1100.exe
      2013-01-25 05:57 - 2013-01-25 05:57 - 02195061 ____A C:\Users\Lenovo\Desktop\tdsskiller.zip
      2013-01-24 10:22 - 2013-01-24 10:22 - 00001286 ____A C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
      2013-01-24 10:22 - 2013-01-24 10:22 - 00000000 ____D C:\Program Files (x86)\Panda Security
      2013-01-24 10:19 - 2013-01-24 10:20 - 19552152 ____A (Panda Security ) C:\Users\Lenovo\Downloads\PandaCloudCleaner.exe
      2013-01-24 06:28 - 2013-01-24 06:28 - 00000000 ____D C:\Users\Lenovo\AppData\LocalGoogle
      2013-01-24 06:26 - 2013-01-26 07:37 - 00001036 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
      2013-01-24 06:26 - 2013-01-26 06:37 - 00001032 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
      2013-01-24 06:26 - 2013-01-25 13:31 - 00000000 ____A C:\Windows\SysWOW64\config.nt
      2013-01-24 06:26 - 2013-01-24 06:26 - 00001958 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
      2013-01-24 06:26 - 2012-10-30 14:51 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
      2013-01-24 06:26 - 2012-10-30 14:51 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
      2013-01-24 06:26 - 2012-10-30 14:51 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
      2013-01-24 06:26 - 2012-10-30 14:51 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
      2013-01-24 06:26 - 2012-10-30 14:51 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
      2013-01-24 06:26 - 2012-10-30 14:51 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
      2013-01-24 06:26 - 2012-10-30 14:50 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
      2013-01-24 06:26 - 2012-10-30 14:50 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
      2013-01-24 06:26 - 2012-10-15 07:59 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
      2013-01-24 06:25 - 2013-01-24 06:25 - 00000000 ____D C:\Program Files\AVAST Software
      2013-01-24 06:13 - 2013-01-24 06:13 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
      2013-01-24 06:03 - 2012-11-07 16:33 - 00000000 ____D C:\Users\Lenovo\Desktop\Avast 2050 License Faker by ZeNiX 2012-06-29
      2013-01-24 06:01 - 2013-01-24 06:23 - 97565024 ____A C:\Users\Lenovo\Downloads\avast_free_antivirus_setup.exe
      2013-01-24 06:01 - 2013-01-24 06:01 - 01960401 ____A C:\Users\Lenovo\Desktop\A2050CNECUSO.rar
      2013-01-24 05:56 - 2013-01-24 05:56 - 00004609 ____A C:\Windows\SysWOW64\jupdate-1.7.0_11-b21.log
      2013-01-24 05:56 - 2013-01-12 00:30 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2013-01-24 05:56 - 2013-01-12 00:26 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
      2013-01-24 05:56 - 2013-01-12 00:24 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
      2013-01-23 08:18 - 2013-01-23 12:54 - 00000000 ____D C:\Users\Lenovo\Downloads\z
      2013-01-22 07:42 - 2013-01-22 07:49 - 00000000 ____D C:\Users\Lenovo\Downloads\Minecraft v1.4.7 [MULTI5][PC][CRACKED][P2P ][WwW.GamesTorrents.CoM]
      2013-01-20 11:31 - 2013-01-20 11:31 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      2013-01-19 17:19 - 2013-01-19 17:19 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
      2013-01-19 06:33 - 2013-01-24 10:09 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\ZombieDriver
      2013-01-19 06:31 - 2013-01-19 06:31 - 00002465 ____A C:\Users\Public\Desktop\Zombie Driver Summer of Slaughter.lnk
      2013-01-19 06:30 - 2013-01-19 06:30 - 00000000 ____D C:\Program Files (x86)\Exor Studios
      2013-01-19 05:24 - 2013-01-17 10:33 - 110081461 ____A C:\Users\Lenovo\Downloads\[Rayzero] Tamako Market - 02 [480p].mp4
      2013-01-18 16:26 - 2013-01-18 16:37 - 109545752 ____A C:\Users\Lenovo\Downloads\TM02VL.zip
      2013-01-18 07:26 - 2013-01-18 07:26 - 01756174 ____A C:\Users\Lenovo\Desktop\MCPatcher-HD-1.4.7.exe
      2013-01-16 18:31 - 2013-01-16 18:31 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Adobe
      2013-01-16 18:31 - 2013-01-16 18:31 - 00000000 ____D C:\Users\Lenovo\AppData\Local\Adobe
      2013-01-16 09:07 - 2013-01-19 06:28 - 00000000 ____D C:\Users\Lenovo\Downloads\Zombie.Driver.Summer.of.Slaughter-TiNYiSO
      2013-01-16 09:07 - 2013-01-16 09:07 - 00019158 ____A C:\Users\Lenovo\Downloads\[kat.ph]zombie.driver.summer.of.slaughter.tinyiso.torrent
      2013-01-16 08:50 - 2013-01-18 09:12 - 2056960000 ____A C:\Users\Lenovo\Downloads\Battlefield 2.iso
      2013-01-16 08:49 - 2013-01-16 08:49 - 00020155 ____A C:\Users\Lenovo\Downloads\[kat.ph]battlefield.2.iso.torrent
      2013-01-11 06:14 - 2013-01-11 07:56 - 00000000 ____D C:\Users\Lenovo\Downloads\Waking Mars [English][PC][JAGUAR][WwW.GamesTorrents.CoM]
      2013-01-10 09:52 - 2013-01-10 09:52 - 00101895 ____A C:\Users\Lenovo\Desktop\Fabricación - La Wiki de Minecraft.htm
      2013-01-10 09:52 - 2013-01-10 09:52 - 00000000 ____D C:\Users\Lenovo\Desktop\Fabricación - La Wiki de Minecraft_files
      2013-01-10 09:15 - 2013-01-10 09:15 - 00000000 ____D C:\Program Files (x86)\Steam
      2013-01-10 09:08 - 2013-01-10 09:09 - 00034910 ____A C:\Users\Lenovo\Downloads\Dead.Rising.2.%5BMULTI2%5D%5BPCDVD%5D%5B2DVDs%5D%5BRepack.VictorVal%5D%5BWwW.GamesTorrents.CoM%5D.t8800.torrent
      2013-01-09 10:35 - 2013-01-09 10:35 - 00000006 ____A C:\Windows\SysWOW64\playername.txt
      2013-01-09 10:35 - 2013-01-09 10:35 - 00000000 ____D C:\Windows\SysWOW64\Lenovo_swarm
      2013-01-09 10:13 - 2013-01-09 10:13 - 00000995 ____A C:\Users\Lenovo\Desktop\Magicka.lnk
      2013-01-09 10:04 - 2013-01-25 09:35 - 00000000 ____D C:\Program Files (x86)\Magicka
      2013-01-09 07:06 - 2013-01-09 09:12 - 00000000 ____D C:\Users\Lenovo\Downloads\Magicka v1.4.7.0 multi8 cracked READ NFO-THETA[EtGamez]
      2013-01-09 07:03 - 2013-01-09 07:35 - 00000000 ____D C:\Users\Lenovo\Downloads\Magicka-SKIDROW
      2013-01-09 06:35 - 2013-01-09 06:35 - 00000000 ____D C:\Users\Lenovo\Downloads\ControlMK v0232 [Inglés]
      2013-01-09 06:35 - 2013-01-09 06:35 - 00000000 ____D C:\Program Files (x86)\ControlMK
