• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 23

    Virus indetectable (Re-abierto)

    Hola BolkPloxo No se si el problema a desaparecido (acabo de terminar el analisis) pero antes de esta revision se manifiesta mas en la madrugada al iniciar mi pc. No te entiendo muy bien. Que ...

    1. #11
      Usuario Avatar de BolkPloxo
      Registrado
      feb 2013
      Ubicación
      Chile
      Mensajes
      11

      Re: Virus indetectable

      Hola BolkPloxo

      No se si el problema a desaparecido (acabo de terminar el analisis) pero antes de esta revision se manifiesta mas en la madrugada al iniciar mi pc.
      No te entiendo muy bien. Que es lo que se manifiesta más? Se despliegan las ventanas? Se abren los programas solos?
      Me refiero a que en la madrugada hay mas posibilidades de que mi pc se vuelva loca (como que se abren programas solos (como el menu de inicio, cuando se abre significa que el equipo me va a joder), el despliege de ventanas multiples, se apage el equipo solo) que en otro horario del dia...eso

      Me a pasado que a programas que se abren solos (solo Avast!, centro de redes y SUPERAntiSpyware) al tratar de cerrarlos o seleccionar una opcion desaparecen y aparecen repetidamente, cosa que no puedo seleccionar nada, esto le paso a SUPERAntispyware que se mando solo y escaneo esto...

      SUPERAntiSpyware Scan Log
      SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

      Generated 02/11/2013 at 11:35 AM

      Application Version : 5.6.1014

      Core Rules Database Version : 9993
      Trace Rules Database Version: 7805

      Scan type : Complete Scan
      Total Scan Time : 01:01:20

      Operating System Information
      Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
      UAC Off - Administrator

      Memory items scanned : 558
      Memory threats detected : 0
      Registry items scanned : 75504
      Registry threats detected : 0
      File items scanned : 81178
      File threats detected : 13

      Trojan.Agent/Gen-Medbot
      C:\USERS\JAVIERA\APPDATA\LOCALLOW\SUN\JAVA\JRE1.7.0_13\LZMA.DLL

      Adware.Tracking Cookie
      .doubleclick.net [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .doubleclick.net [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .imrworldwide.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .imrworldwide.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .adtech.de [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .atdmt.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .atdmt.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .serving-sys.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .serving-sys.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .serving-sys.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .serving-sys.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      .serving-sys.com [ C:\USERS\JAVIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NEH41NQY.DEFAULT\COOKIES.SQLITE ]
      Cuando termino, ni me mostro opciones ni nada de que hacer con los archivos maliciosos, de hecho tube que abrir el registro para ver que habia pasado, busque el trojano pero no estaba en la ubicacion señalada asi que doy por hecho que lo elimino

      el log de UsbFix:

      ############################## | UsbFix V 7.096 | [Supresión]

      Usuario: Javiera (Administrador) # JAVIERA-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 11:43:35 | 11/02/2013

      Sitio web: Index of /
      Foro: http://forum.eldesaparecido.com
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: contact@eldesaparecido.com

      PC: SAMSUNG ELECTRONICS CO., LTD. (RF712) (x64-based PC) # Notebook
      CPU: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz (2195)
      RAM -> [Total : 8173 | Free : 6931]
      BIOS: AMIBIOS Version 04VK.M038.20110817.SSH
      BOOT: Fail-safe boot

      OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [Enabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 597 Gb (463 Mb libre(s) - 77%) [] # NTFS
      D:\ -> Disco extraíble # 7 Gb (6 Mb libre(s) - 76%) [] # FAT32
      E:\ -> CD-ROM
      F:\ -> Disco extraíble # 2 Gb (2 Mb libre(s) - 81%) [KINGSTON] # FAT
      G:\ -> Disco fijo # 78 Gb (66 Mb libre(s) - 85%) [Descargas] # NTFS
      H:\ -> Disco extraíble # 7 Gb (7 Mb libre(s) - 100%) [KINGSTON] # FAT32

      ################## | Procesos Activos |

      C:\windows\system32\csrss.exe (472)
      C:\windows\system32\wininit.exe (500)
      C:\windows\system32\csrss.exe (524)
      C:\windows\system32\winlogon.exe (552)
      C:\windows\system32\services.exe (604)
      C:\windows\system32\lsass.exe (620)
      C:\windows\system32\lsm.exe (632)
      C:\windows\system32\svchost.exe (728)
      C:\windows\system32\svchost.exe (804)
      C:\windows\System32\svchost.exe (892)
      C:\windows\system32\svchost.exe (940)
      C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (996)
      C:\windows\system32\svchost.exe (152)
      C:\windows\Explorer.EXE (1104)
      C:\windows\system32\ctfmon.exe (1184)
      C:\Windows\System32\dinotify.exe (1240)
      C:\windows\system32\wbem\wmiprvse.exe (1624)
      C:\UsbFix\Go.exe (1856)
      \\?\C:\windows\system32\wbem\WMIADAP.EXE (1932)
      C:\windows\system32\wbem\wmiprvse.exe (1968)

      ################## | Procesos Parados |

      Parado! C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (996)
      Parado! C:\windows\Explorer.EXE (1104)
      Parado! C:\windows\system32\ctfmon.exe (1184)
      Parado! C:\Windows\System32\dinotify.exe (1240)
      Parado! \\?\C:\windows\system32\wbem\WMIADAP.EXE (1932)

      ################## | Archivos # Carpetas infectadas |

      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-2543451496-1324613630-1812860196-1000
      Suprimido ! G:\$RECYCLE.BIN\S-1-5-21-2543451496-1324613630-1812860196-1000

      (!) Archivos temporales suprimido.

      ################## | Registro |


      ################## | Mountpoints2 |

      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\D

      ################## | Listing |

      [11/02/2013 - 11:48:22 | SHD ] C:\$RECYCLE.BIN
      [02/09/2012 - 19:30:25 | D ] C:\ACDFREE11
      [30/03/2012 - 21:59:59 | N | 237] C:\AT-Cuarentena
      [08/02/2013 - 18:26:52 | N | 20157] C:\AT-Destroyer.txt
      [19/07/2012 - 22:32:59 | D ] C:\Autodesk
      [01/10/2012 - 23:32:21 | D ] C:\bbdemo
      [30/09/2003 - 22:57:50 | N | 2829] C:\clit_readme.txt
      [14/07/2009 - 02:08:56 | SHD ] C:\Documents and Settings
      [09/02/2013 - 00:29:44 | N | 0] C:\FAP1901.tmp
      [09/02/2013 - 0112 | N | 0] C:\FAP223B.tmp
      [08/02/2013 - 23:07:57 | N | 0] C:\FAP376B.tmp
      [08/02/2013 - 23:07:57 | N | 0] C:\FAP3912.tmp
      [08/02/2013 - 23:07:58 | N | 0] C:\FAP3A9A.tmp
      [09/02/2013 - 02:21:21 | N | 0] C:\FAP4613.tmp
      [09/02/2013 - 02:21:21 | N | 0] C:\FAP46A2.tmp
      [09/02/2013 - 02:45:23 | N | 0] C:\FAP4916.tmp
      [09/02/2013 - 01:08:30 | N | 0] C:\FAP9380.tmp
      [09/02/2013 - 01:09:36 | N | 0] C:\FAP9565.tmp
      [09/02/2013 - 00:29:26 | N | 0] C:\FAPCFFA.tmp
      [09/02/2013 - 00:29:26 | N | 0] C:\FAPD088.tmp
      [09/02/2013 - 00:29:26 | N | 0] C:\FAPD136.tmp
      [09/02/2013 - 02:41:44 | N | 0] C:\FAPEF51.tmp
      [06/02/2004 - 12:14:48 | N | 3966] C:\help.txt
      [11/02/2013 - 11:42:05 | ASH | 8570228736] C:\hiberfil.sys
      [26/11/2012 - 11:26:47 | D ] C:\Iconos
      [21/07/2011 - 00:22:01 | D ] C:\Intel
      [14/10/2012 - 19:56:27 | D ] C:\Log
      [20/01/2013 - 21:18:48 | D ] C:\Minecraft_Backup
      [23/01/2012 - 21:41:12 | RHD ] C:\MSOCache
      [11/02/2013 - 11:42:08 | ASH | 8570228736] C:\pagefile.sys
      [14/07/2009 - 00:20:08 | D ] C:\PerfLogs
      [10/02/2013 - 14:00:10 | D ] C:\Program Files
      [08/02/2013 - 22:37:55 | D ] C:\Program Files (x86)
      [07/02/2013 - 17:26:15 | D ] C:\Programas Portables
      [10/02/2013 - 14:00:17 | HD ] C:\ProgramData
      [20/01/2012 - 09:17:13 | SHD ] C:\Recovery
      [21/07/2011 - 00:24:36 | N | 2162] C:\RHDSetup.log
      [20/01/2012 - 09:26:33 | N | 166] C:\Setup.log
      [12/04/2012 - 01:38:10 | N | 2151] C:\ST6UNST.LOG
      [09/02/2013 - 22:04:46 | SHD ] C:\System Volume Information
      [01/02/2013 - 02:21:57 | D ] C:\Temp
      [12/04/2012 - 01:38:10 | D ] C:\Tools
      [11/02/2013 - 11:48:23 | D ] C:\UsbFix
      [11/02/2013 - 11:43:39 | A | 2458] C:\UsbFix.txt
      [24/01/2012 - 01:32:36 | D ] C:\Users
      [11/02/2013 - 11:42:06 | D ] C:\Windows
      [08/02/2013 - 18:25:49 | D ] C:\_AT-Destroyer
      [17/12/2011 - 21:23:10 | D ] D:\DCIM
      [12/10/2011 - 16:56:28 | D ] F:\QUEEN
      [21/01/2009 - 11:41:30 | N | 3844608] F:\Curriculum2.doc
      [15/07/2010 - 18:11:10 | D ] F:\urDrive
      [06/07/2008 - 23:48:04 | N | 27136] F:\CURRICULUM LUIS.doc
      [27/10/2008 - 08:01:56 | N | 534528] F:\Curriculum.doc
      [23/12/2008 - 16:25:34 | N | 4111360] F:\Curriculum1.doc
      [31/07/2012 - 20:24:06 | N | 17346] F:\PSU_CuponDePago.pdf
      [23/09/2012 - 15:31:12 | N | 4179293] F:\everesthome220.exe
      [23/09/2012 - 15:46:00 | N | 93654616] F:\avast_free_antivirus_setup.exe
      [24/05/2012 - 14:16:04 | N | 56382] F:\FMF020_Test_(6933)_0251.pdf
      [24/05/2012 - 14:16:14 | N | 58987] F:\FMF020_Test_(6933)_0257.pdf
      [28/09/2010 - 10:18:46 | D ] F:\winplace
      [06/02/2012 - 15:32:28 | N | 14417579] F:\From the New World - 4th movement.mp3
      [23/12/2012 - 13:30:14 | N | 0] F:\Barry White ? Love's Theme HD.mp3
      [23/12/2012 - 13:30:14 | N | 15991498] F:\Barry White ? Love's Theme HD.flv
      [12/02/2010 - 18:47:24 | N | 2390] F:\1license.avastlic
      [02/01/2011 - 15:25:48 | N | 47460912] F:\Setup_Avast-InternetSecurity.exe
      [11/02/2013 - 11:48:22 | SHD ] G:\$RECYCLE.BIN
      [18/09/2012 - 20:37:22 | D ] G:\Archivos de programa
      [18/09/2012 - 20:36:36 | D ] G:\Documents and Settings
      [08/02/2013 - 22:08:46 | D ] G:\GOTH
      [18/09/2012 - 22:16:17 | N | 2145386496] G:\pagefile.sys
      [18/09/2012 - 20:36:32 | SHD ] G:\System Volume Information
      [10/02/2013 - 1505 | D ] G:\WINDOWS

      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      F:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      G:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      H:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | Upload |

      Por favor, envie el archivo: C:\UsbFix_Upload_Me_JAVIERA-PC.zip
      http://eldesaparecido.com/upload.php
      Gracias por su contribución.

      ################## | E.O.F |
      Saludos!

    2. #12
      Usuario Avatar de BolkPloxo
      Registrado
      feb 2013
      Ubicación
      Chile
      Mensajes
      11

      Re: Virus indetectable

      Es curioso pero segun otro infome de SUPERAntiSpyware me reporta como troyano archivos del USBFix ¿podria ser que el virus me esta suprimiendo programas de seguridad? cada vez que escaneo con este programa me tira troyanos (ademas de adware.cokies)





      Asi se ve, posteriormente se apaga.
      Saludos!
      Última edición por BolkPloxo fecha: 11/02/13 a las 16:32:31

    3. #13
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.319

      Re: Virus indetectable

      Hola BolkPloxo

      Descarga TDSSKiller.zip a tu escritorio.

