• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 11

    He intentado todo contra rootkit TDSS V2...

    Verán, un día mi antivirus (pc tools internet security) me detecto el malware rootkit TDSS V2 y cuando el antivirus lo detecta y lo elimina, como ya muchos saben el virus VUELVE a aparecer no ...

    1. #1
      Usuario Avatar de estobern0
      Registrado
      feb 2013
      Ubicación
      México
      Mensajes
      11

      He intentado todo contra rootkit TDSS V2...

      Verán, un día mi antivirus (pc tools internet security) me detecto el malware rootkit TDSS V2 y cuando el antivirus lo detecta y lo elimina, como ya muchos saben el virus VUELVE a aparecer no importa cuantas veces lo elimines con tu antivirus. Decidí descargar malware bytes, CCcleaner y tdsskiller y los pase todos varias veces (obvio no al mismo tiempo).

      -El CCcleaner solo me elimino algunas entradas del registro invalidas que según recuerdo decía que eran cosas que a veces se olvidan cuando desinstalas un programa.
      -El malware bytes la primera vez me detecto algunas infecciones peligrosas que ya me andaban alentando la computadora, las elimine y ya la computadora anda normal.
      -El tdssskiller no me detecta nada.

      He leído un poco del combofix, que ha tenido mucho exito eliminando este tipo de virus definitivamente, pero que es peligroso de usar si no obtienes ayuda de un conocedor del programa, incluso baje el programa Winshock por si después de usarlo se me va el internet, la verdad me da cosa usarlo ya que de por si esta computadora no es mía, así que si me dieran un poco de ayuda se los agradecería mucho.

      PD: ya se que en esta sección del foro no se pueden publicar reportes de este programa, así que nada más les diría si me sirvio o no. Y si me equivoque de sección del foro sean libres de avisarme (soy nuevo )

    2. #2
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: He intentado todo contra rootkit TDSS V2...

      Que tal estobern0, bienvenido al foro.

      Sería interesante que me copiaras el análisis de tu antivirus o más concretamente los archivos que este detecta con dicha infección.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de estobern0
      Registrado
      feb 2013
      Ubicación
      México
      Mensajes
      11

      Re: He intentado todo contra rootkit TDSS V2...

      No se puede copiar y pegar un informe pero me dice algo así:

      Rootkit.TDSS.v2
      .
      .
      ....Controlador del nucleo
      .
      .
      ....Kernel Objects

      Espero que sirva de algo mi respuesta...

    4. #4
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: He intentado todo contra rootkit TDSS V2...

      Mmm... la verdad que no sirve de mucho, asi que mejor dejame una imagen

      ¿Cómo subir imágenes al Foro? *TUTORIAL*

      Luego vas a ejecutar el TDSSKiller de la siguiente manera:

      Descarga y ejecuta TDSSKiller como indica su manual,
      Pulsa en "Change parameters" y activas las casillas de:
      • Verify drive digital signatures
      • Detect TDLFS file system


      Pulsa en SKIP si dudas en eliminar algo OK.
      Al finalizar del Scan y luego del reinicio me dejas su reporte.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de estobern0
      Registrado
      feb 2013
      Ubicación
      México
      Mensajes
      11

      Re: He intentado todo contra rootkit TDSS V2...

      Ok, se lo pase y me dio este reporte:
      21:11:47.0070 7424 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      21:11:48.0487 7424 ============================================================
      21:11:48.0488 7424 Current date / time: 2013/02/02 21:11:48.0487
      21:11:48.0488 7424 SystemInfo:
      21:11:48.0488 7424
      21:11:48.0488 7424 OS Version: 6.1.7601 ServicePack: 1.0
      21:11:48.0488 7424 Product type: Workstation
      21:11:48.0489 7424 ComputerName: IRASEMA-PC
      21:11:48.0489 7424 UserName: Irasema
      21:11:48.0489 7424 Windows directory: C:\windows
      21:11:48.0489 7424 System windows directory: C:\windows
      21:11:48.0490 7424 Processor architecture: Intel x86
      21:11:48.0490 7424 Number of processors: 4
      21:11:48.0490 7424 Page size: 0x1000
      21:11:48.0490 7424 Boot type: Normal boot
      21:11:48.0490 7424 ============================================================
      21:11:50.0189 7424 BG loaded
      21:11:51.0016 7424 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
      21:11:51.0142 7424 ============================================================
      21:11:51.0143 7424 \Device\Harddisk0\DR0:
      21:11:51.0143 7424 MBR partitions:
      21:11:51.0143 7424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
      21:11:51.0143 7424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3712E000
      21:11:51.0143 7424 ============================================================
      21:11:51.0215 7424 C: <-> \Device\Harddisk0\DR0\Partition2
      21:11:51.0308 7424 ============================================================
      21:11:51.0309 7424 Initialize success
      21:11:51.0309 7424 ============================================================
      21:13:09.0128 7672 ============================================================
      21:13:09.0128 7672 Scan started
      21:13:09.0128 7672 Mode: Manual; SigCheck; TDLFS;
      21:13:09.0128 7672 ============================================================
      21:13:10.0816 7672 ================ Scan system memory ========================
      21:13:10.0817 7672 System memory - ok
      21:13:10.0818 7672 ================ Scan services =============================
      21:13:11.0000 7672 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
      21:13:11.0284 7672 1394ohci - ok
      21:13:11.0397 7672 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
      21:13:11.0473 7672 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
      21:13:11.0504 7672 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
      21:13:11.0558 7672 ACPI - ok
      21:13:11.0588 7672 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
      21:13:11.0700 7672 AcpiPmi - ok
      21:13:11.0789 7672 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      21:13:11.0836 7672 AdobeFlashPlayerUpdateSvc - ok
      21:13:11.0877 7672 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
      21:13:11.0951 7672 adp94xx - ok
      21:13:11.0971 7672 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\drivers\adpahci.sys
      21:13:12.0025 7672 adpahci - ok
      21:13:12.0040 7672 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\drivers\adpu320.sys
      21:13:12.0098 7672 adpu320 - ok
      21:13:12.0141 7672 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
      21:13:12.0339 7672 AeLookupSvc - ok
      21:13:12.0380 7672 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
      21:13:12.0497 7672 AFD - ok
      21:13:12.0522 7672 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
      21:13:12.0579 7672 agp440 - ok
      21:13:12.0607 7672 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\drivers\djsvs.sys
      21:13:12.0660 7672 aic78xx - ok
      21:13:12.0712 7672 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
      21:13:12.0790 7672 ALG - ok
      21:13:12.0819 7672 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
      21:13:12.0864 7672 aliide - ok
      21:13:12.0879 7672 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
      21:13:12.0926 7672 amdagp - ok
      21:13:12.0941 7672 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
      21:13:12.0986 7672 amdide - ok
      21:13:13.0006 7672 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
      21:13:13.0104 7672 AmdK8 - ok
      21:13:13.0142 7672 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
      21:13:13.0228 7672 AmdPPM - ok
      21:13:13.0277 7672 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
      21:13:13.0323 7672 amdsata - ok
      21:13:13.0347 7672 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\drivers\amdsbs.sys
      21:13:13.0398 7672 amdsbs - ok
      21:13:13.0431 7672 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
      21:13:13.0476 7672 amdxata - ok
      21:13:13.0512 7672 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
      21:13:13.0611 7672 AppID - ok
      21:13:13.0669 7672 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
      21:13:13.0775 7672 AppIDSvc - ok
      21:13:13.0805 7672 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
      21:13:13.0912 7672 Appinfo - ok
      21:13:13.0956 7672 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\drivers\arc.sys
      21:13:14.0000 7672 arc - ok
      21:13:14.0011 7672 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\drivers\arcsas.sys
      21:13:14.0059 7672 arcsas - ok
      21:13:14.0078 7672 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
      21:13:14.0238 7672 AsyncMac - ok
      21:13:14.0261 7672 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
      21:13:14.0301 7672 atapi - ok
      21:13:14.0376 7672 [ 6A661D017C4E5CD313F6A55ACF1D7465 ] athr C:\windows\system32\DRIVERS\athr.sys
      21:13:14.0549 7672 athr - ok
      21:13:14.0695 7672 [ 712D8A95E45B070114C5309ADA7358FF ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
      21:13:14.0930 7672 atikmdag - ok
      21:13:14.0989 7672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
      21:13:15.0093 7672 AudioEndpointBuilder - ok
      21:13:15.0111 7672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
      21:13:15.0194 7672 Audiosrv - ok
      21:13:15.0233 7672 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
      21:13:15.0531 7672 AxInstSV - ok
      21:13:15.0602 7672 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\drivers\bxvbdx.sys
      21:13:15.0774 7672 b06bdrv - ok
      21:13:15.0831 7672 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
      21:13:15.0939 7672 b57nd60x - ok
      21:13:16.0042 7672 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
      21:13:16.0194 7672 BDESVC - ok
      21:13:16.0235 7672 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
      21:13:16.0446 7672 Beep - ok
      21:13:16.0526 7672 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
      21:13:16.0758 7672 BFE - ok
      21:13:16.0828 7672 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
      21:13:16.0989 7672 BITS - ok
      21:13:17.0012 7672 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
      21:13:17.0102 7672 blbdrive - ok
      21:13:17.0163 7672 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
      21:13:17.0264 7672 bowser - ok
      21:13:17.0291 7672 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
      21:13:17.0371 7672 BrFiltLo - ok
      21:13:17.0382 7672 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
      21:13:17.0470 7672 BrFiltUp - ok
      21:13:17.0532 7672 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
      21:13:17.0602 7672 Browser - ok
      21:13:17.0653 7672 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
      21:13:17.0726 7672 Brserid - ok
      21:13:17.0738 7672 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
      21:13:17.0791 7672 BrSerWdm - ok
      21:13:17.0804 7672 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
      21:13:17.0882 7672 BrUsbMdm - ok
      21:13:17.0893 7672 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
      21:13:17.0991 7672 BrUsbSer - ok
      21:13:18.0011 7672 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
      21:13:18.0092 7672 BTHMODEM - ok
      21:13:18.0153 7672 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
      21:13:18.0272 7672 bthserv - ok
      21:13:18.0311 7672 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
      21:13:18.0419 7672 cdfs - ok
      21:13:18.0481 7672 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
      21:13:18.0555 7672 cdrom - ok
      21:13:18.0605 7672 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
      21:13:18.0702 7672 CertPropSvc - ok
      21:13:18.0749 7672 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\drivers\circlass.sys
      21:13:18.0841 7672 circlass - ok
      21:13:18.0869 7672 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
      21:13:18.0923 7672 CLFS - ok
      21:13:19.0088 7672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      21:13:19.0136 7672 clr_optimization_v2.0.50727_32 - ok
      21:13:19.0192 7672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      21:13:19.0256 7672 clr_optimization_v4.0.30319_32 - ok
      21:13:19.0299 7672 [ 125C828BF3673406DFD642D7BEE8434F ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
      21:13:19.0347 7672 clwvd - ok
      21:13:19.0378 7672 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
      21:13:19.0456 7672 CmBatt - ok
      21:13:19.0471 7672 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
      21:13:19.0517 7672 cmdide - ok
      21:13:19.0564 7672 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
      21:13:19.0655 7672 CNG - ok
      21:13:19.0685 7672 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\drivers\compbatt.sys
      21:13:19.0733 7672 Compbatt - ok
      21:13:19.0759 7672 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
      21:13:19.0830 7672 CompositeBus - ok
      21:13:19.0863 7672 COMSysApp - ok
      21:13:19.0880 7672 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
      21:13:19.0935 7672 crcdisk - ok
      21:13:19.0992 7672 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
      21:13:20.0063 7672 CryptSvc - ok
      21:13:20.0115 7672 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
      21:13:20.0222 7672 DcomLaunch - ok
      21:13:20.0258 7672 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
      21:13:20.0367 7672 defragsvc - ok
      21:13:20.0407 7672 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
      21:13:20.0506 7672 DfsC - ok
      21:13:20.0549 7672 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
      21:13:20.0622 7672 Dhcp - ok
      21:13:20.0661 7672 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