      2013-01-09 06:34 - 2013-01-09 06:34 - 00232643 ____A C:\Users\Lenovo\Downloads\ControlMK v0232 [Inglés].rar
      2013-01-09 06:07 - 2012-12-07 05:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
      2013-01-09 06:07 - 2012-12-07 05:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
      2013-01-09 06:07 - 2012-12-07 04:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
      2013-01-09 06:07 - 2012-12-07 04:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
      2013-01-09 06:07 - 2012-12-07 03:20 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
      2013-01-09 06:07 - 2012-12-07 03:20 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
      2013-01-09 06:07 - 2012-12-07 03:20 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
      2013-01-09 06:07 - 2012-12-07 03:20 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
      2013-01-09 06:07 - 2012-12-07 03:20 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
      2013-01-09 06:07 - 2012-12-07 03:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
      2013-01-09 06:07 - 2012-12-07 03:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
      2013-01-09 06:07 - 2012-12-07 03:19 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
      2013-01-09 06:07 - 2012-12-07 03:19 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
      2013-01-09 06:07 - 2012-12-07 03:19 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
      2013-01-09 06:07 - 2012-12-07 03:19 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
      2013-01-09 06:07 - 2012-12-07 03:19 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
      2013-01-09 06:07 - 2012-12-07 03:19 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
      2013-01-09 06:07 - 2012-12-07 03:19 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
      2013-01-09 06:07 - 2012-12-07 02:46 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
      2013-01-09 06:06 - 2012-11-08 21:45 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
      2013-01-09 06:06 - 2012-11-08 20:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
      2013-01-09 06:03 - 2012-11-29 21:45 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
      2013-01-09 06:03 - 2012-11-29 21:45 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
      2013-01-09 06:03 - 2012-11-29 21:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
      2013-01-09 06:03 - 2012-11-29 21:45 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
      2013-01-09 06:03 - 2012-11-29 21:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
      2013-01-09 06:03 - 2012-11-29 21:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
      2013-01-09 06:03 - 2012-11-29 21:41 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:54 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2013-01-09 06:03 - 2012-11-29 20:53 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2013-01-09 06:03 - 2012-11-29 20:53 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 19:23 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
      2013-01-09 06:03 - 2012-11-29 18:44 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2013-01-09 06:03 - 2012-11-29 18:44 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2013-01-09 06:03 - 2012-11-29 18:44 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2013-01-09 06:03 - 2012-11-29 18:44 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2013-01-09 06:03 - 2012-11-29 18:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 18:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 18:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 18:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2013-01-09 06:03 - 2012-11-29 15:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
      2013-01-09 06:03 - 2012-11-29 15:15 - 00420064 ____A C:\Windows\System32\locale.nls
      2013-01-09 06:03 - 2012-11-21 21:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
      2013-01-09 06:03 - 2012-11-21 20:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
      2013-01-09 06:03 - 2012-11-19 21:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
      2013-01-09 06:03 - 2012-11-19 20:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2013-01-09 06:03 - 2012-10-31 21:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
      2013-01-09 06:03 - 2012-10-31 21:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
      2013-01-09 06:03 - 2012-10-31 20:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2013-01-09 06:03 - 2012-10-31 20:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
      2013-01-09 06:02 - 2012-11-22 19:26 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
      2013-01-09 06:02 - 2012-11-22 19:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
      2013-01-08 08:15 - 2013-01-09 10:07 - 00000000 ____D C:\Users\Lenovo\Downloads\BlackMesa
      2013-01-05 11:01 - 2013-01-05 11:03 - 32946152 ____A (Oracle Corporation) C:\Users\Lenovo\Downloads\jre-7u10-windows-x64.exe
      2013-01-05 10:59 - 2013-01-25 07:32 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\.minecraft
      2013-01-05 08:24 - 2013-01-05 08:24 - 00001756 ____A C:\Users\Lenovo\Desktop\DunDefConfig - Acceso directo.lnk
      2013-01-05 08:10 - 2013-01-10 07:22 - 00000000 ____D C:\Program Files (x86)\Dungeon Defenders
      2013-01-05 06:32 - 2013-01-05 06:32 - 00000000 ____D C:\Windows\Sun
      2013-01-03 07:23 - 2013-01-03 09:04 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Spore
      2013-01-03 07:23 - 2013-01-03 07:23 - 00001115 ____A C:\Users\Lenovo\Downloads\SwiftShader.ini
      2013-01-03 07:16 - 2013-01-03 07:16 - 00000000 ____D C:\Users\Lenovo\Documents\Mis Creaciones Spore
      2013-01-03 06:43 - 2013-01-03 06:43 - 00001828 ____A C:\Users\Lenovo\Desktop\SporeApp - Acceso directo.lnk
      2013-01-03 06:42 - 2010-09-25 18:38 - 154349936 ____A (Macrovision Corporation) C:\Users\Lenovo\Downloads\Spore - Patch v1.051.exe
      2013-01-03 06:39 - 2013-01-03 06:39 - 00000000 __RHD C:\Users\Lenovo\AppData\Roaming\SecuROM