      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip
      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón


        .
      • TDSSKiller comenzara a analizar el equipo.
      • Si el equipo no está infectado:
      • Mostrara
      • No threats found.
      • Presiona clic sobre el botón "Close"
      Si el equipo está infectado:
      Mostrara:
      Threats detected.
      Select action for found objects:


      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".
      • Suspicious object, medium risk. Usa siempre la opción "Skip"
      • El programa selecciona de forma automática la acción a tomar.
      • Presiona clic sobre el botón "Continue"
      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.
      • Presiona clic sobre el botón


      Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx"son versión, fecha y hora.

      Copia y pega su contenido en tu próxima respuesta.

      Un saludo

    4. #14
      Usuario Avatar de BolkPloxo
      Registrado
      feb 2013
      Ubicación
      Chile
      Mensajes
      11

      Re: Virus indetectable

      Hola Daniela
      El reporte de TDSSKill fue el siguente:

      20:20:53.0397 2172 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
      20:20:55.0397 2172 ============================================================
      20:20:55.0397 2172 Current date / time: 2013/02/11 20:20:55.0397
      20:20:55.0397 2172 SystemInfo:
      20:20:55.0397 2172
      20:20:55.0397 2172 OS Version: 6.1.7601 ServicePack: 1.0
      20:20:55.0397 2172 Product type: Workstation
      20:20:55.0397 2172 ComputerName: JAVIERA-PC
      20:20:55.0397 2172 UserName: Javiera
      20:20:55.0397 2172 Windows directory: C:\windows
      20:20:55.0397 2172 System windows directory: C:\windows
      20:20:55.0397 2172 Running under WOW64
      20:20:55.0397 2172 Processor architecture: Intel x64
      20:20:55.0397 2172 Number of processors: 8
      20:20:55.0397 2172 Page size: 0x1000
      20:20:55.0397 2172 Boot type: Normal boot
      20:20:55.0397 2172 ============================================================
      20:20:55.0817 2172 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      20:20:55.0827 2172 Drive \Device\Harddisk1\DR1 - Size: 0x776F8000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      20:20:55.0827 2172 Drive \Device\Harddisk2\DR2 - Size: 0x1D11B0000 (7.27 Gb), SectorSize: 0x200, Cylinders: 0x3B4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      20:20:55.0827 2172 Drive \Device\Harddisk3\DR3 - Size: 0x1D9C00000 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      20:20:55.0827 2172 ============================================================
      20:20:55.0827 2172 \Device\Harddisk0\DR0:
      20:20:55.0837 2172 MBR partitions:
      20:20:55.0837 2172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
      20:20:55.0837 2172 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4AADB000
      20:20:55.0897 2172 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x4AB0E000, BlocksNum 0x9C40000
      20:20:55.0897 2172 \Device\Harddisk1\DR1:
      20:20:55.0897 2172 MBR partitions:
      20:20:55.0897 2172 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3BB521
      20:20:55.0897 2172 \Device\Harddisk2\DR2:
      20:20:55.0897 2172 MBR partitions:
      20:20:55.0897 2172 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xE86E00
      20:20:55.0897 2172 \Device\Harddisk3\DR3:
      20:20:55.0897 2172 MBR partitions:
      20:20:55.0897 2172 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000
      20:20:55.0897 2172 ============================================================
      20:20:56.0037 2172 C: <-> \Device\Harddisk0\DR0\Partition2
      20:20:56.0097 2172 G: <-> \Device\Harddisk0\DR0\Partition3
      20:20:56.0097 2172 ============================================================
      20:20:56.0097 2172 Initialize success
      20:20:56.0097 2172 ============================================================
      20:21:01.0248 5944 ============================================================
      20:21:01.0248 5944 Scan started
      20:21:01.0248 5944 Mode: Manual; SigCheck; TDLFS;
      20:21:01.0248 5944 ============================================================
      20:21:01.0838 5944 ================ Scan system memory ========================
      20:21:01.0838 5944 System memory - ok
      20:21:01.0838 5944 ================ Scan services =============================
      20:21:01.0908 5944 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
      20:21:01.0998 5944 !SASCORE - ok
      20:21:02.0148 5944 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
      20:21:02.0238 5944 1394ohci - ok
      20:21:02.0288 5944 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
      20:21:02.0308 5944 ACPI - ok
      20:21:02.0338 5944 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
      20:21:02.0358 5944 AcpiPmi - ok
      20:21:02.0528 5944 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      20:21:02.0548 5944 AdobeARMservice - ok
      20:21:02.0658 5944 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      20:21:02.0688 5944 AdobeFlashPlayerUpdateSvc - ok
      20:21:02.0728 5944 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
      20:21:02.0758 5944 adp94xx - ok
      20:21:02.0788 5944 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
      20:21:02.0808 5944 adpahci - ok
      20:21:02.0818 5944 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
      20:21:02.0838 5944 adpu320 - ok
      20:21:02.0868 5944 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
      20:21:02.0898 5944 AeLookupSvc - ok
      20:21:02.0938 5944 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
      20:21:02.0958 5944 AFD - ok
      20:21:02.0978 5944 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
      20:21:03.0008 5944 agp440 - ok
      20:21:03.0018 5944 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
      20:21:03.0038 5944 ALG - ok
      20:21:03.0058 5944 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
      20:21:03.0078 5944 aliide - ok
      20:21:03.0118 5944 [ 6DF30F508B31112BCD2ABC3E00BF3E33 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
      20:21:03.0138 5944 AMD External Events Utility - ok
      20:21:03.0138 5944 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
      20:21:03.0148 5944 amdide - ok
      20:21:03.0168 5944 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
      20:21:03.0178 5944 AmdK8 - ok
      20:21:03.0348 5944 [ D3B70DAB12FECB8453E061E719B10D86 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
      20:21:03.0568 5944 amdkmdag - ok
      20:21:03.0598 5944 [ A9B04D58ABCECF6329F87C8FD3382AB1 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
      20:21:03.0618 5944 amdkmdap - ok
      20:21:03.0628 5944 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
      20:21:03.0638 5944 AmdPPM - ok
      20:21:03.0688 5944 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
      20:21:03.0728 5944 amdsata - ok
      20:21:03.0768 5944 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
      20:21:03.0788 5944 amdsbs - ok
      20:21:03.0808 5944 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
      20:21:03.0818 5944 amdxata - ok
      20:21:03.0868 5944 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
      20:21:03.0928 5944 AppID - ok
      20:21:03.0948 5944 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
      20:21:03.0978 5944 AppIDSvc - ok
      20:21:04.0018 5944 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
      20:21:04.0048 5944 Appinfo - ok
      20:21:04.0108 5944 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      20:21:04.0118 5944 Apple Mobile Device - ok
      20:21:04.0138 5944 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
      20:21:04.0148 5944 arc - ok
      20:21:04.0158 5944 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
      20:21:04.0168 5944 arcsas - ok
      20:21:04.0368 5944 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
      20:21:04.0398 5944 aspnet_state - ok
      20:21:04.0438 5944 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
      20:21:04.0488 5944 aswFsBlk - ok
      20:21:04.0548 5944 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
      20:21:04.0568 5944 aswMonFlt - ok
      20:21:04.0608 5944 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
      20:21:04.0618 5944 aswRdr - ok
      20:21:04.0668 5944 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
      20:21:04.0708 5944 aswSnx - ok
      20:21:04.0798 5944 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
      20:21:04.0848 5944 aswSP - ok
      20:21:04.0898 5944 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
      20:21:04.0918 5944 aswTdi - ok
      20:21:04.0938 5944 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
      20:21:04.0978 5944 AsyncMac - ok
      20:21:05.0008 5944 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
      20:21:05.0018 5944 atapi - ok
      20:21:05.0068 5944 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
      20:21:05.0078 5944 AtiHDAudioService - ok
      20:21:05.0128 5944 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
      20:21:05.0178 5944 AudioEndpointBuilder - ok
      20:21:05.0208 5944 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
      20:21:05.0248 5944 AudioSrv - ok
      20:21:05.0388 5944 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      20:21:05.0398 5944 avast! Antivirus - ok
      20:21:05.0518 5944 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
      20:21:05.0528 5944 AxAutoMntSrv - ok
      20:21:05.0568 5944 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
      20:21:05.0588 5944 AxInstSV - ok
      20:21:05.0639 5944 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
      20:21:05.0649 5944 b06bdrv - ok
      20:21:05.0679 5944 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
      20:21:05.0699 5944 b57nd60a - ok
      20:21:05.0779 5944 [ 63DD9C990883709053DD2C427DF0DB6F ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
      20:21:05.0849 5944 BCM43XX - ok
      20:21:05.0909 5944 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
      20:21:05.0919 5944 BDESVC - ok
      20:21:05.0969 5944 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
      20:21:06.0019 5944 Beep - ok
      20:21:06.0069 5944 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
      20:21:06.0099 5944 BFE - ok
      20:21:06.0149 5944 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
      20:21:06.0209 5944 BITS - ok
      20:21:06.0229 5944 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
      20:21:06.0239 5944 blbdrive - ok
      20:21:06.0269 5944 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
      20:21:06.0279 5944 Bonjour Service - ok
      20:21:06.0329 5944 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
      20:21:06.0339 5944 bowser - ok
      20:21:06.0379 5944 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
      20:21:06.0409 5944 BrFiltLo - ok
      20:21:06.0429 5944 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
      20:21:06.0439 5944 BrFiltUp - ok
      20:21:06.0479 5944 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
      20:21:06.0499 5944 Browser - ok
      20:21:06.0519 5944 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
      20:21:06.0559 5944 Brserid - ok
      20:21:06.0579 5944 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
      20:21:06.0599 5944 BrSerWdm - ok
      20:21:06.0619 5944 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
      20:21:06.0639 5944 BrUsbMdm - ok
      20:21:06.0639 5944 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
      20:21:06.0649 5944 BrUsbSer - ok
      20:21:06.0679 5944 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
      20:21:06.0689 5944 BthEnum - ok
      20:21:06.0729 5944 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
      20:21:06.0739 5944 BTHMODEM - ok
      20:21:06.0789 5944 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
      20:21:06.0799 5944 BthPan - ok
      20:21:06.0859 5944 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
      20:21:06.0879 5944 BTHPORT - ok
      20:21:06.0909 5944 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
      20:21:06.0939 5944 bthserv - ok
      20:21:06.0959 5944 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
      20:21:06.0969 5944 BTHUSB - ok
      20:21:07.0019 5944 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys
      20:21:07.0029 5944 BTWAMPFL - ok
      20:21:07.0059 5944 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
      20:21:07.0069 5944 btwaudio - ok
      20:21:07.0089 5944 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
      20:21:07.0099 5944 btwavdt - ok
      20:21:07.0159 5944 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      20:21:07.0179 5944 btwdins - ok
      20:21:07.0209 5944 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
      20:21:07.0219 5944 btwl2cap - ok
      20:21:07.0229 5944 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
      20:21:07.0239 5944 btwrchid - ok
      20:21:07.0289 5944 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
      20:21:07.0379 5944 cdfs - ok
      20:21:07.0429 5944 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
      20:21:07.0459 5944 cdrom - ok
      20:21:07.0499 5944 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
      20:21:07.0539 5944 CertPropSvc - ok
      20:21:07.0559 5944 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
      20:21:07.0569 5944 circlass - ok
      20:21:07.0589 5944 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
      20:21:07.0609 5944 CLFS - ok
      20:21:07.0729 5944 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
      20:21:07.0769 5944 CLKMSVC10_38F51D56 - ok
      20:21:07.0819 5944 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      20:21:07.0839 5944 clr_optimization_v2.0.50727_32 - ok
      20:21:07.0869 5944 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      20:21:07.0879 5944 clr_optimization_v2.0.50727_64 - ok
      20:21:07.0969 5944 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      20:21:07.0979 5944 clr_optimization_v4.0.30319_32 - ok
      20:21:08.0009 5944 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      20:21:08.0019 5944 clr_optimization_v4.0.30319_64 - ok
      20:21:08.0069 5944 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
      20:21:08.0099 5944 clwvd - ok
      20:21:08.0129 5944 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
      20:21:08.0159 5944 CmBatt - ok
      20:21:08.0189 5944 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
      20:21:08.0209 5944 cmdide - ok
      20:21:08.0249 5944 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
      20:21:08.0299 5944 CNG - ok
      20:21:08.0319 5944 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
      20:21:08.0329 5944 Compbatt - ok
      20:21:08.0379 5944 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
      20:21:08.0389 5944 CompositeBus - ok
      20:21:08.0399 5944 COMSysApp - ok
      20:21:08.0419 5944 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
      20:21:08.0429 5944 crcdisk - ok
      20:21:08.0489 5944 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
      20:21:08.0499 5944 CryptSvc - ok
      20:21:08.0609 5944 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
      20:21:08.0649 5944 cvhsvc - ok
      20:21:08.0699 5944 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
      20:21:08.0729 5944 DcomLaunch - ok
      20:21:08.0769 5944 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