      21:13:20.0765 7672 discache - ok
      21:13:20.0823 7672 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\drivers\disk.sys
      21:13:20.0877 7672 Disk - ok
      21:13:20.0910 7672 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
      21:13:21.0060 7672 Dnscache - ok
      21:13:21.0109 7672 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
      21:13:21.0260 7672 dot3svc - ok
      21:13:21.0291 7672 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
      21:13:21.0959 7672 DPS - ok
      21:13:22.0013 7672 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
      21:13:22.0234 7672 drmkaud - ok
      21:13:22.0300 7672 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
      21:13:22.0382 7672 DXGKrnl - ok
      21:13:22.0408 7672 EagleXNt - ok
      21:13:22.0441 7672 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
      21:13:23.0498 7672 EapHost - ok
      21:13:23.0615 7672 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\drivers\evbdx.sys
      21:13:23.0882 7672 ebdrv - ok
      21:13:23.0928 7672 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
      21:13:24.0146 7672 EFS - ok
      21:13:24.0214 7672 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\drivers\elxstor.sys
      21:13:24.0315 7672 elxstor - ok
      21:13:24.0326 7672 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
      21:13:24.0391 7672 ErrDev - ok
      21:13:24.0460 7672 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
      21:13:24.0571 7672 EventSystem - ok
      21:13:24.0603 7672 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
      21:13:24.0702 7672 exfat - ok
      21:13:24.0741 7672 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
      21:13:24.0851 7672 fastfat - ok
      21:13:24.0903 7672 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
      21:13:24.0995 7672 Fax - ok
      21:13:25.0036 7672 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\drivers\fdc.sys
      21:13:25.0113 7672 fdc - ok
      21:13:25.0148 7672 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
      21:13:25.0246 7672 fdPHost - ok
      21:13:25.0280 7672 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
      21:13:25.0381 7672 FDResPub - ok
      21:13:25.0442 7672 [ 4D53E034842CF552B727A16134DB72F7 ] FEIExpress C:\windows\system32\DRIVERS\fei6232.sys
      21:13:25.0535 7672 FEIExpress - ok
      21:13:25.0566 7672 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
      21:13:25.0610 7672 FileInfo - ok
      21:13:25.0637 7672 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
      21:13:25.0731 7672 Filetrace - ok
      21:13:25.0764 7672 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
      21:13:25.0833 7672 flpydisk - ok
      21:13:25.0878 7672 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
      21:13:25.0939 7672 FltMgr - ok
      21:13:25.0989 7672 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
      21:13:26.0084 7672 FontCache - ok
      21:13:26.0142 7672 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      21:13:26.0179 7672 FontCache3.0.0.0 - ok
      21:13:26.0209 7672 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
      21:13:26.0252 7672 FsDepends - ok
      21:13:26.0277 7672 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
      21:13:26.0337 7672 Fs_Rec - ok
      21:13:26.0373 7672 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
      21:13:26.0430 7672 fvevol - ok
      21:13:26.0450 7672 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
      21:13:26.0494 7672 gagp30kx - ok
      21:13:26.0533 7672 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
      21:13:26.0651 7672 gpsvc - ok
      21:13:26.0754 7672 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
      21:13:26.0794 7672 gupdate - ok
      21:13:26.0809 7672 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
      21:13:26.0846 7672 gupdatem - ok
      21:13:26.0889 7672 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      21:13:26.0932 7672 gusvc - ok
      21:13:26.0964 7672 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
      21:13:27.0058 7672 hcw85cir - ok
      21:13:27.0100 7672 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
      21:13:27.0184 7672 HdAudAddService - ok
      21:13:27.0226 7672 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
      21:13:27.0280 7672 HDAudBus - ok
      21:13:27.0305 7672 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
      21:13:27.0377 7672 HidBatt - ok
      21:13:27.0410 7672 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\drivers\hidbth.sys
      21:13:27.0488 7672 HidBth - ok
      21:13:27.0520 7672 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\drivers\hidir.sys
      21:13:27.0604 7672 HidIr - ok
      21:13:27.0645 7672 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
      21:13:27.0749 7672 hidserv - ok
      21:13:27.0805 7672 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
      21:13:27.0870 7672 HidUsb - ok
      21:13:27.0910 7672 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
      21:13:28.0020 7672 hkmsvc - ok
      21:13:28.0052 7672 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
      21:13:28.0135 7672 HomeGroupListener - ok
      21:13:28.0171 7672 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
      21:13:28.0254 7672 HomeGroupProvider - ok
      21:13:28.0304 7672 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
      21:13:28.0349 7672 HpSAMD - ok
      21:13:28.0386 7672 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
      21:13:28.0486 7672 HTTP - ok
      21:13:28.0510 7672 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
      21:13:28.0554 7672 hwpolicy - ok
      21:13:28.0585 7672 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
      21:13:28.0660 7672 i8042prt - ok
      21:13:28.0718 7672 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
      21:13:28.0774 7672 iaStorV - ok
      21:13:28.0825 7672 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      21:13:28.0911 7672 idsvc - ok
      21:13:29.0060 7672 [ BA41E1BBA410212CE6D30E0DAC47972B ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
      21:13:29.0347 7672 igfx - ok
      21:13:29.0388 7672 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\drivers\iirsp.sys
      21:13:29.0432 7672 iirsp - ok
      21:13:29.0483 7672 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
      21:13:29.0601 7672 IKEEXT - ok
      21:13:29.0755 7672 [ A99E267373E39F9233E39B59867E1860 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
      21:13:29.0964 7672 IntcAzAudAddService - ok
      21:13:29.0984 7672 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
      21:13:30.0028 7672 intelide - ok
      21:13:30.0064 7672 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
      21:13:30.0138 7672 intelppm - ok
      21:13:30.0171 7672 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
      21:13:30.0260 7672 IPBusEnum - ok
      21:13:30.0279 7672 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
      21:13:30.0381 7672 IpFilterDriver - ok
      21:13:30.0463 7672 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
      21:13:30.0551 7672 iphlpsvc - ok
      21:13:30.0569 7672 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
      21:13:30.0631 7672 IPMIDRV - ok
      21:13:30.0663 7672 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
      21:13:30.0762 7672 IPNAT - ok
      21:13:30.0796 7672 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
      21:13:30.0871 7672 IRENUM - ok
      21:13:30.0904 7672 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
      21:13:30.0948 7672 isapnp - ok
      21:13:30.0972 7672 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
      21:13:31.0049 7672 iScsiPrt - ok
      21:13:31.0091 7672 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
      21:13:31.0131 7672 IviRegMgr - ok
      21:13:31.0162 7672 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
      21:13:31.0207 7672 kbdclass - ok
      21:13:31.0247 7672 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
      21:13:31.0313 7672 kbdhid - ok
      21:13:31.0347 7672 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
      21:13:31.0393 7672 KeyIso - ok
      21:13:31.0419 7672 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
      21:13:31.0471 7672 KSecDD - ok
      21:13:31.0505 7672 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
      21:13:31.0579 7672 KSecPkg - ok
      21:13:31.0628 7672 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
      21:13:31.0757 7672 KtmRm - ok
      21:13:31.0811 7672 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
      21:13:31.0920 7672 LanmanServer - ok
      21:13:31.0967 7672 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
      21:13:32.0067 7672 LanmanWorkstation - ok
      21:13:32.0117 7672 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
      21:13:32.0229 7672 lltdio - ok
      21:13:32.0276 7672 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
      21:13:32.0376 7672 lltdsvc - ok
      21:13:32.0408 7672 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
      21:13:32.0508 7672 lmhosts - ok
      21:13:32.0558 7672 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
      21:13:32.0605 7672 LSI_FC - ok
      21:13:32.0627 7672 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
      21:13:32.0672 7672 LSI_SAS - ok
      21:13:32.0683 7672 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
      21:13:32.0738 7672 LSI_SAS2 - ok
      21:13:32.0759 7672 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
      21:13:32.0817 7672 LSI_SCSI - ok
      21:13:32.0856 7672 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
      21:13:32.0960 7672 luafv - ok
      21:13:33.0045 7672 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
      21:13:33.0082 7672 MBAMProtector - ok
      21:13:33.0172 7672 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      21:13:33.0221 7672 MBAMScheduler - ok
      21:13:33.0253 7672 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      21:13:33.0321 7672 MBAMService - ok
      21:13:33.0353 7672 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\drivers\megasas.sys
      21:13:33.0397 7672 megasas - ok
      21:13:33.0432 7672 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
      21:13:33.0484 7672 MegaSR - ok
      21:13:33.0616 7672 Microsoft SharePoint Workspace Audit Service - ok
      21:13:33.0660 7672 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
      21:13:33.0765 7672 MMCSS - ok
      21:13:33.0804 7672 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
      21:13:33.0909 7672 Modem - ok
      21:13:33.0946 7672 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
      21:13:34.0015 7672 monitor - ok
      21:13:34.0071 7672 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
      21:13:34.0118 7672 mouclass - ok
      21:13:34.0150 7672 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
      21:13:34.0213 7672 mouhid - ok
      21:13:34.0251 7672 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
      21:13:34.0296 7672 mountmgr - ok
      21:13:34.0435 7672 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      21:13:34.0506 7672 MozillaMaintenance - ok
      21:13:34.0540 7672 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
      21:13:34.0587 7672 mpio - ok
      21:13:34.0622 7672 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
      21:13:34.0725 7672 mpsdrv - ok
      21:13:34.0771 7672 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
      21:13:34.0907 7672 MpsSvc - ok
      21:13:34.0939 7672 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
      21:13:34.0994 7672 MRxDAV - ok
      21:13:35.0034 7672 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
      21:13:35.0106 7672 mrxsmb - ok
      21:13:35.0132 7672 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
      21:13:35.0198 7672 mrxsmb10 - ok
      21:13:35.0229 7672 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
      21:13:35.0276 7672 mrxsmb20 - ok
      21:13:35.0309 7672 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
      21:13:35.0364 7672 msahci - ok
      21:13:35.0387 7672 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
      21:13:35.0435 7672 msdsm - ok
      21:13:35.0456 7672 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
      21:13:35.0531 7672 MSDTC - ok
      21:13:35.0576 7672 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
      21:13:35.0675 7672 Msfs - ok
      21:13:35.0720 7672 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
      21:13:35.0800 7672 mshidkmdf - ok
      21:13:35.0816 7672 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
      21:13:35.0858 7672 msisadrv - ok
      21:13:35.0892 7672 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
      21:13:36.0003 7672 MSiSCSI - ok
      21:13:36.0013 7672 msiserver - ok
      21:13:36.0055 7672 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
      21:13:36.0158 7672 MSKSSRV - ok
      21:13:36.0189 7672 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
      21:13:36.0291 7672 MSPCLOCK - ok
      21:13:36.0326 7672 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
      21:13:36.0431 7672 MSPQM - ok
      21:13:36.0466 7672 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
      21:13:36.0523 7672 MsRPC - ok
      21:13:36.0550 7672 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
      21:13:36.0592 7672 mssmbios - ok
      21:13:36.0615 7672 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
      21:13:36.0695 7672 MSTEE - ok
      21:13:36.0710 7672 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
      21:13:36.0788 7672 MTConfig - ok
      21:13:36.0815 7672 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
      21:13:36.0859 7672 Mup - ok
      21:13:36.0917 7672 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
      21:13:37.0028 7672 napagent - ok
      21:13:37.0086 7672 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
      21:13:37.0185 7672 NativeWifiP - ok