      2013-01-02 17:17 - 2013-01-02 17:17 - 00000000 ____D C:\Users\Lenovo\Desktop\Spore
      2013-01-02 13:16 - 2013-01-05 07:58 - 4273242112 ____A C:\Users\Lenovo\Downloads\DungeonDefenders_JimbusEd_744b.iso
      2013-01-02 13:07 - 2013-01-02 13:07 - 00109080 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\openal32.dll
      2013-01-02 12:59 - 2013-01-19 13:00 - 00000294 ____A C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
      2013-01-02 12:59 - 2013-01-02 15:28 - 00000278 ____A C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
      2013-01-02 12:59 - 2013-01-02 12:59 - 00002032 ____A C:\Users\Lenovo\Desktop\DLL-Files.com FIXER.lnk
      2013-01-02 12:59 - 2013-01-02 12:59 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\dll-files.com
      2013-01-02 12:59 - 2013-01-02 12:59 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
      2013-01-02 12:57 - 2013-01-02 12:58 - 03514028 ____A C:\Users\Lenovo\Downloads\DLL-FiLes.com Fixer v2.7.72.2315.Multilingual.Incl.Crack.rar
      2013-01-02 12:56 - 2013-01-02 12:56 - 04718592 ____A C:\Windows\SysWOW64\savegame.bin
      2013-01-02 12:56 - 2013-01-02 12:56 - 00000000 ____D C:\Windows\SysWOW64\savegames
      2013-01-02 12:56 - 2013-01-02 12:56 - 00000000 ____D C:\Windows\SysWOW64\saved
      2013-01-02 12:51 - 2013-01-02 12:51 - 00000000 ____D C:\Program Files (x86)\Aspyr Media, Inc
      2013-01-02 12:49 - 2012-08-30 11:31 - 00109080 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\OpenAL32.dll
      2013-01-02 12:46 - 2013-01-02 12:46 - 00590434 ____A C:\Users\Lenovo\Downloads\oalinst.zip
      2013-01-02 11:53 - 2013-01-02 11:55 - 07110656 ____A C:\Users\Lenovo\Downloads\IC_Patch_101_English.msi
      2013-01-02 11:53 - 2013-01-02 11:54 - 00323881 ____A C:\Users\Lenovo\Downloads\Insect_Invasion_V1_4_Patch.exe
      2013-01-02 11:52 - 2013-01-02 12:04 - 90181299 ____A C:\Users\Lenovo\Downloads\ic_insect_invasion_v1_4.exe
      2013-01-02 11:52 - 2013-01-02 12:04 - 112696650 ____A (Creature Chaos Mod Team ) C:\Users\Lenovo\Downloads\Creature_Chaos_4.22.exe
      2013-01-02 11:12 - 2012-08-30 11:31 - 00109080 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
      2013-01-02 11:12 - 2011-05-06 09:16 - 00001006 ____A C:\Users\Lenovo\Downloads\readme.txt
      2013-01-02 11:11 - 2013-01-02 11:11 - 00050413 ____A C:\Users\Lenovo\Downloads\openal32.zip
      2013-01-02 11:10 - 2013-01-02 11:11 - 03917192 ____A (Dll-Files.com ) C:\Users\Lenovo\Downloads\dffsetup-openal32.exe
      2013-01-02 10:24 - 2013-01-02 10:24 - 00000000 ____D C:\Program Files (x86)\ZeoWorks
      2013-01-02 06:55 - 2013-01-16 11:58 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\SporeCreatureCreator
      2013-01-02 06:55 - 2013-01-02 06:55 - 00000000 ____D C:\Users\Lenovo\Documents\My Spore Creations
      2013-01-02 06:52 - 2008-06-30 22:16 - 00000000 ____D C:\Users\Lenovo\Desktop\Spore Creature Creator
      2013-01-02 05:51 - 2013-01-02 05:51 - 00008192 ____A C:\Users\Lenovo\Downloads\rld-spor.exe
      2012-12-31 16:39 - 2012-12-31 16:39 - 00002157 ____A C:\Users\Lenovo\Desktop\IC - Acceso directo.lnk
      2012-12-31 16:32 - 2012-12-31 16:32 - 00001309 ____A C:\Users\Public\Desktop\Sanctum.lnk
      2012-12-31 16:31 - 2012-12-31 16:31 - 00000000 ____D C:\Program Files (x86)\Sanctum
      2012-12-31 16:31 - 2012-12-31 16:31 - 00000000 ____D C:\Program Files (x86)\Paradox Interactive
      2012-12-29 12:51 - 2012-12-31 12:39 - 00000000 ____D C:\Users\Lenovo\Downloads\Impossible.Creatures.PC.Game(djDEVASTATE™)
      2012-12-29 11:57 - 2012-12-31 09:38 - 2133671936 ____A C:\Users\Lenovo\Downloads\Stubbs.the.Z0mbie.in.Rebel.With0ut.a.Pulse.[pcgame-Eng].iso
      2012-12-29 10:21 - 2012-12-31 10:02 - 00000000 ____D C:\Users\Lenovo\Downloads\Bob.Marley.FULL.Discography.MP3.PACK-TL
      2012-12-29 10:07 - 2012-12-30 14:47 - 00000000 ____D C:\Users\Lenovo\Downloads\Grim Fandango
      2012-12-28 18:23 - 2012-12-28 18:23 - 00000000 ____D C:\Users\Lenovo\Documents\Criterion Games
      2012-12-28 18:17 - 2012-12-28 18:17 - 00002346 ____A C:\Users\Lenovo\Desktop\Need For Speed Most Wanted L.E. Repack.lnk
      2012-12-28 15:43 - 2012-12-28 15:43 - 00002709 ____A C:\Users\Lenovo\Desktop\Jugar a FLOCK!.lnk
      2012-12-28 15:31 - 2012-12-28 16:01 - 00000000 ____D C:\Users\Lenovo\Documents\Flock
      2012-12-28 15:29 - 2012-12-28 15:29 - 00000000 ____D C:\Program Files (x86)\Capcom
      2012-12-28 15:28 - 2012-12-28 10:51 - 199475200 ____A C:\Users\Lenovo\Downloads\Flock.iso
      2012-12-28 06:40 - 2012-12-28 15:34 - 00000000 ____D C:\Users\Lenovo\Downloads\Need For Speed Most Wanted L.E [Spanish][PCDVD][1DVD5][Repack VictorVal][WwW.GamesTorrents.CoM]
      2012-12-27 13:31 - 2012-12-16 09:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
      2012-12-27 13:31 - 2012-12-16 06:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
      2012-12-27 13:31 - 2012-12-16 06:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
      2012-12-27 13:31 - 2012-12-16 06:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
      2012-12-27 12:36 - 2013-01-02 07:55 - 00000000 ____D C:\Users\Lenovo\Downloads\Bob.Marley.[Discografia.Interactiva].[BajandoAlbums.CoM].rar
      2012-12-27 12:32 - 2012-12-27 12:32 - 00000000 ____D C:\Users\Lenovo\Downloads\Bob Marley - The Very Best Of legend
      2012-12-27 11:02 - 2012-12-27 11:02 - 00043147 ____A C:\Users\Lenovo\Downloads\Game Ranger.rar
      2012-12-27 08:43 - 2012-12-27 08:43 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\PowerISO
      2012-12-27 08:42 - 2012-12-27 08:42 - 00000000 ____D C:\Program Files (x86)\PowerISO
      2012-12-27 08:42 - 2012-12-09 01:51 - 00126944 ____A (Power Software Ltd) C:\Windows\System32\Drivers\scdemu.sys
      2012-12-27 08:36 - 2012-12-27 08:37 - 05328664 ____A (Power Software Ltd) C:\Users\Lenovo\Downloads\PowerISO5.exe
      2012-12-27 08:19 - 2012-12-27 08:19 - 00000000 ____D C:\Program Files\ESET