      20:21:08.0799 5944 defragsvc - ok
      20:21:08.0839 5944 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
      20:21:08.0889 5944 DfsC - ok
      20:21:08.0919 5944 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
      20:21:08.0929 5944 Dhcp - ok
      20:21:08.0939 5944 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
      20:21:08.0969 5944 discache - ok
      20:21:08.0989 5944 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
      20:21:08.0999 5944 Disk - ok
      20:21:09.0029 5944 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
      20:21:09.0039 5944 Dnscache - ok
      20:21:09.0069 5944 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
      20:21:09.0099 5944 dot3svc - ok
      20:21:09.0109 5944 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
      20:21:09.0139 5944 DPS - ok
      20:21:09.0159 5944 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
      20:21:09.0169 5944 drmkaud - ok
      20:21:09.0219 5944 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
      20:21:09.0239 5944 DXGKrnl - ok
      20:21:09.0269 5944 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
      20:21:09.0299 5944 EapHost - ok
      20:21:09.0399 5944 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
      20:21:09.0539 5944 ebdrv - ok
      20:21:09.0579 5944 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
      20:21:09.0609 5944 EFS - ok
      20:21:09.0689 5944 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
      20:21:09.0729 5944 ehRecvr - ok
      20:21:09.0749 5944 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
      20:21:09.0759 5944 ehSched - ok
      20:21:09.0809 5944 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
      20:21:09.0819 5944 elxstor - ok
      20:21:09.0839 5944 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
      20:21:09.0849 5944 ErrDev - ok
      20:21:09.0889 5944 [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD C:\windows\system32\DRIVERS\ETD.sys
      20:21:09.0909 5944 ETD - ok
      20:21:09.0949 5944 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
      20:21:10.0009 5944 EventSystem - ok
      20:21:10.0029 5944 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
      20:21:10.0059 5944 exfat - ok
      20:21:10.0069 5944 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
      20:21:10.0099 5944 fastfat - ok
      20:21:10.0139 5944 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
      20:21:10.0159 5944 Fax - ok
      20:21:10.0209 5944 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
      20:21:10.0219 5944 fdc - ok
      20:21:10.0259 5944 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
      20:21:10.0289 5944 fdPHost - ok
      20:21:10.0299 5944 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
      20:21:10.0329 5944 FDResPub - ok
      20:21:10.0349 5944 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
      20:21:10.0359 5944 FileInfo - ok
      20:21:10.0379 5944 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
      20:21:10.0399 5944 Filetrace - ok
      20:21:10.0479 5944 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      20:21:10.0509 5944 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
      20:21:10.0509 5944 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
      20:21:10.0529 5944 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
      20:21:10.0539 5944 flpydisk - ok
      20:21:10.0559 5944 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
      20:21:10.0569 5944 FltMgr - ok
      20:21:10.0619 5944 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
      20:21:10.0669 5944 FontCache - ok
      20:21:10.0719 5944 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      20:21:10.0729 5944 FontCache3.0.0.0 - ok
      20:21:10.0749 5944 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
      20:21:10.0769 5944 FsDepends - ok
      20:21:10.0819 5944 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
      20:21:10.0839 5944 Fs_Rec - ok
      20:21:10.0889 5944 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
      20:21:10.0929 5944 fvevol - ok
      20:21:10.0949 5944 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
      20:21:10.0959 5944 gagp30kx - ok
      20:21:10.0999 5944 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
      20:21:11.0019 5944 GEARAspiWDM - ok
      20:21:11.0149 5944 [ F0187E45268E86AAAA932CBD9087BEA8 ] GoogleDesktopManager-110309-193829 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
      20:21:11.0169 5944 GoogleDesktopManager-110309-193829 - ok
      20:21:11.0219 5944 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
      20:21:11.0269 5944 gpsvc - ok
      20:21:11.0339 5944 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      20:21:11.0369 5944 gupdate - ok
      20:21:11.0399 5944 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      20:21:11.0409 5944 gupdatem - ok
      20:21:11.0439 5944 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
      20:21:11.0449 5944 hcw85cir - ok
      20:21:11.0489 5944 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
      20:21:11.0509 5944 HdAudAddService - ok
      20:21:11.0519 5944 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
      20:21:11.0539 5944 HDAudBus - ok
      20:21:11.0559 5944 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
      20:21:11.0569 5944 HidBatt - ok
      20:21:11.0589 5944 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
      20:21:11.0599 5944 HidBth - ok
      20:21:11.0629 5944 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
      20:21:11.0639 5944 HidIr - ok
      20:21:11.0669 5944 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
      20:21:11.0699 5944 hidserv - ok
      20:21:11.0749 5944 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
      20:21:11.0759 5944 HidUsb - ok
      20:21:11.0799 5944 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
      20:21:11.0829 5944 hkmsvc - ok
      20:21:11.0859 5944 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
      20:21:11.0869 5944 HomeGroupListener - ok
      20:21:11.0899 5944 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
      20:21:11.0909 5944 HomeGroupProvider - ok
      20:21:11.0929 5944 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
      20:21:11.0939 5944 HpSAMD - ok
      20:21:11.0969 5944 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
      20:21:11.0999 5944 HTTP - ok
      20:21:12.0019 5944 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
      20:21:12.0019 5944 hwpolicy - ok
      20:21:12.0059 5944 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
      20:21:12.0069 5944 i8042prt - ok
      20:21:12.0089 5944 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
      20:21:12.0109 5944 iaStor - ok
      20:21:12.0129 5944 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
      20:21:12.0149 5944 iaStorV - ok
      20:21:12.0209 5944 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      20:21:12.0239 5944 idsvc - ok
      20:21:12.0399 5944 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
      20:21:12.0559 5944 igfx - ok
      20:21:12.0589 5944 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
      20:21:12.0599 5944 iirsp - ok
      20:21:12.0659 5944 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
      20:21:12.0719 5944 IKEEXT - ok
      20:21:12.0799 5944 [ 3E3926F4FA7C9162C5C3EC6BF1E4F349 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
      20:21:12.0849 5944 IntcAzAudAddService - ok
      20:21:12.0869 5944 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
      20:21:12.0879 5944 intelide - ok
      20:21:12.0919 5944 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
      20:21:12.0929 5944 intelppm - ok
      20:21:12.0969 5944 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
      20:21:12.0999 5944 IPBusEnum - ok
      20:21:13.0019 5944 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
      20:21:13.0049 5944 IpFilterDriver - ok
      20:21:13.0079 5944 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
      20:21:13.0099 5944 iphlpsvc - ok
      20:21:13.0119 5944 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
      20:21:13.0129 5944 IPMIDRV - ok
      20:21:13.0159 5944 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
      20:21:13.0189 5944 IPNAT - ok
      20:21:13.0239 5944 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
      20:21:13.0259 5944 iPod Service - ok
      20:21:13.0289 5944 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
      20:21:13.0299 5944 IRENUM - ok
      20:21:13.0339 5944 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
      20:21:13.0369 5944 isapnp - ok
      20:21:13.0389 5944 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
      20:21:13.0409 5944 iScsiPrt - ok
      20:21:13.0439 5944 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
      20:21:13.0459 5944 kbdclass - ok
      20:21:13.0479 5944 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
      20:21:13.0499 5944 kbdhid - ok
      20:21:13.0509 5944 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
      20:21:13.0519 5944 KeyIso - ok
      20:21:13.0569 5944 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
      20:21:13.0579 5944 KSecDD - ok
      20:21:13.0589 5944 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
      20:21:13.0599 5944 KSecPkg - ok
      20:21:13.0619 5944 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
      20:21:13.0640 5944 ksthunk - ok
      20:21:13.0680 5944 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
      20:21:13.0710 5944 KtmRm - ok
      20:21:13.0750 5944 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
      20:21:13.0810 5944 LanmanServer - ok
      20:21:13.0840 5944 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
      20:21:13.0870 5944 LanmanWorkstation - ok
      20:21:13.0900 5944 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
      20:21:13.0930 5944 lltdio - ok
      20:21:13.0960 5944 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
      20:21:14.0010 5944 lltdsvc - ok
      20:21:14.0030 5944 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
      20:21:14.0060 5944 lmhosts - ok
      20:21:14.0120 5944 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      20:21:14.0130 5944 LMS - ok
      20:21:14.0160 5944 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
      20:21:14.0170 5944 LSI_FC - ok
      20:21:14.0210 5944 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
      20:21:14.0220 5944 LSI_SAS - ok
      20:21:14.0230 5944 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
      20:21:14.0240 5944 LSI_SAS2 - ok
      20:21:14.0240 5944 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
      20:21:14.0260 5944 LSI_SCSI - ok
      20:21:14.0270 5944 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
      20:21:14.0300 5944 luafv - ok
      20:21:14.0340 5944 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
      20:21:14.0360 5944 Mcx2Svc - ok
      20:21:14.0380 5944 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
      20:21:14.0390 5944 megasas - ok
      20:21:14.0420 5944 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
      20:21:14.0430 5944 MegaSR - ok
      20:21:14.0470 5944 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
      20:21:14.0480 5944 MEIx64 - ok
      20:21:14.0640 5944 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2010_32 C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
      20:21:14.0650 5944 mi-raysat_3dsmax2010_32 ( UnsignedFile.Multi.Generic ) - warning
      20:21:14.0650 5944 mi-raysat_3dsmax2010_32 - detected UnsignedFile.Multi.Generic (1)
      20:21:14.0780 5944 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
      20:21:14.0800 5944 Microsoft Office Groove Audit Service - ok
      20:21:14.0830 5944 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
      20:21:14.0870 5944 MMCSS - ok
      20:21:14.0880 5944 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
      20:21:14.0910 5944 Modem - ok
      20:21:14.0960 5944 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
      20:21:14.0990 5944 monitor - ok
      20:21:15.0010 5944 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
      20:21:15.0020 5944 mouclass - ok
      20:21:15.0030 5944 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
      20:21:15.0040 5944 mouhid - ok
      20:21:15.0050 5944 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
      20:21:15.0060 5944 mountmgr - ok
      20:21:15.0190 5944 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      20:21:15.0220 5944 MozillaMaintenance - ok
      20:21:15.0250 5944 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
      20:21:15.0270 5944 mpio - ok
      20:21:15.0310 5944 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
      20:21:15.0340 5944 mpsdrv - ok
      20:21:15.0380 5944 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
      20:21:15.0420 5944 MpsSvc - ok
      20:21:15.0450 5944 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
      20:21:15.0460 5944 MRxDAV - ok
      20:21:15.0510 5944 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
      20:21:15.0520 5944 mrxsmb - ok
      20:21:15.0560 5944 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
      20:21:15.0570 5944 mrxsmb10 - ok
      20:21:15.0590 5944 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
      20:21:15.0600 5944 mrxsmb20 - ok
      20:21:15.0610 5944 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
      20:21:15.0620 5944 msahci - ok
      20:21:15.0640 5944 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
      20:21:15.0650 5944 msdsm - ok
      20:21:15.0660 5944 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
      20:21:15.0680 5944 MSDTC - ok
      20:21:15.0700 5944 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
      20:21:15.0730 5944 Msfs - ok
      20:21:15.0750 5944 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
      20:21:15.0780 5944 mshidkmdf - ok
      20:21:15.0790 5944 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
      20:21:15.0800 5944 msisadrv - ok
      20:21:15.0820 5944 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
      20:21:15.0850 5944 MSiSCSI - ok
      20:21:15.0860 5944 msiserver - ok
      20:21:15.0890 5944 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
      20:21:15.0920 5944 MSKSSRV - ok
      20:21:15.0920 5944 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
      20:21:15.0950 5944 MSPCLOCK - ok
      20:21:15.0970 5944 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
      20:21:15.0990 5944 MSPQM - ok
      20:21:16.0020 5944 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
      20:21:16.0030 5944 MsRPC - ok
      20:21:16.0060 5944 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
      20:21:16.0070 5944 mssmbios - ok
      20:21:16.0080 5944 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
      20:21:16.0110 5944 MSTEE - ok
      20:21:16.0130 5944 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
      20:21:16.0140 5944 MTConfig - ok
      20:21:16.0170 5944 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
      20:21:16.0180 5944 Mup - ok
      20:21:16.0200 5944 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
      20:21:16.0240 5944 napagent - ok
      20:21:16.0280 5944 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
      20:21:16.0290 5944 NativeWifiP - ok
      20:21:16.0330 5944 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
      20:21:16.0350 5944 NDIS - ok