    6. #6
      Usuario Avatar de estobern0
      Registrado
      feb 2013
      Ubicación
      México
      Mensajes
      11

      Re: He intentado todo contra rootkit TDSS V2...

      Aqui va la 2° parte:
      21:13:37.0233 7672 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
      21:13:37.0311 7672 NDIS - ok
      21:13:37.0339 7672 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
      21:13:37.0448 7672 NdisCap - ok
      21:13:37.0491 7672 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
      21:13:37.0593 7672 NdisTapi - ok
      21:13:37.0657 7672 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
      21:13:37.0755 7672 Ndisuio - ok
      21:13:37.0786 7672 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
      21:13:37.0888 7672 NdisWan - ok
      21:13:37.0921 7672 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
      21:13:37.0999 7672 NDProxy - ok
      21:13:38.0020 7672 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
      21:13:38.0136 7672 NetBIOS - ok
      21:13:38.0175 7672 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
      21:13:38.0278 7672 NetBT - ok
      21:13:38.0313 7672 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
      21:13:38.0358 7672 Netlogon - ok
      21:13:38.0404 7672 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
      21:13:38.0495 7672 Netman - ok
      21:13:38.0521 7672 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
      21:13:38.0637 7672 netprofm - ok
      21:13:38.0681 7672 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      21:13:38.0722 7672 NetTcpPortSharing - ok
      21:13:38.0760 7672 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
      21:13:38.0804 7672 nfrd960 - ok
      21:13:38.0858 7672 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
      21:13:38.0932 7672 NlaSvc - ok
      21:13:38.0966 7672 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
      21:13:39.0047 7672 Npfs - ok
      21:13:39.0076 7672 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
      21:13:39.0174 7672 nsi - ok
      21:13:39.0200 7672 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
      21:13:39.0300 7672 nsiproxy - ok
      21:13:39.0367 7672 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
      21:13:39.0468 7672 Ntfs - ok
      21:13:39.0494 7672 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
      21:13:39.0607 7672 Null - ok
      21:13:39.0644 7672 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
      21:13:39.0700 7672 nvraid - ok
      21:13:39.0738 7672 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
      21:13:39.0801 7672 nvstor - ok
      21:13:39.0822 7672 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
      21:13:39.0886 7672 nv_agp - ok
      21:13:39.0913 7672 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
      21:13:40.0014 7672 ohci1394 - ok
      21:13:40.0136 7672 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      21:13:40.0181 7672 ose - ok
      21:13:40.0393 7672 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      21:13:40.0699 7672 osppsvc - ok
      21:13:40.0765 7672 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
      21:13:40.0872 7672 p2pimsvc - ok
      21:13:40.0922 7672 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
      21:13:41.0048 7672 p2psvc - ok
      21:13:41.0086 7672 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\drivers\parport.sys
      21:13:41.0142 7672 Parport - ok
      21:13:41.0180 7672 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
      21:13:41.0267 7672 partmgr - ok
      21:13:41.0296 7672 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\drivers\parvdm.sys
      21:13:41.0387 7672 Parvdm - ok
      21:13:41.0428 7672 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
      21:13:41.0501 7672 PcaSvc - ok
      21:13:41.0524 7672 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
      21:13:41.0584 7672 pci - ok
      21:13:41.0606 7672 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
      21:13:41.0684 7672 pciide - ok
      21:13:41.0714 7672 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
      21:13:41.0790 7672 pcmcia - ok
      21:13:41.0844 7672 [ 8D7831EA654AB493766C5007643D32E3 ] PCTAppEvent C:\windows\system32\drivers\PCTAppEvent.sys
      21:13:41.0920 7672 PCTAppEvent - ok
      21:13:41.0953 7672 [ 3A1EFEE38DCC8DB0B0EE8BB98EDD950D ] PCTCore C:\windows\system32\drivers\PCTCore.sys
      21:13:42.0032 7672 PCTCore - ok
      21:13:42.0080 7672 [ AF08EC0F2093867AB955E24121EE7002 ] pctDS C:\windows\system32\drivers\pctDS.sys
      21:13:42.0177 7672 pctDS - ok
      21:13:42.0224 7672 [ 4B1B0CD45A047C0941F6B6151F6FB3C1 ] pctEFA C:\windows\system32\drivers\pctEFA.sys
      21:13:42.0328 7672 pctEFA - ok
      21:13:42.0375 7672 [ EF5CB8834CDF8414C37F2BE9F4928E5F ] PCTFW-PacketFilter C:\windows\system32\drivers\pctNdis-PacketFilter.sys
      21:13:42.0437 7672 PCTFW-PacketFilter - ok
      21:13:42.0476 7672 [ 92F69754AD3F18CCC7E7232CA5262029 ] pctgntdi C:\Windows\System32\drivers\pctgntdi.sys
      21:13:42.0546 7672 pctgntdi - ok
      21:13:42.0585 7672 [ 0270A313CC5E49F85C74485CC46386F1 ] pctNdisLW C:\windows\system32\DRIVERS\pctNdisLW.sys
      21:13:42.0642 7672 pctNdisLW - ok
      21:13:42.0686 7672 [ E9BDD80D3618EB5CCEFE2EB4F0F14FB8 ] pctplfw C:\Windows\System32\drivers\pctplfw.sys
      21:13:42.0757 7672 pctplfw - ok
      21:13:42.0795 7672 [ 9AB2171DCED17857FDCD82D104B63FBC ] pctplsg C:\Windows\System32\drivers\pctplsg.sys
      21:13:42.0848 7672 pctplsg - ok
      21:13:42.0907 7672 [ B9BF4A93418B1E100DE310FEBF286B4C ] PCTSD C:\windows\system32\Drivers\PCTSD.sys
      21:13:42.0981 7672 PCTSD - ok
      21:13:43.0010 7672 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
      21:13:43.0074 7672 pcw - ok
      21:13:43.0140 7672 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
      21:13:43.0266 7672 PEAUTH - ok
      21:13:43.0385 7672 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
      21:13:43.0599 7672 pla - ok
      21:13:43.0662 7672 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
      21:13:43.0762 7672 PlugPlay - ok
      21:13:43.0802 7672 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
      21:13:43.0868 7672 PNRPAutoReg - ok
      21:13:43.0900 7672 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
      21:13:43.0952 7672 PNRPsvc - ok
      21:13:43.0984 7672 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
      21:13:44.0118 7672 PolicyAgent - ok
      21:13:44.0183 7672 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
      21:13:44.0274 7672 Power - ok
      21:13:44.0314 7672 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
      21:13:44.0449 7672 PptpMiniport - ok
      21:13:44.0489 7672 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\drivers\processr.sys
      21:13:44.0578 7672 Processor - ok
      21:13:44.0624 7672 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
      21:13:44.0712 7672 ProfSvc - ok
      21:13:44.0730 7672 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
      21:13:44.0777 7672 ProtectedStorage - ok
      21:13:44.0864 7672 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
      21:13:44.0947 7672 Psched - ok
      21:13:44.0995 7672 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\drivers\ql2300.sys
      21:13:45.0111 7672 ql2300 - ok
      21:13:45.0131 7672 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
      21:13:45.0181 7672 ql40xx - ok
      21:13:45.0223 7672 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
      21:13:45.0312 7672 QWAVE - ok
      21:13:45.0340 7672 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
      21:13:45.0418 7672 QWAVEdrv - ok
      21:13:45.0448 7672 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
      21:13:45.0558 7672 RasAcd - ok
      21:13:45.0606 7672 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
      21:13:45.0713 7672 RasAgileVpn - ok
      21:13:45.0751 7672 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
      21:13:45.0862 7672 RasAuto - ok
      21:13:45.0902 7672 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
      21:13:46.0009 7672 Rasl2tp - ok
      21:13:46.0067 7672 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
      21:13:46.0197 7672 RasMan - ok
      21:13:46.0221 7672 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
      21:13:46.0328 7672 RasPppoe - ok
      21:13:46.0365 7672 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
      21:13:46.0467 7672 RasSstp - ok
      21:13:46.0508 7672 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
      21:13:46.0604 7672 rdbss - ok
      21:13:46.0637 7672 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\drivers\rdpbus.sys
      21:13:46.0688 7672 rdpbus - ok
      21:13:46.0713 7672 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
      21:13:46.0813 7672 RDPCDD - ok
      21:13:46.0855 7672 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
      21:13:46.0950 7672 RDPENCDD - ok
      21:13:46.0989 7672 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
      21:13:47.0083 7672 RDPREFMP - ok
      21:13:47.0126 7672 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
      21:13:47.0210 7672 RDPWD - ok
      21:13:47.0255 7672 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
      21:13:47.0314 7672 rdyboost - ok
      21:13:47.0381 7672 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
      21:13:47.0417 7672 RealNetworks Downloader Resolver Service - ok
      21:13:47.0457 7672 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\windows\system32\drivers\regi.sys
      21:13:47.0505 7672 regi - ok
      21:13:47.0542 7672 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
      21:13:47.0629 7672 RemoteAccess - ok
      21:13:47.0664 7672 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
      21:13:47.0749 7672 RemoteRegistry - ok
      21:13:47.0768 7672 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
      21:13:47.0872 7672 RpcEptMapper - ok
      21:13:47.0907 7672 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
      21:13:47.0977 7672 RpcLocator - ok
      21:13:48.0016 7672 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
      21:13:48.0109 7672 RpcSs - ok
      21:13:48.0150 7672 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
      21:13:48.0259 7672 rspndr - ok
      21:13:48.0306 7672 [ 5BEF0FD9B6E57BBC6F7920E3118AE108 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
      21:13:48.0352 7672 RSUSBSTOR - ok
      21:13:48.0373 7672 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
      21:13:48.0419 7672 SamSs - ok
      21:13:48.0444 7672 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
      21:13:48.0493 7672 sbp2port - ok
      21:13:48.0518 7672 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
      21:13:48.0657 7672 SCardSvr - ok
      21:13:48.0683 7672 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
      21:13:48.0785 7672 scfilter - ok
      21:13:48.0833 7672 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
      21:13:48.0947 7672 Schedule - ok
      21:13:48.0972 7672 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
      21:13:49.0048 7672 SCPolicySvc - ok
      21:13:49.0111 7672 [ 17D6A03103586D7954BA74C2219CE1BB ] sdAuxService C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
      21:13:49.0162 7672 sdAuxService - ok
      21:13:49.0210 7672 [ 4E0FFD8BCDA6F836C6581DC4C28B8C15 ] sdCoreService C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
      21:13:49.0301 7672 sdCoreService - ok
      21:13:49.0334 7672 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
      21:13:49.0416 7672 SDRSVC - ok
      21:13:49.0461 7672 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
      21:13:49.0566 7672 secdrv - ok
      21:13:49.0605 7672 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
      21:13:49.0710 7672 seclogon - ok
      21:13:49.0754 7672 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
      21:13:49.0857 7672 SENS - ok
      21:13:49.0902 7672 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\drivers\serenum.sys
      21:13:49.0977 7672 Serenum - ok
      21:13:50.0018 7672 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\drivers\serial.sys
      21:13:50.0100 7672 Serial - ok
      21:13:50.0118 7672 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\drivers\sermouse.sys
      21:13:50.0169 7672 sermouse - ok
      21:13:50.0219 7672 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
      21:13:50.0302 7672 SessionEnv - ok
      21:13:50.0312 7672 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
      21:13:50.0382 7672 sffdisk - ok
      21:13:50.0392 7672 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
      21:13:50.0457 7672 sffp_mmc - ok
      21:13:50.0468 7672 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
      21:13:50.0519 7672 sffp_sd - ok
      21:13:50.0532 7672 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
      21:13:50.0618 7672 sfloppy - ok
      21:13:50.0677 7672 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
      21:13:50.0797 7672 SharedAccess - ok
      21:13:50.0843 7672 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
      21:13:50.0967 7672 ShellHWDetection - ok
      21:13:51.0008 7672 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
      21:13:51.0062 7672 sisagp - ok
      21:13:51.0077 7672 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
      21:13:51.0123 7672 SiSRaid2 - ok
      21:13:51.0136 7672 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
      21:13:51.0181 7672 SiSRaid4 - ok
      21:13:51.0195 7672 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
      21:13:51.0279 7672 Smb - ok
      21:13:51.0343 7672 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
      21:13:51.0398 7672 SNMPTRAP - ok
      21:13:51.0428 7672 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
      21:13:51.0489 7672 spldr - ok
      21:13:51.0539 7672 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