      ==================== One Month Modified Files and Folders =======

      2013-01-26 11:00 - 2013-01-26 11:00 - 00000000 ____D C:\FRST
      2013-01-26 07:56 - 2011-04-18 13:55 - 00883871 ____A C:\FaceProv.log
      2013-01-26 07:48 - 2012-08-26 17:15 - 00000838 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
      2013-01-26 07:37 - 2013-01-24 06:26 - 00001036 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
      2013-01-26 07:13 - 2012-07-18 11:56 - 00001050 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2910399588-2985600113-3303889763-1001UA.job
      2013-01-26 06:37 - 2013-01-24 06:26 - 00001032 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
      2013-01-26 06:24 - 2011-04-18 20:56 - 00745698 ____A C:\Windows\System32\perfh00A.dat
      2013-01-26 06:24 - 2011-04-18 20:56 - 00158166 ____A C:\Windows\System32\perfc00A.dat
      2013-01-26 06:24 - 2009-07-13 21:13 - 01671268 ____A C:\Windows\System32\PerfStringBackup.INI
      2013-01-26 06:15 - 2009-07-13 20:45 - 00013424 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2013-01-26 06:15 - 2009-07-13 20:45 - 00013424 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2013-01-26 06:09 - 2011-04-18 13:49 - 00503174 ____A C:\Windows\System32\fastboot.set
      2013-01-26 06:08 - 2013-01-25 12:52 - 00000224 ____A C:\Windows\setupact.log
      2013-01-26 06:08 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
      2013-01-26 06:07 - 2013-01-25 12:51 - 00007306 ____A C:\Windows\PFRO.log
      2013-01-25 14:28 - 2013-01-25 10:00 - 00000000 ____D C:\TDSSKiller_Quarantine
      2013-01-25 14:13 - 2012-07-18 11:56 - 00000998 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2910399588-2985600113-3303889763-1001Core.job
      2013-01-25 13:58 - 2012-09-14 16:53 - 00000932 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2910399588-2985600113-3303889763-1001UA.job
      2013-01-25 13:31 - 2013-01-24 06:26 - 00000000 ____A C:\Windows\SysWOW64\config.nt
      2013-01-25 13:28 - 2013-01-25 13:28 - 00000000 ____D C:\Users\Lenovo\Desktop\Avast License Hasta 2050 ZeNiX 2012-03-14
      2013-01-25 13:25 - 2013-01-25 13:25 - 00700870 ____A C:\Users\Lenovo\Desktop\Avast License Hasta 2050 ZeNiX 2012-03-14.rar
      2013-01-25 12:54 - 2013-01-25 12:54 - 00121512 ____A C:\Users\Lenovo\AppData\Local\GDIPFONTCACHEV1.DAT
      2013-01-25 12:52 - 2013-01-25 12:52 - 00000000 ____A C:\Windows\setuperr.log
      2013-01-25 12:52 - 2013-01-25 12:51 - 00437144 ____A C:\Windows\System32\FNTCACHE.DAT
      2013-01-25 11:34 - 2013-01-25 11:34 - 00079686 ____A C:\Users\Lenovo\Downloads\windowsupdate.diagcab
      2013-01-25 11:34 - 2012-07-20 07:30 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\BitTorrent
      2013-01-25 10:12 - 2013-01-25 10:11 - 04009167 ____A C:\Users\Lenovo\Desktop\ServicesRepair.exe
      2013-01-25 09:35 - 2013-01-09 10:04 - 00000000 ____D C:\Program Files (x86)\Magicka
      2013-01-25 09:35 - 2012-11-28 12:22 - 00000000 ____D C:\Program Files (x86)\Shank 2
      2013-01-25 07:54 - 2013-01-25 07:35 - 00003504 ____A C:\Users\Lenovo\Desktop\Rkill.txt
      2013-01-25 07:38 - 2013-01-25 07:35 - 00958368 ____A (Bleeping Computer, LLC) C:\Users\Lenovo\Desktop\WiNlOgOn64.exe
      2013-01-25 07:32 - 2013-01-25 07:32 - 00002091 ____A C:\Users\Lenovo\Desktop\Minecraft.lnk
      2013-01-25 07:32 - 2013-01-05 10:59 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\.minecraft
      2013-01-25 07:20 - 2013-01-25 07:20 - 00000000 ____D C:\Users\Lenovo\Desktop\tdsskiller
      2013-01-25 07:09 - 2011-04-18 13:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2013-01-25 07:08 - 2012-11-29 10:48 - 00000000 ____D C:\Program Files (x86)\EA GAMES
      2013-01-25 07:06 - 2012-11-13 16:11 - 00000000 ____D C:\Users\Lenovo\Downloads\0 juegos
      2013-01-25 06:40 - 2013-01-25 06:40 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      2013-01-25 06:40 - 2013-01-25 06:40 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Malwarebytes
      2013-01-25 06:40 - 2013-01-25 06:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2013-01-25 06:28 - 2012-07-19 11:32 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
      2013-01-25 05:58 - 2013-01-25 05:57 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Lenovo\Desktop\mbam-setup-1.70.0.1100.exe
      2013-01-25 05:57 - 2013-01-25 05:57 - 02195061 ____A C:\Users\Lenovo\Desktop\tdsskiller.zip
      2013-01-24 10:22 - 2013-01-24 10:22 - 00001286 ____A C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
      2013-01-24 10:22 - 2013-01-24 10:22 - 00000000 ____D C:\Program Files (x86)\Panda Security
      2013-01-24 10:20 - 2013-01-24 10:19 - 19552152 ____A (Panda Security ) C:\Users\Lenovo\Downloads\PandaCloudCleaner.exe
      2013-01-24 10:09 - 2013-01-19 06:33 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\ZombieDriver
      2013-01-24 07:17 - 2012-07-19 07:21 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\DAEMON Tools Lite
      2013-01-24 06:28 - 2013-01-24 06:28 - 00000000 ____D C:\Users\Lenovo\AppData\LocalGoogle
      2013-01-24 06:28 - 2012-11-03 07:17 - 00000000 ____D C:\Program Files (x86)\Google
      2013-01-24 06:28 - 2012-07-18 11:56 - 00000000 ____D C:\Users\Lenovo\AppData\Local\Google
      2013-01-24 06:26 - 2013-01-24 06:26 - 00001958 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
      2013-01-24 06:25 - 2013-01-24 06:25 - 00000000 ____D C:\Program Files\AVAST Software
      2013-01-24 06:23 - 2013-01-24 06:01 - 97565024 ____A C:\Users\Lenovo\Downloads\avast_free_antivirus_setup.exe
      2013-01-24 06:13 - 2013-01-24 06:13 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
      2013-01-24 06:01 - 2013-01-24 06:01 - 01960401 ____A C:\Users\Lenovo\Desktop\A2050CNECUSO.rar
      2013-01-24 05:56 - 2013-01-24 05:56 - 00004609 ____A C:\Windows\SysWOW64\jupdate-1.7.0_11-b21.log
      2013-01-24 05:56 - 2012-07-18 12:40 - 00000000 ____D C:\Program Files (x86)\Java
      2013-01-23 16:58 - 2012-09-14 16:53 - 00000910 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2910399588-2985600113-3303889763-1001Core.job