      20:21:16.0390 5944 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
      20:21:16.0440 5944 NdisCap - ok
      20:21:16.0470 5944 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
      20:21:16.0490 5944 NdisTapi - ok
      20:21:16.0510 5944 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
      20:21:16.0530 5944 Ndisuio - ok
      20:21:16.0550 5944 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
      20:21:16.0580 5944 NdisWan - ok
      20:21:16.0620 5944 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
      20:21:16.0650 5944 NDProxy - ok
      20:21:16.0660 5944 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
      20:21:16.0690 5944 NetBIOS - ok
      20:21:16.0700 5944 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
      20:21:16.0730 5944 NetBT - ok
      20:21:16.0750 5944 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
      20:21:16.0760 5944 Netlogon - ok
      20:21:16.0790 5944 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
      20:21:16.0820 5944 Netman - ok
      20:21:16.0860 5944 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      20:21:16.0870 5944 NetMsmqActivator - ok
      20:21:16.0890 5944 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      20:21:16.0890 5944 NetPipeActivator - ok
      20:21:16.0910 5944 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
      20:21:16.0940 5944 netprofm - ok
      20:21:16.0950 5944 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      20:21:16.0950 5944 NetTcpActivator - ok
      20:21:16.0960 5944 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      20:21:16.0970 5944 NetTcpPortSharing - ok
      20:21:16.0980 5944 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
      20:21:16.0990 5944 nfrd960 - ok
      20:21:17.0030 5944 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
      20:21:17.0040 5944 NlaSvc - ok
      20:21:17.0050 5944 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
      20:21:17.0080 5944 Npfs - ok
      20:21:17.0110 5944 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
      20:21:17.0140 5944 nsi - ok
      20:21:17.0150 5944 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
      20:21:17.0180 5944 nsiproxy - ok
      20:21:17.0220 5944 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
      20:21:17.0260 5944 Ntfs - ok
      20:21:17.0280 5944 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
      20:21:17.0340 5944 Null - ok
      20:21:17.0380 5944 [ B227E75AD10A142DD326B4CC8D73A6D9 ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
      20:21:17.0410 5944 nusb3hub - ok
      20:21:17.0440 5944 [ 55959DB860E4E484681586824D09E52C ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
      20:21:17.0450 5944 nusb3xhc - ok
      20:21:17.0500 5944 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
      20:21:17.0530 5944 nvraid - ok
      20:21:17.0550 5944 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
      20:21:17.0570 5944 nvstor - ok
      20:21:17.0610 5944 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
      20:21:17.0630 5944 nv_agp - ok
      20:21:17.0720 5944 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      20:21:17.0750 5944 odserv - ok
      20:21:17.0760 5944 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
      20:21:17.0780 5944 ohci1394 - ok
      20:21:17.0830 5944 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      20:21:17.0860 5944 ose - ok
      20:21:18.0030 5944 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      20:21:18.0170 5944 osppsvc - ok
      20:21:18.0200 5944 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
      20:21:18.0220 5944 p2pimsvc - ok
      20:21:18.0240 5944 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
      20:21:18.0250 5944 p2psvc - ok
      20:21:18.0300 5944 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
      20:21:18.0310 5944 Parport - ok
      20:21:18.0360 5944 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
      20:21:18.0370 5944 partmgr - ok
      20:21:18.0380 5944 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
      20:21:18.0400 5944 PcaSvc - ok
      20:21:18.0410 5944 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
      20:21:18.0420 5944 pci - ok
      20:21:18.0430 5944 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
      20:21:18.0440 5944 pciide - ok
      20:21:18.0460 5944 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
      20:21:18.0470 5944 pcmcia - ok
      20:21:18.0550 5944 [ 1171C834C5E6515765684C6938B609A1 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
      20:21:18.0570 5944 PCToolsSSDMonitorSvc - ok
      20:21:18.0590 5944 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
      20:21:18.0600 5944 pcw - ok
      20:21:18.0630 5944 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
      20:21:18.0670 5944 PEAUTH - ok
      20:21:18.0720 5944 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
      20:21:18.0730 5944 PerfHost - ok
      20:21:18.0800 5944 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
      20:21:18.0860 5944 pla - ok
      20:21:18.0920 5944 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
      20:21:18.0950 5944 PlugPlay - ok
      20:21:18.0980 5944 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
      20:21:18.0990 5944 PNRPAutoReg - ok
      20:21:19.0000 5944 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
      20:21:19.0020 5944 PNRPsvc - ok
      20:21:19.0050 5944 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
      20:21:19.0080 5944 PolicyAgent - ok
      20:21:19.0110 5944 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
      20:21:19.0140 5944 Power - ok
      20:21:19.0170 5944 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
      20:21:19.0200 5944 PptpMiniport - ok
      20:21:19.0210 5944 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
      20:21:19.0220 5944 Processor - ok
      20:21:19.0260 5944 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
      20:21:19.0270 5944 ProfSvc - ok
      20:21:19.0290 5944 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
      20:21:19.0300 5944 ProtectedStorage - ok
      20:21:19.0320 5944 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
      20:21:19.0350 5944 Psched - ok
      20:21:19.0420 5944 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
      20:21:19.0460 5944 ql2300 - ok
      20:21:19.0480 5944 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
      20:21:19.0490 5944 ql40xx - ok
      20:21:19.0530 5944 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
      20:21:19.0540 5944 QWAVE - ok
      20:21:19.0570 5944 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
      20:21:19.0590 5944 QWAVEdrv - ok
      20:21:19.0600 5944 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
      20:21:19.0630 5944 RasAcd - ok
      20:21:19.0650 5944 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
      20:21:19.0680 5944 RasAgileVpn - ok
      20:21:19.0700 5944 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
      20:21:19.0730 5944 RasAuto - ok
      20:21:19.0750 5944 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
      20:21:19.0780 5944 Rasl2tp - ok
      20:21:19.0800 5944 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
      20:21:19.0830 5944 RasMan - ok
      20:21:19.0860 5944 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
      20:21:19.0880 5944 RasPppoe - ok
      20:21:19.0900 5944 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
      20:21:19.0930 5944 RasSstp - ok
      20:21:19.0950 5944 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
      20:21:19.0980 5944 rdbss - ok
      20:21:19.0990 5944 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
      20:21:20.0000 5944 rdpbus - ok
      20:21:20.0020 5944 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
      20:21:20.0050 5944 RDPCDD - ok
      20:21:20.0060 5944 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
      20:21:20.0090 5944 RDPENCDD - ok
      20:21:20.0100 5944 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
      20:21:20.0130 5944 RDPREFMP - ok
      20:21:20.0170 5944 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
      20:21:20.0200 5944 RDPWD - ok
      20:21:20.0240 5944 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
      20:21:20.0260 5944 rdyboost - ok
      20:21:20.0290 5944 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
      20:21:20.0330 5944 RemoteAccess - ok
      20:21:20.0360 5944 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
      20:21:20.0390 5944 RemoteRegistry - ok
      20:21:20.0430 5944 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
      20:21:20.0450 5944 RFCOMM - ok
      20:21:20.0580 5944 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      20:21:20.0600 5944 RichVideo ( UnsignedFile.Multi.Generic ) - warning
      20:21:20.0600 5944 RichVideo - detected UnsignedFile.Multi.Generic (1)
      20:21:20.0630 5944 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
      20:21:20.0680 5944 RpcEptMapper - ok
      20:21:20.0700 5944 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
      20:21:20.0710 5944 RpcLocator - ok
      20:21:20.0730 5944 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
      20:21:20.0760 5944 RpcSs - ok
      20:21:20.0800 5944 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
      20:21:20.0850 5944 rspndr - ok
      20:21:20.0900 5944 [ 712944C0A377E9B8743F95BD83E882D4 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
      20:21:20.0930 5944 RTL8167 - ok
      20:21:20.0970 5944 [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport C:\windows\SysWOW64\drivers\rtport.sys
      20:21:21.0010 5944 rtport - ok
      20:21:21.0050 5944 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:\windows\system32\Drivers\SABI.sys
      20:21:21.0070 5944 SABI - ok
      20:21:21.0070 5944 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
      20:21:21.0090 5944 SamSs - ok
      20:21:21.0130 5944 [ D641337B75B9A9D5AE10687AA1097755 ] Samsung UPD Service C:\windows\System32\SUPDSvc.exe
      20:21:21.0160 5944 Samsung UPD Service - ok
      20:21:21.0220 5944 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
      20:21:21.0250 5944 SASDIFSV - ok
      20:21:21.0250 5944 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
      20:21:21.0270 5944 SASKUTIL - ok
      20:21:21.0290 5944 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
      20:21:21.0310 5944 sbp2port - ok
      20:21:21.0340 5944 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
      20:21:21.0380 5944 SCardSvr - ok
      20:21:21.0390 5944 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
      20:21:21.0420 5944 scfilter - ok
      20:21:21.0450 5944 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
      20:21:21.0480 5944 Schedule - ok
      20:21:21.0560 5944 [ CB7166B04F774E2E2705E561E48FE023 ] SCPDFReadSpool C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe
      20:21:21.0570 5944 SCPDFReadSpool ( UnsignedFile.Multi.Generic ) - warning
      20:21:21.0580 5944 SCPDFReadSpool - detected UnsignedFile.Multi.Generic (1)
      20:21:21.0610 5944 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
      20:21:21.0650 5944 SCPolicySvc - ok
      20:21:21.0670 5944 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
      20:21:21.0690 5944 SDRSVC - ok
      20:21:21.0720 5944 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
      20:21:21.0750 5944 secdrv - ok
      20:21:21.0770 5944 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
      20:21:21.0800 5944 seclogon - ok
      20:21:21.0820 5944 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
      20:21:21.0850 5944 SENS - ok
      20:21:21.0880 5944 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
      20:21:21.0890 5944 SensrSvc - ok
      20:21:21.0930 5944 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
      20:21:21.0960 5944 Serenum - ok
      20:21:21.0970 5944 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
      20:21:21.0990 5944 Serial - ok
      20:21:22.0000 5944 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
      20:21:22.0020 5944 sermouse - ok
      20:21:22.0040 5944 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
      20:21:22.0070 5944 SessionEnv - ok
      20:21:22.0090 5944 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
      20:21:22.0100 5944 sffdisk - ok
      20:21:22.0110 5944 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
      20:21:22.0130 5944 sffp_mmc - ok
      20:21:22.0140 5944 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
      20:21:22.0150 5944 sffp_sd - ok
      20:21:22.0170 5944 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
      20:21:22.0180 5944 sfloppy - ok
      20:21:22.0210 5944 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
      20:21:22.0230 5944 Sftfs - ok
      20:21:22.0290 5944 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
      20:21:22.0300 5944 sftlist - ok
      20:21:22.0340 5944 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
      20:21:22.0350 5944 Sftplay - ok
      20:21:22.0370 5944 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
      20:21:22.0370 5944 Sftredir - ok
      20:21:22.0390 5944 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
      20:21:22.0400 5944 Sftvol - ok
      20:21:22.0400 5944 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
      20:21:22.0410 5944 sftvsa - ok
      20:21:22.0460 5944 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
      20:21:22.0520 5944 SharedAccess - ok
      20:21:22.0560 5944 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
      20:21:22.0590 5944 ShellHWDetection - ok
      20:21:22.0610 5944 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
      20:21:22.0620 5944 SiSRaid2 - ok
      20:21:22.0640 5944 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
      20:21:22.0650 5944 SiSRaid4 - ok
      20:21:22.0700 5944 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
      20:21:22.0720 5944 SkypeUpdate - ok
      20:21:22.0770 5944 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
      20:21:22.0800 5944 Smb - ok
      20:21:22.0850 5944 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
      20:21:22.0880 5944 SNMPTRAP - ok
      20:21:22.0900 5944 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
      20:21:22.0910 5944 spldr - ok
      20:21:22.0950 5944 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
      20:21:22.0970 5944 Spooler - ok
      20:21:23.0050 5944 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
      20:21:23.0190 5944 sppsvc - ok
      20:21:23.0200 5944 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
      20:21:23.0230 5944 sppuinotify - ok
      20:21:23.0380 5944 [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd C:\windows\System32\Drivers\sptd.sys
      20:21:23.0420 5944 sptd - ok
      20:21:23.0460 5944 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
      20:21:23.0480 5944 srv - ok
      20:21:23.0500 5944 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
      20:21:23.0520 5944 srv2 - ok
      20:21:23.0550 5944 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
      20:21:23.0590 5944 srvnet - ok
      20:21:23.0630 5944 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
      20:21:23.0680 5944 SSDPSRV - ok
      20:21:23.0700 5944 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
      20:21:23.0730 5944 SstpSvc - ok
      20:21:23.0800 5944 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
      20:21:23.0810 5944 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
      20:21:23.0810 5944 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