      21:13:51.0640 7672 Spooler - ok
      21:13:51.0766 7672 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
      21:13:51.0962 7672 sppsvc - ok
      21:13:51.0978 7672 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
      21:13:52.0094 7672 sppuinotify - ok
      21:13:52.0200 7672 [ 68103A2B441BBF3908EBB587F0704D6C ] sptd C:\windows\System32\Drivers\sptd.sys
      21:13:52.0267 7672 sptd - ok
      21:13:52.0299 7672 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
      21:13:52.0403 7672 srv - ok
      21:13:52.0451 7672 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
      21:13:52.0505 7672 srv2 - ok
      21:13:52.0523 7672 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
      21:13:52.0593 7672 srvnet - ok
      21:13:52.0637 7672 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
      21:13:52.0727 7672 SSDPSRV - ok
      21:13:52.0748 7672 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
      21:13:52.0861 7672 SstpSvc - ok
      21:13:52.0902 7672 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\drivers\stexstor.sys
      21:13:52.0946 7672 stexstor - ok
      21:13:52.0998 7672 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
      21:13:53.0102 7672 StiSvc - ok
      21:13:53.0133 7672 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
      21:13:53.0193 7672 swenum - ok
      21:13:53.0242 7672 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
      21:13:53.0392 7672 swprv - ok
      21:13:53.0441 7672 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
      21:13:53.0542 7672 SysMain - ok
      21:13:53.0559 7672 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
      21:13:53.0676 7672 TabletInputService - ok
      21:13:53.0703 7672 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
      21:13:53.0821 7672 TapiSrv - ok
      21:13:53.0859 7672 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
      21:13:53.0975 7672 TBS - ok
      21:13:54.0088 7672 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
      21:13:54.0201 7672 Tcpip - ok
      21:13:54.0252 7672 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
      21:13:54.0338 7672 TCPIP6 - ok
      21:13:54.0369 7672 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
      21:13:54.0438 7672 tcpipreg - ok
      21:13:54.0479 7672 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
      21:13:54.0561 7672 TDPIPE - ok
      21:13:54.0599 7672 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
      21:13:54.0670 7672 TDTCP - ok
      21:13:54.0710 7672 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
      21:13:54.0788 7672 tdx - ok
      21:13:54.0819 7672 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
      21:13:54.0869 7672 TermDD - ok
      21:13:54.0939 7672 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
      21:13:55.0065 7672 TermService - ok
      21:13:55.0100 7672 [ EB8F8B25BB64452D86D2BD577607694A ] TfFsMon C:\windows\system32\drivers\TfFsMon.sys
      21:13:55.0137 7672 TfFsMon - ok
      21:13:55.0171 7672 [ 8D157E44BA7F87C8744AC977CA428C1D ] TfNetMon C:\windows\system32\drivers\TfNetMon.sys
      21:13:55.0214 7672 TfNetMon - ok
      21:13:55.0257 7672 [ C866EB15C3CB83DAC8F348ABE6A42EA7 ] TFSysMon C:\windows\system32\drivers\TfSysMon.sys
      21:13:55.0329 7672 TFSysMon - ok
      21:13:55.0352 7672 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
      21:13:55.0439 7672 Themes - ok
      21:13:55.0474 7672 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
      21:13:55.0569 7672 THREADORDER - ok
      21:13:55.0605 7672 ThreatFire - ok
      21:13:55.0633 7672 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
      21:13:55.0745 7672 TrkWks - ok
      21:13:55.0818 7672 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
      21:13:55.0941 7672 TrustedInstaller - ok
      21:13:55.0979 7672 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
      21:13:56.0088 7672 tssecsrv - ok
      21:13:56.0132 7672 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
      21:13:56.0205 7672 TsUsbFlt - ok
      21:13:56.0233 7672 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
      21:13:56.0309 7672 TsUsbGD - ok
      21:13:56.0354 7672 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
      21:13:56.0471 7672 tunnel - ok
      21:13:56.0512 7672 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\drivers\uagp35.sys
      21:13:56.0558 7672 uagp35 - ok
      21:13:56.0587 7672 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
      21:13:56.0697 7672 udfs - ok
      21:13:56.0746 7672 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
      21:13:56.0837 7672 UI0Detect - ok
      21:13:56.0872 7672 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
      21:13:56.0917 7672 uliagpkx - ok
      21:13:56.0946 7672 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
      21:13:57.0041 7672 umbus - ok
      21:13:57.0075 7672 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\drivers\umpass.sys
      21:13:57.0148 7672 UmPass - ok
      21:13:57.0200 7672 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
      21:13:57.0339 7672 upnphost - ok
      21:13:57.0391 7672 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\windows\system32\drivers\usbaudio.sys
      21:13:57.0463 7672 usbaudio - ok
      21:13:57.0499 7672 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
      21:13:57.0548 7672 usbccgp - ok
      21:13:57.0594 7672 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
      21:13:57.0679 7672 usbcir - ok
      21:13:57.0713 7672 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
      21:13:57.0772 7672 usbehci - ok
      21:13:57.0812 7672 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
      21:13:57.0874 7672 usbhub - ok
      21:13:57.0915 7672 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
      21:13:57.0969 7672 usbohci - ok
      21:13:58.0009 7672 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
      21:13:58.0086 7672 usbprint - ok
      21:13:58.0147 7672 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
      21:13:58.0232 7672 usbscan - ok
      21:13:58.0282 7672 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
      21:13:58.0351 7672 USBSTOR - ok
      21:13:58.0393 7672 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
      21:13:58.0449 7672 usbuhci - ok
      21:13:58.0487 7672 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
      21:13:58.0564 7672 usbvideo - ok
      21:13:58.0604 7672 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
      21:13:58.0708 7672 UxSms - ok
      21:13:58.0740 7672 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
      21:13:58.0787 7672 VaultSvc - ok
      21:13:58.0842 7672 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
      21:13:58.0900 7672 vdrvroot - ok
      21:13:58.0936 7672 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
      21:13:59.0076 7672 vds - ok
      21:13:59.0113 7672 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
      21:13:59.0198 7672 vga - ok
      21:13:59.0233 7672 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
      21:13:59.0340 7672 VgaSave - ok
      21:13:59.0372 7672 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
      21:13:59.0421 7672 vhdmp - ok
      21:13:59.0445 7672 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
      21:13:59.0502 7672 viaagp - ok
      21:13:59.0512 7672 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\drivers\viac7.sys
      21:13:59.0594 7672 ViaC7 - ok
      21:13:59.0611 7672 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
      21:13:59.0680 7672 viaide - ok
      21:13:59.0740 7672 [ B6797C1A674D09D99332B45F16F49D41 ] VMC412 C:\windows\system32\Drivers\VMC412.sys
      21:13:59.0829 7672 VMC412 - ok
      21:13:59.0873 7672 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
      21:13:59.0924 7672 volmgr - ok
      21:13:59.0958 7672 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
      21:14:00.0020 7672 volmgrx - ok
      21:14:00.0051 7672 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
      21:14:00.0128 7672 volsnap - ok
      21:14:00.0167 7672 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
      21:14:00.0232 7672 vsmraid - ok
      21:14:00.0299 7672 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
      21:14:00.0482 7672 VSS - ok
      21:14:00.0518 7672 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
      21:14:00.0608 7672 vwifibus - ok
      21:14:00.0662 7672 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
      21:14:00.0726 7672 vwififlt - ok
      21:14:00.0753 7672 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
      21:14:00.0838 7672 vwifimp - ok
      21:14:00.0902 7672 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
      21:14:01.0042 7672 W32Time - ok
      21:14:01.0102 7672 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\drivers\wacompen.sys
      21:14:01.0184 7672 WacomPen - ok
      21:14:01.0229 7672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
      21:14:01.0339 7672 WANARP - ok
      21:14:01.0351 7672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
      21:14:01.0441 7672 Wanarpv6 - ok
      21:14:01.0512 7672 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
      21:14:01.0635 7672 wbengine - ok
      21:14:01.0673 7672 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
      21:14:01.0786 7672 WbioSrvc - ok
      21:14:01.0821 7672 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
      21:14:01.0896 7672 wcncsvc - ok
      21:14:01.0922 7672 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
      21:14:01.0994 7672 WcsPlugInService - ok
      21:14:02.0041 7672 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\drivers\wd.sys
      21:14:02.0084 7672 Wd - ok
      21:14:02.0139 7672 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
      21:14:02.0216 7672 Wdf01000 - ok
      21:14:02.0237 7672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
      21:14:02.0314 7672 WdiServiceHost - ok
      21:14:02.0322 7672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
      21:14:02.0378 7672 WdiSystemHost - ok
      21:14:02.0414 7672 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
      21:14:02.0519 7672 WebClient - ok
      21:14:02.0552 7672 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
      21:14:02.0650 7672 Wecsvc - ok
      21:14:02.0671 7672 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
      21:14:02.0774 7672 wercplsupport - ok
      21:14:02.0816 7672 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
      21:14:02.0923 7672 WerSvc - ok
      21:14:02.0972 7672 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
      21:14:03.0078 7672 WfpLwf - ok
      21:14:03.0121 7672 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
      21:14:03.0184 7672 WimFltr - ok
      21:14:03.0214 7672 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
      21:14:03.0257 7672 WIMMount - ok
      21:14:03.0323 7672 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
      21:14:03.0432 7672 WinDefend - ok
      21:14:03.0445 7672 WinHttpAutoProxySvc - ok
      21:14:03.0510 7672 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
      21:14:03.0596 7672 Winmgmt - ok
      21:14:03.0654 7672 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
      21:14:03.0806 7672 WinRM - ok
      21:14:03.0886 7672 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
      21:14:03.0955 7672 WinUsb - ok
      21:14:04.0004 7672 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
      21:14:04.0124 7672 Wlansvc - ok
      21:14:04.0179 7672 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
      21:14:04.0218 7672 wlcrasvc - ok
      21:14:04.0297 7672 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      21:14:04.0417 7672 wlidsvc - ok
      21:14:04.0447 7672 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
      21:14:04.0516 7672 WmiAcpi - ok
      21:14:04.0565 7672 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
      21:14:04.0639 7672 wmiApSrv - ok
      21:14:04.0721 7672 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
      21:14:04.0811 7672 WMPNetworkSvc - ok
      21:14:04.0841 7672 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
      21:14:04.0918 7672 WPCSvc - ok
      21:14:04.0950 7672 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
      21:14:05.0058 7672 WPDBusEnum - ok
      21:14:05.0081 7672 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
      21:14:05.0178 7672 ws2ifsl - ok
      21:14:05.0209 7672 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
      21:14:05.0357 7672 wscsvc - ok
      21:14:05.0372 7672 WSearch - ok
      21:14:05.0412 7672 [ BAEDC491374DEFD5E76336901D6D397D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
      21:14:05.0464 7672 wsvd - ok
      21:14:05.0537 7672 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
      21:14:05.0676 7672 wuauserv - ok
      21:14:05.0734 7672 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
      21:14:05.0798 7672 WudfPf - ok
      21:14:05.0835 7672 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
      21:14:05.0910 7672 WUDFRd - ok
      21:14:05.0988 7672 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
      21:14:06.0042 7672 wudfsvc - ok
      21:14:06.0079 7672 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
      21:14:06.0200 7672 WwanSvc - ok
      21:14:06.0264 7672 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
      21:14:06.0343 7672 yukonw7 - ok
      21:14:06.0374 7672 ================ Scan global ===============================
      21:14:06.0403 7672 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
      21:14:06.0458 7672 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\windows\system32\winsrv.dll
      21:14:06.0475 7672 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\windows\system32\winsrv.dll
      21:14:06.0506 7672 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
      21:14:06.0559 7672 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