      2013-01-23 14:37 - 2012-10-11 06:13 - 00000000 ____D C:\Users\Lenovo\Desktop\musica
      2013-01-23 12:54 - 2013-01-23 08:18 - 00000000 ____D C:\Users\Lenovo\Downloads\z
      2013-01-22 07:49 - 2013-01-22 07:42 - 00000000 ____D C:\Users\Lenovo\Downloads\Minecraft v1.4.7 [MULTI5][PC][CRACKED][P2P ][WwW.GamesTorrents.CoM]
      2013-01-20 11:31 - 2013-01-20 11:31 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      2013-01-20 08:56 - 2012-10-18 16:51 - 00000000 ____D C:\Users\Lenovo\Desktop\Warcraft III
      2013-01-19 17:19 - 2013-01-19 17:19 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
      2013-01-19 17:19 - 2012-07-21 15:53 - 00000000 ____D C:\Program Files (x86)\Adobe
      2013-01-19 13:00 - 2013-01-02 12:59 - 00000294 ____A C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
      2013-01-19 06:33 - 2012-07-21 10:35 - 00000000 ____D C:\Users\Lenovo\AppData\Local\SKIDROW
      2013-01-19 06:31 - 2013-01-19 06:31 - 00002465 ____A C:\Users\Public\Desktop\Zombie Driver Summer of Slaughter.lnk
      2013-01-19 06:30 - 2013-01-19 06:30 - 00000000 ____D C:\Program Files (x86)\Exor Studios
      2013-01-19 06:28 - 2013-01-16 09:07 - 00000000 ____D C:\Users\Lenovo\Downloads\Zombie.Driver.Summer.of.Slaughter-TiNYiSO
      2013-01-18 16:37 - 2013-01-18 16:26 - 109545752 ____A C:\Users\Lenovo\Downloads\TM02VL.zip
      2013-01-18 09:12 - 2013-01-16 08:50 - 2056960000 ____A C:\Users\Lenovo\Downloads\Battlefield 2.iso
      2013-01-18 07:26 - 2013-01-18 07:26 - 01756174 ____A C:\Users\Lenovo\Desktop\MCPatcher-HD-1.4.7.exe
      2013-01-17 10:33 - 2013-01-19 05:24 - 110081461 ____A C:\Users\Lenovo\Downloads\[Rayzero] Tamako Market - 02 [480p].mp4
      2013-01-16 18:31 - 2013-01-16 18:31 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Adobe
      2013-01-16 18:31 - 2013-01-16 18:31 - 00000000 ____D C:\Users\Lenovo\AppData\Local\Adobe
      2013-01-16 17:33 - 2012-12-08 12:43 - 00000000 ____D C:\Users\Lenovo\Downloads\Magicka [English][PCDVD][WwW.GamesTorrents.CoM]
      2013-01-16 11:58 - 2013-01-02 06:55 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\SporeCreatureCreator
      2013-01-16 09:07 - 2013-01-16 09:07 - 00019158 ____A C:\Users\Lenovo\Downloads\[kat.ph]zombie.driver.summer.of.slaughter.tinyiso.torrent
      2013-01-16 08:49 - 2013-01-16 08:49 - 00020155 ____A C:\Users\Lenovo\Downloads\[kat.ph]battlefield.2.iso.torrent
      2013-01-12 00:30 - 2013-01-24 05:56 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2013-01-12 00:26 - 2013-01-24 05:56 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
      2013-01-12 00:24 - 2013-01-24 05:56 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
      2013-01-11 07:56 - 2013-01-11 06:14 - 00000000 ____D C:\Users\Lenovo\Downloads\Waking Mars [English][PC][JAGUAR][WwW.GamesTorrents.CoM]
      2013-01-10 09:52 - 2013-01-10 09:52 - 00101895 ____A C:\Users\Lenovo\Desktop\Fabricación - La Wiki de Minecraft.htm
      2013-01-10 09:52 - 2013-01-10 09:52 - 00000000 ____D C:\Users\Lenovo\Desktop\Fabricación - La Wiki de Minecraft_files
      2013-01-10 09:15 - 2013-01-10 09:15 - 00000000 ____D C:\Program Files (x86)\Steam
      2013-01-10 09:09 - 2013-01-10 09:08 - 00034910 ____A C:\Users\Lenovo\Downloads\Dead.Rising.2.%5BMULTI2%5D%5BPCDVD%5D%5B2DVDs%5D%5BRepack.VictorVal%5D%5BWwW.GamesTorrents.CoM%5D.t8800.torrent
      2013-01-10 09:04 - 2012-11-03 08:25 - 00000000 ____D C:\Program Files (x86)\VictorVal
      2013-01-10 07:22 - 2013-01-05 08:10 - 00000000 ____D C:\Program Files (x86)\Dungeon Defenders
      2013-01-10 06:28 - 2012-07-10 11:20 - 00001122 ____A C:\Users\Lenovo\Desktop\Cyberlink Power2Go.lnk
      2013-01-09 11:15 - 2012-08-11 20:50 - 01649416 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
      2013-01-09 11:06 - 2012-09-30 13:49 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
      2013-01-09 10:35 - 2013-01-09 10:35 - 00000006 ____A C:\Windows\SysWOW64\playername.txt
      2013-01-09 10:35 - 2013-01-09 10:35 - 00000000 ____D C:\Windows\SysWOW64\Lenovo_swarm
      2013-01-09 10:33 - 2012-07-19 10:20 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Hive Cluster
      2013-01-09 10:13 - 2013-01-09 10:13 - 00000995 ____A C:\Users\Lenovo\Desktop\Magicka.lnk
      2013-01-09 10:07 - 2013-01-08 08:15 - 00000000 ____D C:\Users\Lenovo\Downloads\BlackMesa
      2013-01-09 09:12 - 2013-01-09 07:06 - 00000000 ____D C:\Users\Lenovo\Downloads\Magicka v1.4.7.0 multi8 cracked READ NFO-THETA[EtGamez]
      2013-01-09 07:50 - 2012-08-26 17:15 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2013-01-09 07:50 - 2012-08-04 18:55 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2013-01-09 07:35 - 2013-01-09 07:03 - 00000000 ____D C:\Users\Lenovo\Downloads\Magicka-SKIDROW
      2013-01-09 06:35 - 2013-01-09 06:35 - 00000000 ____D C:\Users\Lenovo\Downloads\ControlMK v0232 [Inglés]
      2013-01-09 06:35 - 2013-01-09 06:35 - 00000000 ____D C:\Program Files (x86)\ControlMK
      2013-01-09 06:34 - 2013-01-09 06:34 - 00232643 ____A C:\Users\Lenovo\Downloads\ControlMK v0232 [Inglés].rar
      2013-01-08 10:15 - 2013-01-25 06:52 - 00053616 ____A (Panda Security S.L.) C:\Windows\SysWOW64\PCloudCleanerService.EXE
      2013-01-05 16:20 - 2012-07-18 12:04 - 00000000 ____D C:\Users\Lenovo\Desktop\disco viejo
      2013-01-05 16:17 - 2012-07-20 07:31 - 00000000 ____D C:\Program Files (x86)\BitTorrent
      2013-01-05 11:03 - 2013-01-05 11:01 - 32946152 ____A (Oracle Corporation) C:\Users\Lenovo\Downloads\jre-7u10-windows-x64.exe
      2013-01-05 08:24 - 2013-01-05 08:24 - 00001756 ____A C:\Users\Lenovo\Desktop\DunDefConfig - Acceso directo.lnk
      2013-01-05 07:58 - 2013-01-02 13:16 - 4273242112 ____A C:\Users\Lenovo\Downloads\DungeonDefenders_JimbusEd_744b.iso
      2013-01-05 06:32 - 2013-01-05 06:32 - 00000000 ____D C:\Windows\Sun
      2013-01-03 09:04 - 2013-01-03 07:23 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Spore
      2013-01-03 07:23 - 2013-01-03 07:23 - 00001115 ____A C:\Users\Lenovo\Downloads\SwiftShader.ini
      2013-01-03 07:23 - 2012-12-13 19:53 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