      20:21:23.0840 5944 Steam Client Service - ok
      20:21:23.0860 5944 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
      20:21:23.0880 5944 stexstor - ok
      20:21:23.0910 5944 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
      20:21:23.0930 5944 StillCam - ok
      20:21:23.0990 5944 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
      20:21:24.0030 5944 stisvc - ok
      20:21:24.0040 5944 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
      20:21:24.0050 5944 swenum - ok
      20:21:24.0080 5944 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
      20:21:24.0110 5944 swprv - ok
      20:21:24.0140 5944 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
      20:21:24.0170 5944 SysMain - ok
      20:21:24.0200 5944 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
      20:21:24.0210 5944 TabletInputService - ok
      20:21:24.0240 5944 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
      20:21:24.0270 5944 TapiSrv - ok
      20:21:24.0290 5944 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
      20:21:24.0320 5944 TBS - ok
      20:21:24.0400 5944 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
      20:21:24.0450 5944 Tcpip - ok
      20:21:24.0480 5944 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
      20:21:24.0510 5944 TCPIP6 - ok
      20:21:24.0540 5944 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
      20:21:24.0550 5944 tcpipreg - ok
      20:21:24.0580 5944 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
      20:21:24.0590 5944 TDPIPE - ok
      20:21:24.0630 5944 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
      20:21:24.0640 5944 TDTCP - ok
      20:21:24.0650 5944 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
      20:21:24.0680 5944 tdx - ok
      20:21:24.0710 5944 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
      20:21:24.0720 5944 TermDD - ok
      20:21:24.0760 5944 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
      20:21:24.0800 5944 TermService - ok
      20:21:24.0820 5944 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
      20:21:24.0830 5944 Themes - ok
      20:21:24.0860 5944 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
      20:21:24.0890 5944 THREADORDER - ok
      20:21:24.0890 5944 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
      20:21:24.0920 5944 TrkWks - ok
      20:21:24.0960 5944 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
      20:21:25.0020 5944 TrustedInstaller - ok
      20:21:25.0040 5944 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
      20:21:25.0070 5944 tssecsrv - ok
      20:21:25.0100 5944 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
      20:21:25.0110 5944 TsUsbFlt - ok
      20:21:25.0140 5944 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
      20:21:25.0180 5944 TsUsbGD - ok
      20:21:25.0190 5944 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
      20:21:25.0240 5944 tunnel - ok
      20:21:25.0310 5944 [ 48743B69EA47C020A792D8649F753F44 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
      20:21:25.0320 5944 TurboB - ok
      20:21:25.0370 5944 [ 759F59E3EA3802FF23F93DCDB6FE9171 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
      20:21:25.0400 5944 TurboBoost - ok
      20:21:25.0430 5944 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
      20:21:25.0450 5944 uagp35 - ok
      20:21:25.0470 5944 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
      20:21:25.0510 5944 udfs - ok
      20:21:25.0540 5944 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
      20:21:25.0550 5944 UI0Detect - ok
      20:21:25.0590 5944 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
      20:21:25.0620 5944 uliagpkx - ok
      20:21:25.0651 5944 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
      20:21:25.0681 5944 umbus - ok
      20:21:25.0721 5944 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
      20:21:25.0751 5944 UmPass - ok
      20:21:25.0831 5944 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys
      20:21:25.0841 5944 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
      20:21:25.0841 5944 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
      20:21:25.0971 5944 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      20:21:26.0041 5944 UNS - ok
      20:21:26.0091 5944 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
      20:21:26.0151 5944 upnphost - ok
      20:21:26.0191 5944 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
      20:21:26.0201 5944 USBAAPL64 - ok
      20:21:26.0241 5944 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
      20:21:26.0251 5944 usbccgp - ok
      20:21:26.0281 5944 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
      20:21:26.0291 5944 usbcir - ok
      20:21:26.0331 5944 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
      20:21:26.0341 5944 usbehci - ok
      20:21:26.0371 5944 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
      20:21:26.0381 5944 usbhub - ok
      20:21:26.0401 5944 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
      20:21:26.0411 5944 usbohci - ok
      20:21:26.0441 5944 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
      20:21:26.0451 5944 usbprint - ok
      20:21:26.0471 5944 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
      20:21:26.0491 5944 usbscan - ok
      20:21:26.0521 5944 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
      20:21:26.0561 5944 USBSTOR - ok
      20:21:26.0591 5944 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
      20:21:26.0601 5944 usbuhci - ok
      20:21:26.0651 5944 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
      20:21:26.0671 5944 usbvideo - ok
      20:21:26.0681 5944 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
      20:21:26.0711 5944 UxSms - ok
      20:21:26.0721 5944 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
      20:21:26.0731 5944 VaultSvc - ok
      20:21:26.0771 5944 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
      20:21:26.0781 5944 vdrvroot - ok
      20:21:26.0801 5944 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
      20:21:26.0841 5944 vds - ok
      20:21:26.0871 5944 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
      20:21:26.0891 5944 vga - ok
      20:21:26.0901 5944 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
      20:21:26.0931 5944 VgaSave - ok
      20:21:26.0941 5944 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
      20:21:26.0951 5944 vhdmp - ok
      20:21:26.0971 5944 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
      20:21:26.0981 5944 viaide - ok
      20:21:26.0991 5944 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
      20:21:27.0001 5944 volmgr - ok
      20:21:27.0011 5944 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
      20:21:27.0031 5944 volmgrx - ok
      20:21:27.0041 5944 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
      20:21:27.0061 5944 volsnap - ok
      20:21:27.0071 5944 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
      20:21:27.0091 5944 vsmraid - ok
      20:21:27.0131 5944 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
      20:21:27.0181 5944 VSS - ok
      20:21:27.0201 5944 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
      20:21:27.0211 5944 vwifibus - ok
      20:21:27.0311 5944 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
      20:21:27.0321 5944 vwififlt - ok
      20:21:27.0371 5944 [ 49003B357D101CDC474937437ECF5ABC ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
      20:21:27.0401 5944 vwifimp - ok
      20:21:27.0431 5944 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
      20:21:27.0471 5944 W32Time - ok
      20:21:27.0501 5944 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
      20:21:27.0511 5944 WacomPen - ok
      20:21:27.0531 5944 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
      20:21:27.0561 5944 WANARP - ok
      20:21:27.0561 5944 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
      20:21:27.0591 5944 Wanarpv6 - ok
      20:21:27.0661 5944 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
      20:21:27.0701 5944 WatAdminSvc - ok
      20:21:27.0751 5944 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
      20:21:27.0781 5944 wbengine - ok
      20:21:27.0811 5944 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
      20:21:27.0821 5944 WbioSrvc - ok
      20:21:27.0851 5944 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
      20:21:27.0871 5944 wcncsvc - ok
      20:21:27.0881 5944 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
      20:21:27.0891 5944 WcsPlugInService - ok
      20:21:27.0921 5944 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
      20:21:27.0931 5944 Wd - ok
      20:21:27.0971 5944 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
      20:21:27.0991 5944 Wdf01000 - ok
      20:21:27.0991 5944 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
      20:21:28.0041 5944 WdiServiceHost - ok
      20:21:28.0041 5944 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
      20:21:28.0061 5944 WdiSystemHost - ok
      20:21:28.0081 5944 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
      20:21:28.0101 5944 WebClient - ok
      20:21:28.0121 5944 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
      20:21:28.0151 5944 Wecsvc - ok
      20:21:28.0171 5944 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
      20:21:28.0201 5944 wercplsupport - ok
      20:21:28.0221 5944 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
      20:21:28.0251 5944 WerSvc - ok
      20:21:28.0281 5944 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
      20:21:28.0301 5944 WfpLwf - ok
      20:21:28.0331 5944 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
      20:21:28.0341 5944 WIMMount - ok
      20:21:28.0361 5944 WinDefend - ok
      20:21:28.0371 5944 WinHttpAutoProxySvc - ok
      20:21:28.0431 5944 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
      20:21:28.0481 5944 Winmgmt - ok
      20:21:28.0561 5944 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
      20:21:28.0621 5944 WinRM - ok
      20:21:28.0651 5944 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
      20:21:28.0661 5944 WinUsb - ok
      20:21:28.0701 5944 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
      20:21:28.0731 5944 Wlansvc - ok
      20:21:28.0811 5944 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
      20:21:28.0841 5944 wlcrasvc - ok
      20:21:29.0011 5944 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      20:21:29.0061 5944 wlidsvc - ok
      20:21:29.0071 5944 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
      20:21:29.0081 5944 WmiAcpi - ok
      20:21:29.0111 5944 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
      20:21:29.0131 5944 wmiApSrv - ok
      20:21:29.0151 5944 WMPNetworkSvc - ok
      20:21:29.0181 5944 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
      20:21:29.0211 5944 WPCSvc - ok
      20:21:29.0221 5944 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
      20:21:29.0241 5944 WPDBusEnum - ok
      20:21:29.0261 5944 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
      20:21:29.0291 5944 ws2ifsl - ok
      20:21:29.0301 5944 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
      20:21:29.0321 5944 wscsvc - ok
      20:21:29.0321 5944 WSearch - ok
      20:21:29.0401 5944 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
      20:21:29.0431 5944 wuauserv - ok
      20:21:29.0471 5944 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
      20:21:29.0511 5944 WudfPf - ok
      20:21:29.0541 5944 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
      20:21:29.0561 5944 WUDFRd - ok
      20:21:29.0611 5944 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
      20:21:29.0631 5944 wudfsvc - ok
      20:21:29.0671 5944 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
      20:21:29.0691 5944 WwanSvc - ok
      20:21:29.0731 5944 ================ Scan global ===============================
      20:21:29.0751 5944 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
      20:21:29.0781 5944 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
      20:21:29.0781 5944 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
      20:21:29.0811 5944 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
      20:21:29.0841 5944 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
      20:21:29.0851 5944 [Global] - ok
      20:21:29.0851 5944 ================ Scan MBR ==================================
      20:21:29.0861 5944 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
      20:21:30.0141 5944 \Device\Harddisk0\DR0 - ok
      20:21:30.0141 5944 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
      20:21:37.0502 5944 \Device\Harddisk1\DR1 - ok
      20:21:37.0512 5944 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
      20:21:39.0322 5944 \Device\Harddisk2\DR2 - ok
      20:21:39.0322 5944 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
      20:21:39.0482 5944 \Device\Harddisk3\DR3 - ok
      20:21:39.0482 5944 ================ Scan VBR ==================================
      20:21:39.0492 5944 [ EF01678E897F1995AAC101555B2B954B ] \Device\Harddisk0\DR0\Partition1
      20:21:39.0492 5944 \Device\Harddisk0\DR0\Partition1 - ok
      20:21:39.0532 5944 [ D44668E5F1513DD0FDC6A39D3C1E42A2 ] \Device\Harddisk0\DR0\Partition2
      20:21:39.0532 5944 \Device\Harddisk0\DR0\Partition2 - ok
      20:21:39.0562 5944 [ B2A9F991956F844325469E1F8ECC44A2 ] \Device\Harddisk0\DR0\Partition3
      20:21:39.0562 5944 \Device\Harddisk0\DR0\Partition3 - ok
      20:21:39.0562 5944 [ C7D3C2A9497C0D81D7BA1D1B511B3C11 ] \Device\Harddisk1\DR1\Partition1
      20:21:39.0562 5944 \Device\Harddisk1\DR1\Partition1 - ok
      20:21:39.0572 5944 [ 245DB91C018FEDD274C7AE544DF9EF1C ] \Device\Harddisk2\DR2\Partition1
      20:21:39.0572 5944 \Device\Harddisk2\DR2\Partition1 - ok
      20:21:39.0572 5944 [ 0AC35398A3C2FC4B4E90D8EC7C20A4E8 ] \Device\Harddisk3\DR3\Partition1
      20:21:39.0572 5944 \Device\Harddisk3\DR3\Partition1 - ok
      20:21:39.0572 5944 ============================================================
      20:21:39.0572 5944 Scan finished
      20:21:39.0572 5944 ============================================================
      20:21:39.0582 4152 Detected object count: 6
      20:21:39.0582 4152 Actual detected object count: 6
      20:22:52.0692 4152 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
      20:22:52.0692 4152 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:22:52.0692 4152 mi-raysat_3dsmax2010_32 ( UnsignedFile.Multi.Generic ) - skipped by user
      20:22:52.0692 4152 mi-raysat_3dsmax2010_32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:22:52.0702 4152 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
      20:22:52.0702 4152 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:22:52.0702 4152 SCPDFReadSpool ( UnsignedFile.Multi.Generic ) - skipped by user
      20:22:52.0702 4152 SCPDFReadSpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:22:52.0702 4152 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
      20:22:52.0702 4152 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:22:52.0702 4152 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
      20:22:52.0702 4152 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      20:23:07.0053 3680 Deinitialize success
      Se que lo que encontro debe ser de bajo peligro o algo asi, pero no hace nada? porque hice el escaneo 3 veces mas y siguen los mismos archivos, no seria mejor eliminarlos ...hablo de mi ignorancia