      21:14:06.0570 7672 [Global] - ok
      21:14:06.0574 7672 ================ Scan MBR ==================================
      21:14:06.0586 7672 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
      21:14:06.0894 7672 \Device\Harddisk0\DR0 - ok
      21:14:06.0895 7672 ================ Scan VBR ==================================
      21:14:06.0927 7672 [ D0A4686DE245A853EF8329A6407ED3F5 ] \Device\Harddisk0\DR0\Partition1
      21:14:06.0932 7672 \Device\Harddisk0\DR0\Partition1 - ok
      21:14:06.0949 7672 [ 5412639FFAD14C76A8F21361AE6501A7 ] \Device\Harddisk0\DR0\Partition2
      21:14:06.0954 7672 \Device\Harddisk0\DR0\Partition2 - ok
      21:14:06.0958 7672 ============================================================
      21:14:06.0958 7672 Scan finished
      21:14:06.0959 7672 ============================================================
      21:14:06.0994 8088 Detected object count: 0
      21:14:06.0994 8088 Actual detected object count: 0
      21:14:25.0038 7780 ============================================================
      21:14:25.0038 7780 Scan started
      21:14:25.0039 7780 Mode: Manual; SigCheck; TDLFS;
      21:14:25.0039 7780 ============================================================
      21:14:25.0786 7780 ================ Scan system memory ========================
      21:14:25.0787 7780 System memory - ok
      21:14:25.0788 7780 ================ Scan services =============================
      21:14:25.0924 7780 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
      21:14:26.0000 7780 1394ohci - ok
      21:14:26.0089 7780 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
      21:14:26.0149 7780 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
      21:14:26.0175 7780 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
      21:14:26.0223 7780 ACPI - ok
      21:14:26.0248 7780 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
      21:14:26.0297 7780 AcpiPmi - ok
      21:14:26.0350 7780 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      21:14:26.0397 7780 AdobeFlashPlayerUpdateSvc - ok
      21:14:26.0415 7780 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
      21:14:26.0470 7780 adp94xx - ok
      21:14:26.0499 7780 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\drivers\adpahci.sys
      21:14:26.0548 7780 adpahci - ok
      21:14:26.0563 7780 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\drivers\adpu320.sys
      21:14:26.0608 7780 adpu320 - ok
      21:14:26.0646 7780 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
      21:14:26.0721 7780 AeLookupSvc - ok
      21:14:26.0753 7780 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
      21:14:26.0820 7780 AFD - ok
      21:14:26.0852 7780 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
      21:14:26.0892 7780 agp440 - ok
      21:14:26.0913 7780 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\drivers\djsvs.sys
      21:14:26.0954 7780 aic78xx - ok
      21:14:26.0986 7780 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
      21:14:27.0031 7780 ALG - ok
      21:14:27.0042 7780 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
      21:14:27.0085 7780 aliide - ok
      21:14:27.0097 7780 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
      21:14:27.0139 7780 amdagp - ok
      21:14:27.0149 7780 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
      21:14:27.0192 7780 amdide - ok
      21:14:27.0205 7780 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
      21:14:27.0253 7780 AmdK8 - ok
      21:14:27.0264 7780 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
      21:14:27.0310 7780 AmdPPM - ok
      21:14:27.0343 7780 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
      21:14:27.0385 7780 amdsata - ok
      21:14:27.0399 7780 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\drivers\amdsbs.sys
      21:14:27.0444 7780 amdsbs - ok
      21:14:27.0464 7780 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
      21:14:27.0508 7780 amdxata - ok
      21:14:27.0520 7780 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
      21:14:27.0598 7780 AppID - ok
      21:14:27.0614 7780 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
      21:14:27.0687 7780 AppIDSvc - ok
      21:14:27.0706 7780 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
      21:14:27.0779 7780 Appinfo - ok
      21:14:27.0801 7780 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\drivers\arc.sys
      21:14:27.0846 7780 arc - ok
      21:14:27.0868 7780 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\drivers\arcsas.sys
      21:14:27.0916 7780 arcsas - ok
      21:14:27.0929 7780 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
      21:14:28.0014 7780 AsyncMac - ok
      21:14:28.0041 7780 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
      21:14:28.0087 7780 atapi - ok
      21:14:28.0141 7780 [ 6A661D017C4E5CD313F6A55ACF1D7465 ] athr C:\windows\system32\DRIVERS\athr.sys
      21:14:28.0216 7780 athr - ok
      21:14:28.0344 7780 [ 712D8A95E45B070114C5309ADA7358FF ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
      21:14:28.0488 7780 atikmdag - ok
      21:14:28.0538 7780 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
      21:14:28.0620 7780 AudioEndpointBuilder - ok
      21:14:28.0648 7780 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
      21:14:28.0730 7780 Audiosrv - ok
      21:14:28.0748 7780 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
      21:14:28.0800 7780 AxInstSV - ok
      21:14:28.0827 7780 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\drivers\bxvbdx.sys
      21:14:28.0880 7780 b06bdrv - ok
      21:14:28.0905 7780 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
      21:14:28.0951 7780 b57nd60x - ok
      21:14:28.0985 7780 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
      21:14:29.0029 7780 BDESVC - ok
      21:14:29.0046 7780 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
      21:14:29.0123 7780 Beep - ok
      21:14:29.0149 7780 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
      21:14:29.0232 7780 BFE - ok
      21:14:29.0274 7780 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
      21:14:29.0364 7780 BITS - ok
      21:14:29.0394 7780 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
      21:14:29.0438 7780 blbdrive - ok
      21:14:29.0467 7780 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
      21:14:29.0511 7780 bowser - ok
      21:14:29.0530 7780 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
      21:14:29.0578 7780 BrFiltLo - ok
      21:14:29.0596 7780 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
      21:14:29.0645 7780 BrFiltUp - ok
      21:14:29.0682 7780 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
      21:14:29.0729 7780 Browser - ok
      21:14:29.0745 7780 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
      21:14:29.0795 7780 Brserid - ok
      21:14:29.0808 7780 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
      21:14:29.0857 7780 BrSerWdm - ok
      21:14:29.0871 7780 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
      21:14:29.0919 7780 BrUsbMdm - ok
      21:14:29.0932 7780 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
      21:14:29.0976 7780 BrUsbSer - ok
      21:14:29.0987 7780 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
      21:14:30.0038 7780 BTHMODEM - ok
      21:14:30.0083 7780 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
      21:14:30.0161 7780 bthserv - ok
      21:14:30.0187 7780 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
      21:14:30.0265 7780 cdfs - ok
      21:14:30.0290 7780 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
      21:14:30.0336 7780 cdrom - ok
      21:14:30.0360 7780 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
      21:14:30.0435 7780 CertPropSvc - ok
      21:14:30.0459 7780 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\drivers\circlass.sys
      21:14:30.0507 7780 circlass - ok
      21:14:30.0536 7780 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
      21:14:30.0583 7780 CLFS - ok
      21:14:30.0656 7780 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      21:14:30.0693 7780 clr_optimization_v2.0.50727_32 - ok
      21:14:30.0737 7780 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      21:14:30.0777 7780 clr_optimization_v4.0.30319_32 - ok
      21:14:30.0800 7780 [ 125C828BF3673406DFD642D7BEE8434F ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
      21:14:30.0835 7780 clwvd - ok
      21:14:30.0857 7780 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
      21:14:30.0902 7780 CmBatt - ok
      21:14:30.0913 7780 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
      21:14:30.0953 7780 cmdide - ok
      21:14:30.0988 7780 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
      21:14:31.0052 7780 CNG - ok
      21:14:31.0065 7780 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\drivers\compbatt.sys
      21:14:31.0105 7780 Compbatt - ok
      21:14:31.0128 7780 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
      21:14:31.0176 7780 CompositeBus - ok
      21:14:31.0188 7780 COMSysApp - ok
      21:14:31.0203 7780 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
      21:14:31.0244 7780 crcdisk - ok
      21:14:31.0284 7780 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
      21:14:31.0330 7780 CryptSvc - ok
      21:14:31.0375 7780 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
      21:14:31.0460 7780 DcomLaunch - ok
      21:14:31.0494 7780 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
      21:14:31.0576 7780 defragsvc - ok
      21:14:31.0600 7780 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
      21:14:31.0677 7780 DfsC - ok
      21:14:31.0692 7780 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
      21:14:31.0742 7780 Dhcp - ok
      21:14:31.0756 7780 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
      21:14:31.0833 7780 discache - ok
      21:14:31.0862 7780 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\drivers\disk.sys
      21:14:31.0903 7780 Disk - ok
      21:14:31.0939 7780 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
      21:14:31.0984 7780 Dnscache - ok
      21:14:32.0016 7780 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
      21:14:32.0096 7780 dot3svc - ok
      21:14:32.0121 7780 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
      21:14:32.0199 7780 DPS - ok
      21:14:32.0226 7780 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
      21:14:32.0274 7780 drmkaud - ok
      21:14:32.0305 7780 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
      21:14:32.0368 7780 DXGKrnl - ok
      21:14:32.0379 7780 EagleXNt - ok
      21:14:32.0402 7780 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
      21:14:32.0481 7780 EapHost - ok
      21:14:32.0573 7780 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\drivers\evbdx.sys
      21:14:32.0686 7780 ebdrv - ok
      21:14:32.0711 7780 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
      21:14:32.0756 7780 EFS - ok
      21:14:32.0786 7780 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\drivers\elxstor.sys
      21:14:32.0840 7780 elxstor - ok
      21:14:32.0850 7780 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
      21:14:32.0895 7780 ErrDev - ok
      21:14:32.0948 7780 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
      21:14:33.0035 7780 EventSystem - ok
      21:14:33.0069 7780 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
      21:14:33.0149 7780 exfat - ok
      21:14:33.0173 7780 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
      21:14:33.0251 7780 fastfat - ok
      21:14:33.0289 7780 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
      21:14:33.0344 7780 Fax - ok
      21:14:33.0362 7780 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\drivers\fdc.sys
      21:14:33.0407 7780 fdc - ok
      21:14:33.0425 7780 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
      21:14:33.0501 7780 fdPHost - ok
      21:14:33.0524 7780 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
      21:14:33.0602 7780 FDResPub - ok
      21:14:33.0642 7780 [ 4D53E034842CF552B727A16134DB72F7 ] FEIExpress C:\windows\system32\DRIVERS\fei6232.sys
      21:14:33.0691 7780 FEIExpress - ok
      21:14:33.0710 7780 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
      21:14:33.0752 7780 FileInfo - ok
      21:14:33.0781 7780 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
      21:14:33.0857 7780 Filetrace - ok
      21:14:33.0876 7780 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
      21:14:33.0920 7780 flpydisk - ok
      21:14:33.0945 7780 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
      21:14:33.0990 7780 FltMgr - ok
      21:14:34.0034 7780 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
      21:14:34.0096 7780 FontCache - ok
      21:14:34.0155 7780 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      21:14:34.0193 7780 FontCache3.0.0.0 - ok
      21:14:34.0221 7780 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
      21:14:34.0262 7780 FsDepends - ok
      21:14:34.0289 7780 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
      21:14:34.0329 7780 Fs_Rec - ok
      21:14:34.0352 7780 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
      21:14:34.0405 7780 fvevol - ok
      21:14:34.0430 7780 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
      21:14:34.0471 7780 gagp30kx - ok
      21:14:34.0512 7780 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
      21:14:34.0599 7780 gpsvc - ok
      21:14:34.0667 7780 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
      21:14:34.0705 7780 gupdate - ok
      21:14:34.0733 7780 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
      21:14:34.0769 7780 gupdatem - ok
      21:14:34.0813 7780 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      21:14:34.0852 7780 gusvc - ok
      21:14:34.0877 7780 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
      21:14:34.0920 7780 hcw85cir - ok