      2013-01-03 07:16 - 2013-01-03 07:16 - 00000000 ____D C:\Users\Lenovo\Documents\Mis Creaciones Spore
      2013-01-03 06:43 - 2013-01-03 06:43 - 00001828 ____A C:\Users\Lenovo\Desktop\SporeApp - Acceso directo.lnk
      2013-01-03 06:39 - 2013-01-03 06:39 - 00000000 __RHD C:\Users\Lenovo\AppData\Roaming\SecuROM
      2013-01-02 17:17 - 2013-01-02 17:17 - 00000000 ____D C:\Users\Lenovo\Desktop\Spore
      2013-01-02 15:28 - 2013-01-02 12:59 - 00000278 ____A C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
      2013-01-02 13:08 - 2012-07-18 08:56 - 00000000 ____D C:\Users\Lenovo\Desktop\Claudia Lucia Sanchez - Lenovo
      2013-01-02 13:07 - 2013-01-02 13:07 - 00109080 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\openal32.dll
      2013-01-02 13:05 - 2012-07-19 12:41 - 00000000 ___RD C:\Users\Lenovo\Desktop\Adobe.Photoshop.CS6.v13.0.FINAL.Multilingual-P0RTABL3
      2013-01-02 12:59 - 2013-01-02 12:59 - 00002032 ____A C:\Users\Lenovo\Desktop\DLL-Files.com FIXER.lnk
      2013-01-02 12:59 - 2013-01-02 12:59 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\dll-files.com
      2013-01-02 12:59 - 2013-01-02 12:59 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
      2013-01-02 12:58 - 2013-01-02 12:57 - 03514028 ____A C:\Users\Lenovo\Downloads\DLL-FiLes.com Fixer v2.7.72.2315.Multilingual.Incl.Crack.rar
      2013-01-02 12:56 - 2013-01-02 12:56 - 04718592 ____A C:\Windows\SysWOW64\savegame.bin
      2013-01-02 12:56 - 2013-01-02 12:56 - 00000000 ____D C:\Windows\SysWOW64\savegames
      2013-01-02 12:56 - 2013-01-02 12:56 - 00000000 ____D C:\Windows\SysWOW64\saved
      2013-01-02 12:55 - 2012-08-23 10:06 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\NVIDIA
      2013-01-02 12:51 - 2013-01-02 12:51 - 00000000 ____D C:\Program Files (x86)\Aspyr Media, Inc
      2013-01-02 12:46 - 2013-01-02 12:46 - 00590434 ____A C:\Users\Lenovo\Downloads\oalinst.zip
      2013-01-02 12:04 - 2013-01-02 11:52 - 90181299 ____A C:\Users\Lenovo\Downloads\ic_insect_invasion_v1_4.exe
      2013-01-02 12:04 - 2013-01-02 11:52 - 112696650 ____A (Creature Chaos Mod Team ) C:\Users\Lenovo\Downloads\Creature_Chaos_4.22.exe
      2013-01-02 11:55 - 2013-01-02 11:53 - 07110656 ____A C:\Users\Lenovo\Downloads\IC_Patch_101_English.msi
      2013-01-02 11:54 - 2013-01-02 11:53 - 00323881 ____A C:\Users\Lenovo\Downloads\Insect_Invasion_V1_4_Patch.exe
      2013-01-02 11:11 - 2013-01-02 11:11 - 00050413 ____A C:\Users\Lenovo\Downloads\openal32.zip
      2013-01-02 11:11 - 2013-01-02 11:10 - 03917192 ____A (Dll-Files.com ) C:\Users\Lenovo\Downloads\dffsetup-openal32.exe
      2013-01-02 10:24 - 2013-01-02 10:24 - 00000000 ____D C:\Program Files (x86)\ZeoWorks
      2013-01-02 07:55 - 2012-12-27 12:36 - 00000000 ____D C:\Users\Lenovo\Downloads\Bob.Marley.[Discografia.Interactiva].[BajandoAlbums.CoM].rar
      2013-01-02 06:55 - 2013-01-02 06:55 - 00000000 ____D C:\Users\Lenovo\Documents\My Spore Creations
      2013-01-02 05:51 - 2013-01-02 05:51 - 00008192 ____A C:\Users\Lenovo\Downloads\rld-spor.exe
      2013-01-01 18:16 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
      2012-12-31 16:39 - 2012-12-31 16:39 - 00002157 ____A C:\Users\Lenovo\Desktop\IC - Acceso directo.lnk
      2012-12-31 16:38 - 2012-07-21 10:35 - 00000000 ____D C:\Users\Lenovo\Documents\My Games
      2012-12-31 16:32 - 2012-12-31 16:32 - 00001309 ____A C:\Users\Public\Desktop\Sanctum.lnk
      2012-12-31 16:31 - 2012-12-31 16:31 - 00000000 ____D C:\Program Files (x86)\Sanctum
      2012-12-31 16:31 - 2012-12-31 16:31 - 00000000 ____D C:\Program Files (x86)\Paradox Interactive
      2012-12-31 16:29 - 2012-12-08 12:45 - 00000000 ____D C:\Users\Lenovo\Downloads\Sanctum [English][PC][RELOADED][GamesTorrents - Bittorrent Juegos PC PS2 PSP XBOX360[
      2012-12-31 12:39 - 2012-12-29 12:51 - 00000000 ____D C:\Users\Lenovo\Downloads\Impossible.Creatures.PC.Game(djDEVASTATE™)
      2012-12-31 10:02 - 2012-12-29 10:21 - 00000000 ____D C:\Users\Lenovo\Downloads\Bob.Marley.FULL.Discography.MP3.PACK-TL
      2012-12-31 09:38 - 2012-12-29 11:57 - 2133671936 ____A C:\Users\Lenovo\Downloads\Stubbs.the.Z0mbie.in.Rebel.With0ut.a.Pulse.[pcgame-Eng].iso
      2012-12-30 14:47 - 2012-12-29 10:07 - 00000000 ____D C:\Users\Lenovo\Downloads\Grim Fandango
      2012-12-30 11:08 - 2012-10-11 06:11 - 00000000 ____D C:\Users\Lenovo\Desktop\juegos
      2012-12-29 21:01 - 2012-07-20 14:14 - 00000000 ____D C:\Program Files (x86)\The Walking Dead
      2012-12-29 09:49 - 2012-12-03 14:33 - 00000000 ____D C:\Users\Lenovo\Desktop\NFS Most Wanted Black
      2012-12-28 18:23 - 2012-12-28 18:23 - 00000000 ____D C:\Users\Lenovo\Documents\Criterion Games
      2012-12-28 18:21 - 2012-07-19 07:36 - 00000000 ___HD C:\Windows\msdownld.tmp
      2012-12-28 18:17 - 2012-12-28 18:17 - 00002346 ____A C:\Users\Lenovo\Desktop\Need For Speed Most Wanted L.E. Repack.lnk
      2012-12-28 16:01 - 2012-12-28 15:31 - 00000000 ____D C:\Users\Lenovo\Documents\Flock
      2012-12-28 15:43 - 2012-12-28 15:43 - 00002709 ____A C:\Users\Lenovo\Desktop\Jugar a FLOCK!.lnk
      2012-12-28 15:34 - 2012-12-28 06:40 - 00000000 ____D C:\Users\Lenovo\Downloads\Need For Speed Most Wanted L.E [Spanish][PCDVD][1DVD5][Repack VictorVal][WwW.GamesTorrents.CoM]
      2012-12-28 15:29 - 2012-12-28 15:29 - 00000000 ____D C:\Program Files (x86)\Capcom
      2012-12-28 10:51 - 2012-12-28 15:28 - 199475200 ____A C:\Users\Lenovo\Downloads\Flock.iso
      2012-12-27 12:32 - 2012-12-27 12:32 - 00000000 ____D C:\Users\Lenovo\Downloads\Bob Marley - The Very Best Of legend
      2012-12-27 11:02 - 2012-12-27 11:02 - 00043147 ____A C:\Users\Lenovo\Downloads\Game Ranger.rar
      2012-12-27 08:43 - 2012-12-27 08:43 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\PowerISO
      2012-12-27 08:42 - 2012-12-27 08:42 - 00000000 ____D C:\Program Files (x86)\PowerISO
      2012-12-27 08:37 - 2012-12-27 08:36 - 05328664 ____A (Power Software Ltd) C:\Users\Lenovo\Downloads\PowerISO5.exe
      2012-12-27 08:19 - 2012-12-27 08:19 - 00000000 ____D C:\Program Files\ESET

      ZeroAccess:
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\@
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected]
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected]
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\[email protected]
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\trz151A.tmp
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\trzA084.tmp
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}\U\trzA44C.tmp

      ZeroAccess:
      C:\Windows\assembly\GAC_32\Desktop.ini

      ZeroAccess:
      C:\Windows\assembly\GAC_64\Desktop.ini

      ==================== Known DLLs (Whitelisted) =================


      ==================== Bamital & volsnap Check =================

      C:\Windows\System32\winlogon.exe => MD5 is legit
      C:\Windows\System32\wininit.exe => MD5 is legit
      C:\Windows\SysWOW64\wininit.exe => MD5 is legit
      C:\Windows\explorer.exe => MD5 is legit
      C:\Windows\SysWOW64\explorer.exe => MD5 is legit
      C:\Windows\System32\svchost.exe => MD5 is legit
      C:\Windows\SysWOW64\svchost.exe => MD5 is legit
      C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
      C:\Windows\System32\User32.dll => MD5 is legit
      C:\Windows\SysWOW64\User32.dll => MD5 is legit
      C:\Windows\System32\userinit.exe => MD5 is legit
      C:\Windows\SysWOW64\userinit.exe => MD5 is legit
      C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

      ==================== EXE ASSOCIATION =====================

      HKLM\...\.exe: exefile => OK
      HKLM\...\exefile\DefaultIcon: %1 => OK
      HKLM\...\exefile\open\command: "%1" %* => OK

      ==================== Restore Points =========================


      ==================== Memory info ===========================

      Percentage of memory in use: 15%
      Total physical RAM: 3936.49 MB
      Available physical RAM: 3309.34 MB
      Total Pagefile: 3934.64 MB
      Available Pagefile: 3297.71 MB
      Total Virtual: 8192 MB
      Available Virtual: 8191.9 MB