      Saludos!

    5. #15
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.699

      Re: Virus indetectable

      Buenas BolkPloxo, entro en el tema a petición de la compañera @Daniela.

      Ahora descarga >> OTL By OldTimer

      *** Para Ejecutar OTL sigue estos pasos :

      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código:
        Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT


      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      En tu próxima respuesta recuerda:

      - Pon el informe de OTL.txt.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #16
      Usuario Avatar de BolkPloxo
      Registrado
      feb 2013
      Ubicación
      Chile
      Mensajes
      11

      Re: Virus indetectable

      Hola Javierhf agradesco tu ayuda
      y gracias por todo @Daniela.

      Mi pc sigue igual, El reporte de OTL.txt fue el siguiente:

      OTL logfile created on: 2/13/2013 9:26:38 AM - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Javiera\Desktop
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: Chile | Language: ESL | Date Format: dd-MM-yyyy

      7.98 Gb Total Physical Memory | 5.70 Gb Available Physical Memory | 71.44% Memory free
      15.96 Gb Paging File | 13.18 Gb Available in Paging File | 82.58% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 597.43 Gb Total Space | 463.68 Gb Free Space | 77.61% Space Free | Partition Type: NTFS
      Drive G: | 78.12 Gb Total Space | 66.48 Gb Free Space | 85.09% Space Free | Partition Type: NTFS

      Computer Name: JAVIERA-PC | User Name: Javiera | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Javiera\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe (Comodo Security Solutions, Inc.)
      PRC - C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe (Comodo Security Solutions, Inc.)
      PRC - C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe (Comodo Security Solutions Inc.)
      PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
      PRC - C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
      PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
      PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (SEC)
      PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
      PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
      PRC - C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe (Samsung Electronics)
      PRC - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
      PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
      PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software)
      PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
      PRC - C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      MOD - C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll ()
      MOD - C:\Program Files (x86)\Unlocker\UnlockerHook.dll ()
      MOD - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
      MOD - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll ()
      MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
      MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
      MOD - C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
      SRV:64bit: - (cmdvirth) -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO)
      SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
      SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
      SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV:64bit: - (Samsung UPD Service) -- C:\Windows\SysNative\SUPDSvc.exe (Samsung Electronics CO., LTD.)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (CLPSLauncher) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe (Comodo Security Solutions Inc.)
      SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
      SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
      SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (GeekBuddyRSP) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
      SRV - (AxAutoMntSrv) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
      SRV - (SCPDFReadSpool) -- C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe (Solid Documents, LLC)
      SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (mi-raysat_3dsmax2010_32) -- C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
      DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
      DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
      DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
      DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
      DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
      DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
      DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
      DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
      DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
      DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
      DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
      DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
      DRV - (GEARAspiWDM) -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV - (CFRMD) -- C:\Windows\SysWOW64\drivers\CFRMD.sys (Windows (R) Win 7 DDK provider)
      DRV - (rtport) -- C:\Windows\SysWOW64\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
      DRV - (UnlockerDriver5) -- C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys ()
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Internet Explorer 6 Search Companion is no longer supported.
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
      IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
      IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
      IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
      IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage

      IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage

      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Chile
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\SearchScopes,DefaultScope = {7D03D56A-64DD-40EB-8F8F-4A1EF83B084D}
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109988&tt=290312_bexdll&babsrc=SP_ss&mntrId=4cc4dc7d00000000000090a4debbaaff
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=zYRLMGEszUJyftG_we3HzjIXHG8?q={searchTerms}
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\SearchScopes\{7D03D56A-64DD-40EB-8F8F-4A1EF83B084D}: "URL" = http://cl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "Yahoo"
      FF - prefs.js..browser.search.param.yahoo-fr: ""
      FF - prefs.js..browser.search.selectedEngine: "Yahoo"
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "https://www.google.cl/"
      FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2
      FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2


      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Javiera\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/06 14:16:28 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/02/08 22:09:49 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/06 17:00:23 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/06 13:50:03 | 000,000,000 | ---D | M]

      [2012/10/30 12:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Javiera\AppData\Roaming\Mozilla\Extensions
      [2012/10/30 12:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Javiera\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
      [2013/02/08 22:37:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\neh41nqy.default\extensions
      [2013/02/05 22:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\tihz7p1y.default\extensions
      [2012/10/03 19:08:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\tihz7p1y.default\extensions\staged
      [2012/08/25 02:49:47 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\neh41nqy.default\extensions\personas@christopher.beard.xpi
      [2012/12/22 20:51:58 | 000,001,042 | ---- | M] () -- C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\neh41nqy.default\searchplugins\nch-es-customized-web-search.xml
      [2013/02/08 18:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
      [2013/02/06 13:49:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      [2013/02/06 13:49:48 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
      [2013/02/06 13:49:48 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
      [2013/02/06 13:49:49 | 000,000,000 | ---D | M] (Supervisor Kaspersky de vÃ*nculos URL) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
      [2013/02/06 13:49:49 | 000,000,000 | ---D | M] (Supervisor Kaspersky de vÃ*nculos URL) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
      [2013/02/08 22:09:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
      [2013/02/01 15:21:57 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2013/02/01 17:47:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2013/02/01 17:47:09 | 000,004,081 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2013/02/01 17:47:09 | 000,002,440 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-cl.xml
      [2013/02/01 17:47:09 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2013/02/01 17:47:09 | 000,001,110 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-cl.xml

      ========== Chrome ==========

      CHR - homepage: Yahoo! Chile
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Yahoo! Chile
      CHR - Extension: avast! WebRep = C:\Users\Javiera\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Users\Javiera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

      O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Samsung BHO Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O2 - BHO: (no name) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
      O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
      O4 - HKLM..\Run: [RMAlert] C:\Program Files (x86)\PC Tools Registry Mechanic\Alert.exe (PC Tools)
      O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
      O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
      O4 - HKU\.DEFAULT..\RunOnce: [] File not found
      O4 - HKU\S-1-5-18..\RunOnce: [] File not found
      O4 - HKU\S-1-5-19..\RunOnce: [] File not found
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [] File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
      O7 - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
      O7 - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
      O8:64bit: - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8:64bit: - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
      O9 - Extra Button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O15 - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..Trusted Ranges: GD ([http] in Local intranet)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
      O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.13.2)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.74.121.12 190.160.0.13 190.160.0.15
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2469A33D-1AA7-4868-952F-FF2B60FC841A}: NameServer = 8.26.56.26,156.154.70.22
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDF3DA16-3B0B-49F9-8C7A-3972875CF80A}: DhcpNameServer = 200.74.121.12 190.160.0.13 190.160.0.15
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDF3DA16-3B0B-49F9-8C7A-3972875CF80A}: NameServer = 8.26.56.26,156.154.70.22
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\windows\SysWOW64\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 0
      O32 - AutoRun File - [2012/07/19 22:32:59 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
      O32 - AutoRun File - [2013/02/11 11:49:05 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
      O32 - AutoRun File - [2013/02/11 11:49:06 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ NTFS ]
      O33 - MountPoints2\E\Shell - "" = AutoRun
      O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchPad.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
      MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found
      MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: BrMfcWnd - hkey= - key= - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
      MsConfig:64bit - StartUpReg: ControlCenter3 - hkey= - key= - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
      MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Javiera\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      MsConfig:64bit - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Google)
      MsConfig:64bit - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
      MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: SearchSettings - hkey= - key= - File not found
      MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
      MsConfig:64bit - State: "startup" - Reg Error: Key error.