    7. #7
      Usuario Avatar de estobern0
      Registrado
      feb 2013
      Ubicación
      México
      Mensajes
      11

      Re: He intentado todo contra rootkit TDSS V2...

      3° y última:
      21:14:34.0946 7780 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
      21:14:35.0001 7780 HdAudAddService - ok
      21:14:35.0029 7780 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
      21:14:35.0080 7780 HDAudBus - ok
      21:14:35.0091 7780 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
      21:14:35.0135 7780 HidBatt - ok
      21:14:35.0154 7780 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\drivers\hidbth.sys
      21:14:35.0206 7780 HidBth - ok
      21:14:35.0217 7780 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\drivers\hidir.sys
      21:14:35.0272 7780 HidIr - ok
      21:14:35.0305 7780 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
      21:14:35.0388 7780 hidserv - ok
      21:14:35.0420 7780 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
      21:14:35.0467 7780 HidUsb - ok
      21:14:35.0492 7780 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
      21:14:35.0568 7780 hkmsvc - ok
      21:14:35.0590 7780 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
      21:14:35.0638 7780 HomeGroupListener - ok
      21:14:35.0677 7780 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
      21:14:35.0726 7780 HomeGroupProvider - ok
      21:14:35.0765 7780 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
      21:14:35.0806 7780 HpSAMD - ok
      21:14:35.0836 7780 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
      21:14:35.0919 7780 HTTP - ok
      21:14:35.0938 7780 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
      21:14:35.0978 7780 hwpolicy - ok
      21:14:36.0002 7780 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
      21:14:36.0050 7780 i8042prt - ok
      21:14:36.0102 7780 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
      21:14:36.0153 7780 iaStorV - ok
      21:14:36.0209 7780 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      21:14:36.0273 7780 idsvc - ok
      21:14:36.0410 7780 [ BA41E1BBA410212CE6D30E0DAC47972B ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
      21:14:36.0560 7780 igfx - ok
      21:14:36.0597 7780 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\drivers\iirsp.sys
      21:14:36.0637 7780 iirsp - ok
      21:14:36.0681 7780 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
      21:14:36.0772 7780 IKEEXT - ok
      21:14:36.0897 7780 [ A99E267373E39F9233E39B59867E1860 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
      21:14:37.0040 7780 IntcAzAudAddService - ok
      21:14:37.0073 7780 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
      21:14:37.0112 7780 intelide - ok
      21:14:37.0151 7780 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
      21:14:37.0196 7780 intelppm - ok
      21:14:37.0226 7780 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
      21:14:37.0305 7780 IPBusEnum - ok
      21:14:37.0323 7780 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
      21:14:37.0401 7780 IpFilterDriver - ok
      21:14:37.0452 7780 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
      21:14:37.0511 7780 iphlpsvc - ok
      21:14:37.0536 7780 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
      21:14:37.0581 7780 IPMIDRV - ok
      21:14:37.0608 7780 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
      21:14:37.0686 7780 IPNAT - ok
      21:14:37.0708 7780 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
      21:14:37.0762 7780 IRENUM - ok
      21:14:37.0773 7780 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
      21:14:37.0815 7780 isapnp - ok
      21:14:37.0840 7780 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
      21:14:37.0886 7780 iScsiPrt - ok
      21:14:37.0915 7780 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
      21:14:37.0953 7780 IviRegMgr - ok
      21:14:37.0975 7780 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
      21:14:38.0016 7780 kbdclass - ok
      21:14:38.0038 7780 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
      21:14:38.0082 7780 kbdhid - ok
      21:14:38.0116 7780 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
      21:14:38.0160 7780 KeyIso - ok
      21:14:38.0188 7780 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
      21:14:38.0230 7780 KSecDD - ok
      21:14:38.0263 7780 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
      21:14:38.0308 7780 KSecPkg - ok
      21:14:38.0353 7780 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
      21:14:38.0438 7780 KtmRm - ok
      21:14:38.0470 7780 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
      21:14:38.0551 7780 LanmanServer - ok
      21:14:38.0582 7780 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
      21:14:38.0661 7780 LanmanWorkstation - ok
      21:14:38.0699 7780 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
      21:14:38.0778 7780 lltdio - ok
      21:14:38.0814 7780 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
      21:14:38.0896 7780 lltdsvc - ok
      21:14:38.0924 7780 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
      21:14:38.0999 7780 lmhosts - ok
      21:14:39.0030 7780 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
      21:14:39.0073 7780 LSI_FC - ok
      21:14:39.0085 7780 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
      21:14:39.0128 7780 LSI_SAS - ok
      21:14:39.0139 7780 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
      21:14:39.0181 7780 LSI_SAS2 - ok
      21:14:39.0208 7780 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
      21:14:39.0251 7780 LSI_SCSI - ok
      21:14:39.0273 7780 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
      21:14:39.0351 7780 luafv - ok
      21:14:39.0407 7780 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
      21:14:39.0441 7780 MBAMProtector - ok
      21:14:39.0468 7780 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      21:14:39.0512 7780 MBAMScheduler - ok
      21:14:39.0548 7780 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      21:14:39.0601 7780 MBAMService - ok
      21:14:39.0638 7780 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\drivers\megasas.sys
      21:14:39.0678 7780 megasas - ok
      21:14:39.0705 7780 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
      21:14:39.0754 7780 MegaSR - ok
      21:14:39.0857 7780 Microsoft SharePoint Workspace Audit Service - ok
      21:14:39.0901 7780 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
      21:14:39.0980 7780 MMCSS - ok
      21:14:40.0023 7780 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
      21:14:40.0100 7780 Modem - ok
      21:14:40.0120 7780 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
      21:14:40.0169 7780 monitor - ok
      21:14:40.0213 7780 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
      21:14:40.0254 7780 mouclass - ok
      21:14:40.0269 7780 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
      21:14:40.0314 7780 mouhid - ok
      21:14:40.0338 7780 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
      21:14:40.0379 7780 mountmgr - ok
      21:14:40.0411 7780 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      21:14:40.0452 7780 MozillaMaintenance - ok
      21:14:40.0473 7780 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
      21:14:40.0517 7780 mpio - ok
      21:14:40.0543 7780 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
      21:14:40.0617 7780 mpsdrv - ok
      21:14:40.0660 7780 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
      21:14:40.0760 7780 MpsSvc - ok
      21:14:40.0774 7780 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
      21:14:40.0827 7780 MRxDAV - ok
      21:14:40.0856 7780 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
      21:14:40.0901 7780 mrxsmb - ok
      21:14:40.0921 7780 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
      21:14:40.0970 7780 mrxsmb10 - ok
      21:14:40.0985 7780 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
      21:14:41.0031 7780 mrxsmb20 - ok
      21:14:41.0054 7780 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
      21:14:41.0094 7780 msahci - ok
      21:14:41.0122 7780 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
      21:14:41.0164 7780 msdsm - ok
      21:14:41.0180 7780 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
      21:14:41.0229 7780 MSDTC - ok
      21:14:41.0266 7780 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
      21:14:41.0343 7780 Msfs - ok
      21:14:41.0356 7780 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
      21:14:41.0433 7780 mshidkmdf - ok
      21:14:41.0451 7780 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
      21:14:41.0491 7780 msisadrv - ok
      21:14:41.0516 7780 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
      21:14:41.0594 7780 MSiSCSI - ok
      21:14:41.0604 7780 msiserver - ok
      21:14:41.0624 7780 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
      21:14:41.0701 7780 MSKSSRV - ok
      21:14:41.0726 7780 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
      21:14:41.0804 7780 MSPCLOCK - ok
      21:14:41.0815 7780 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
      21:14:41.0892 7780 MSPQM - ok
      21:14:41.0914 7780 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
      21:14:41.0963 7780 MsRPC - ok
      21:14:41.0998 7780 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
      21:14:42.0043 7780 mssmbios - ok
      21:14:42.0064 7780 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
      21:14:42.0139 7780 MSTEE - ok
      21:14:42.0159 7780 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
      21:14:42.0203 7780 MTConfig - ok
      21:14:42.0220 7780 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
      21:14:42.0260 7780 Mup - ok
      21:14:42.0310 7780 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
      21:14:42.0393 7780 napagent - ok
      21:14:42.0424 7780 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
      21:14:42.0480 7780 NativeWifiP - ok
      21:14:42.0528 7780 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
      21:14:42.0591 7780 NDIS - ok
      21:14:42.0612 7780 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
      21:14:42.0688 7780 NdisCap - ok
      21:14:42.0708 7780 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
      21:14:42.0783 7780 NdisTapi - ok
      21:14:42.0797 7780 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
      21:14:42.0871 7780 Ndisuio - ok
      21:14:42.0893 7780 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
      21:14:42.0968 7780 NdisWan - ok
      21:14:42.0984 7780 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
      21:14:43.0059 7780 NDProxy - ok
      21:14:43.0083 7780 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
      21:14:43.0160 7780 NetBIOS - ok
      21:14:43.0183 7780 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
      21:14:43.0261 7780 NetBT - ok
      21:14:43.0310 7780 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
      21:14:43.0356 7780 Netlogon - ok
      21:14:43.0390 7780 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
      21:14:43.0477 7780 Netman - ok
      21:14:43.0507 7780 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
      21:14:43.0597 7780 netprofm - ok
      21:14:43.0634 7780 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      21:14:43.0672 7780 NetTcpPortSharing - ok
      21:14:43.0702 7780 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
      21:14:43.0743 7780 nfrd960 - ok
      21:14:43.0800 7780 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
      21:14:43.0851 7780 NlaSvc - ok
      21:14:43.0875 7780 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
      21:14:43.0952 7780 Npfs - ok
      21:14:43.0973 7780 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
      21:14:44.0054 7780 nsi - ok
      21:14:44.0075 7780 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
      21:14:44.0152 7780 nsiproxy - ok
      21:14:44.0221 7780 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
      21:14:44.0301 7780 Ntfs - ok
      21:14:44.0337 7780 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
      21:14:44.0412 7780 Null - ok
      21:14:44.0432 7780 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
      21:14:44.0476 7780 nvraid - ok
      21:14:44.0515 7780 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
      21:14:44.0559 7780 nvstor - ok
      21:14:44.0577 7780 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
      21:14:44.0620 7780 nv_agp - ok
      21:14:44.0632 7780 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
      21:14:44.0680 7780 ohci1394 - ok
      21:14:44.0759 7780 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      21:14:44.0798 7780 ose - ok
      21:14:44.0992 7780 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      21:14:45.0193 7780 osppsvc - ok
      21:14:45.0244 7780 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
      21:14:45.0295 7780 p2pimsvc - ok
      21:14:45.0325 7780 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
      21:14:45.0379 7780 p2psvc - ok
      21:14:45.0401 7780 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\drivers\parport.sys
      21:14:45.0449 7780 Parport - ok
      21:14:45.0483 7780 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
      21:14:45.0525 7780 partmgr - ok
      21:14:45.0545 7780 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\drivers\parvdm.sys
      21:14:45.0591 7780 Parvdm - ok
      21:14:45.0621 7780 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
      21:14:45.0679 7780 PcaSvc - ok
      21:14:45.0695 7780 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
      21:14:45.0740 7780 pci - ok
      21:14:45.0751 7780 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
      21:14:45.0792 7780 pciide - ok
      21:14:45.0805 7780 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
      21:14:45.0852 7780 pcmcia - ok
      21:14:45.0883 7780 [ 8D7831EA654AB493766C5007643D32E3 ] PCTAppEvent C:\windows\system32\drivers\PCTAppEvent.sys
      21:14:45.0923 7780 PCTAppEvent - ok
      21:14:45.0948 7780 [ 3A1EFEE38DCC8DB0B0EE8BB98EDD950D ] PCTCore C:\windows\system32\drivers\PCTCore.sys
      21:14:45.0993 7780 PCTCore - ok
      21:14:46.0032 7780 [ AF08EC0F2093867AB955E24121EE7002 ] pctDS C:\windows\system32\drivers\pctDS.sys
      21:14:46.0083 7780 pctDS - ok
      21:14:46.0118 7780 [ 4B1B0CD45A047C0941F6B6151F6FB3C1 ] pctEFA C:\windows\system32\drivers\pctEFA.sys
      21:14:46.0175 7780 pctEFA - ok
      21:14:46.0206 7780 [ EF5CB8834CDF8414C37F2BE9F4928E5F ] PCTFW-PacketFilter C:\windows\system32\drivers\pctNdis-PacketFilter.sys
      21:14:46.0242 7780 PCTFW-PacketFilter - ok
      21:14:46.0273 7780 [ 92F69754AD3F18CCC7E7232CA5262029 ] pctgntdi C:\Windows\System32\drivers\pctgntdi.sys
      21:14:46.0315 7780 pctgntdi - ok
      21:14:46.0339 7780 [ 0270A313CC5E49F85C74485CC46386F1 ] pctNdisLW C:\windows\system32\DRIVERS\pctNdisLW.sys
      21:14:46.0374 7780 pctNdisLW - ok
      21:14:46.0395 7780 [ E9BDD80D3618EB5CCEFE2EB4F0F14FB8 ] pctplfw C:\Windows\System32\drivers\pctplfw.sys
      21:14:46.0434 7780 pctplfw - ok
      21:14:46.0460 7780 [ 9AB2171DCED17857FDCD82D104B63FBC ] pctplsg C:\Windows\System32\drivers\pctplsg.sys
      21:14:46.0494 7780 pctplsg - ok
      21:14:46.0516 7780 [ B9BF4A93418B1E100DE310FEBF286B4C ] PCTSD C:\windows\system32\Drivers\PCTSD.sys
      21:14:46.0554 7780 PCTSD - ok
      21:14:46.0576 7780 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
      21:14:46.0619 7780 pcw - ok
      21:14:46.0662 7780 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
      21:14:46.0751 7780 PEAUTH - ok
      21:14:46.0838 7780 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
      21:14:46.0949 7780 pla - ok
      21:14:46.0984 7780 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
      21:14:47.0038 7780 PlugPlay - ok
      21:14:47.0060 7780 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
      21:14:47.0108 7780 PNRPAutoReg - ok
      21:14:47.0137 7780 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
      21:14:47.0189 7780 PNRPsvc - ok
      21:14:47.0219 7780 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
      21:14:47.0302 7780 PolicyAgent - ok
      21:14:47.0340 7780 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
      21:14:47.0423 7780 Power - ok
      21:14:47.0450 7780 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
      21:14:47.0531 7780 PptpMiniport - ok
      21:14:47.0548 7780 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\drivers\processr.sys
      21:14:47.0593 7780 Processor - ok
      21:14:47.0628 7780 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
      21:14:47.0677 7780 ProfSvc - ok
      21:14:47.0691 7780 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
      21:14:47.0737 7780 ProtectedStorage - ok
      21:14:47.0758 7780 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
      21:14:47.0839 7780 Psched - ok
      21:14:47.0889 7780 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\drivers\ql2300.sys
      21:14:47.0975 7780 ql2300 - ok
      21:14:47.0992 7780 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
      21:14:48.0038 7780 ql40xx - ok
      21:14:48.0073 7780 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
      21:14:48.0133 7780 QWAVE - ok
      21:14:48.0157 7780 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
      21:14:48.0208 7780 QWAVEdrv - ok
      21:14:48.0218 7780 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
      21:14:48.0295 7780 RasAcd - ok
      21:14:48.0323 7780 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
      21:14:48.0396 7780 RasAgileVpn - ok
      21:14:48.0414 7780 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
      21:14:48.0496 7780 RasAuto - ok
      21:14:48.0532 7780 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
      21:14:48.0609 7780 Rasl2tp - ok
      21:14:48.0630 7780 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
      21:14:48.0713 7780 RasMan - ok
      21:14:48.0730 7780 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
      21:14:48.0808 7780 RasPppoe - ok
      21:14:48.0830 7780 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
      21:14:48.0904 7780 RasSstp - ok
      21:14:48.0928 7780 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
      21:14:49.0006 7780 rdbss - ok
      21:14:49.0036 7780 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\drivers\rdpbus.sys
      21:14:49.0084 7780 rdpbus - ok
      21:14:49.0100 7780 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
      21:14:49.0174 7780 RDPCDD - ok
      21:14:49.0199 7780 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
      21:14:49.0271 7780 RDPENCDD - ok
      21:14:49.0300 7780 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
      21:14:49.0372 7780 RDPREFMP - ok
      21:14:49.0402 7780 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
      21:14:49.0448 7780 RDPWD - ok
      21:14:49.0477 7780 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
      21:14:49.0523 7780 rdyboost - ok
      21:14:49.0581 7780 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
      21:14:49.0617 7780 RealNetworks Downloader Resolver Service - ok