      ==================== Partitions =============================

      1 Drive c: () (Fixed) (Total:550.62 GB) (Free:185.85 GB) NTFS
      2 Drive d: () (Fixed) (Total:30.59 GB) (Free:28.71 GB) NTFS
      4 Drive g: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32
      5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
      6 Drive y: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

      N£m Disco Estado Tama¤o Disp Din Gpt
      ---------- ---------- ------- ------- --- ---
      Disco 0 En l¡nea 596 GB 1024 KB
      Disco 1 En l¡nea 3824 MB 0 B

      Partitions of Disk 0:
      ===============

      Identificador de disco: E3DE0A86

      N£m Partici¢n Tipo Tama¤o Desplazamiento
      ------------- ---------------- ------- ---------------
      Partici¢n 1 Principal 200 MB 1024 KB
      Partici¢n 2 Principal 550 GB 201 MB
      Partici¢n 0 Extendido 30 GB 550 GB
      Partici¢n 4 L¢gico 30 GB 550 GB
      Partici¢n 3 OEM 14 GB 581 GB

      ==================================================================================

      Disk: 0
      Partici¢n 1
      Tipo : 07
      Oculta : No
      Activa : S¡

      N£m Volumen Ltr Etiqueta Fs Tipo Tama¤o Estado Info
      ----------- --- ----------- ----- ---------- ------- --------- --------
      * Volumen 1 Y NTFS Partici¢n 200 MB Correcto

      =========================================================

      Disk: 0
      Partici¢n 2
      Tipo : 07
      Oculta : No
      Activa : No

      N£m Volumen Ltr Etiqueta Fs Tipo Tama¤o Estado Info
      ----------- --- ----------- ----- ---------- ------- --------- --------
      * Volumen 2 C NTFS Partici¢n 550 GB Correcto

      =========================================================

      Disk: 0
      Partici¢n 4
      Tipo : 07
      Oculta : No
      Activa : No

      N£m Volumen Ltr Etiqueta Fs Tipo Tama¤o Estado Info
      ----------- --- ----------- ----- ---------- ------- --------- --------
      * Volumen 3 D NTFS Partici¢n 30 GB Correcto

      =========================================================

      Disk: 0
      Partici¢n 3
      Tipo : 12
      Oculta : S¡
      Activa : No

      N£m Volumen Ltr Etiqueta Fs Tipo Tama¤o Estado Info
      ----------- --- ----------- ----- ---------- ------- --------- --------
      * Volumen 5 LENOVO_PAR NTFS Partici¢n 14 GB Correcto Oculto

      =========================================================

      Partitions of Disk 1:
      ===============

      Identificador de disco: 2F955686

      N£m Partici¢n Tipo Tama¤o Desplazamiento
      ------------- ---------------- ------- ---------------
      Partici¢n 1 Principal 3823 MB 31 KB

      ==================================================================================

      Disk: 1
      Partici¢n 1
      Tipo : 0B
      Oculta : No
      Activa : No

      N£m Volumen Ltr Etiqueta Fs Tipo Tama¤o Estado Info
      ----------- --- ----------- ----- ---------- ------- --------- --------
      * Volumen 4 G KINGSTON FAT32 Extra¡ble 3823 MB Correcto

      =========================================================

      Last Boot: 2013-01-18 06:29

      ==================== End Of Log =============================[/QUOTE]


      [QUOTE]Farbar Recovery Scan Tool (x64) Version: 21-01-2013 02
      Ran by SYSTEM at 2013-01-26 11:03:16
      Running from G:\

      ================== Search: "services.exe" ===================

      C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
      [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

      C:\Windows\System32\services.exe
      [2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC

      ====== End Of Search ======

      ahi estan los resultados espero ayuda el pc cada vez esta peor o.o
      Última edición por RevesdeLiberte fecha: 26/01/13 a las 23:30:47

    10. #10
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: services.exe y sirefef2

      Buenas.


      Disculpa la demora pero tuve problemas personales, por favor continuemos.


      **NOTA** Este paso es especifico para este tema, el uso del archivo fixlist.txt en otros ordenadores podría causar daños graves.


      Desde el ordenador limpio:

      • Vas a Inicio > Todos los programas > Accesorios > Bloc de notas
        • Copias el siguiente código dentro del Bloc de notas: (No copiar la palabra "Código:")
      Código:
      C:\Windows\assembly\GAC_32\Desktop.ini
      C:\Windows\assembly\GAC_64\Desktop.ini
      C:\Windows\Installer\{6ea9bce0-e307-c1fa-4d87-06938910fa9c}
      Replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe
      • Vas al menú Archivo del Bloc de notas > Guardar como > importante que lo guardes como fixlist.txt
      • Vas a copiar el archivo fixlist.txt en la misma memoria USB donde esta frst.exe es importante.



      Desde el equipo infectado:

      Ingresa en las opciones de reparación del sistema.

      Para acceder a las Opciones de Recuperación del Sistema de las opciones de inicio avanzadas:

      • Reinicie el equipo. Tan pronto como se carga el BIOS presione la tecla F8 hasta que aparezcan las Opciones avanzadas de arranque.
      • Selecciona Reparar el Equipo y presione enter.
      • Espere a que cargue, seleccione el Idioma y configuración de teclado, clic en Siguiente.
      • Seleccione el sistema operativo que desee reparar y haga clic en Siguiente.
      • Seleccione su cuenta de Usuario haga clic en Siguiente.


      En el menú de Opciones de Recuperación del Sistema vera las siguientes opciones:




      • Seleccione el Símbolo del Sistema.
      • En la Ventana de comandos, escriba Notepad.exe y presione enter.
      • En la parte superior del Bloc de notas vaya a Archivo > Abrir > Seleccione "Equipo" anota la letra correspondientemente a la unidad extraible USB.
      • Cierra el Bloc de notas para regresar a la ventana de comandos.


      • Una vez dentro de la Ventana de Comandos escribe tal cual x:frst64.exe donde X debe ser reemplazada por la letra de su unidad USB.
      • Presionas enter para que a herramienta comience a correr.
      • Cuando la herramienta se abra le mostrara la ventana Disclaimer, haga clic en Sí.


      Luego abrirá la ventana del programa:


      • Has clic una sola vez en el botón Fix de Farbar Recover Scan Tool.
      • Espera paciente a que termine el trabajo. Se guardara un archivo en tu unidad USB de nombre Fixlog.txt
      • Si la ventana del programa sigue abierta ciérrala. Luego en el Símbolo del sistema escribe shutdown /r y espera por el reinicio.



      Se reiniciare el ordenador normalmente, abre el archivo Fixlog.txt del USB y pega todo su contenido en la siguiente respuesta comentando como marcha todo ahora.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.