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/02/13 09:19:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Javiera\Desktop\OTL.exe
      [2013/02/11 22:40:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo
      [2013/02/11 22:13:04 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
      [2013/02/11 2243 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
      [2013/02/11 2224 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
      [2013/02/11 22:09:51 | 000,000,000 | ---D | C] -- C:\Users\Javiera\AppData\Local\Comodo
      [2013/02/11 22:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
      [2013/02/11 22:09:43 | 000,056,072 | ---- | C] (COMODO CA Limited) -- C:\windows\SysNative\certsentry.dll
      [2013/02/11 22:09:43 | 000,042,760 | ---- | C] (COMODO CA Limited) -- C:\windows\SysWow64\certsentry.dll
      [2013/02/11 22:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
      [2013/02/11 22:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
      [2013/02/11 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\Javiera\Desktop\tdskill
      [2013/02/11 11:49:05 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
      [2013/02/11 11:42:55 | 000,000,000 | ---D | C] -- C:\UsbFix
      [2013/02/11 11:07:27 | 001,271,879 | ---- | C] (El Desaparecido) -- C:\Users\Javiera\Desktop\UsbFix.exe
      [2013/02/10 14:05:42 | 000,000,000 | ---D | C] -- C:\Users\Javiera\Documents\Registro
      [2013/02/10 14:00:17 | 000,000,000 | ---D | C] -- C:\Users\Javiera\AppData\Roaming\SUPERAntiSpyware.com
      [2013/02/10 14:00:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
      [2013/02/10 14:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
      [2013/02/10 14:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
      [2013/02/08 22:34:46 | 000,000,000 | ---D | C] -- C:\Users\Javiera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      [2013/02/08 22:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
      [2013/02/08 2215 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
      [2013/02/08 2214 | 000,025,232 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
      [2013/02/08 2211 | 000,370,288 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
      [2013/02/08 2205 | 000,054,072 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
      [2013/02/08 2201 | 000,984,144 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
      [2013/02/08 2201 | 000,285,328 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
      [2013/02/08 2201 | 000,071,600 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
      [2013/02/08 2201 | 000,059,728 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
      [2013/02/08 22:09:39 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe
      [2013/02/08 22:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
      [2013/02/08 21:45:52 | 000,000,000 | --SD | C] -- C:\windows\SysWow64\Microsoft
      [2013/02/08 15:37:45 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2013/02/08 15:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
      [2013/02/08 15:32:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
      [2013/02/08 14:25:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
      [2013/02/07 17:00:54 | 000,000,000 | ---D | C] -- C:\Users\Javiera\Desktop\Histo
      [2013/02/07 16:25:04 | 000,000,000 | ---D | C] -- C:\Programas Portables
      [2013/02/06 13:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2013/02/05 16:04:30 | 000,000,000 | ---D | C] -- C:\Users\Javiera\AppData\Local\Programs
      [2013/02/02 23:55:33 | 000,000,000 | ---D | C] -- C:\Users\Javiera\Documents\DOCs
      [2013/02/01 14:24:32 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
      [2013/02/01 13:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
      [2013/02/01 13:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
      [2013/02/01 02:21:57 | 000,000,000 | ---D | C] -- C:\Temp
      [2013/01/31 16:46:47 | 000,000,000 | ---D | C] -- C:\Users\Javiera\AppData\Local\PutLockerDownloader
      [2013/01/31 16:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
      [2013/01/28 12:48:09 | 000,000,000 | ---D | C] -- C:\Users\Javiera\Documents\3dsMax
      [2013/01/28 12:40:12 | 000,000,000 | ---D | C] -- C:\Users\Javiera\AppData\Local\Autodesk
      [2013/01/28 12:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
      [2013/01/28 12:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
      [2013/01/28 12:30:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\main
      [2013/01/28 12:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\msi
      [2013/01/28 12:29:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\support
      [2013/01/28 12:29:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Setup
      [2013/01/28 12:29:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eula
      [2013/01/28 12:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SetupRes
      [2013/01/24 22:43:04 | 000,043,216 | ---- | C] (COMODO) -- C:\windows\SysNative\cmdcsr.dll
      [2013/01/24 22:43:02 | 000,461,384 | ---- | C] (COMODO) -- C:\windows\SysNative\guard64.dll
      [2013/01/24 22:43:02 | 000,354,752 | ---- | C] (COMODO) -- C:\windows\SysWow64\guard32.dll
      [2013/01/24 22:42:54 | 000,326,352 | ---- | C] (COMODO) -- C:\windows\SysNative\cmdvrt64.dll
      [2013/01/24 22:42:54 | 000,045,776 | ---- | C] (COMODO) -- C:\windows\SysNative\cmdkbd64.dll
      [2013/01/24 22:42:50 | 000,263,888 | ---- | C] (COMODO) -- C:\windows\SysWow64\cmdvrt32.dll
      [2013/01/24 22:42:50 | 000,040,656 | ---- | C] (COMODO) -- C:\windows\SysWow64\cmdkbd32.dll
      [2013/01/21 00:03:25 | 000,000,000 | ---D | C] -- C:\Users\Javiera\AppData\Roaming\.minecraft
      [2013/01/20 22:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Version Changer
      [2013/01/20 22:03:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\flippit
      [2013/01/20 2124 | 000,000,000 | ---D | C] -- C:\Users\Javiera\AppData\Roaming\skyz
      [2013/01/20 21:07:05 | 000,000,000 | ---D | C] -- C:\Minecraft_Backup
      [2013/01/16 19:51:44 | 000,023,176 | ---- | C] (COMODO) -- C:\windows\SysNative\drivers\cmderd.sys
      [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
      [19 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
      [14 C:\*.tmp files -> C:\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/02/13 09:22:51 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/02/13 09:22:51 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/02/13 09:18:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Javiera\Desktop\OTL.exe
      [2013/02/13 09:15:07 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
      [2013/02/13 09:14:21 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/02/13 09:13:55 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2013/02/13 09:13:51 | 4275,261,439 | -HS- | M] () -- C:\hiberfil.sys
      [2013/02/13 02:00:01 | 000,000,514 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task cb1fef7b-6fce-4b1d-a2b2-3b081e908b81.job
      [2013/02/13 01:44:02 | 000,001,038 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/02/13 01:28:03 | 000,001,074 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2543451496-1324613630-1812860196-1000UA.job
      [2013/02/12 19:28:01 | 000,001,052 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2543451496-1324613630-1812860196-1000Core.job
      [2013/02/12 14:00:01 | 000,000,514 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 29f30808-d618-4a3e-841f-b6f062f0629b.job
      [2013/02/11 22:40:21 | 000,002,003 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
      [2013/02/11 22:13:15 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\windows\SysNative\certsentry.dll
      [2013/02/11 22:09:43 | 000,042,760 | ---- | M] (COMODO CA Limited) -- C:\windows\SysWow64\certsentry.dll
      [2013/02/11 14:16:24 | 004,029,190 | ---- | M] () -- C:\Users\Javiera\Documents\disassembly_easynote_mb.pdf
      [2013/02/11 13:21:12 | 001,672,954 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
      [2013/02/11 13:21:12 | 000,746,142 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
      [2013/02/11 13:21:12 | 000,652,804 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
      [2013/02/11 13:21:12 | 000,158,352 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
      [2013/02/11 13:21:12 | 000,121,478 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
      [2013/02/11 13:11:05 | 000,007,628 | ---- | M] () -- C:\Users\Javiera\AppData\Local\Resmon.ResmonCfg
      [2013/02/11 11:49:06 | 000,017,858 | ---- | M] () -- C:\UsbFix_Upload_Me_JAVIERA-PC.zip
      [2013/02/11 11:07:10 | 001,271,879 | ---- | M] (El Desaparecido) -- C:\Users\Javiera\Desktop\UsbFix.exe
      [2013/02/08 2201 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
      [2013/02/06 17:00:26 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2013/02/01 15:28:45 | 000,000,999 | ---- | M] () -- C:\windows\SysWow64\InstallUtil.InstallLog
      [2013/01/28 12:55:38 | 000,000,584 | ---- | M] () -- C:\Users\Javiera\Documents\grstyles.stl
      [2013/01/24 22:43:04 | 000,043,216 | ---- | M] (COMODO) -- C:\windows\SysNative\cmdcsr.dll
      [2013/01/24 22:43:02 | 000,461,384 | ---- | M] (COMODO) -- C:\windows\SysNative\guard64.dll
      [2013/01/24 22:43:02 | 000,354,752 | ---- | M] (COMODO) -- C:\windows\SysWow64\guard32.dll
      [2013/01/24 22:42:54 | 000,326,352 | ---- | M] (COMODO) -- C:\windows\SysNative\cmdvrt64.dll
      [2013/01/24 22:42:54 | 000,045,776 | ---- | M] (COMODO) -- C:\windows\SysNative\cmdkbd64.dll
      [2013/01/24 22:42:50 | 000,263,888 | ---- | M] (COMODO) -- C:\windows\SysWow64\cmdvrt32.dll
      [2013/01/24 22:42:50 | 000,040,656 | ---- | M] (COMODO) -- C:\windows\SysWow64\cmdkbd32.dll
      [2013/01/16 19:51:44 | 000,023,176 | ---- | M] (COMODO) -- C:\windows\SysNative\drivers\cmderd.sys
      [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
      [19 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
      [14 C:\*.tmp files -> C:\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/02/11 22:40:21 | 000,002,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
      [2013/02/11 14:16:24 | 004,029,190 | ---- | C] () -- C:\Users\Javiera\Documents\disassembly_easynote_mb.pdf
      [2013/02/11 11:49:06 | 000,017,858 | ---- | C] () -- C:\UsbFix_Upload_Me_JAVIERA-PC.zip
      [2013/02/10 14:00:24 | 000,000,514 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task cb1fef7b-6fce-4b1d-a2b2-3b081e908b81.job
      [2013/02/10 14:00:24 | 000,000,514 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 29f30808-d618-4a3e-841f-b6f062f0629b.job
      [2013/02/08 22:26:25 | 000,007,628 | ---- | C] () -- C:\Users\Javiera\AppData\Local\Resmon.ResmonCfg
      [2013/02/06 13:50:04 | 000,000,237 | ---- | C] () -- C:\AT-Cuarentena
      [2013/01/31 16:48:46 | 000,000,999 | ---- | C] () -- C:\windows\SysWow64\InstallUtil.InstallLog
      [2013/01/31 16:24:58 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt
      [2013/01/12 22:27:14 | 000,049,152 | ---- | C] () -- C:\windows\Domino.exe
      [2012/10/14 19:56:17 | 000,000,081 | ---- | C] () -- C:\windows\spwdrpa.INI
      [2012/10/13 17:25:14 | 000,000,000 | ---- | C] () -- C:\windows\DMM.INI
      [2012/10/01 23:30:44 | 000,000,074 | ---- | C] () -- C:\windows\BBW_INFO.INI
      [2012/09/30 12:38:03 | 000,000,367 | ---- | C] () -- C:\Users\Javiera\SyncDocs.conf
      [2012/08/03 20:48:56 | 000,003,584 | ---- | C] () -- C:\Users\Javiera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/07/06 01:48:22 | 000,000,040 | ---- | C] () -- C:\Users\Javiera\AppData\Roaming\cdr.ini
      [2012/04/01 04:15:44 | 127,682,596 | ---- | C] () -- C:\Users\Javiera\preview.mov
      [2012/03/21 20:44:33 | 000,017,408 | ---- | C] () -- C:\Users\Javiera\AppData\Local\WebpageIcons.db
      [2012/02/06 16:58:39 | 000,650,752 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
      [2012/02/06 16:58:39 | 000,243,200 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
      [2012/02/06 16:58:39 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
      [2012/02/06 16:58:38 | 000,079,360 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
      [2012/02/06 15:47:48 | 000,000,600 | ---- | C] () -- C:\Users\Javiera\PUTTY.RND
      [2012/01/24 01:04:02 | 000,000,431 | ---- | C] () -- C:\windows\BRWMARK.INI
      [2012/01/24 01:04:02 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI
      [2012/01/23 21:24:40 | 001,650,928 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
      [2011/07/21 14:19:37 | 000,258,864 | ---- | C] () -- C:\windows\SUPDRun.exe
      [2011/07/21 14:17:45 | 000,002,888 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
      [2011/07/21 01:39:24 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
      [2011/07/21 01:07:13 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
      [2011/07/21 00:40:54 | 000,142,128 | ---- | C] () -- C:\windows\wiainst64.exe
      [2011/07/21 00:27:56 | 000,001,842 | ---- | C] () -- C:\windows\HotFixList.ini

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/02/12 14:17:21 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\.minecraft
      [2012/10/20 03:23:47 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\Audacity
      [2013/01/28 12:48:08 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\Autodesk
      [2012/04/17 02:51:09 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\calibre
      [2012/10/14 17:26:01 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\DAEMON Tools Pro
      [2012/03/09 23:39:29 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\eType
      [2012/07/31 13:49:11 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\fltk.org
      [2012/12/04 14:42:22 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\LaunchPad
      [2012/12/28 17:15:59 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\Lite
      [2012/01/23 13:39:33 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\MAXON
      [2012/12/25 13:31:09 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\Mp3tag
      [2012/04/02 13:58:12 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\Publish Providers
      [2012/02/08 16:50:34 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\redsn0w
      [2012/09/04 00:01:32 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\Registry Mechanic
      [2012/02/29 18:01:45 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\RegistryKeys
      [2013/01/20 2129 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\skyz
      [2013/01/06 01:21:16 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\SolidDocuments
      [2012/10/30 12:55:01 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\Songbird2
      [2012/04/02 13:58:03 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\Sony
      [2012/01/23 21:24:55 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\TP
      [2012/02/08 13:05:39 | 000,000,000 | ---D | M] -- C:\Users\Javiera\AppData\Roaming\WindSolutions

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/03/30 21:59:59 | 000,000,237 | ---- | M] () -- C:\AT-Cuarentena
      [2013/02/08 18:26:52 | 000,020,157 | ---- | M] () -- C:\AT-Destroyer.txt
      [2003/09/30 22:57:50 | 000,002,829 | ---- | M] () -- C:\clit_readme.txt
      [2004/02/06 12:14:48 | 000,003,966 | ---- | M] () -- C:\help.txt
      [2013/02/13 09:13:51 | 4275,261,439 | -HS- | M] () -- C:\hiberfil.sys
      [2013/02/13 09:13:53 | 4275,261,439 | -HS- | M] () -- C:\pagefile.sys
      [2011/07/21 00:24:36 | 000,002,162 | ---- | M] () -- C:\RHDSetup.log
      [2012/01/20 09:26:33 | 000,000,166 | ---- | M] () -- C:\Setup.log
      [2012/04/12 01:38:10 | 000,002,151 | ---- | M] () -- C:\ST6UNST.LOG
      [2013/02/11 20:20:47 | 000,006,206 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_11.02.2013_20.18.46_log.txt
      [2013/02/11 20:23:07 | 000,151,022 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_11.02.2013_20.20.53_log.txt
      [2013/02/11 20:33:00 | 000,295,838 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_11.02.2013_20.27.27_log.txt
      [2013/02/11 11:49:06 | 000,007,105 | ---- | M] () -- C:\UsbFix.txt
      [2013/02/11 11:49:06 | 000,017,858 | ---- | M] () -- C:\UsbFix_Upload_Me_JAVIERA-PC.zip
      [14 C:\*.tmp files -> C:\*.tmp -> ]

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:D1B5B4F1
      @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86

      < End of report >
      Tengo serias sospechas que hay una 'Backdoor' en mi equipo, seria recomendable hacer un escaneo con HijackThis?
      Saludos!

    7. #17
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.699

      Re: Virus indetectable

      Cita Originalmente publicado por BolkPloxo Ver Mensaje
      Tengo serias sospechas que hay una 'Backdoor' en mi equipo, seria recomendable hacer un escaneo con HijackThis?
      De momento, seguiremos con los siguientes pasos :

      MUY Importante ~ Realiza una copia de seguridad del registro con >> Erunt.

      Y después ejecuta de nuevo OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

      Código:
      :OTL
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Internet Explorer 6 Search Companion is no longer supported.
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France
      IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage
      IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage
      IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage
      IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fixhomepage
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109988&tt=290312_bexdll&babsrc=SP_ss&mntrId=4cc4dc7d00000000000090a4debbaaff
      IE - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=zYRLMGEszUJyftG_we3HzjIXHG8?q={searchTerms}
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      [2012/12/22 20:51:58 | 000,001,042 | ---- | M] () -- C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\neh41nqy.default\searchplugins\nch-es-customized-web-search.xml
      [2013/02/06 13:49:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      [2013/02/01 17:47:09 | 000,002,440 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-cl.xml
      O2 - BHO: (no name) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      O4 - HKU\.DEFAULT..\RunOnce: [] File not found
      O4 - HKU\S-1-5-18..\RunOnce: [] File not found
      O4 - HKU\S-1-5-19..\RunOnce: [] File not found
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [] File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O15 - HKU\S-1-5-21-2543451496-1324613630-1812860196-1000\..Trusted Ranges: GD ([http] in Local intranet)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
      O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.13.2)
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O33 - MountPoints2\E\Shell - "" = AutoRun
      O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchPad.exe
      MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found
      MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Javiera\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      MsConfig:64bit - StartUpReg: SearchSettings - hkey= - key= - File not found
      MsConfig:64bit - State: "startup" - Reg Error: Key error.
      [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
      [19 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
      [14 C:\*.tmp files -> C:\*.tmp -> ]
      [2013/02/13 01:28:03 | 000,001,074 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2543451496-1324613630-1812860196-1000UA.job
      [2013/02/12 19:28:01 | 000,001,052 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2543451496-1324613630-1812860196-1000Core.job
      @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:D1B5B4F1
      @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]
      Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.

      Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.

      Antes de contestarnos, y después de pasar OTL, revisa/actualiza tu versión de Java(Muy Importante) >> Descarga gratuita del software de Java

      Y cuando nos contestes dinos que versión de Java se ha quedado instalada >> ¿Cómo puedo comprobar si Java funciona en mi equipo?