      21:14:49.0646 7780 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\windows\system32\drivers\regi.sys
      21:14:49.0679 7780 regi - ok
      21:14:49.0710 7780 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
      21:14:49.0786 7780 RemoteAccess - ok
      21:14:49.0821 7780 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
      21:14:49.0903 7780 RemoteRegistry - ok
      21:14:49.0924 7780 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
      21:14:50.0005 7780 RpcEptMapper - ok
      21:14:50.0019 7780 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
      21:14:50.0068 7780 RpcLocator - ok
      21:14:50.0096 7780 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
      21:14:50.0181 7780 RpcSs - ok
      21:14:50.0218 7780 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
      21:14:50.0296 7780 rspndr - ok
      21:14:50.0330 7780 [ 5BEF0FD9B6E57BBC6F7920E3118AE108 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
      21:14:50.0370 7780 RSUSBSTOR - ok
      21:14:50.0387 7780 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
      21:14:50.0434 7780 SamSs - ok
      21:14:50.0458 7780 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
      21:14:50.0501 7780 sbp2port - ok
      21:14:50.0532 7780 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
      21:14:50.0611 7780 SCardSvr - ok
      21:14:50.0641 7780 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
      21:14:50.0716 7780 scfilter - ok
      21:14:50.0759 7780 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
      21:14:50.0851 7780 Schedule - ok
      21:14:50.0875 7780 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
      21:14:50.0950 7780 SCPolicySvc - ok
      21:14:51.0004 7780 [ 17D6A03103586D7954BA74C2219CE1BB ] sdAuxService C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
      21:14:51.0050 7780 sdAuxService - ok
      21:14:51.0092 7780 [ 4E0FFD8BCDA6F836C6581DC4C28B8C15 ] sdCoreService C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
      21:14:51.0161 7780 sdCoreService - ok
      21:14:51.0194 7780 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
      21:14:51.0242 7780 SDRSVC - ok
      21:14:51.0265 7780 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
      21:14:51.0342 7780 secdrv - ok
      21:14:51.0366 7780 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
      21:14:51.0447 7780 seclogon - ok
      21:14:51.0470 7780 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
      21:14:51.0552 7780 SENS - ok
      21:14:51.0574 7780 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\drivers\serenum.sys
      21:14:51.0619 7780 Serenum - ok
      21:14:51.0632 7780 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\drivers\serial.sys
      21:14:51.0680 7780 Serial - ok
      21:14:51.0693 7780 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\drivers\sermouse.sys
      21:14:51.0739 7780 sermouse - ok
      21:14:51.0781 7780 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
      21:14:51.0859 7780 SessionEnv - ok
      21:14:51.0870 7780 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
      21:14:51.0919 7780 sffdisk - ok
      21:14:51.0931 7780 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
      21:14:51.0980 7780 sffp_mmc - ok
      21:14:51.0991 7780 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
      21:14:52.0042 7780 sffp_sd - ok
      21:14:52.0053 7780 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
      21:14:52.0098 7780 sfloppy - ok
      21:14:52.0128 7780 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
      21:14:52.0214 7780 SharedAccess - ok
      21:14:52.0240 7780 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
      21:14:52.0324 7780 ShellHWDetection - ok
      21:14:52.0337 7780 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
      21:14:52.0378 7780 sisagp - ok
      21:14:52.0389 7780 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
      21:14:52.0430 7780 SiSRaid2 - ok
      21:14:52.0442 7780 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
      21:14:52.0485 7780 SiSRaid4 - ok
      21:14:52.0496 7780 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
      21:14:52.0576 7780 Smb - ok
      21:14:52.0608 7780 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
      21:14:52.0657 7780 SNMPTRAP - ok
      21:14:52.0672 7780 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
      21:14:52.0713 7780 spldr - ok
      21:14:52.0749 7780 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
      21:14:52.0802 7780 Spooler - ok
      21:14:52.0889 7780 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
      21:14:53.0038 7780 sppsvc - ok
      21:14:53.0056 7780 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
      21:14:53.0133 7780 sppuinotify - ok
      21:14:53.0200 7780 [ 68103A2B441BBF3908EBB587F0704D6C ] sptd C:\windows\System32\Drivers\sptd.sys
      21:14:53.0251 7780 sptd - ok
      21:14:53.0278 7780 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
      21:14:53.0328 7780 srv - ok
      21:14:53.0366 7780 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
      21:14:53.0416 7780 srv2 - ok
      21:14:53.0446 7780 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
      21:14:53.0493 7780 srvnet - ok
      21:14:53.0562 7780 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
      21:14:53.0645 7780 SSDPSRV - ok
      21:14:53.0670 7780 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
      21:14:53.0749 7780 SstpSvc - ok
      21:14:53.0782 7780 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\drivers\stexstor.sys
      21:14:53.0822 7780 stexstor - ok
      21:14:53.0866 7780 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
      21:14:53.0932 7780 StiSvc - ok
      21:14:53.0948 7780 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
      21:14:53.0991 7780 swenum - ok
      21:14:54.0014 7780 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
      21:14:54.0105 7780 swprv - ok
      21:14:54.0157 7780 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
      21:14:54.0239 7780 SysMain - ok
      21:14:54.0264 7780 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
      21:14:54.0320 7780 TabletInputService - ok
      21:14:54.0342 7780 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
      21:14:54.0423 7780 TapiSrv - ok
      21:14:54.0443 7780 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
      21:14:54.0547 7780 TBS - ok
      21:14:54.0638 7780 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
      21:14:54.0721 7780 Tcpip - ok
      21:14:54.0770 7780 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
      21:14:54.0852 7780 TCPIP6 - ok
      21:14:54.0920 7780 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
      21:14:54.0962 7780 tcpipreg - ok
      21:14:54.0997 7780 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
      21:14:55.0039 7780 TDPIPE - ok
      21:14:55.0062 7780 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
      21:14:55.0105 7780 TDTCP - ok
      21:14:55.0129 7780 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
      21:14:55.0203 7780 tdx - ok
      21:14:55.0228 7780 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
      21:14:55.0270 7780 TermDD - ok
      21:14:55.0314 7780 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
      21:14:55.0402 7780 TermService - ok
      21:14:55.0431 7780 [ EB8F8B25BB64452D86D2BD577607694A ] TfFsMon C:\windows\system32\drivers\TfFsMon.sys
      21:14:55.0465 7780 TfFsMon - ok
      21:14:55.0481 7780 [ 8D157E44BA7F87C8744AC977CA428C1D ] TfNetMon C:\windows\system32\drivers\TfNetMon.sys
      21:14:55.0517 7780 TfNetMon - ok
      21:14:55.0543 7780 [ C866EB15C3CB83DAC8F348ABE6A42EA7 ] TFSysMon C:\windows\system32\drivers\TfSysMon.sys
      21:14:55.0596 7780 TFSysMon - ok
      21:14:55.0616 7780 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
      21:14:55.0672 7780 Themes - ok
      21:14:55.0695 7780 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
      21:14:55.0774 7780 THREADORDER - ok
      21:14:55.0804 7780 ThreatFire - ok
      21:14:55.0832 7780 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
      21:14:55.0913 7780 TrkWks - ok
      21:14:55.0973 7780 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
      21:14:56.0052 7780 TrustedInstaller - ok
      21:14:56.0079 7780 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
      21:14:56.0153 7780 tssecsrv - ok
      21:14:56.0177 7780 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
      21:14:56.0221 7780 TsUsbFlt - ok
      21:14:56.0245 7780 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
      21:14:56.0290 7780 TsUsbGD - ok
      21:14:56.0310 7780 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
      21:14:56.0385 7780 tunnel - ok
      21:14:56.0397 7780 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\drivers\uagp35.sys
      21:14:56.0439 7780 uagp35 - ok
      21:14:56.0466 7780 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
      21:14:56.0544 7780 udfs - ok
      21:14:56.0592 7780 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
      21:14:56.0641 7780 UI0Detect - ok
      21:14:56.0652 7780 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
      21:14:56.0695 7780 uliagpkx - ok
      21:14:56.0716 7780 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
      21:14:56.0762 7780 umbus - ok
      21:14:56.0785 7780 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\drivers\umpass.sys
      21:14:56.0830 7780 UmPass - ok
      21:14:56.0860 7780 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
      21:14:56.0946 7780 upnphost - ok
      21:14:56.0973 7780 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\windows\system32\drivers\usbaudio.sys
      21:14:57.0023 7780 usbaudio - ok
      21:14:57.0059 7780 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
      21:14:57.0105 7780 usbccgp - ok
      21:14:57.0144 7780 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
      21:14:57.0193 7780 usbcir - ok
      21:14:57.0229 7780 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
      21:14:57.0273 7780 usbehci - ok
      21:14:57.0295 7780 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
      21:14:57.0343 7780 usbhub - ok
      21:14:57.0376 7780 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
      21:14:57.0418 7780 usbohci - ok
      21:14:57.0448 7780 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
      21:14:57.0499 7780 usbprint - ok
      21:14:57.0530 7780 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
      21:14:57.0580 7780 usbscan - ok
      21:14:57.0611 7780 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
      21:14:57.0655 7780 USBSTOR - ok
      21:14:57.0689 7780 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
      21:14:57.0733 7780 usbuhci - ok
      21:14:57.0761 7780 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
      21:14:57.0816 7780 usbvideo - ok
      21:14:57.0845 7780 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
      21:14:57.0923 7780 UxSms - ok
      21:14:57.0949 7780 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
      21:14:57.0993 7780 VaultSvc - ok
      21:14:58.0017 7780 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
      21:14:58.0059 7780 vdrvroot - ok
      21:14:58.0088 7780 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
      21:14:58.0176 7780 vds - ok
      21:14:58.0200 7780 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
      21:14:58.0248 7780 vga - ok
      21:14:58.0265 7780 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
      21:14:58.0344 7780 VgaSave - ok
      21:14:58.0357 7780 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
      21:14:58.0403 7780 vhdmp - ok
      21:14:58.0414 7780 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
      21:14:58.0456 7780 viaagp - ok
      21:14:58.0466 7780 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\drivers\viac7.sys
      21:14:58.0513 7780 ViaC7 - ok
      21:14:58.0523 7780 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
      21:14:58.0565 7780 viaide - ok
      21:14:58.0608 7780 [ B6797C1A674D09D99332B45F16F49D41 ] VMC412 C:\windows\system32\Drivers\VMC412.sys
      21:14:58.0654 7780 VMC412 - ok
      21:14:58.0685 7780 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
      21:14:58.0726 7780 volmgr - ok
      21:14:58.0748 7780 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
      21:14:58.0797 7780 volmgrx - ok
      21:14:58.0817 7780 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
      21:14:58.0865 7780 volsnap - ok
      21:14:58.0890 7780 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
      21:14:58.0934 7780 vsmraid - ok
      21:14:58.0996 7780 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
      21:14:59.0098 7780 VSS - ok
      21:14:59.0121 7780 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
      21:14:59.0169 7780 vwifibus - ok
      21:14:59.0188 7780 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
      21:14:59.0241 7780 vwififlt - ok
      21:14:59.0257 7780 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
      21:14:59.0308 7780 vwifimp - ok
      21:14:59.0339 7780 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
      21:14:59.0426 7780 W32Time - ok
      21:14:59.0451 7780 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\drivers\wacompen.sys
      21:14:59.0496 7780 WacomPen - ok
      21:14:59.0513 7780 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
      21:14:59.0587 7780 WANARP - ok
      21:14:59.0601 7780 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
      21:14:59.0675 7780 Wanarpv6 - ok
      21:14:59.0739 7780 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
      21:14:59.0814 7780 wbengine - ok
      21:14:59.0834 7780 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
      21:14:59.0892 7780 WbioSrvc - ok
      21:14:59.0917 7780 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
      21:14:59.0977 7780 wcncsvc - ok
      21:14:59.0995 7780 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
      21:15:00.0045 7780 WcsPlugInService - ok
      21:15:00.0070 7780 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\drivers\wd.sys
      21:15:00.0111 7780 Wd - ok
      21:15:00.0168 7780 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
      21:15:00.0228 7780 Wdf01000 - ok
      21:15:00.0244 7780 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
      21:15:00.0299 7780 WdiServiceHost - ok
      21:15:00.0310 7780 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
      21:15:00.0368 7780 WdiSystemHost - ok
      21:15:00.0411 7780 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
      21:15:00.0470 7780 WebClient - ok
      21:15:00.0493 7780 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
      21:15:00.0579 7780 Wecsvc - ok
      21:15:00.0602 7780 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
      21:15:00.0680 7780 wercplsupport - ok
      21:15:00.0702 7780 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
      21:15:00.0784 7780 WerSvc - ok
      21:15:00.0814 7780 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
      21:15:00.0892 7780 WfpLwf - ok
      21:15:00.0930 7780 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
      21:15:00.0972 7780 WimFltr - ok
      21:15:00.0991 7780 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
      21:15:01.0031 7780 WIMMount - ok
      21:15:01.0100 7780 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
      21:15:01.0165 7780 WinDefend - ok
      21:15:01.0180 7780 WinHttpAutoProxySvc - ok
      21:15:01.0242 7780 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
      21:15:01.0318 7780 Winmgmt - ok
      21:15:01.0375 7780 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
      21:15:01.0478 7780 WinRM - ok
      21:15:01.0519 7780 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
      21:15:01.0568 7780 WinUsb - ok
      21:15:01.0605 7780 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
      21:15:01.0679 7780 Wlansvc - ok
      21:15:01.0713 7780 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
      21:15:01.0749 7780 wlcrasvc - ok
      21:15:01.0832 7780 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      21:15:01.0923 7780 wlidsvc - ok
      21:15:01.0959 7780 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
      21:15:02.0003 7780 WmiAcpi - ok
      21:15:02.0044 7780 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
      21:15:02.0092 7780 wmiApSrv - ok
      21:15:02.0167 7780 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
      21:15:02.0234 7780 WMPNetworkSvc - ok
      21:15:02.0265 7780 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
      21:15:02.0313 7780 WPCSvc - ok
      21:15:02.0330 7780 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
      21:15:02.0383 7780 WPDBusEnum - ok
      21:15:02.0396 7780 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
      21:15:02.0472 7780 ws2ifsl - ok
      21:15:02.0491 7780 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
      21:15:02.0547 7780 wscsvc - ok
      21:15:02.0557 7780 WSearch - ok
      21:15:02.0594 7780 [ BAEDC491374DEFD5E76336901D6D397D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
      21:15:02.0630 7780 wsvd - ok
      21:15:02.0697 7780 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
      21:15:02.0804 7780 wuauserv - ok
      21:15:02.0861 7780 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
      21:15:02.0904 7780 WudfPf - ok
      21:15:02.0929 7780 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
      21:15:02.0974 7780 WUDFRd - ok
      21:15:03.0027 7780 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
      21:15:03.0076 7780 wudfsvc - ok
      21:15:03.0119 7780 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
      21:15:03.0178 7780 WwanSvc - ok
      21:15:03.0215 7780 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
      21:15:03.0263 7780 yukonw7 - ok
      21:15:03.0284 7780 ================ Scan global ===============================
      21:15:03.0309 7780 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
      21:15:03.0365 7780 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\windows\system32\winsrv.dll
      21:15:03.0387 7780 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\windows\system32\winsrv.dll
      21:15:03.0424 7780 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
      21:15:03.0455 7780 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
      21:15:03.0463 7780 [Global] - ok
      21:15:03.0464 7780 ================ Scan MBR ==================================
      21:15:03.0482 7780 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
      21:15:03.0966 7780 \Device\Harddisk0\DR0 - ok
      21:15:03.0967 7780 ================ Scan VBR ==================================
      21:15:04.0010 7780 [ D0A4686DE245A853EF8329A6407ED3F5 ] \Device\Harddisk0\DR0\Partition1
      21:15:04.0015 7780 \Device\Harddisk0\DR0\Partition1 - ok
      21:15:04.0032 7780 [ 5412639FFAD14C76A8F21361AE6501A7 ] \Device\Harddisk0\DR0\Partition2
      21:15:04.0037 7780 \Device\Harddisk0\DR0\Partition2 - ok
      21:15:04.0040 7780 ============================================================
      21:15:04.0040 7780 Scan finished
      21:15:04.0040 7780 ============================================================
      21:15:04.0062 7724 Detected object count: 0
      21:15:04.0063 7724 Actual detected object count: 0