      Recuerda ponernos el log de OTL, y dinos también que versión de Java tienes ahora y como sigue el ordenador, en relación al problema planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de BolkPloxo
      Registrado
      feb 2013
      Ubicación
      Chile
      Mensajes
      11

      Re: Virus indetectable

      EDIT
      Mira, no se si meti la pata pero al finalizar la reparacion de OTL.exe me arrojo esto



      No se, segui todos los pasos de ERUNT en el manual, no se si eso es normal. Ademas mi pc me pidio tres actualizaciones al finalizar y al iniciar los procesos de mi equipo...

      log de OTL.exe:

      All processes killed
      ========== OTL ==========
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search bar| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      Registry key HKEY_USERS\S-1-5-21-2543451496-1324613630-1812860196-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_USERS\S-1-5-21-2543451496-1324613630-1812860196-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\neh41nqy.default\searchplugins\nch-es-customized-web-search.xml moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
      C:\Program Files (x86)\Mozilla Firefox\searchplugins\mercadolibre-cl.xml moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}\ not found.
      64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
      Registry value HKEY_USERS\S-1-5-21-2543451496-1324613630-1812860196-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
      Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.
      Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ not found.
      Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.
      Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
      Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.
      Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Registry value HKEY_USERS\S-1-5-21-2543451496-1324613630-1812860196-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
      Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
      File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
      File Protocol\Handler\livecall - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
      File Protocol\Handler\msnim - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
      File Protocol\Handler\skype4com - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
      File Protocol\Handler\wlmailhtml - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
      File Protocol\Handler\wlpg - No CLSID value found not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
      File E:\LaunchPad.exe not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Facebook Update\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SearchSettings\ not found.
      C:\windows\avaC38E.tmp deleted successfully.
      C:\windows\msdownld.tmp folder deleted successfully.
      C:\windows\SysWow64\aswC35F.tmp deleted successfully.
      C:\windows\SysWow64\sho2048.tmp deleted successfully.
      C:\windows\SysWow64\sho2479.tmp deleted successfully.
      C:\windows\SysWow64\sho38FA.tmp deleted successfully.
      C:\windows\SysWow64\sho3EAA.tmp deleted successfully.
      C:\windows\SysWow64\sho41C3.tmp deleted successfully.
      C:\windows\SysWow64\sho6228.tmp deleted successfully.
      C:\windows\SysWow64\sho6364.tmp deleted successfully.
      C:\windows\SysWow64\sho68FD.tmp deleted successfully.
      C:\windows\SysWow64\sho8E6B.tmp deleted successfully.
      C:\windows\SysWow64\sho8F30.tmp deleted successfully.
      C:\windows\SysWow64\shoA9C8.tmp deleted successfully.
      C:\windows\SysWow64\shoB419.tmp deleted successfully.
      C:\windows\SysWow64\shoB492.tmp deleted successfully.
      C:\windows\SysWow64\shoC956.tmp deleted successfully.
      C:\windows\SysWow64\shoEB8B.tmp deleted successfully.
      C:\windows\SysWow64\shoEC73.tmp deleted successfully.
      C:\windows\SysWow64\shoFA84.tmp deleted successfully.
      C:\windows\SysWow64\shoFCCB.tmp deleted successfully.
      C:\FAP1901.tmp deleted successfully.
      C:\FAP223B.tmp deleted successfully.
      C:\FAP376B.tmp deleted successfully.
      C:\FAP3912.tmp deleted successfully.
      C:\FAP3A9A.tmp deleted successfully.
      C:\FAP4613.tmp deleted successfully.
      C:\FAP46A2.tmp deleted successfully.
      C:\FAP4916.tmp deleted successfully.
      C:\FAP9380.tmp deleted successfully.
      C:\FAP9565.tmp deleted successfully.
      C:\FAPCFFA.tmp deleted successfully.
      C:\FAPD088.tmp deleted successfully.
      C:\FAPD136.tmp deleted successfully.
      C:\FAPEF51.tmp deleted successfully.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2543451496-1324613630-1812860196-1000UA.job moved successfully.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2543451496-1324613630-1812860196-1000Core.job moved successfully.
      ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
      ADS C:\ProgramData\Temp:888AFB86 deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Javiera\Desktop\cmd.bat deleted successfully.
      C:\Users\Javiera\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de red inal*mbrica 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::14b:4f3a:9e40:a8e8%14
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.3
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.0.1
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 15:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:5ef5:79fd:1cef:588:3f57:fffc
      V¡nculo: direcci¢n IPv6 local. . . : fe80::1cef:588:3f57:fffc%22
      Puerta de enlace predeterminada . . . . . : ::
      Adaptador de t£nel isatap.{2469A33D-1AA7-4868-952F-FF2B60FC841A}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{7D690919-8612-47D3-8FC2-102E818F47F0}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      C:\Users\Javiera\Desktop\cmd.bat deleted successfully.
      C:\Users\Javiera\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: Default

      User: Javiera
      ->Flash cache emptied: 1979 bytes

      User: Public

      Total Flash Files Cleaned = 0.00 mb


      [EMPTYTEMP]

      User: Default

      User: Javiera
      ->Temp folder emptied: 806597 bytes
      ->Temporary Internet Files folder emptied: 498236 bytes
      ->Java cache emptied: 2345575 bytes
      ->FireFox cache emptied: 236434110 bytes
      ->Google Chrome cache emptied: 819568 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 34109389 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68042 bytes
      RecycleBin emptied: 791924264 bytes

      Total Files Cleaned = 1,018.00 mb

      C:\windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 02132013_121342

      Files\Folders moved on Reboot...
      C:\Users\Javiera\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...
      Sobre java prefiero reinstalarlo ahora seria Java v7 actualizacion 13



      El computador esta lento al iniciarlo (podrian ser los programas que e puesto) incluso para cargar paginas de internet, tambien el menu de inicio se sigue abriendo solo.
      Otra cosa que se me fue es que cuando apago el equipo me aparece que hay un programa que sigue abierto pero no hay ningun icono ni nada y que al apretar el icono de firefox (el que esta al lado del menu de inicio) abre carpetas o el mismo menu de inicio (cuando pasa esto usualmente se abren miles de ventanas)

      Saludos!
      Última edición por BolkPloxo fecha: 13/02/13 a las 12:17:22

    9. #19
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.699

      Re: Virus indetectable

      No te preocupes por el mensaje de inicio de Erunt, cuando terminemos todos los pasos ya lo desinstalaras.

      Ahora descarga en tu escritorio >> Adwcleaner.exe.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Y cierra todos los programas que tengas abiertos.
      • Click derecho sobre su ícono y seleccionas Ejecutar como Administrador.
      • Pulsar en el Botón Supresión.
      • Sigue las Instrucciones, si te pidiera Reiniciar el sistema Aceptas.
      • Guardas el reporte que te saldrá en el escritorio, para pegarlo en tu próxima respuesta.


      Descarga también >> Shortcut Cleaner y guárdalo en el escritorio.

      Haces doble clic sobre sc-cleaner.exe y esperas que se abra el informe(lo puedes encontrar también en el escritorio).

      Guárdalo también para copiarlo en tu siguiente respuesta.

      Reinicia el equipo.

      En tu siguiente respuesta nos pones los informes de Adwcleaner y sc-cleaner, y comentas como sigue el ordenador.

      Saludos
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #20
      Usuario Avatar de BolkPloxo
      Registrado
      feb 2013
      Ubicación
      Chile
      Mensajes
      11

      Re: Virus indetectable

      Hola, creo que se detubo lo e estado apagando y prendiendo como unas 10 veces (y no es broma) y no a pasado nada aunque seguire atenta.

      El reporte de AdwCleaner:

      # AdwCleaner v2.112 - Fichero creado el 13/02/2013 a 14:19:33
      # Actualizado el 10/02/2013 por Xplode
      # Sistema operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
      # Usuario : Javiera - JAVIERA-PC
      # Modo de inicio : Normal
      # Ejecutado desde : G:\GOTH\Descargas\AdwCleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****


      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\ProgramData\Ask
      Carpeta Suprimido : C:\Users\Javiera\AppData\Local\Conduit
      Carpeta Suprimido : C:\Users\Javiera\AppData\LocalLow\boost_interprocess
      Carpeta Suprimido : C:\Users\Javiera\AppData\LocalLow\Conduit
      Carpeta Suprimido : C:\Users\Javiera\AppData\Roaming\eType
      Carpeta Suprimido : C:\Users\Javiera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eType
      Carpeta Suprimido : C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\tihz7p1y.default\extensions\staged
      Fichero Suprimido : C:\Users\Javiera\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\1ClickDownload
      Clave Supprimida : HKCU\Software\APN PIP
      Clave Supprimida : HKCU\Software\AppDataLow\Software\Conduit
      Clave Supprimida : HKCU\Software\AppDataLow\Software\Search Settings
      Clave Supprimida : HKCU\Software\AppDataLow\Software\SmartBar
      Clave Supprimida : HKCU\Software\BabylonToolbar
      Clave Supprimida : HKCU\Software\Blabbers
      Clave Supprimida : HKCU\Software\BrowserCompanion
      Clave Supprimida : HKCU\Software\InstallCore
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
      Clave Supprimida : HKCU\Software\PIP
      Clave Supprimida : HKCU\Software\Softonic
      Clave Supprimida : HKLM\Software\Babylon
      Clave Supprimida : HKLM\Software\BabylonToolbar
      Clave Supprimida : HKLM\Software\BrowserCompanion
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.cap
      Clave Supprimida : HKLM\SOFTWARE\Classes\Toolbar.CT2801941
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
      Clave Supprimida : HKLM\Software\Iminent
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\DealioToolbar-stub-1_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\DealioToolbar-stub-1_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
      Clave Supprimida : HKLM\Software\PIP
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ibgfbdggapddbjjbopabhlhianklajie
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
      Clave Supprimida : HKLM\SOFTWARE\Tarma Installer

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16464

      [OK] El registro no contiene ninguna entrada ilegítima.

      -\\ Mozilla Firefox v18.0.2 (es-CL)

      Fichero : C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\neh41nqy.default\prefs.js

      C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\neh41nqy.default\user.js ... Suprimido !

      Supprimida : user_pref("CT2801941_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
      Supprimida : user_pref("Smartbar.ConduitHomepagesList", "");
      Supprimida : user_pref("Smartbar.ConduitSearchEngineList", "");
      Supprimida : user_pref("Smartbar.keywordURLSelectedCTID", "CT2801941");
      Supprimida : user_pref("extensions.funmoods.aflt", "ironpub");
      Supprimida : user_pref("extensions.funmoods.autoRvrt", false);
      Supprimida : user_pref("extensions.funmoods.dfltLng", "");
      Supprimida : user_pref("extensions.funmoods.dfltSrch", false);
      Supprimida : user_pref("extensions.funmoods.dnsErr", true);
      Supprimida : user_pref("extensions.funmoods.envrmnt", "production");
      Supprimida : user_pref("extensions.funmoods.excTlbr", true);
      Supprimida : user_pref("extensions.funmoods.hmpg", false);
      Supprimida : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2[...]
      Supprimida : user_pref("extensions.funmoods.id", "E81132A144F5DC7D");
      Supprimida : user_pref("extensions.funmoods.instlDay", "15616");
      Supprimida : user_pref("extensions.funmoods.instlRef", "ironpub");
      Supprimida : user_pref("extensions.funmoods.isdcmntcmplt", true);
      Supprimida : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.221959");
      Supprimida : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
      Supprimida : user_pref("extensions.funmoods.newTab", false);
      Supprimida : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=ironpub&chnl=ironpub&cd[...]
      Supprimida : user_pref("extensions.funmoods.prdct", "funmoods");
      Supprimida : user_pref("extensions.funmoods.prtnrId", "funmoods");
      Supprimida : user_pref("extensions.funmoods.smplGrp", "none");
      Supprimida : user_pref("extensions.funmoods.srchPrvdr", "Search");
      Supprimida : user_pref("extensions.funmoods.tlbrId", "base");
      Supprimida : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=ironpub&chnl=ironpub&[...]
      Supprimida : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
      Supprimida : user_pref("extensions.funmoods.vrsnTs", "1.5.23.221959");
      Supprimida : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
      Supprimida : user_pref("extensions.funmoods_i.newTab", false);
      Supprimida : user_pref("extensions.funmoods_i.smplGrp", "none");
      Supprimida : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.221959");

      Fichero : C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\tihz7p1y.default\prefs.js

      C:\Users\Javiera\AppData\Roaming\Mozilla\Firefox\Profiles\tihz7p1y.default\user.js ... Suprimido !

      [OK] El fichero no contiene ninguna entrada ilegítima.

      -\\ Google Chrome v24.0.1312.57

      Fichero : C:\Users\Javiera\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [21327 octets] - [13/02/2013 14:19:33]

      ########## EOF - C:\AdwCleaner[S1].txt - [21388 octets] ##########
      Y el reporte de sc-cleaner:

      Shortcut Cleaner 1.2.1 by Lawrence Abrams (Grinler)
      Bleeping Computer - Technical Support and Computer Help
      Copyright 2008-2013 BleepingComputer.com
      More Information about Shortcut Cleaner can be found at this link:
      Shortcut Cleaner Download

      Program started at: 02/13/2013 02:22:55 PM.

      Searching C:\Users\Javiera\AppData\Roaming\Microsoft\Windows\Start Menu\

      Searching C:\ProgramData\Microsoft\Windows\Start Menu\

      Searching C:\Users\Javiera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

      Searching C:\Users\Public\Desktop\

      Searching C:\Users\Javiera\Desktop\


      0 bad shortcuts found.

      Program finished at: 02/13/2013 02:23:31 PM
      Execution time: 0 hours(s), 0 minute(s), and 35 seconds(s)
      Gracias