    8. #8
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: He intentado todo contra rootkit TDSS V2...

      El reporte está limpio,

      Realiza lo siguiente:

      • Descarga al Escritorio Malwarebytes Anti-Rootkit Beta.zip
        1. Descomprimelo y abre la carpeta Mbar y ejecuta el archivo Mbar.exe
        2. Pulsa en "Next" y luego al botón Update, luego de actualizar pulsa nuevamente "Next"
        3. Pulsa en el botón Scan para comenzar el análissis.
        4. Al finalizar, de encontar infección pulsa en CleanUp, en caso contrario pulsa "Exit".


      Luego abre la carpeta Mbar, y me copias el contenido de los reportes mbar-log.txt y system-log.txt



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de estobern0
      Registrado
      feb 2013
      Ubicación
      México
      Mensajes
      11
      Bueno ya esta, me detecto una infección:
      Primero el sistem log:

      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.01.0.1017

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7601 Windows 7 Service Pack 1 x86

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED
      CPU speed: 1.795000 GHz
      Memory total: 2137317376, free: 1015205888

      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.01.0.1017

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7601 Windows 7 Service Pack 1 x86

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED
      CPU speed: 1.795000 GHz
      Memory total: 2137317376, free: 1024045056

      ------------ Kernel report ------------
      02/04/2013 20:11:22
      ------------ Loaded modules -----------
      \SystemRoot\system32\ntkrnlpa.exe
      \SystemRoot\system32\halmacpi.dll
      \SystemRoot\system32\kdcom.dll
      \SystemRoot\system32\mcupdate_GenuineIntel.dll
      \SystemRoot\system32\PSHED.dll
      \SystemRoot\system32\BOOTVID.dll
      \SystemRoot\system32\CLFS.SYS
      \SystemRoot\system32\CI.dll
      \SystemRoot\system32\drivers\Wdf01000.sys
      \SystemRoot\system32\drivers\WDFLDR.SYS
      \SystemRoot\System32\Drivers\sptd.sys
      \SystemRoot\system32\drivers\ACPI.sys
      \SystemRoot\system32\drivers\WMILIB.SYS
      \SystemRoot\system32\drivers\fltmgr.sys
      \SystemRoot\system32\drivers\msisadrv.sys
      \SystemRoot\system32\drivers\vdrvroot.sys
      \SystemRoot\system32\drivers\pci.sys
      \SystemRoot\System32\drivers\partmgr.sys
      \SystemRoot\system32\drivers\volmgr.sys
      \SystemRoot\System32\drivers\volmgrx.sys
      \SystemRoot\system32\drivers\intelide.sys
      \SystemRoot\system32\drivers\PCIIDEX.SYS
      \SystemRoot\System32\drivers\mountmgr.sys
      \SystemRoot\system32\drivers\atapi.sys
      \SystemRoot\system32\drivers\ataport.SYS
      \SystemRoot\system32\drivers\amdxata.sys
      \SystemRoot\system32\drivers\fileinfo.sys
      \SystemRoot\system32\drivers\PCTCore.sys
      \SystemRoot\system32\drivers\pctDS.sys
      \SystemRoot\system32\drivers\pctEFA.sys
      \SystemRoot\system32\drivers\TfFsMon.sys
      \SystemRoot\system32\drivers\TfSysMon.sys
      \SystemRoot\System32\Drivers\Ntfs.sys
      \SystemRoot\System32\Drivers\msrpc.sys
      \SystemRoot\System32\Drivers\ksecdd.sys
      \SystemRoot\System32\Drivers\cng.sys
      \SystemRoot\System32\drivers\pcw.sys
      \SystemRoot\System32\Drivers\Fs_Rec.sys
      \SystemRoot\system32\drivers\ndis.sys
      \SystemRoot\system32\drivers\NETIO.SYS
      \SystemRoot\System32\Drivers\ksecpkg.sys
      \SystemRoot\System32\drivers\tcpip.sys
      \SystemRoot\System32\drivers\fwpkclnt.sys
      \SystemRoot\system32\drivers\volsnap.sys
      \SystemRoot\System32\Drivers\spldr.sys
      \SystemRoot\System32\drivers\rdyboost.sys
      \SystemRoot\System32\Drivers\mup.sys
      \SystemRoot\System32\drivers\hwpolicy.sys
      \SystemRoot\System32\DRIVERS\fvevol.sys
      \SystemRoot\system32\drivers\disk.sys
      \SystemRoot\system32\drivers\CLASSPNP.SYS
      \SystemRoot\system32\DRIVERS\cdrom.sys
      \SystemRoot\System32\Drivers\Null.SYS
      \SystemRoot\System32\Drivers\Beep.SYS
      \SystemRoot\System32\drivers\vga.sys
      \SystemRoot\System32\drivers\VIDEOPRT.SYS
      \SystemRoot\System32\drivers\watchdog.sys
      \SystemRoot\System32\DRIVERS\RDPCDD.sys
      \SystemRoot\system32\drivers\rdpencdd.sys
      \SystemRoot\system32\drivers\rdprefmp.sys
      \SystemRoot\System32\Drivers\Msfs.SYS
      \SystemRoot\System32\Drivers\Npfs.SYS
      \SystemRoot\system32\DRIVERS\tdx.sys
      \SystemRoot\system32\DRIVERS\TDI.SYS
      \??\C:\Windows\System32\drivers\pctgntdi.sys
      \Device\Harddisk0\Partition2\windows\system32\drivers\PctWfpFilter.sys
      \SystemRoot\System32\DRIVERS\netbt.sys
      \SystemRoot\system32\drivers\afd.sys
      \SystemRoot\system32\drivers\ws2ifsl.sys
      \SystemRoot\system32\DRIVERS\wfplwf.sys
      \SystemRoot\system32\DRIVERS\pacer.sys
      \SystemRoot\system32\DRIVERS\vwififlt.sys
      \SystemRoot\system32\DRIVERS\pctNdisLW.sys
      \SystemRoot\system32\DRIVERS\netbios.sys
      \SystemRoot\system32\DRIVERS\wanarp.sys
      \SystemRoot\system32\DRIVERS\termdd.sys
      \SystemRoot\system32\DRIVERS\rdbss.sys
      \SystemRoot\System32\Drivers\PCTSD.sys
      \SystemRoot\system32\drivers\nsiproxy.sys
      \SystemRoot\system32\DRIVERS\mssmbios.sys
      \SystemRoot\System32\drivers\discache.sys
      \SystemRoot\System32\Drivers\dfsc.sys
      \SystemRoot\system32\DRIVERS\blbdrive.sys
      \SystemRoot\system32\DRIVERS\tunnel.sys
      \SystemRoot\system32\DRIVERS\intelppm.sys
      \SystemRoot\system32\DRIVERS\igdkmd32.sys
      \SystemRoot\System32\drivers\dxgkrnl.sys
      \SystemRoot\System32\drivers\dxgmms1.sys
      \SystemRoot\system32\DRIVERS\HDAudBus.sys
      \SystemRoot\system32\DRIVERS\athr.sys
      \SystemRoot\system32\DRIVERS\vwifibus.sys
      \SystemRoot\system32\drivers\usbuhci.sys
      \SystemRoot\system32\drivers\USBPORT.SYS
      \SystemRoot\system32\drivers\usbehci.sys
      \SystemRoot\system32\DRIVERS\fei6232.sys
      \SystemRoot\system32\DRIVERS\i8042prt.sys
      \SystemRoot\system32\DRIVERS\kbdclass.sys
      \SystemRoot\System32\Drivers\a3b4rrly.SYS
      \SystemRoot\System32\Drivers\SCSIPORT.SYS
      \SystemRoot\system32\DRIVERS\CompositeBus.sys
      \SystemRoot\system32\DRIVERS\clwvd.sys
      \SystemRoot\system32\DRIVERS\ks.sys
      \SystemRoot\system32\DRIVERS\AgileVpn.sys
      \SystemRoot\system32\DRIVERS\rasl2tp.sys
      \SystemRoot\system32\DRIVERS\ndistapi.sys
      \SystemRoot\system32\DRIVERS\ndiswan.sys
      \SystemRoot\system32\DRIVERS\raspppoe.sys
      \SystemRoot\system32\DRIVERS\raspptp.sys
      \SystemRoot\system32\DRIVERS\rassstp.sys
      \SystemRoot\system32\DRIVERS\mouclass.sys
      \SystemRoot\system32\DRIVERS\swenum.sys
      \SystemRoot\system32\DRIVERS\umbus.sys
      \SystemRoot\system32\DRIVERS\usbhub.sys
      \SystemRoot\System32\Drivers\NDProxy.SYS
      \SystemRoot\system32\drivers\RTKVHDA.sys
      \SystemRoot\system32\drivers\portcls.sys
      \SystemRoot\system32\drivers\drmk.sys
      \SystemRoot\System32\win32k.sys
      \SystemRoot\System32\drivers\Dxapi.sys
      \SystemRoot\System32\Drivers\crashdmp.sys
      \SystemRoot\System32\Drivers\dump_dumpata.sys
      \SystemRoot\System32\Drivers\dump_atapi.sys
      \SystemRoot\System32\Drivers\dump_dumpfve.sys
      \SystemRoot\system32\DRIVERS\monitor.sys
      \SystemRoot\system32\DRIVERS\hidusb.sys
      \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
      \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
      \SystemRoot\system32\DRIVERS\USBD.SYS
      \SystemRoot\system32\DRIVERS\mouhid.sys
      \SystemRoot\System32\TSDDD.dll
      \SystemRoot\System32\cdd.dll
      \SystemRoot\system32\DRIVERS\usbccgp.sys
      \SystemRoot\System32\Drivers\VMC412.sys
      \SystemRoot\system32\drivers\usbaudio.sys
      \SystemRoot\system32\drivers\luafv.sys
      \??\C:\windows\system32\drivers\mbam.sys
      \SystemRoot\system32\DRIVERS\lltdio.sys
      \SystemRoot\system32\DRIVERS\nwifi.sys
      \SystemRoot\system32\DRIVERS\ndisuio.sys
      \SystemRoot\system32\DRIVERS\rspndr.sys
      \SystemRoot\system32\drivers\HTTP.sys
      \SystemRoot\system32\DRIVERS\vwifimp.sys
      \SystemRoot\system32\DRIVERS\bowser.sys
      \SystemRoot\System32\drivers\mpsdrv.sys
      \SystemRoot\system32\DRIVERS\mrxsmb.sys
      \SystemRoot\system32\DRIVERS\mrxsmb10.sys
      \SystemRoot\system32\DRIVERS\mrxsmb20.sys
      \??\C:\windows\system32\drivers\PCTAppEvent.sys
      \SystemRoot\system32\drivers\peauth.sys
      \SystemRoot\system32\drivers\regi.sys
      \SystemRoot\System32\Drivers\secdrv.SYS
      \SystemRoot\System32\DRIVERS\srvnet.sys
      \SystemRoot\System32\drivers\tcpipreg.sys
      \SystemRoot\System32\DRIVERS\srv2.sys
      \SystemRoot\System32\DRIVERS\srv.sys
      \??\C:\windows\system32\drivers\pctNdis-PacketFilter.sys
      \??\C:\Windows\System32\drivers\pctplfw.sys
      \??\C:\Windows\System32\drivers\pctplsg.sys
      \??\C:\windows\system32\drivers\TfNetMon.sys
      \??\C:\windows\system32\drivers\mbamchameleon.sys
      \??\C:\windows\system32\drivers\mbamswissarmy.sys
      \Windows\System32\ntdll.dll
      \Windows\System32\smss.exe
      \Windows\System32\apisetschema.dll
      \Windows\System32\autochk.exe
      \Program Files\DAEMON Tools Lite\Engine.dll
      \Windows\System32\wininet.dll
      \Windows\System32\ole32.dll
      \Windows\System32\oleaut32.dll
      \Windows\System32\imagehlp.dll
      \Windows\System32\ws2_32.dll
      \Windows\System32\normaliz.dll
      \Windows\System32\iertutil.dll
      \Windows\System32\advapi32.dll
      \Windows\System32\sechost.dll
      \Windows\System32\comdlg32.dll
      \Windows\System32\gdi32.dll
      \Windows\System32\difxapi.dll
      \Windows\System32\msctf.dll
      \Windows\System32\usp10.dll
      \Windows\System32\clbcatq.dll
      \Windows\System32\lpk.dll
      \Windows\System32\imm32.dll
      \Windows\System32\kernel32.dll
      \Windows\System32\nsi.dll
      \Windows\System32\shlwapi.dll
      \Windows\System32\setupapi.dll
      \Windows\System32\rpcrt4.dll
      \Windows\System32\psapi.dll
      \Windows\System32\user32.dll
      \Windows\System32\shell32.dll
      \Windows\System32\urlmon.dll
      \Windows\System32\Wldap32.dll
      \Windows\System32\msvcrt.dll
      \Windows\System32\crypt32.dll
      \Windows\System32\devobj.dll
      \Windows\System32\cfgmgr32.dll
      \Windows\System32\wintrust.dll
      \Windows\System32\KernelBase.dll
      \Windows\System32\comctl32.dll
      \Windows\System32\msasn1.dll
      ----------- End -----------
      <<<1>>>
      Upper Device Name: \Device\Harddisk0\DR0
      Upper Device Object: 0xffffffff862c27f0
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
      Lower Device Object: 0xffffffff86179030
      Lower Device Driver Name: \Driver\atapi\
      Driver name found: atapi
      Initialization returned 0x0
      Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
      Load Function returned 0x0
      Downloaded database version: v2013.02.04.09
      Downloaded database version: v2013.01.23.01
      Initializing...
      Done!
      <<<2>>>
      Device number: 0, partition: 2
      Physical Sector Size: 512
      Drive: 0, DevicePointer: 0xffffffff862c27f0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xffffffff862c24d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
      DevicePointer: 0xffffffff862c27f0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      DevicePointer: 0xffffffff862c2020, DeviceName: Unknown, DriverName: \Driver\PCTCore\
      DevicePointer: 0xffffffff854a1608, DeviceName: Unknown, DriverName: \Driver\ACPI\
      DevicePointer: 0xffffffff86179030, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
      ------------ End ----------
      Upper DeviceData: 0xffffffffb31f0388, 0xffffffff862c27f0, 0xffffffff85e47670
      Lower DeviceData: 0xffffffffbc6069c0, 0xffffffff86179030, 0xffffffff8608a780
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Scanning directory: C:\windows\system32\drivers...
      Done!
      Drive 0
      Scanning MBR on drive 0...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: 3F1DA849

      Partition information:

      Partition 0 type is Primary (0x7)
      Partition is ACTIVE.
      Partition starts at LBA: 2048 Numsec = 204800
      Partition file system is NTFS
      Partition is bootable

      Partition 1 type is Primary (0x7)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 206848 Numsec = 923983872

      Partition 2 type is Other (0x12)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 924190720 Numsec = 52582448

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 500107862016 bytes
      Sector size: 512 bytes

      Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
      Done!
      Performing system, memory and registry scan...
      Infected: c:\Users\Irasema\AppData\Local\Temp\{7A0C2627-FA16-402A-A2C1-B234A1EF04D1}\Addons\browser_coupon_setup.exe --> [Adware.Dropper]
      Done!
      Scan finished
      Scheduling clean up...
      <<<2>>>
      Device number: 0, partition: 2
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Removal scheduling successful. System shutdown needed.
      System shutdown occurred
      =======================================


      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.01.0.1017

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7601 Windows 7 Service Pack 1 x86

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED
      CPU speed: 1.795000 GHz
      Memory total: 2137317376, free: 1130942464

      Removal queue found; removal started
      Removing c:\Users\Irasema\AppData\Local\Temp\{7A0C2627-FA16-402A-A2C1-B234A1EF04D1}\Addons\browser_coupon_setup.exe...
      Removal finished
      =======================================

      Ahora el mbarlog:
      Malwarebytes Anti-Rootkit BETA 1.01.0.1017
      www.malwarebytes.org

      Database version: v2013.02.04.09

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 9.0.8112.16421
      Irasema :: IRASEMA-PC [administrator]

      04/02/2013 08:28:48 p.m.
      mbar-log-2013-02-04 (20-28-48).txt

      Scan type: Quick scan
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
      Scan options disabled:
      Objects scanned: 28252
      Time elapsed: 15 minute(s), 37 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 1
      c:\Users\Irasema\AppData\Local\Temp\{7A0C2627-FA16-402A-A2C1-B234A1EF04D1}\Addons\browser_coupon_setup.exe (Adware.Dropper) -> Delete on reboot.

      (end)

      Quiero aclarar que después de que elimino el virus y se reinicio, el antivirus (pc tools) aun me detecta el rootkit.

    10. #10
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: He intentado todo contra rootkit TDSS V2...

      Hola de nuevo,

      Lo que eliminó malwarebytes no es ningún rootkit y a estas alturas creo que tu antivirus detecta algo que no es, ya el propio malwarebytes y el tdsskiller detectan y limpian ese malware desde hace tiempo.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo