• Registrarse
  • Iniciar sesión


  • Página 2 de 5 PrimeroPrimero 12345 ÚltimoÚltimo
    Resultados 11 al 20 de 42

    Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

    Que tal. Volvieron a aparecer D: Malwarebytes Anti-Malware (Trial) 1.70.0.1100 Malwarebytes : Free anti-malware download Database version: v2013.02.16.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.13 francisco.velazquez :: MM-MF10-NE0392 [administrator] Protection: Disabled 2013-02-16 ...

    1. #11
      Usuario Avatar de fvelazquez11
      Registrado
      feb 2013
      Ubicación
      mon
      Mensajes
      27

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      Que tal.

      Volvieron a aparecer D:

      Malwarebytes Anti-Malware (Trial) 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Database version: v2013.02.16.03

      Windows XP Service Pack 3 x86 NTFS
      Internet Explorer 7.0.5730.13
      francisco.velazquez :: MM-MF10-NE0392 [administrator]

      Protection: Disabled

      2013-02-16 9:27:00 AM
      mbam-log-2013-02-16 (09-27-00).txt

      Scan type: Full scan (C:\|D:\|)
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
      Scan options disabled: P2P
      Objects scanned: 513492
      Time elapsed: 1 hour(s), 2 minute(s), 47 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 1
      HKLM\System\CurrentControlSet\Services\Protect (Rootkit.Agent) -> Quarantined and deleted successfully.

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 221
      c:\system82\firefox.exe (Trojan.Banker) -> Delete on reboot.
      c:\documents and settings\administrator\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\all users\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\antonio.flores\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\default user\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\jh.leem\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\lgemm\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\localservice\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\migrate\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\networkservice\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\cookies\firefox\firefox.exe (Backdoor.Agent.DCGen) -> Delete on reboot.
      c:\documents and settings\all users\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\application data\microsoftupdater\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\administrator\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\all users\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\default user\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\duc20\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\windows\system32\windupdt\firefox.exe (Backdoor.Agent.DC) -> Delete on reboot.
      c:\windows\system32\install\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\program files\temp\firefox.exe (Backdoor.Bifrose) -> Delete on reboot.
      c:\program files\windows\firefox.exe (Backdoor.Bifrose) -> Delete on reboot.
      c:\documents and settings\administrator\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\all users\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\antonio.flores\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\default user\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\jh.leem\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\lgemm\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\localservice\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\migrate\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\documents and settings\networkservice\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\firefox.exe (Rootkit.Dropper) -> Delete on reboot.
      c:\system32\firefox.exe (Misused.Legit) -> Delete on reboot.
      c:\documents and settings\all users\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\application data\directory\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\temp\history\firefox.exe (Trojan.Downloader) -> Delete on reboot.
      c:\usernk\user\pps\firefox.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\all users\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\application data\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\all users\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\application data\windowdefenderprogram\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\program files\systeme32\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\all users\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\application data\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\all users\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\application data\mkla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\perfillogis\firefox.exe (Trojan.Banker) -> Delete on reboot.
      c:\win2012\firefox.exe (Trojan.Banker) -> Delete on reboot.
      c:\documents and settings\all users\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\favorites\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\administrator\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\all users\documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\my documents\chrome.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\all users\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\antonio.flores\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\default user\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\jh.leem\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\lgemm\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\localservice\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\migrate\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\networkservice\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\application data\microsoftupdater\firefox.exe (Backdoor.Messa) -> Delete on reboot.
      c:\documents and settings\administrator\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\all users\documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\antonio.flores\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\default user\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\jh.leem\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\lgemm\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\migrate\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\my documents\resimlerim\profiles\chrome.exe (Backdoor.DarkKomet) -> Delete on reboot.
      c:\windows\install\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\default user\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\local settings\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\windows\temp\plugtmp\chrome.exe (Backdoor.Agent) -> Delete on reboot.
      c:\documents and settings\all users\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\antonio.flores\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\beatriz.santiago\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\default user\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\edwin.garcia\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\jh.leem\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm.mm-mf10-ne0392\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\lgemm\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\localservice\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\mauricio.dominguez\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\migrate\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\neromediahomeuser.4\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\networkservice\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.
      c:\windows\system32\config\systemprofile\application data\mozilla\firefox.exe (Trojan.Agent) -> Delete on reboot.

      (end)

    2. #12
      Usuario Avatar de fvelazquez11
      Registrado
      feb 2013
      Ubicación
      mon
      Mensajes
      27

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      Los precesos del equipos se habian reducido a 45 y ahora estan en 70 nuevamente D:

    3. #13
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      Hola,

      Descarga TDSSKiller.zip a tu escritorio.
      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip
      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón

        .
      • TDSSKiller comenzara a analizar el equipo.
      • Si el equipo no está infectado:
      • Mostrara
      • No threats found.
      • Presiona clic sobre el botón "Close"
      • Si el equipo está infectado:
      • Mostrara:
      • Threats detected.
      • Select action for found objects:

      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".
      • Suspicious object, medium risk. Usa siempre la opción "Skip"
      • El programa selecciona de forma automática la acción a tomar.
      • Presiona clic sobre el botón "Continue"
      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.
      • Presiona clic sobre el botón

      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #14
      Usuario Avatar de fvelazquez11
      Registrado
      feb 2013
      Ubicación
      mon
      Mensajes
      27

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      10:50:38.0592 2928 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
      10:50:39.0686 2928 ============================================================
      10:50:39.0686 2928 Current date / time: 2013/02/16 10:50:39.0686
      10:50:39.0686 2928 SystemInfo:
      10:50:39.0686 2928
      10:50:39.0686 2928 OS Version: 5.1.2600 ServicePack: 3.0
      10:50:39.0686 2928 Product type: Workstation
      10:50:39.0686 2928 ComputerName: MM-MF10-NE0392
      10:50:39.0686 2928 UserName: francisco.velazquez
      10:50:39.0686 2928 Windows directory: C:\WINDOWS
      10:50:39.0686 2928 System windows directory: C:\WINDOWS
      10:50:39.0686 2928 Processor architecture: Intel x86
      10:50:39.0686 2928 Number of processors: 2
      10:50:39.0686 2928 Page size: 0x1000
      10:50:39.0686 2928 Boot type: Normal boot
      10:50:39.0686 2928 ============================================================
      10:50:41.0264 2928 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
      10:50:41.0264 2928 ============================================================
      10:50:41.0264 2928 \Device\Harddisk0\DR0:
      10:50:41.0264 2928 MBR partitions:
      10:50:41.0264 2928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x88B8F9D
      10:50:41.0280 2928 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x88B901B, BlocksNum 0xA15BBE5
      10:50:41.0280 2928 ============================================================
      10:50:41.0311 2928 C: <-> \Device\Harddisk0\DR0\Partition1
      10:50:41.0373 2928 D: <-> \Device\Harddisk0\DR0\Partition2
      10:50:41.0373 2928 ============================================================
      10:50:41.0373 2928 Initialize success
      10:50:41.0373 2928 ============================================================
      10:51:01.0497 1272 ============================================================
      10:51:01.0497 1272 Scan started
      10:51:01.0497 1272 Mode: Manual;
      10:51:01.0497 1272 ============================================================
      10:51:02.0106 1272 ================ Scan system memory ========================
      10:51:03.0044 1272 System memory - ok
      10:51:03.0059 1272 ================ Scan services =============================
      10:51:03.0122 1272 Abiosdsk - ok
      10:51:03.0137 1272 abp480n5 - ok
      10:51:03.0169 1272 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
      10:51:03.0169 1272 ACPI - ok
      10:51:03.0200 1272 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
      10:51:03.0200 1272 ACPIEC - ok
      10:51:03.0247 1272 [ A0F7042024AC904E0D47E51B1DBB1645 ] ADAgent C:\Program Files\LGEAD\ADAgentService.exe
      10:51:03.0247 1272 ADAgent - ok
      10:51:03.0262 1272 adpu160m - ok
      10:51:03.0294 1272 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
      10:51:03.0309 1272 aec - ok
      10:51:03.0340 1272 [ F21D5E93A94514BE9F5B6EBF74A696B2 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
      10:51:03.0340 1272 AESTAud - ok
      10:51:03.0372 1272 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
      10:51:03.0372 1272 AFD - ok
      10:51:03.0387 1272 Aha154x - ok
      10:51:03.0403 1272 aic78u2 - ok
      10:51:03.0419 1272 aic78xx - ok
      10:51:03.0434 1272 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
      10:51:03.0465 1272 Alerter - ok
      10:51:03.0481 1272 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
      10:51:03.0512 1272 ALG - ok
      10:51:03.0512 1272 AliIde - ok
      10:51:03.0528 1272 amsint - ok
      10:51:03.0543 1272 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
      10:51:03.0543 1272 AppMgmt - ok
      10:51:03.0559 1272 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
      10:51:03.0559 1272 Arp1394 - ok
      10:51:03.0559 1272 asc - ok
      10:51:03.0559 1272 asc3350p - ok
      10:51:03.0575 1272 asc3550 - ok
      10:51:03.0653 1272 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
      10:51:03.0747 1272 aspnet_state - ok
      10:51:03.0778 1272 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      10:51:03.0778 1272 AsyncMac - ok
      10:51:03.0793 1272 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
      10:51:03.0793 1272 atapi - ok
      10:51:03.0793 1272 Atdisk - ok
      10:51:03.0809 1272 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      10:51:03.0825 1272 Atmarpc - ok
      10:51:03.0840 1272 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
      10:51:03.0840 1272 AudioSrv - ok
      10:51:03.0856 1272 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
      10:51:03.0872 1272 audstub - ok
      10:51:03.0934 1272 [ D9C373CD4A399D133D7444A7274FD0E9 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
      10:51:03.0997 1272 BCM43XX - ok
      10:51:04.0012 1272 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
      10:51:04.0012 1272 Beep - ok
      10:51:04.0043 1272 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
      10:51:04.0059 1272 BITS - ok
      10:51:04.0075 1272 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
      10:51:04.0075 1272 Browser - ok
      10:51:04.0122 1272 [ F688BBBE8E3E7E03E35CAABD66616DDB ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
      10:51:04.0153 1272 btaudio - ok
      10:51:04.0184 1272 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
      10:51:04.0200 1272 BTDriver - ok
      10:51:04.0231 1272 [ 38A3331E2F690D4CDC9DE0604B9416E5 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
      10:51:04.0231 1272 BTKRNL - ok
      10:51:04.0262 1272 [ D48148110AE078CB7221D0FCF20ADFEC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
      10:51:04.0262 1272 btwdins - ok
      10:51:04.0278 1272 [ 80F61DE965C116051614AC2F04222FF7 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
      10:51:04.0309 1272 BTWDNDIS - ok
      10:51:04.0325 1272 [ 5922BAE0CD84924B9CD7E6BB515EE070 ] btwmodem C:\WINDOWS\system32\DRIVERS\btwmodem.sys
      10:51:04.0340 1272 btwmodem - ok
      10:51:04.0356 1272 [ D5AF663711660D32EC230C6AAF7B6B83 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
      10:51:04.0372 1272 BTWUSB - ok
      10:51:04.0387 1272 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
      10:51:04.0403 1272 cbidf2k - ok
      10:51:04.0450 1272 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      10:51:04.0450 1272 ccEvtMgr - ok
      10:51:04.0512 1272 [ E4B94F8EDB3540D43A473D552C30D395 ] CcmExec C:\WINDOWS\system32\CCM\CcmExec.exe
      10:51:04.0512 1272 CcmExec - ok
      10:51:04.0512 1272 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      10:51:04.0512 1272 ccSetMgr - ok
      10:51:04.0528 1272 cd20xrnt - ok
      10:51:04.0543 1272 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
      10:51:04.0543 1272 Cdaudio - ok
      10:51:04.0543 1272 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
      10:51:04.0543 1272 Cdfs - ok
      10:51:04.0559 1272 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
      10:51:04.0559 1272 Cdrom - ok
      10:51:04.0559 1272 cerc6 - ok
      10:51:04.0590 1272 [ E9009C82C5A9E554797DA649D44967B2 ] CH341SER C:\WINDOWS\system32\Drivers\CH341SER.SYS
      10:51:04.0622 1272 CH341SER - ok
      10:51:04.0622 1272 Changer - ok
      10:51:04.0637 1272 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
      10:51:04.0653 1272 CiSvc - ok
      10:51:04.0668 1272 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
      10:51:04.0684 1272 ClipSrv - ok
      10:51:04.0715 1272 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      10:51:04.0762 1272 clr_optimization_v2.0.50727_32 - ok
      10:51:04.0809 1272 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      10:51:04.0934 1272 clr_optimization_v4.0.30319_32 - ok
      10:51:04.0950 1272 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
      10:51:04.0950 1272 CmBatt - ok
      10:51:04.0950 1272 CmdIde - ok
      10:51:04.0997 1272 [ 4F2DEDEED7C091FAFC4DADA5534F3D37 ] COH_Mon C:\WINDOWS\system32\Drivers\COH_Mon.sys
      10:51:04.0997 1272 COH_Mon - ok
      10:51:04.0997 1272 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
      10:51:04.0997 1272 Compbatt - ok
      10:51:05.0012 1272 COMSysApp - ok
      10:51:05.0059 1272 [ 6C86D2B8DBBDD6AB9CA606570EAD0172 ] CoreScanner C:\Program Files\Motorola Scanner\Common\CoreScanner.exe
      10:51:05.0059 1272 CoreScanner - ok
      10:51:05.0075 1272 Cpqarray - ok
      10:51:05.0090 1272 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
      10:51:05.0090 1272 CryptSvc - ok
      10:51:05.0137 1272 [ F054744F67576A01139885173392502B ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfo.sys
      10:51:05.0137 1272 CrystalSysInfo - ok
      10:51:05.0153 1272 dac2w2k - ok
      10:51:05.0153 1272 dac960nt - ok
      10:51:05.0184 1272 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
      10:51:05.0200 1272 DcomLaunch - ok
      10:51:05.0215 1272 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
      10:51:05.0215 1272 Dhcp - ok
      10:51:05.0215 1272 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
      10:51:05.0215 1272 Disk - ok
      10:51:05.0215 1272 dmadmin - ok
      10:51:05.0262 1272 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
      10:51:05.0293 1272 dmboot - ok
      10:51:05.0293 1272 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
      10:51:05.0309 1272 dmio - ok
      10:51:05.0325 1272 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
      10:51:05.0325 1272 dmload - ok
      10:51:05.0340 1272 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
      10:51:05.0340 1272 dmserver - ok
      10:51:05.0356 1272 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
      10:51:05.0356 1272 DMusic - ok
      10:51:05.0371 1272 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
      10:51:05.0371 1272 Dnscache - ok
      10:51:05.0387 1272 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
      10:51:05.0418 1272 Dot3svc - ok
      10:51:05.0418 1272 dpti2o - ok
      10:51:05.0496 1272 [ 0F1189883690949BA7A9F68339587E51 ] driverhardwarev2 C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
      10:51:05.0496 1272 driverhardwarev2 - ok
      10:51:05.0512 1272 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
      10:51:05.0512 1272 drmkaud - ok
      10:51:05.0575 1272 [ 645E0228D154466DDF76756A242900C7 ] DSv4_DRM_Control C:\Program Files\MarkAny\Document SAFER\DSH_Service.exe
      10:51:05.0575 1272 DSv4_DRM_Control - ok
      10:51:05.0606 1272 [ 0000BFDA0DE85BFD5D0086B1013E1F72 ] e1yexpress C:\WINDOWS\system32\DRIVERS\e1y5132.sys
      10:51:05.0606 1272 e1yexpress - ok
      10:51:05.0621 1272 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
      10:51:05.0621 1272 EapHost - ok
      10:51:05.0653 1272 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
      10:51:05.0668 1272 eeCtrl - ok
      10:51:05.0684 1272 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
      10:51:05.0684 1272 EraserUtilRebootDrv - ok
      10:51:05.0684 1272 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
      10:51:05.0684 1272 ERSvc - ok
      10:51:05.0700 1272 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
      10:51:05.0715 1272 Eventlog - ok
      10:51:05.0731 1272 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
      10:51:05.0731 1272 EventSystem - ok
      10:51:05.0746 1272 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
      10:51:05.0778 1272 Fastfat - ok
      10:51:05.0793 1272 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
      10:51:05.0793 1272 FastUserSwitchingCompatibility - ok
      10:51:05.0809 1272 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
      10:51:05.0825 1272 Fdc - ok
      10:51:05.0856 1272 [ 3A85AD5FDD3B05218B48BBD0D62F04D3 ] FDDec C:\WINDOWS\system32\drivers\FDDec.sys
      10:51:05.0871 1272 FDDec - ok
      10:51:05.0903 1272 [ 6582E28223011502EF393A9C2E87CA62 ] FileHook C:\WINDOWS\system32\drivers\FileHook.sys
      10:51:05.0918 1272 FileHook - ok
      10:51:05.0918 1272 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
      10:51:05.0918 1272 Fips - ok
      10:51:05.0934 1272 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
      10:51:05.0950 1272 Flpydisk - ok
      10:51:05.0965 1272 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
      10:51:05.0965 1272 FltMgr - ok
      10:51:05.0981 1272 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
      10:51:05.0981 1272 Fs_Rec - ok
      10:51:06.0012 1272 [ B7AA8283EC551D3A3B924E520E0621A7 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
      10:51:06.0028 1272 FTDIBUS - ok
      10:51:06.0028 1272 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      10:51:06.0028 1272 Ftdisk - ok
      10:51:06.0059 1272 [ 596D31583CE332B5514520D74837F434 ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
      10:51:06.0075 1272 FTSER2K - ok
      10:51:06.0090 1272 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
      10:51:06.0090 1272 Gpc - ok
      10:51:06.0106 1272 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
      10:51:06.0106 1272 HDAudBus - ok
      10:51:06.0137 1272 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
      10:51:06.0137 1272 helpsvc - ok
      10:51:06.0168 1272 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
      10:51:06.0168 1272 HidServ - ok
      10:51:06.0184 1272 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
      10:51:06.0184 1272 HidUsb - ok
      10:51:06.0200 1272 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
      10:51:06.0215 1272 hkmsvc - ok
      10:51:06.0215 1272 hpn - ok
      10:51:06.0262 1272 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
      10:51:06.0262 1272 HTTP - ok
      10:51:06.0278 1272 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
      10:51:06.0293 1272 HTTPFilter - ok
      10:51:06.0293 1272 i2omgmt - ok
      10:51:06.0309 1272 i2omp - ok
      10:51:06.0325 1272 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      10:51:06.0325 1272 i8042prt - ok
      10:51:06.0340 1272 [ E9CCE03BCE0585226DA5B2AB2A3E342E ] idisw2km C:\WINDOWS\system32\DRIVERS\idisw2km.sys
      10:51:06.0340 1272 idisw2km - ok
      10:51:06.0387 1272 [ C0A157BBBBB44C6428ACF5CECA390E77 ] ILMService C:\WINDOWS\limansvc.exe
      10:51:06.0403 1272 ILMService - ok
      10:51:06.0434 1272 [ 4FC5120B416EA5922DF81C105190E68C ] Image Protection C:\WINDOWS\ImageSAFERSvc.exe
      10:51:06.0434 1272 Image Protection - ok
      10:51:06.0450 1272 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
      10:51:06.0450 1272 Imapi - ok
      10:51:06.0481 1272 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
      10:51:06.0512 1272 ImapiService - ok
      10:51:06.0528 1272 ini910u - ok
      10:51:06.0528 1272 IntelIde - ok
      10:51:06.0559 1272 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
      10:51:06.0559 1272 intelppm - ok
      10:51:06.0574 1272 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
      10:51:06.0590 1272 Ip6Fw - ok
      10:51:06.0606 1272 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      10:51:06.0606 1272 IpFilterDriver - ok
      10:51:06.0621 1272 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
      10:51:06.0637 1272 IpInIp - ok
      10:51:06.0653 1272 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
      10:51:06.0668 1272 IpNat - ok
      10:51:06.0684 1272 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
      10:51:06.0699 1272 IPSec - ok
      10:51:06.0715 1272 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
      10:51:06.0731 1272 IRENUM - ok
      10:51:06.0746 1272 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
      10:51:06.0762 1272 isapnp - ok
      10:51:06.0762 1272 [ EE382BD478EEC57D3F3CFE0968CA70A3 ] ISMgr C:\WINDOWS\system32\ImageSAFERDrv.sys
      10:51:06.0762 1272 ISMgr - ok
      10:51:06.0824 1272 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
      10:51:06.0824 1272 JavaQuickStarterService - ok
      10:51:06.0840 1272 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      10:51:06.0856 1272 Kbdclass - ok
      10:51:06.0887 1272 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
      10:51:06.0887 1272 kbdhid - ok
      10:51:06.0887 1272 [ 5CB887962A98B4E11D62858B75D87580 ] kbstuff C:\WINDOWS\system32\DRIVERS\kbstuff5.sys
      10:51:06.0887 1272 kbstuff - ok
      10:51:06.0918 1272 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
      10:51:06.0918 1272 kmixer - ok
      10:51:06.0934 1272 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
      10:51:06.0934 1272 KSecDD - ok
      10:51:06.0965 1272 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
      10:51:06.0965 1272 LanmanServer - ok
      10:51:06.0996 1272 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
      10:51:06.0996 1272 lanmanworkstation - ok
      10:51:07.0012 1272 lbrtfdc - ok
      10:51:07.0184 1272 [ DB5CAC0DC9DC9152A906D150BA379FFC ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
      10:51:07.0215 1272 LeapFrog Connect Device Service - ok
      10:51:07.0340 1272 [ 6ABE9ECAAB7DD0CC6F46EC830E0FE8FC ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      10:51:07.0356 1272 LiveUpdate - ok
      10:51:07.0387 1272 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
      10:51:07.0387 1272 LmHosts - ok
      10:51:07.0387 1272 lmimirr - ok
      10:51:07.0418 1272 [ EB443A43BFA24D83E48A07D98904A643 ] maconfservice C:\Program Files\ma-config.com\maconfservice.exe
      10:51:07.0465 1272 maconfservice - ok
      10:51:07.0496 1272 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
      10:51:07.0496 1272 MBAMProtector - ok
      10:51:07.0528 1272 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      10:51:07.0528 1272 MBAMScheduler - ok
      10:51:07.0574 1272 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      10:51:07.0574 1272 MBAMService - ok
      10:51:07.0590 1272 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
      10:51:07.0606 1272 Messenger - ok
      10:51:07.0621 1272 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
      10:51:07.0621 1272 mnmdd - ok
      10:51:07.0637 1272 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
      10:51:07.0653 1272 mnmsrvc - ok
      10:51:07.0653 1272 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
      10:51:07.0653 1272 Modem - ok
      10:51:07.0684 1272 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
      10:51:07.0684 1272 Mouclass - ok
      10:51:07.0699 1272 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
      10:51:07.0699 1272 mouhid - ok
      10:51:07.0699 1272 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
      10:51:07.0699 1272 MountMgr - ok
      10:51:07.0715 1272 mraid35x - ok
      10:51:07.0715 1272 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      10:51:07.0715 1272 MRxDAV - ok
      10:51:07.0746 1272 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      10:51:07.0762 1272 MRxSmb - ok
      10:51:07.0778 1272 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
      10:51:07.0793 1272 MSDTC - ok
      10:51:07.0809 1272 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
      10:51:07.0809 1272 Msfs - ok
      10:51:07.0871 1272 [ 6B298F50EC2F975430189741EE6A5CA2 ] msftesql$MES c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
      10:51:07.0871 1272 msftesql$MES - ok
      10:51:07.0887 1272 MSIServer - ok
      10:51:07.0903 1272 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
      10:51:07.0903 1272 MSKSSRV - ok
      10:51:07.0934 1272 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      10:51:07.0934 1272 MSPCLOCK - ok
      10:51:07.0949 1272 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
      10:51:07.0965 1272 MSPQM - ok
      10:51:07.0981 1272 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      10:51:07.0981 1272 mssmbios - ok
      10:51:07.0981 1272 MSSQL$MES - ok
      10:51:07.0996 1272 MSSQLSERVER - ok
      10:51:08.0043 1272 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
      10:51:08.0074 1272 MSSQLServerADHelper - ok
      10:51:08.0090 1272 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
      10:51:08.0090 1272 Mup - ok
      10:51:08.0121 1272 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
      10:51:08.0152 1272 napagent - ok
      10:51:08.0215 1272 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130215.034\NAVENG.SYS
      10:51:08.0215 1272 NAVENG - ok
      10:51:08.0262 1272 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130215.034\NAVEX15.SYS
      10:51:08.0262 1272 NAVEX15 - ok
      10:51:08.0277 1272 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
      10:51:08.0293 1272 NDIS - ok
      10:51:08.0309 1272 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      10:51:08.0309 1272 NdisTapi - ok
      10:51:08.0340 1272 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      10:51:08.0340 1272 Ndisuio - ok
      10:51:08.0356 1272 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      10:51:08.0356 1272 NdisWan - ok
      10:51:08.0387 1272 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
      10:51:08.0387 1272 NDProxy - ok
      10:51:08.0418 1272 [ 87C61A17E908AEF1C63FBAF915C0B452 ] NeroMediaHomeService.4 C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
      10:51:08.0434 1272 NeroMediaHomeService.4 - ok
      10:51:08.0465 1272 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
      10:51:08.0465 1272 Net Driver HPZ12 - ok
      10:51:08.0481 1272 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
      10:51:08.0481 1272 NetBIOS - ok
      10:51:08.0512 1272 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
      10:51:08.0512 1272 NetBT - ok
      10:51:08.0543 1272 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
      10:51:08.0559 1272 NetDDE - ok
      10:51:08.0574 1272 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
      10:51:08.0574 1272 NetDDEdsdm - ok
      10:51:08.0590 1272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
      10:51:08.0590 1272 Netlogon - ok
      10:51:08.0621 1272 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
      10:51:08.0621 1272 Netman - ok
      10:51:08.0652 1272 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      10:51:08.0715 1272 NetTcpPortSharing - ok
      10:51:08.0746 1272 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
      10:51:08.0746 1272 NIC1394 - ok
      10:51:08.0777 1272 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
      10:51:08.0793 1272 Nla - ok
      10:51:08.0793 1272 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
      10:51:08.0809 1272 Npfs - ok
      10:51:08.0824 1272 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
      10:51:08.0856 1272 Ntfs - ok
      10:51:08.0856 1272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
      10:51:08.0871 1272 NtLmSsp - ok
      10:51:08.0887 1272 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
      10:51:08.0934 1272 NtmsSvc - ok
      10:51:08.0965 1272 [ 5594EC7B50F91764B281950B07BBA291 ] NTProcMonitor C:\Program Files\MarkAny\Document SAFER\NtProcMonitor.sys
      10:51:08.0965 1272 NTProcMonitor - ok
      10:51:08.0981 1272 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
      10:51:08.0981 1272 Null - ok
      10:51:09.0231 1272 [ BCDFB7C7A890C0C8E53659FDF52817FE ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
      10:51:09.0434 1272 nv - ok
      10:51:09.0605 1272 [ 8234151A1D602D3175DE4859E32D5289 ] NVIDIA Performance Driver Service C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
      10:51:09.0684 1272 NVIDIA Performance Driver Service - ok
      10:51:09.0746 1272 [ 1C5E7E2EFEAE5F1DACB750B868A05BA5 ] nvsvc C:\WINDOWS\system32\nvsvc32.exe
      10:51:09.0746 1272 nvsvc - ok
      10:51:09.0777 1272 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      10:51:09.0777 1272 NwlnkFlt - ok
      10:51:09.0809 1272 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      10:51:09.0809 1272 NwlnkFwd - ok
      10:51:09.0887 1272 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      10:51:09.0949 1272 odserv - ok
      10:51:09.0965 1272 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
      10:51:09.0965 1272 ohci1394 - ok
      10:51:10.0012 1272 [ 46C916A0F4CC9FF93B0BD47C2B44BA46 ] OracleClientCache80 C:\orant\BIN\ONRSD80.EXE
      10:51:10.0043 1272 OracleClientCache80 - ok
      10:51:10.0059 1272 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      10:51:10.0137 1272 ose - ok
      10:51:10.0152 1272 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
      10:51:10.0152 1272 Parport - ok
      10:51:10.0152 1272 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
      10:51:10.0152 1272 PartMgr - ok
      10:51:10.0199 1272 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
      10:51:10.0215 1272 ParVdm - ok
      10:51:10.0230 1272 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
      10:51:10.0230 1272 PCI - ok
      10:51:10.0230 1272 PCIDump - ok
      10:51:10.0246 1272 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
      10:51:10.0246 1272 PCIIde - ok
      10:51:10.0262 1272 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
      10:51:10.0262 1272 Pcmcia - ok
      10:51:10.0262 1272 PDCOMP - ok
      10:51:10.0262 1272 PDFRAME - ok
      10:51:10.0277 1272 PDRELI - ok
      10:51:10.0277 1272 PDRFRAME - ok
      10:51:10.0277 1272 perc2 - ok
      10:51:10.0293 1272 perc2hib - ok
      10:51:10.0309 1272 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
      10:51:10.0324 1272 PlugPlay - ok
      10:51:10.0324 1272 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
      10:51:10.0340 1272 Pml Driver HPZ12 - ok
      10:51:10.0340 1272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
      10:51:10.0355 1272 PolicyAgent - ok
      10:51:10.0355 1272 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
      10:51:10.0355 1272 PptpMiniport - ok
      10:51:10.0387 1272 [ 19505C4134F3181FC2203E087140C192 ] prepdrvr C:\WINDOWS\system32\CCM\prepdrv.sys
      10:51:10.0387 1272 prepdrvr - ok
      10:51:10.0402 1272 [ 7A22CBB45FD4F50563630247EB9EDBF0 ] PROCHIDE C:\WINDOWS\system32\drivers\PROCHIDE.sys
      10:51:10.0402 1272 PROCHIDE - ok
      10:51:10.0402 1272 Protect - ok
      10:51:10.0402 1272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
      10:51:10.0402 1272 ProtectedStorage - ok
      10:51:10.0434 1272 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
      10:51:10.0449 1272 PSched - ok
      10:51:10.0449 1272 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
      10:51:10.0465 1272 Ptilink - ok
      10:51:10.0465 1272 ql1080 - ok
      10:51:10.0465 1272 Ql10wnt - ok
      10:51:10.0465 1272 ql12160 - ok
      10:51:10.0480 1272 ql1240 - ok
      10:51:10.0480 1272 ql1280 - ok
      10:51:10.0512 1272 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
      10:51:10.0512 1272 RasAcd - ok
      10:51:10.0527 1272 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
      10:51:10.0543 1272 RasAuto - ok
      10:51:10.0559 1272 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      10:51:10.0559 1272 Rasl2tp - ok
      10:51:10.0574 1272 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
      10:51:10.0574 1272 RasMan - ok
      10:51:10.0574 1272 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      10:51:10.0574 1272 RasPppoe - ok
      10:51:10.0590 1272 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
      10:51:10.0590 1272 Raspti - ok
      10:51:10.0605 1272 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
      10:51:10.0605 1272 Rdbss - ok
      10:51:10.0605 1272 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      10:51:10.0605 1272 RDPCDD - ok
      10:51:10.0637 1272 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
      10:51:10.0652 1272 rdpdr - ok
      10:51:10.0684 1272 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
      10:51:10.0684 1272 RDPWD - ok
      10:51:10.0715 1272 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
      10:51:10.0730 1272 RDSessMgr - ok
      10:51:10.0762 1272 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
      10:51:10.0762 1272 redbook - ok
      10:51:10.0793 1272 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
      10:51:10.0793 1272 RemoteAccess - ok
      10:51:10.0824 1272 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
      10:51:10.0824 1272 RemoteRegistry - ok
      10:51:10.0840 1272 [ EA885E7A56F1BE1F14C372337C42FE48 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
      10:51:10.0840 1272 rimmptsk - ok
      10:51:10.0871 1272 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
      10:51:10.0871 1272 RpcLocator - ok
      10:51:10.0918 1272 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
      10:51:10.0918 1272 RpcSs - ok
      10:51:10.0949 1272 [ DAC2D703EC7CD218C0596CCA2A4FEA3C ] rsmdriverproviderservice C:\Program Files\Motorola Scanner\Common\RSMDriverProviderService.exe
      10:51:10.0949 1272 rsmdriverproviderservice - ok
      10:51:10.0965 1272 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
      10:51:10.0996 1272 RSVP - ok
      10:51:11.0012 1272 [ 4FE9A43EABF8EC2970D9396425CAEC3E ] Safandrv C:\WINDOWS\system32\drivers\safandrv.sys
      10:51:11.0027 1272 Safandrv - ok
      10:51:11.0027 1272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
      10:51:11.0027 1272 SamSs - ok
      10:51:11.0043 1272 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
      10:51:11.0058 1272 SCardSvr - ok
      10:51:11.0090 1272 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
      10:51:11.0090 1272 Schedule - ok
      10:51:11.0105 1272 [ B50986F0049DD36A95A4F5A80DF4CF60 ] ScnSrvc C:\Program Files\Motorola Scanner\Common\ScannerService.exe
      10:51:11.0105 1272 ScnSrvc - ok
      10:51:11.0183 1272 [ B60E9769655DDEE8368E3ABB6668E076 ] ScrybeUpdater C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
      10:51:11.0199 1272 ScrybeUpdater - ok
      10:51:11.0215 1272 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
      10:51:11.0215 1272 sdbus - ok
      10:51:11.0230 1272 [ 2BBFE9171E9FA8BDC199F6150F8D71C7 ] SDFA C:\WINDOWS\system32\drivers\SDFA.sys
      10:51:11.0230 1272 SDFA - ok
      10:51:11.0277 1272 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
      10:51:11.0293 1272 SDScannerService - ok
      10:51:11.0324 1272 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
      10:51:11.0340 1272 SDUpdateService - ok
      10:51:11.0355 1272 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
      10:51:11.0355 1272 SDWSCService - ok
      10:51:11.0371 1272 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
      10:51:11.0371 1272 Secdrv - ok
      10:51:11.0387 1272 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
      10:51:11.0402 1272 seclogon - ok
      10:51:11.0433 1272 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
      10:51:11.0433 1272 SENS - ok
      10:51:11.0480 1272 [ 618A8EB6C3A830B7301DF1DFD99854B2 ] Sentinel C:\WINDOWS\System32\Drivers\SENTINEL.SYS
      10:51:11.0480 1272 Sentinel - ok
      10:51:11.0543 1272 [ B1D1C13D2098FF438E78A48314D22C33 ] SentinelKeysServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
      10:51:11.0543 1272 SentinelKeysServer - ok
      10:51:11.0558 1272 [ 6D770691297C957EC10AB2B758603BA7 ] SentinelProtectionServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
      10:51:11.0574 1272 SentinelProtectionServer - ok
      10:51:11.0605 1272 [ DE0A165D9F8EA295E62EA702EF2F8125 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl.sys
      10:51:11.0652 1272 Ser2pl - ok
      10:51:11.0715 1272 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
      10:51:11.0808 1272 Serenum - ok
      10:51:11.0840 1272 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
      10:51:11.0902 1272 Serial - ok
      10:51:11.0933 1272 [ 31011156A0C771C0BC6CD45D5472F9C0 ] SFCDEX C:\WINDOWS\system32\drivers\SFCDEX.sys
      10:51:11.0933 1272 SFCDEX - ok
      10:51:11.0965 1272 [ 4A45BB8BF0285BCF05B9F696D4B0716B ] SFfolder C:\WINDOWS\system32\drivers\SFfolder.sys
      10:51:11.0965 1272 SFfolder - ok
      10:51:11.0980 1272 [ 97492AB31B0132A92DA4C1DC1E7B6B72 ] SFkbd C:\WINDOWS\system32\drivers\SFkbd.sys
      10:51:11.0980 1272 SFkbd - ok
      10:51:11.0996 1272 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
      10:51:12.0012 1272 Sfloppy - ok
      10:51:12.0012 1272 [ C03F8CB6F1F5E2567A7FC3D286146493 ] SFMouse C:\WINDOWS\system32\drivers\SFMouse.sys
      10:51:12.0012 1272 SFMouse - ok
      10:51:12.0027 1272 [ 9B17A9A4C32B4CAA24BCBF84D0FEAEAC ] SFRes C:\WINDOWS\system32\drivers\SFRes.sys
      10:51:12.0043 1272 SFRes - ok
      10:51:12.0058 1272 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
      10:51:12.0105 1272 SharedAccess - ok
      10:51:12.0121 1272 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
      10:51:12.0137 1272 ShellHWDetection - ok
      10:51:12.0137 1272 Simbad - ok
      10:51:12.0199 1272 [ 8317AD0C7E640411C746D5664EB7957A ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
      10:51:12.0215 1272 SmcService - ok
      10:51:12.0246 1272 [ 95293A76341B1DB125EE125474657728 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
      10:51:12.0308 1272 SNAC - ok
      10:51:12.0324 1272 [ 8D4A96868AE13C3CF8425B383B59D802 ] SNTNLUSB C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
      10:51:12.0340 1272 SNTNLUSB - ok
      10:51:12.0340 1272 Sparrow - ok
      10:51:12.0387 1272 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
      10:51:12.0387 1272 SPBBCDrv - ok
      10:51:12.0402 1272 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
      10:51:12.0402 1272 splitter - ok
      10:51:12.0433 1272 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
      10:51:12.0433 1272 Spooler - ok
      10:51:12.0465 1272 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
      10:51:12.0558 1272 SQLBrowser - ok
      10:51:12.0558 1272 SQLSERVERAGENT - ok
      10:51:12.0574 1272 [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      10:51:12.0574 1272 SQLWriter - ok
      10:51:12.0590 1272 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
      10:51:12.0605 1272 sr - ok
      10:51:12.0621 1272 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
      10:51:12.0621 1272 srservice - ok
      10:51:12.0636 1272 [ B36F8D6A02FF2B3A53E250A629782F29 ] SRTSP C:\WINDOWS\system32\Drivers\SRTSP.SYS
      10:51:12.0636 1272 SRTSP - ok
      10:51:12.0652 1272 [ E99BD98AC171A29FC1BA9376BE87AE73 ] SRTSPL C:\WINDOWS\system32\Drivers\SRTSPL.SYS
      10:51:12.0683 1272 SRTSPL - ok
      10:51:12.0699 1272 [ 1AF34729898063E9B7DF8D149D767E07 ] SRTSPX C:\WINDOWS\system32\Drivers\SRTSPX.SYS
      10:51:12.0699 1272 SRTSPX - ok
      10:51:12.0730 1272 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
      10:51:12.0730 1272 Srv - ok
      10:51:12.0761 1272 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
      10:51:12.0761 1272 SSDPSRV - ok
      10:51:12.0949 1272 [ 3603F3DB9FBA2A8FA91829681BA25AFA ] STacSV c:\program files\idt\dellxpm09b_6159v043\wdm\stacsv.exe
      10:51:12.0949 1272 STacSV - ok
      10:51:13.0058 1272 [ 1B76479B80FF0F6E245BA590A64102BE ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
      10:51:13.0058 1272 STHDA - ok
      10:51:13.0090 1272 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
      10:51:13.0105 1272 stisvc - ok
      10:51:13.0121 1272 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
      10:51:13.0121 1272 swenum - ok
      10:51:13.0136 1272 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
      10:51:13.0136 1272 swmidi - ok
      10:51:13.0136 1272 SwPrv - ok
      10:51:13.0183 1272 [ 4402CF4959A30CB6A008099ABA8F22A9 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
      10:51:13.0199 1272 Symantec AntiVirus - ok
      10:51:13.0215 1272 symc810 - ok
      10:51:13.0215 1272 symc8xx - ok
      10:51:13.0230 1272 [ E42A34E6F5CA71A84D4C2DE620AAD13D ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
      10:51:13.0246 1272 SymEvent - ok
      10:51:13.0246 1272 sym_hi - ok
      10:51:13.0246 1272 sym_u3 - ok
      10:51:13.0308 1272 [ 2185CC5BE9922562108CF87F42E4BBAF ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
      10:51:13.0308 1272 SynTP - ok
      10:51:13.0324 1272 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
      10:51:13.0324 1272 sysaudio - ok
      10:51:13.0340 1272 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
      10:51:13.0355 1272 SysmonLog - ok
      10:51:13.0386 1272 [ 666992D996C524812E713EFFD836D043 ] SysPlant C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys
      10:51:13.0386 1272 SysPlant - ok
      10:51:13.0402 1272 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
      10:51:13.0418 1272 TapiSrv - ok
      10:51:13.0511 1272 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
      10:51:13.0542 1272 Tcpip - ok
      10:51:13.0574 1272 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
      10:51:13.0589 1272 TDPIPE - ok
      10:51:13.0605 1272 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
      10:51:13.0605 1272 TDTCP - ok
      10:51:13.0620 1272 [ F63439AC8FA992BFA0C757EB644A1A0C ] Teefer2 C:\WINDOWS\system32\DRIVERS\teefer2.sys
      10:51:13.0620 1272 Teefer2 - ok
      10:51:13.0636 1272 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
      10:51:13.0636 1272 TermDD - ok
      10:51:13.0667 1272 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
      10:51:13.0667 1272 TermService - ok
      10:51:13.0699 1272 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
      10:51:13.0699 1272 Themes - ok
      10:51:13.0714 1272 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
      10:51:13.0730 1272 TlntSvr - ok
      10:51:13.0745 1272 TosIde - ok
      10:51:13.0761 1272 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
      10:51:13.0777 1272 TrkWks - ok
      10:51:13.0824 1272 [ 711561440FDC396CB6E4C69C13375A38 ] tvnserver C:\Program Files\TightVNC\tvnserver.exe
      10:51:13.0824 1272 tvnserver - ok
      10:51:13.0839 1272 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
      10:51:13.0855 1272 Udfs - ok
      10:51:13.0855 1272 ultra - ok
      10:51:13.0870 1272 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
      10:51:13.0886 1272 Update - ok
      10:51:13.0902 1272 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
      10:51:13.0917 1272 upnphost - ok
      10:51:13.0933 1272 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
      10:51:13.0933 1272 UPS - ok
      10:51:13.0964 1272 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
      10:51:13.0964 1272 usbccgp - ok
      10:51:13.0980 1272 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
      10:51:13.0980 1272 usbehci - ok
      10:51:13.0995 1272 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
      10:51:13.0995 1272 usbhub - ok
      10:51:14.0042 1272 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
      10:51:14.0058 1272 usbscan - ok
      10:51:14.0074 1272 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      10:51:14.0089 1272 USBSTOR - ok
      10:51:14.0105 1272 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      10:51:14.0105 1272 usbuhci - ok
      10:51:14.0120 1272 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
      10:51:14.0120 1272 VgaSave - ok
      10:51:14.0120 1272 ViaIde - ok
      10:51:14.0199 1272 [ B5BA71EADEED0773D2E0978F962E1BF3 ] Visual Studio Analyzer RPC bridge C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe
      10:51:14.0230 1272 Visual Studio Analyzer RPC bridge - ok
      10:51:14.0230 1272 vmci - ok
      10:51:14.0245 1272 VMnetAdapter - ok
      10:51:14.0261 1272 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
      10:51:14.0261 1272 VolSnap - ok
      10:51:14.0277 1272 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
      10:51:14.0308 1272 VSS - ok
      10:51:14.0339 1272 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
      10:51:14.0339 1272 W32Time - ok
      10:51:14.0355 1272 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
      10:51:14.0355 1272 Wanarp - ok
      10:51:14.0386 1272 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
      10:51:14.0386 1272 Wdf01000 - ok
      10:51:14.0402 1272 WDICA - ok
      10:51:14.0433 1272 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
      10:51:14.0449 1272 wdmaud - ok
      10:51:14.0449 1272 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
      10:51:14.0449 1272 WebClient - ok
      10:51:14.0495 1272 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
      10:51:14.0495 1272 WinDefend - ok
      10:51:14.0558 1272 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
      10:51:14.0558 1272 winmgmt - ok
      10:51:14.0605 1272 [ CCAEC5175F1EBC6EB0DBD607EEA791C1 ] wirelessusbser C:\WINDOWS\system32\DRIVERS\3GDatausbser.sys
      10:51:14.0620 1272 wirelessusbser - ok
      10:51:14.0652 1272 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
      10:51:14.0652 1272 WmdmPmSN - ok
      10:51:14.0683 1272 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
      10:51:14.0683 1272 Wmi - ok
      10:51:14.0714 1272 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
      10:51:14.0714 1272 WmiAcpi - ok
      10:51:14.0730 1272 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
      10:51:14.0745 1272 WmiApSrv - ok
      10:51:14.0824 1272 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
      10:51:14.0933 1272 WPFFontCache_v0400 - ok
      10:51:14.0949 1272 [ 9748E527F0D71BC86A1FE45F294E368B ] WPS C:\WINDOWS\system32\drivers\wpsdrvnt.sys
      10:51:14.0949 1272 WPS - ok
      10:51:14.0980 1272 [ C306D2037EC147C7C663994F12B87F1E ] WpsHelper C:\WINDOWS\system32\drivers\WpsHelper.sys
      10:51:14.0980 1272 WpsHelper - ok
      10:51:14.0995 1272 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
      10:51:15.0011 1272 WS2IFSL - ok
      10:51:15.0027 1272 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
      10:51:15.0027 1272 wscsvc - ok
      10:51:15.0058 1272 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
      10:51:15.0074 1272 wuauserv - ok
      10:51:15.0120 1272 [ 4F739BB957986F7DF55DC6545B86B6FD ] Wuser32 C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
      10:51:15.0120 1272 Wuser32 - ok
      10:51:15.0136 1272 [ 34697C66B8B7B77FB7773C1A6DF5A50C ] WWC C:\WWCNT\WWCSERVICE.EXE
      10:51:15.0136 1272 WWC - ok
      10:51:15.0152 1272 [ ABC36F134E0C8C71ABF78EAE46DE96EC ] WwHook C:\WINDOWS\system32\drivers\WwHook.sys
      10:51:15.0152 1272 WwHook - ok
      10:51:15.0183 1272 [ 16114D9BBDDA2A59DEA72546C6B0A89A ] wwInjDrv C:\WINDOWS\system32\Drivers\wwInjDrv32.SYS
      10:51:15.0183 1272 wwInjDrv - ok
      10:51:15.0199 1272 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
      10:51:15.0214 1272 WZCSVC - ok
      10:51:15.0230 1272 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
      10:51:15.0261 1272 xmlprov - ok
      10:51:15.0261 1272 ================ Scan global ===============================
      10:51:15.0292 1272 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
      10:51:15.0308 1272 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
      10:51:15.0324 1272 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
      10:51:15.0339 1272 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
      10:51:15.0339 1272 [Global] - ok
      10:51:15.0339 1272 ================ Scan MBR ==================================
      10:51:15.0355 1272 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
      10:51:15.0636 1272 \Device\Harddisk0\DR0 - ok
      10:51:15.0636 1272 ================ Scan VBR ==================================
      10:51:15.0636 1272 [ 9268353914837B096848EEEA9FC62158 ] \Device\Harddisk0\DR0\Partition1
      10:51:15.0636 1272 \Device\Harddisk0\DR0\Partition1 - ok
      10:51:15.0652 1272 [ 47935F4A92A81FBC981829A4797AFCED ] \Device\Harddisk0\DR0\Partition2
      10:51:15.0652 1272 \Device\Harddisk0\DR0\Partition2 - ok
      10:51:15.0652 1272 ============================================================
      10:51:15.0652 1272 Scan finished
      10:51:15.0652 1272 ============================================================
      10:51:15.0667 1844 Detected object count: 0
      10:51:15.0667 1844 Actual detected object count: 0
      10:51:48.0152 2860 ============================================================
      10:51:48.0152 2860 Scan started
      10:51:48.0152 2860 Mode: Manual; SigCheck; TDLFS;
      10:51:48.0152 2860 ============================================================
      10:51:48.0589 2860 ================ Scan system memory ========================
      10:51:48.0855 2860 System memory - ok
      10:51:48.0855 2860 ================ Scan services =============================
      10:51:48.0933 2860 Abiosdsk - ok
      10:51:48.0933 2860 abp480n5 - ok
      10:51:48.0964 2860 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
      10:51:49.0605 2860 ACPI - ok
      10:51:49.0652 2860 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
      10:51:49.0777 2860 ACPIEC - ok
      10:51:49.0824 2860 [ A0F7042024AC904E0D47E51B1DBB1645 ] ADAgent C:\Program Files\LGEAD\ADAgentService.exe
      10:51:49.0870 2860 ADAgent ( UnsignedFile.Multi.Generic ) - warning
      10:51:49.0870 2860 ADAgent - detected UnsignedFile.Multi.Generic (1)
      10:51:49.0870 2860 adpu160m - ok
      10:51:49.0902 2860 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
      10:51:50.0011 2860 aec - ok
      10:51:50.0027 2860 [ F21D5E93A94514BE9F5B6EBF74A696B2 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
      10:51:50.0058 2860 AESTAud - ok
      10:51:50.0089 2860 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
      10:51:50.0136 2860 AFD - ok
      10:51:50.0136 2860 Aha154x - ok
      10:51:50.0136 2860 aic78u2 - ok
      10:51:50.0152 2860 aic78xx - ok
      10:51:50.0167 2860 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
      10:51:50.0245 2860 Alerter - ok
      10:51:50.0261 2860 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
      10:51:50.0308 2860 ALG - ok
      10:51:50.0324 2860 AliIde - ok
      10:51:50.0324 2860 amsint - ok
      10:51:50.0339 2860 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
      10:51:50.0370 2860 AppMgmt - ok
      10:51:50.0386 2860 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
      10:51:50.0464 2860 Arp1394 - ok
      10:51:50.0464 2860 asc - ok
      10:51:50.0464 2860 asc3350p - ok
      10:51:50.0480 2860 asc3550 - ok
      10:51:50.0574 2860 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
      10:51:50.0589 2860 aspnet_state - ok
      10:51:50.0589 2860 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      10:51:50.0667 2860 AsyncMac - ok
      10:51:50.0683 2860 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
      10:51:50.0761 2860 atapi - ok
      10:51:50.0761 2860 Atdisk - ok
      10:51:50.0777 2860 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      10:51:50.0855 2860 Atmarpc - ok
      10:51:50.0870 2860 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
      10:51:50.0964 2860 AudioSrv - ok
      10:51:50.0995 2860 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
      10:51:51.0074 2860 audstub - ok
      10:51:51.0136 2860 [ D9C373CD4A399D133D7444A7274FD0E9 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
      10:51:51.0230 2860 BCM43XX - ok
      10:51:51.0245 2860 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
      10:51:51.0324 2860 Beep - ok
      10:51:51.0355 2860 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
      10:51:51.0433 2860 BITS - ok
      10:51:51.0449 2860 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
      10:51:51.0542 2860 Browser - ok
      10:51:51.0589 2860 [ F688BBBE8E3E7E03E35CAABD66616DDB ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
      10:51:51.0605 2860 btaudio - ok
      10:51:51.0620 2860 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
      10:51:51.0636 2860 BTDriver - ok
      10:51:51.0667 2860 [ 38A3331E2F690D4CDC9DE0604B9416E5 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
      10:51:51.0714 2860 BTKRNL - ok
      10:51:51.0761 2860 [ D48148110AE078CB7221D0FCF20ADFEC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
      10:51:51.0777 2860 btwdins - ok
      10:51:51.0792 2860 [ 80F61DE965C116051614AC2F04222FF7 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
      10:51:51.0808 2860 BTWDNDIS - ok
      10:51:51.0824 2860 [ 5922BAE0CD84924B9CD7E6BB515EE070 ] btwmodem C:\WINDOWS\system32\DRIVERS\btwmodem.sys
      10:51:51.0839 2860 btwmodem - ok
      10:51:51.0870 2860 [ D5AF663711660D32EC230C6AAF7B6B83 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
      10:51:51.0870 2860 BTWUSB - ok
      10:51:51.0886 2860 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
      10:51:51.0964 2860 cbidf2k - ok
      10:51:52.0011 2860 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      10:51:52.0027 2860 ccEvtMgr - ok
      10:51:52.0089 2860 [ E4B94F8EDB3540D43A473D552C30D395 ] CcmExec C:\WINDOWS\system32\CCM\CcmExec.exe
      10:51:52.0120 2860 CcmExec - ok
      10:51:52.0120 2860 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      10:51:52.0136 2860 ccSetMgr - ok
      10:51:52.0136 2860 cd20xrnt - ok
      10:51:52.0152 2860 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
      10:51:52.0230 2860 Cdaudio - ok
      10:51:52.0245 2860 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
      10:51:52.0370 2860 Cdfs - ok
      10:51:52.0386 2860 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
      10:51:52.0511 2860 Cdrom - ok
      10:51:52.0527 2860 cerc6 - ok
      10:51:52.0558 2860 [ E9009C82C5A9E554797DA649D44967B2 ] CH341SER C:\WINDOWS\system32\Drivers\CH341SER.SYS
      10:51:52.0574 2860 CH341SER ( UnsignedFile.Multi.Generic ) - warning
      10:51:52.0574 2860 CH341SER - detected UnsignedFile.Multi.Generic (1)
      10:51:52.0574 2860 Changer - ok
      10:51:52.0589 2860 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
      10:51:52.0714 2860 CiSvc - ok
      Última edición por fvelazquez11 fecha: 16/02/13 a las 13:52:25

    5. #15
      Usuario Avatar de fvelazquez11
      Registrado
      feb 2013
      Ubicación
      mon
      Mensajes
      27

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      10:51:52.0792 2860 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
      10:51:52.0917 2860 ClipSrv - ok
      10:51:52.0949 2860 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      10:51:52.0964 2860 clr_optimization_v2.0.50727_32 - ok
      10:51:53.0011 2860 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      10:51:53.0011 2860 clr_optimization_v4.0.30319_32 - ok
      10:51:53.0042 2860 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
      10:51:53.0105 2860 CmBatt - ok
      10:51:53.0120 2860 CmdIde - ok
      10:51:53.0136 2860 [ 4F2DEDEED7C091FAFC4DADA5534F3D37 ] COH_Mon C:\WINDOWS\system32\Drivers\COH_Mon.sys
      10:51:53.0152 2860 COH_Mon - ok
      10:51:53.0152 2860 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
      10:51:53.0245 2860 Compbatt - ok
      10:51:53.0245 2860 COMSysApp - ok
      10:51:53.0308 2860 [ 6C86D2B8DBBDD6AB9CA606570EAD0172 ] CoreScanner C:\Program Files\Motorola Scanner\Common\CoreScanner.exe
      10:51:53.0308 2860 CoreScanner ( UnsignedFile.Multi.Generic ) - warning
      10:51:53.0308 2860 CoreScanner - detected UnsignedFile.Multi.Generic (1)
      10:51:53.0308 2860 Cpqarray - ok
      10:51:53.0339 2860 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
      10:51:53.0417 2860 CryptSvc - ok
      10:51:53.0464 2860 [ F054744F67576A01139885173392502B ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfo.sys
      10:51:53.0480 2860 CrystalSysInfo - ok
      10:51:53.0480 2860 dac2w2k - ok
      10:51:53.0480 2860 dac960nt - ok
      10:51:53.0511 2860 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
      10:51:53.0542 2860 DcomLaunch - ok
      10:51:53.0589 2860 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
      10:51:53.0652 2860 Dhcp - ok
      10:51:53.0667 2860 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
      10:51:53.0745 2860 Disk - ok
      10:51:53.0745 2860 dmadmin - ok
      10:51:53.0777 2860 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
      10:51:53.0886 2860 dmboot - ok
      10:51:53.0902 2860 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
      10:51:53.0980 2860 dmio - ok
      10:51:53.0995 2860 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
      10:51:54.0074 2860 dmload - ok
      10:51:54.0089 2860 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
      10:51:54.0167 2860 dmserver - ok
      10:51:54.0199 2860 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
      10:51:54.0261 2860 DMusic - ok
      10:51:54.0292 2860 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
      10:51:54.0324 2860 Dnscache - ok
      10:51:54.0339 2860 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
      10:51:54.0417 2860 Dot3svc - ok
      10:51:54.0417 2860 dpti2o - ok
      10:51:54.0480 2860 [ 0F1189883690949BA7A9F68339587E51 ] driverhardwarev2 C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
      10:51:54.0480 2860 driverhardwarev2 - ok
      10:51:54.0495 2860 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
      10:51:54.0574 2860 drmkaud - ok
      10:51:54.0620 2860 [ 645E0228D154466DDF76756A242900C7 ] DSv4_DRM_Control C:\Program Files\MarkAny\Document SAFER\DSH_Service.exe
      10:51:54.0636 2860 DSv4_DRM_Control ( UnsignedFile.Multi.Generic ) - warning
      10:51:54.0636 2860 DSv4_DRM_Control - detected UnsignedFile.Multi.Generic (1)
      10:51:54.0667 2860 [ 0000BFDA0DE85BFD5D0086B1013E1F72 ] e1yexpress C:\WINDOWS\system32\DRIVERS\e1y5132.sys
      10:51:54.0683 2860 e1yexpress - ok
      10:51:54.0699 2860 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
      10:51:54.0777 2860 EapHost - ok
      10:51:54.0808 2860 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
      10:51:54.0824 2860 eeCtrl - ok
      10:51:54.0839 2860 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
      10:51:54.0855 2860 EraserUtilRebootDrv - ok
      10:51:54.0855 2860 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
      10:51:54.0933 2860 ERSvc - ok
      10:51:54.0964 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
      10:51:54.0980 2860 Eventlog - ok
      10:51:55.0011 2860 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
      10:51:55.0058 2860 EventSystem - ok
      10:51:55.0105 2860 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
      10:51:55.0183 2860 Fastfat - ok
      10:51:55.0214 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
      10:51:55.0230 2860 FastUserSwitchingCompatibility - ok
      10:51:55.0261 2860 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
      10:51:55.0339 2860 Fdc - ok
      10:51:55.0370 2860 [ 3A85AD5FDD3B05218B48BBD0D62F04D3 ] FDDec C:\WINDOWS\system32\drivers\FDDec.sys
      10:51:55.0370 2860 FDDec ( UnsignedFile.Multi.Generic ) - warning
      10:51:55.0370 2860 FDDec - detected UnsignedFile.Multi.Generic (1)
      10:51:55.0386 2860 [ 6582E28223011502EF393A9C2E87CA62 ] FileHook C:\WINDOWS\system32\drivers\FileHook.sys
      10:51:55.0402 2860 FileHook ( UnsignedFile.Multi.Generic ) - warning
      10:51:55.0402 2860 FileHook - detected UnsignedFile.Multi.Generic (1)
      10:51:55.0402 2860 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
      10:51:55.0480 2860 Fips - ok
      10:51:55.0495 2860 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
      10:51:55.0574 2860 Flpydisk - ok
      10:51:55.0589 2860 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
      10:51:55.0667 2860 FltMgr - ok
      10:51:55.0683 2860 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
      10:51:55.0745 2860 Fs_Rec - ok
      10:51:55.0777 2860 [ B7AA8283EC551D3A3B924E520E0621A7 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
      10:51:55.0792 2860 FTDIBUS - ok
      10:51:55.0792 2860 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      10:51:55.0870 2860 Ftdisk - ok
      10:51:55.0902 2860 [ 596D31583CE332B5514520D74837F434 ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
      10:51:55.0902 2860 FTSER2K - ok
      10:51:55.0917 2860 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
      10:51:56.0011 2860 Gpc - ok
      10:51:56.0027 2860 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
      10:51:56.0292 2860 HDAudBus - ok
      10:51:56.0324 2860 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
      10:51:56.0417 2860 helpsvc - ok
      10:51:56.0449 2860 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
      10:51:56.0527 2860 HidServ - ok
      10:51:56.0558 2860 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
      10:51:56.0636 2860 HidUsb - ok
      10:51:56.0652 2860 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
      10:51:56.0777 2860 hkmsvc - ok
      10:51:56.0777 2860 hpn - ok
      10:51:56.0808 2860 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
      10:51:56.0839 2860 HTTP - ok
      10:51:56.0870 2860 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
      10:51:56.0995 2860 HTTPFilter - ok
      10:51:56.0995 2860 i2omgmt - ok
      10:51:56.0995 2860 i2omp - ok
      10:51:57.0027 2860 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      10:51:57.0136 2860 i8042prt - ok
      10:51:57.0214 2860 [ E9CCE03BCE0585226DA5B2AB2A3E342E ] idisw2km C:\WINDOWS\system32\DRIVERS\idisw2km.sys
      10:51:57.0230 2860 idisw2km - ok
      10:51:57.0261 2860 [ C0A157BBBBB44C6428ACF5CECA390E77 ] ILMService C:\WINDOWS\limansvc.exe
      10:51:57.0277 2860 ILMService ( UnsignedFile.Multi.Generic ) - warning
      10:51:57.0277 2860 ILMService - detected UnsignedFile.Multi.Generic (1)
      10:51:57.0308 2860 [ 4FC5120B416EA5922DF81C105190E68C ] Image Protection C:\WINDOWS\ImageSAFERSvc.exe
      10:51:57.0324 2860 Image Protection ( UnsignedFile.Multi.Generic ) - warning
      10:51:57.0324 2860 Image Protection - detected UnsignedFile.Multi.Generic (1)
      10:51:57.0339 2860 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
      10:51:57.0449 2860 Imapi - ok
      10:51:57.0480 2860 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
      10:51:57.0558 2860 ImapiService - ok
      10:51:57.0558 2860 ini910u - ok
      10:51:57.0558 2860 IntelIde - ok
      10:51:57.0574 2860 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
      10:51:57.0652 2860 intelppm - ok
      10:51:57.0667 2860 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
      10:51:57.0745 2860 Ip6Fw - ok
      10:51:57.0777 2860 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      10:51:57.0855 2860 IpFilterDriver - ok
      10:51:57.0870 2860 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
      10:51:57.0949 2860 IpInIp - ok
      10:51:57.0964 2860 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
      10:51:58.0042 2860 IpNat - ok
      10:51:58.0074 2860 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
      10:51:58.0152 2860 IPSec - ok
      10:51:58.0183 2860 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
      10:51:58.0230 2860 IRENUM - ok
      10:51:58.0245 2860 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
      10:51:58.0339 2860 isapnp - ok
      10:51:58.0355 2860 [ EE382BD478EEC57D3F3CFE0968CA70A3 ] ISMgr C:\WINDOWS\system32\ImageSAFERDrv.sys
      10:51:58.0370 2860 ISMgr - ok
      10:51:58.0417 2860 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
      10:51:58.0433 2860 JavaQuickStarterService - ok
      10:51:58.0480 2860 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      10:51:58.0558 2860 Kbdclass - ok
      10:51:58.0574 2860 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
      10:51:58.0652 2860 kbdhid - ok
      10:51:58.0667 2860 [ 5CB887962A98B4E11D62858B75D87580 ] kbstuff C:\WINDOWS\system32\DRIVERS\kbstuff5.sys
      10:51:58.0667 2860 kbstuff - ok
      10:51:58.0699 2860 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
      10:51:58.0761 2860 kmixer - ok
      10:51:58.0777 2860 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
      10:51:58.0808 2860 KSecDD - ok
      10:51:58.0839 2860 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
      10:51:58.0886 2860 LanmanServer - ok
      10:51:58.0917 2860 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
      10:51:58.0980 2860 lanmanworkstation - ok
      10:51:58.0980 2860 lbrtfdc - ok
      10:51:59.0152 2860 [ DB5CAC0DC9DC9152A906D150BA379FFC ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
      10:51:59.0308 2860 LeapFrog Connect Device Service - ok
      10:51:59.0417 2860 [ 6ABE9ECAAB7DD0CC6F46EC830E0FE8FC ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      10:51:59.0542 2860 LiveUpdate - ok
      10:51:59.0558 2860 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
      10:51:59.0683 2860 LmHosts - ok
      10:51:59.0683 2860 lmimirr - ok
      10:51:59.0714 2860 [ EB443A43BFA24D83E48A07D98904A643 ] maconfservice C:\Program Files\ma-config.com\maconfservice.exe
      10:51:59.0730 2860 maconfservice - ok
      10:51:59.0761 2860 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
      10:51:59.0777 2860 MBAMProtector - ok
      10:51:59.0792 2860 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      10:51:59.0824 2860 MBAMScheduler - ok
      10:51:59.0855 2860 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      10:51:59.0870 2860 MBAMService - ok
      10:51:59.0886 2860 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
      10:51:59.0964 2860 Messenger - ok
      10:51:59.0995 2860 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
      10:52:00.0074 2860 mnmdd - ok
      10:52:00.0089 2860 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
      10:52:00.0167 2860 mnmsrvc - ok
      10:52:00.0167 2860 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
      10:52:00.0245 2860 Modem - ok
      10:52:00.0277 2860 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
      10:52:00.0355 2860 Mouclass - ok
      10:52:00.0370 2860 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
      10:52:00.0449 2860 mouhid - ok
      10:52:00.0480 2860 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
      10:52:00.0558 2860 MountMgr - ok
      10:52:00.0558 2860 mraid35x - ok
      10:52:00.0558 2860 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      10:52:00.0636 2860 MRxDAV - ok
      10:52:00.0667 2860 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      10:52:00.0699 2860 MRxSmb - ok
      10:52:00.0730 2860 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
      10:52:00.0808 2860 MSDTC - ok
      10:52:00.0808 2860 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
      10:52:00.0886 2860 Msfs - ok
      10:52:00.0933 2860 [ 6B298F50EC2F975430189741EE6A5CA2 ] msftesql$MES c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
      10:52:00.0949 2860 msftesql$MES - ok
      10:52:00.0964 2860 MSIServer - ok
      10:52:00.0980 2860 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
      10:52:01.0058 2860 MSKSSRV - ok
      10:52:01.0074 2860 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      10:52:01.0152 2860 MSPCLOCK - ok
      10:52:01.0167 2860 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
      10:52:01.0245 2860 MSPQM - ok
      10:52:01.0261 2860 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      10:52:01.0355 2860 mssmbios - ok
      10:52:01.0355 2860 MSSQL$MES - ok
      10:52:01.0370 2860 MSSQLSERVER - ok
      10:52:01.0402 2860 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
      10:52:01.0402 2860 MSSQLServerADHelper - ok
      10:52:01.0417 2860 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
      10:52:01.0449 2860 Mup - ok
      10:52:01.0480 2860 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
      10:52:01.0558 2860 napagent - ok
      10:52:01.0620 2860 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130215.034\NAVENG.SYS
      10:52:01.0636 2860 NAVENG - ok
      10:52:01.0667 2860 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130215.034\NAVEX15.SYS
      10:52:01.0730 2860 NAVEX15 - ok
      10:52:01.0745 2860 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
      10:52:01.0824 2860 NDIS - ok
      10:52:01.0855 2860 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      10:52:01.0886 2860 NdisTapi - ok
      10:52:01.0902 2860 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      10:52:01.0980 2860 Ndisuio - ok
      10:52:02.0011 2860 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      10:52:02.0089 2860 NdisWan - ok
      10:52:02.0105 2860 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
      10:52:02.0120 2860 NDProxy - ok
      10:52:02.0167 2860 [ 87C61A17E908AEF1C63FBAF915C0B452 ] NeroMediaHomeService.4 C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
      10:52:02.0199 2860 NeroMediaHomeService.4 - ok
      10:52:02.0230 2860 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
      10:52:02.0245 2860 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      10:52:02.0245 2860 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      10:52:02.0261 2860 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
      10:52:02.0370 2860 NetBIOS - ok
      10:52:02.0386 2860 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
      10:52:02.0480 2860 NetBT - ok
      10:52:02.0511 2860 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
      10:52:02.0589 2860 NetDDE - ok
      10:52:02.0589 2860 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
      10:52:02.0652 2860 NetDDEdsdm - ok
      10:52:02.0683 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
      10:52:02.0761 2860 Netlogon - ok
      10:52:02.0777 2860 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
      10:52:02.0855 2860 Netman - ok
      10:52:02.0886 2860 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      10:52:02.0902 2860 NetTcpPortSharing - ok
      10:52:02.0917 2860 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
      10:52:02.0995 2860 NIC1394 - ok
      10:52:03.0011 2860 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
      10:52:03.0027 2860 Nla - ok
      10:52:03.0042 2860 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
      10:52:03.0120 2860 Npfs - ok
      10:52:03.0152 2860 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
      10:52:03.0230 2860 Ntfs - ok
      10:52:03.0230 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
      10:52:03.0308 2860 NtLmSsp - ok
      10:52:03.0324 2860 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
      10:52:03.0402 2860 NtmsSvc - ok
      10:52:03.0433 2860 [ 5594EC7B50F91764B281950B07BBA291 ] NTProcMonitor C:\Program Files\MarkAny\Document SAFER\NtProcMonitor.sys
      10:52:03.0449 2860 NTProcMonitor - ok
      10:52:03.0449 2860 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
      10:52:03.0527 2860 Null - ok
      10:52:03.0683 2860 [ BCDFB7C7A890C0C8E53659FDF52817FE ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
      10:52:03.0870 2860 nv - ok
      10:52:03.0995 2860 [ 8234151A1D602D3175DE4859E32D5289 ] NVIDIA Performance Driver Service C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
      10:52:04.0120 2860 NVIDIA Performance Driver Service - ok
      10:52:04.0136 2860 [ 1C5E7E2EFEAE5F1DACB750B868A05BA5 ] nvsvc C:\WINDOWS\system32\nvsvc32.exe
      10:52:04.0152 2860 nvsvc ( UnsignedFile.Multi.Generic ) - warning
      10:52:04.0152 2860 nvsvc - detected UnsignedFile.Multi.Generic (1)
      10:52:04.0183 2860 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      10:52:04.0245 2860 NwlnkFlt - ok
      10:52:04.0261 2860 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      10:52:04.0339 2860 NwlnkFwd - ok
      10:52:04.0433 2860 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      10:52:04.0449 2860 odserv - ok
      10:52:04.0464 2860 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
      10:52:04.0542 2860 ohci1394 - ok
      10:52:04.0589 2860 [ 46C916A0F4CC9FF93B0BD47C2B44BA46 ] OracleClientCache80 C:\orant\BIN\ONRSD80.EXE
      10:52:04.0589 2860 OracleClientCache80 ( UnsignedFile.Multi.Generic ) - warning
      10:52:04.0589 2860 OracleClientCache80 - detected UnsignedFile.Multi.Generic (1)
      10:52:04.0620 2860 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      10:52:04.0620 2860 ose - ok
      10:52:04.0636 2860 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
      10:52:04.0730 2860 Parport - ok
      10:52:04.0730 2860 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
      10:52:04.0792 2860 PartMgr - ok
      10:52:04.0824 2860 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
      10:52:04.0917 2860 ParVdm - ok
      10:52:04.0933 2860 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
      10:52:05.0011 2860 PCI - ok
      10:52:05.0011 2860 PCIDump - ok
      10:52:05.0042 2860 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
      10:52:05.0105 2860 PCIIde - ok
      10:52:05.0136 2860 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
      10:52:05.0214 2860 Pcmcia - ok
      10:52:05.0214 2860 PDCOMP - ok
      10:52:05.0214 2860 PDFRAME - ok
      10:52:05.0230 2860 PDRELI - ok
      10:52:05.0230 2860 PDRFRAME - ok
      10:52:05.0230 2860 perc2 - ok
      10:52:05.0230 2860 perc2hib - ok
      10:52:05.0261 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
      10:52:05.0277 2860 PlugPlay - ok
      10:52:05.0277 2860 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
      10:52:05.0292 2860 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      10:52:05.0292 2860 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      10:52:05.0292 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
      10:52:05.0370 2860 PolicyAgent - ok
      10:52:05.0370 2860 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
      10:52:05.0449 2860 PptpMiniport - ok
      10:52:05.0464 2860 [ 19505C4134F3181FC2203E087140C192 ] prepdrvr C:\WINDOWS\system32\CCM\prepdrv.sys
      10:52:05.0480 2860 prepdrvr - ok
      10:52:05.0495 2860 [ 7A22CBB45FD4F50563630247EB9EDBF0 ] PROCHIDE C:\WINDOWS\system32\drivers\PROCHIDE.sys
      10:52:05.0511 2860 PROCHIDE ( UnsignedFile.Multi.Generic ) - warning
      10:52:05.0511 2860 PROCHIDE - detected UnsignedFile.Multi.Generic (1)
      10:52:05.0511 2860 Protect - ok
      10:52:05.0511 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
      10:52:05.0589 2860 ProtectedStorage - ok
      10:52:05.0589 2860 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
      10:52:05.0667 2860 PSched - ok
      10:52:05.0683 2860 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
      10:52:05.0761 2860 Ptilink - ok
      10:52:05.0761 2860 ql1080 - ok
      10:52:05.0777 2860 Ql10wnt - ok
      10:52:05.0777 2860 ql12160 - ok
      10:52:05.0777 2860 ql1240 - ok
      10:52:05.0777 2860 ql1280 - ok
      10:52:05.0808 2860 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
      10:52:05.0886 2860 RasAcd - ok
      10:52:05.0902 2860 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
      10:52:05.0964 2860 RasAuto - ok
      10:52:05.0995 2860 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      10:52:06.0058 2860 Rasl2tp - ok
      10:52:06.0089 2860 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
      10:52:06.0152 2860 RasMan - ok
      10:52:06.0167 2860 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      10:52:06.0245 2860 RasPppoe - ok
      10:52:06.0261 2860 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
      10:52:06.0324 2860 Raspti - ok
      10:52:06.0339 2860 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
      10:52:06.0417 2860 Rdbss - ok
      10:52:06.0417 2860 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      10:52:06.0495 2860 RDPCDD - ok
      10:52:06.0527 2860 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
      10:52:06.0589 2860 rdpdr - ok
      10:52:06.0620 2860 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
      10:52:06.0667 2860 RDPWD - ok
      10:52:06.0699 2860 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
      10:52:06.0792 2860 RDSessMgr - ok
      10:52:06.0792 2860 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
      10:52:06.0870 2860 redbook - ok
      10:52:06.0902 2860 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
      10:52:06.0980 2860 RemoteAccess - ok
      10:52:07.0011 2860 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
      10:52:07.0089 2860 RemoteRegistry - ok
      10:52:07.0120 2860 [ EA885E7A56F1BE1F14C372337C42FE48 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
      10:52:07.0167 2860 rimmptsk - ok
      10:52:07.0183 2860 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
      10:52:07.0245 2860 RpcLocator - ok
      10:52:07.0277 2860 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
      10:52:07.0292 2860 RpcSs - ok
      10:52:07.0308 2860 [ DAC2D703EC7CD218C0596CCA2A4FEA3C ] rsmdriverproviderservice C:\Program Files\Motorola Scanner\Common\RSMDriverProviderService.exe
      10:52:07.0308 2860 rsmdriverproviderservice ( UnsignedFile.Multi.Generic ) - warning
      10:52:07.0308 2860 rsmdriverproviderservice - detected UnsignedFile.Multi.Generic (1)
      10:52:07.0339 2860 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
      10:52:07.0402 2860 RSVP - ok
      10:52:07.0433 2860 [ 4FE9A43EABF8EC2970D9396425CAEC3E ] Safandrv C:\WINDOWS\system32\drivers\safandrv.sys
      10:52:07.0449 2860 Safandrv ( UnsignedFile.Multi.Generic ) - warning
      10:52:07.0449 2860 Safandrv - detected UnsignedFile.Multi.Generic (1)
      10:52:07.0449 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
      10:52:07.0730 2860 SamSs - ok
      10:52:07.0761 2860 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
      10:52:07.0839 2860 SCardSvr - ok
      10:52:07.0870 2860 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
      10:52:07.0949 2860 Schedule - ok
      10:52:07.0964 2860 [ B50986F0049DD36A95A4F5A80DF4CF60 ] ScnSrvc C:\Program Files\Motorola Scanner\Common\ScannerService.exe
      10:52:07.0980 2860 ScnSrvc ( UnsignedFile.Multi.Generic ) - warning
      10:52:07.0980 2860 ScnSrvc - detected UnsignedFile.Multi.Generic (1)
      10:52:08.0042 2860 [ B60E9769655DDEE8368E3ABB6668E076 ] ScrybeUpdater C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
      10:52:08.0089 2860 ScrybeUpdater - ok
      10:52:08.0120 2860 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
      10:52:08.0230 2860 sdbus - ok
      10:52:08.0230 2860 [ 2BBFE9171E9FA8BDC199F6150F8D71C7 ] SDFA C:\WINDOWS\system32\drivers\SDFA.sys
      10:52:08.0245 2860 SDFA ( UnsignedFile.Multi.Generic ) - warning
      10:52:08.0245 2860 SDFA - detected UnsignedFile.Multi.Generic (1)
      10:52:08.0308 2860 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
      10:52:08.0339 2860 SDScannerService - ok
      10:52:08.0370 2860 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
      10:52:08.0417 2860 SDUpdateService - ok
      10:52:08.0433 2860 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
      10:52:08.0449 2860 SDWSCService - ok
      10:52:08.0464 2860 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
      10:52:08.0495 2860 Secdrv - ok
      10:52:08.0527 2860 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
      10:52:08.0605 2860 seclogon - ok
      10:52:08.0620 2860 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
      10:52:08.0699 2860 SENS - ok
      10:52:08.0730 2860 [ 618A8EB6C3A830B7301DF1DFD99854B2 ] Sentinel C:\WINDOWS\System32\Drivers\SENTINEL.SYS
      10:52:08.0730 2860 Sentinel - ok
      10:52:08.0792 2860 [ B1D1C13D2098FF438E78A48314D22C33 ] SentinelKeysServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
      10:52:08.0808 2860 SentinelKeysServer ( UnsignedFile.Multi.Generic ) - warning
      10:52:08.0808 2860 SentinelKeysServer - detected UnsignedFile.Multi.Generic (1)
      10:52:08.0839 2860 [ 6D770691297C957EC10AB2B758603BA7 ] SentinelProtectionServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
      10:52:08.0839 2860 SentinelProtectionServer ( UnsignedFile.Multi.Generic ) - warning
      10:52:08.0839 2860 SentinelProtectionServer - detected UnsignedFile.Multi.Generic (1)
      10:52:08.0870 2860 [ DE0A165D9F8EA295E62EA702EF2F8125 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl.sys
      10:52:08.0886 2860 Ser2pl - ok
      10:52:08.0917 2860 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
      10:52:08.0995 2860 Serenum - ok
      10:52:09.0027 2860 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
      10:52:09.0105 2860 Serial - ok
      10:52:09.0105 2860 [ 31011156A0C771C0BC6CD45D5472F9C0 ] SFCDEX C:\WINDOWS\system32\drivers\SFCDEX.sys
      10:52:09.0120 2860 SFCDEX ( UnsignedFile.Multi.Generic ) - warning
      10:52:09.0120 2860 SFCDEX - detected UnsignedFile.Multi.Generic (1)
      10:52:09.0152 2860 [ 4A45BB8BF0285BCF05B9F696D4B0716B ] SFfolder C:\WINDOWS\system32\drivers\SFfolder.sys
      10:52:09.0167 2860 SFfolder ( UnsignedFile.Multi.Generic ) - warning
      10:52:09.0167 2860 SFfolder - detected UnsignedFile.Multi.Generic (1)
      10:52:09.0167 2860 [ 97492AB31B0132A92DA4C1DC1E7B6B72 ] SFkbd C:\WINDOWS\system32\drivers\SFkbd.sys
      10:52:09.0183 2860 SFkbd ( UnsignedFile.Multi.Generic ) - warning
      10:52:09.0183 2860 SFkbd - detected UnsignedFile.Multi.Generic (1)
      10:52:09.0199 2860 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
      10:52:09.0277 2860 Sfloppy - ok
      10:52:09.0292 2860 [ C03F8CB6F1F5E2567A7FC3D286146493 ] SFMouse C:\WINDOWS\system32\drivers\SFMouse.sys
      10:52:09.0292 2860 SFMouse ( UnsignedFile.Multi.Generic ) - warning
      10:52:09.0292 2860 SFMouse - detected UnsignedFile.Multi.Generic (1)
      10:52:09.0308 2860 [ 9B17A9A4C32B4CAA24BCBF84D0FEAEAC ] SFRes C:\WINDOWS\system32\drivers\SFRes.sys
      10:52:09.0308 2860 SFRes ( UnsignedFile.Multi.Generic ) - warning
      10:52:09.0308 2860 SFRes - detected UnsignedFile.Multi.Generic (1)
      10:52:09.0324 2860 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
      10:52:09.0402 2860 SharedAccess - ok
      10:52:09.0417 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
      10:52:09.0433 2860 ShellHWDetection - ok
      10:52:09.0433 2860 Simbad - ok
      10:52:09.0495 2860 [ 8317AD0C7E640411C746D5664EB7957A ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
      10:52:09.0558 2860 SmcService - ok
      10:52:09.0574 2860 [ 95293A76341B1DB125EE125474657728 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
      10:52:09.0589 2860 SNAC - ok
      10:52:09.0620 2860 [ 8D4A96868AE13C3CF8425B383B59D802 ] SNTNLUSB C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
      10:52:09.0636 2860 SNTNLUSB - ok
      10:52:09.0636 2860 Sparrow - ok
      10:52:09.0667 2860 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
      10:52:09.0683 2860 SPBBCDrv - ok
      10:52:09.0714 2860 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
      10:52:09.0777 2860 splitter - ok
      10:52:09.0808 2860 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
      10:52:09.0824 2860 Spooler - ok
      10:52:09.0855 2860 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
      10:52:09.0870 2860 SQLBrowser - ok
      10:52:09.0870 2860 SQLSERVERAGENT - ok
      10:52:09.0886 2860 [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      10:52:09.0902 2860 SQLWriter - ok
      10:52:09.0917 2860 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
      10:52:09.0949 2860 sr - ok
      10:52:09.0964 2860 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
      10:52:10.0011 2860 srservice - ok
      10:52:10.0011 2860 [ B36F8D6A02FF2B3A53E250A629782F29 ] SRTSP C:\WINDOWS\system32\Drivers\SRTSP.SYS
      10:52:10.0027 2860 SRTSP - ok
      10:52:10.0058 2860 [ E99BD98AC171A29FC1BA9376BE87AE73 ] SRTSPL C:\WINDOWS\system32\Drivers\SRTSPL.SYS
      10:52:10.0074 2860 SRTSPL - ok
      10:52:10.0089 2860 [ 1AF34729898063E9B7DF8D149D767E07 ] SRTSPX C:\WINDOWS\system32\Drivers\SRTSPX.SYS
      10:52:10.0089 2860 SRTSPX - ok
      10:52:10.0136 2860 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
      10:52:10.0167 2860 Srv - ok
      10:52:10.0199 2860 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
      10:52:10.0245 2860 SSDPSRV - ok
      10:52:10.0292 2860 [ 3603F3DB9FBA2A8FA91829681BA25AFA ] STacSV c:\program files\idt\dellxpm09b_6159v043\wdm\stacsv.exe
      10:52:10.0308 2860 STacSV - ok
      10:52:10.0355 2860 [ 1B76479B80FF0F6E245BA590A64102BE ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
      10:52:10.0433 2860 STHDA - ok
      10:52:10.0464 2860 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
      10:52:10.0527 2860 stisvc - ok
      10:52:10.0542 2860 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
      10:52:10.0605 2860 swenum - ok
      10:52:10.0620 2860 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
      10:52:10.0699 2860 swmidi - ok
      10:52:10.0699 2860 SwPrv - ok
      10:52:10.0761 2860 [ 4402CF4959A30CB6A008099ABA8F22A9 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
      10:52:10.0824 2860 Symantec AntiVirus - ok
      10:52:10.0824 2860 symc810 - ok
      10:52:10.0824 2860 symc8xx - ok
      10:52:10.0855 2860 [ E42A34E6F5CA71A84D4C2DE620AAD13D ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
      10:52:10.0855 2860 SymEvent - ok
      10:52:10.0870 2860 sym_hi - ok
      10:52:10.0870 2860 sym_u3 - ok
      10:52:10.0917 2860 [ 2185CC5BE9922562108CF87F42E4BBAF ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
      10:52:10.0949 2860 SynTP - ok
      10:52:10.0964 2860 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
      10:52:11.0042 2860 sysaudio - ok
      10:52:11.0058 2860 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
      10:52:11.0136 2860 SysmonLog - ok
      10:52:11.0152 2860 [ 666992D996C524812E713EFFD836D043 ] SysPlant C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys
      10:52:11.0167 2860 SysPlant - ok
      10:52:11.0183 2860 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
      10:52:11.0261 2860 TapiSrv - ok
      10:52:11.0292 2860 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
      10:52:11.0308 2860 Tcpip - ok
      10:52:11.0324 2860 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
      10:52:11.0402 2860 TDPIPE - ok
      10:52:11.0417 2860 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
      10:52:11.0511 2860 TDTCP - ok
      10:52:11.0511 2860 [ F63439AC8FA992BFA0C757EB644A1A0C ] Teefer2 C:\WINDOWS\system32\DRIVERS\teefer2.sys
      10:52:11.0527 2860 Teefer2 - ok
      10:52:11.0542 2860 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
      10:52:11.0620 2860 TermDD - ok
      10:52:11.0652 2860 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
      10:52:11.0730 2860 TermService - ok
      10:52:11.0745 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
      10:52:11.0761 2860 Themes - ok
      10:52:11.0777 2860 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
      10:52:11.0808 2860 TlntSvr - ok
      10:52:11.0808 2860 TosIde - ok
      10:52:11.0839 2860 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
      10:52:11.0917 2860 TrkWks - ok
      10:52:11.0980 2860 [ 711561440FDC396CB6E4C69C13375A38 ] tvnserver C:\Program Files\TightVNC\tvnserver.exe
      10:52:11.0995 2860 tvnserver - ok
      10:52:12.0011 2860 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
      10:52:12.0105 2860 Udfs - ok
      10:52:12.0105 2860 ultra - ok
      10:52:12.0152 2860 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
      10:52:12.0230 2860 Update - ok
      10:52:12.0245 2860 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
      10:52:12.0292 2860 upnphost - ok
      10:52:12.0308 2860 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
      10:52:12.0370 2860 UPS - ok
      10:52:12.0386 2860 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
      10:52:12.0464 2860 usbccgp - ok
      10:52:12.0464 2860 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
      10:52:12.0542 2860 usbehci - ok
      10:52:12.0542 2860 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
      10:52:12.0620 2860 usbhub - ok
      10:52:12.0636 2860 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
      10:52:12.0699 2860 usbscan - ok
      10:52:12.0730 2860 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      10:52:12.0792 2860 USBSTOR - ok
      10:52:12.0808 2860 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      10:52:12.0870 2860 usbuhci - ok
      10:52:12.0902 2860 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
      10:52:12.0995 2860 VgaSave - ok
      10:52:13.0011 2860 ViaIde - ok
      10:52:13.0105 2860 [ B5BA71EADEED0773D2E0978F962E1BF3 ] Visual Studio Analyzer RPC bridge C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe
      10:52:13.0105 2860 Visual Studio Analyzer RPC bridge ( UnsignedFile.Multi.Generic ) - warning
      10:52:13.0105 2860 Visual Studio Analyzer RPC bridge - detected UnsignedFile.Multi.Generic (1)
      10:52:13.0120 2860 vmci - ok
      10:52:13.0120 2860 VMnetAdapter - ok
      10:52:13.0136 2860 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
      10:52:13.0230 2860 VolSnap - ok
      10:52:13.0245 2860 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
      10:52:13.0292 2860 VSS - ok
      10:52:13.0308 2860 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
      10:52:13.0386 2860 W32Time - ok
      10:52:13.0386 2860 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
      10:52:13.0464 2860 Wanarp - ok
      10:52:13.0495 2860 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
      10:52:13.0527 2860 Wdf01000 - ok
      10:52:13.0527 2860 WDICA - ok
      10:52:13.0558 2860 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
      10:52:13.0636 2860 wdmaud - ok
      10:52:13.0652 2860 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
      10:52:13.0714 2860 WebClient - ok
      10:52:13.0761 2860 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
      10:52:13.0761 2860 WinDefend - ok
      10:52:13.0824 2860 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
      10:52:13.0886 2860 winmgmt - ok
      10:52:13.0933 2860 [ CCAEC5175F1EBC6EB0DBD607EEA791C1 ] wirelessusbser C:\WINDOWS\system32\DRIVERS\3GDatausbser.sys
      10:52:13.0964 2860 wirelessusbser - ok
      10:52:13.0995 2860 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
      10:52:14.0074 2860 WmdmPmSN - ok
      10:52:14.0105 2860 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
      10:52:14.0120 2860 Wmi - ok
      10:52:14.0136 2860 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
      10:52:14.0214 2860 WmiAcpi - ok
      10:52:14.0245 2860 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
      10:52:14.0308 2860 WmiApSrv - ok
      10:52:14.0386 2860 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
      10:52:14.0402 2860 WPFFontCache_v0400 - ok
      10:52:14.0433 2860 [ 9748E527F0D71BC86A1FE45F294E368B ] WPS C:\WINDOWS\system32\drivers\wpsdrvnt.sys
      10:52:14.0449 2860 WPS - ok
      10:52:14.0480 2860 [ C306D2037EC147C7C663994F12B87F1E ] WpsHelper C:\WINDOWS\system32\drivers\WpsHelper.sys
      10:52:14.0495 2860 WpsHelper - ok
      10:52:14.0511 2860 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
      10:52:14.0589 2860 WS2IFSL - ok
      10:52:14.0605 2860 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
      10:52:14.0667 2860 wscsvc - ok
      10:52:14.0714 2860 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
      10:52:14.0777 2860 wuauserv - ok
      10:52:14.0824 2860 [ 4F739BB957986F7DF55DC6545B86B6FD ] Wuser32 C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
      10:52:14.0839 2860 Wuser32 ( UnsignedFile.Multi.Generic ) - warning
      10:52:14.0839 2860 Wuser32 - detected UnsignedFile.Multi.Generic (1)
      10:52:14.0870 2860 [ 34697C66B8B7B77FB7773C1A6DF5A50C ] WWC C:\WWCNT\WWCSERVICE.EXE
      10:52:14.0886 2860 WWC ( UnsignedFile.Multi.Generic ) - warning
      10:52:14.0886 2860 WWC - detected UnsignedFile.Multi.Generic (1)
      10:52:14.0902 2860 [ ABC36F134E0C8C71ABF78EAE46DE96EC ] WwHook C:\WINDOWS\system32\drivers\WwHook.sys
      10:52:14.0902 2860 WwHook ( UnsignedFile.Multi.Generic ) - warning
      10:52:14.0902 2860 WwHook - detected UnsignedFile.Multi.Generic (1)
      10:52:14.0917 2860 [ 16114D9BBDDA2A59DEA72546C6B0A89A ] wwInjDrv C:\WINDOWS\system32\Drivers\wwInjDrv32.SYS
      10:52:14.0933 2860 wwInjDrv - ok
      10:52:14.0949 2860 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
      10:52:15.0027 2860 WZCSVC - ok
      10:52:15.0042 2860 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
      10:52:15.0120 2860 xmlprov - ok
      10:52:15.0120 2860 ================ Scan global ===============================
      10:52:15.0152 2860 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
      10:52:15.0167 2860 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
      10:52:15.0183 2860 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
      10:52:15.0199 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
      10:52:15.0199 2860 [Global] - ok
      10:52:15.0199 2860 ================ Scan MBR ==================================
      10:52:15.0199 2860 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
      10:52:15.0511 2860 \Device\Harddisk0\DR0 - ok
      10:52:15.0511 2860 ================ Scan VBR ==================================
      10:52:15.0511 2860 [ 9268353914837B096848EEEA9FC62158 ] \Device\Harddisk0\DR0\Partition1
      10:52:15.0511 2860 \Device\Harddisk0\DR0\Partition1 - ok
      10:52:15.0542 2860 [ 47935F4A92A81FBC981829A4797AFCED ] \Device\Harddisk0\DR0\Partition2
      10:52:15.0542 2860 \Device\Harddisk0\DR0\Partition2 - ok
      10:52:15.0542 2860 ============================================================
      10:52:15.0542 2860 Scan finished
      10:52:15.0542 2860 ============================================================
      10:52:15.0652 4444 Detected object count: 28
      10:52:15.0652 4444 Actual detected object count: 28
      10:52:41.0495 4444 ADAgent ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0495 4444 ADAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0495 4444 CH341SER ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0495 4444 CH341SER ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0511 4444 CoreScanner ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0511 4444 CoreScanner ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0511 4444 DSv4_DRM_Control ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0511 4444 DSv4_DRM_Control ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0511 4444 FDDec ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0511 4444 FDDec ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0511 4444 FileHook ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0511 4444 FileHook ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0511 4444 ILMService ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0511 4444 ILMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0511 4444 Image Protection ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0511 4444 Image Protection ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0527 4444 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0527 4444 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0527 4444 nvsvc ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0527 4444 nvsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0527 4444 OracleClientCache80 ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0527 4444 OracleClientCache80 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0527 4444 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0527 4444 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0527 4444 PROCHIDE ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0527 4444 PROCHIDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0527 4444 rsmdriverproviderservice ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0527 4444 rsmdriverproviderservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0542 4444 Safandrv ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0542 4444 Safandrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0542 4444 ScnSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0542 4444 ScnSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0542 4444 SDFA ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0542 4444 SDFA ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0542 4444 SentinelKeysServer ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0542 4444 SentinelKeysServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0542 4444 SentinelProtectionServer ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0542 4444 SentinelProtectionServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0542 4444 SFCDEX ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0542 4444 SFCDEX ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0558 4444 SFfolder ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0558 4444 SFfolder ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0558 4444 SFkbd ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0558 4444 SFkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0558 4444 SFMouse ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0558 4444 SFMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0558 4444 SFRes ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0558 4444 SFRes ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0558 4444 Visual Studio Analyzer RPC bridge ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0558 4444 Visual Studio Analyzer RPC bridge ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0558 4444 Wuser32 ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0558 4444 Wuser32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0574 4444 WWC ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0574 4444 WWC ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:41.0574 4444 WwHook ( UnsignedFile.Multi.Generic ) - skipped by user
      10:52:41.0574 4444 WwHook ( UnsignedFile.Multi.Generic ) - User select action: Skip
      10:52:44.0652 0772 Deinitialize success

    6. #16
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      Hola,

      Descarga DrWeb Cureit:

      Ejecuta Drweb según su manual y con estas especificaciones:
      • Cuando inicie el programa ejecutalo en su modo de protección mejorada preferentemente. Y siguiendo el manual.
      • Despues de aceptar los terminos de uso ve al boton que tiene forma de llave inglesa, y en Configuración te vas a Log y eliges Mínimo:

      • Eliges la opción Seleccione Objetos a escanear, y marcas todas las opciones; te vas a haga clic para seleccionar y añade todas las carpetas y unidades adicionales(pendirves, particiones, etc) que quieras que sean escaneadas por el programa. Para iniciar el escaneo presionas sobre Comenzando escaneo:


      • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
      • Si te detecta el archivo Hosts permite que DrWeb lo restaure.
      • Abres el reporte al finalizar como lo indica la imagen.

      Nos traerias el reporte de DrWeb (de no poder guardarlo como se indica, un reporte se genera sobre %userprofile%\DoctorWeb\CureIt.log) y nos comentarias el estado del sistema.
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #17
      Usuario Avatar de fvelazquez11
      Registrado
      feb 2013
      Ubicación
      mon
      Mensajes
      27

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      =============================================================================
      Dr.Web Scanner SE for Windows v7.0.100.12030
      (c) Doctor Web, Ltd., 1992-2012
      Scan session started 2013/02/16 12:12:29
      Module location : c:\documents and settings\lgemm\local settings\temp\555D4942-E29E06B2-81F5239A-10E088E0\
      =============================================================================
      OPTION [Automatic Apply Actions] NO
      OPTION [Turn Off Computer After Scan] NO
      OPTION [Use Sound Alerts] NO
      OPTION [Block Network] NO
      OPTION [Protect Process] NO
      OPTION [Protect Raw Disk] NO
      Using language: "English"
      =============================================================================
      Dr.Web Scanner SE for Windows v7.0.100.12030
      (c) Doctor Web, Ltd., 1992-2012
      Scan session started 2013/02/16 12:15:40
      Module location : c:\documents and settings\lgemm\local settings\temp\D0E6B37A-5E44232A-46EFD422-6CA91ABE\
      =============================================================================
      OPTION [Automatic Apply Actions] NO
      OPTION [Turn Off Computer After Scan] NO
      OPTION [Use Sound Alerts] NO
      OPTION [Block Network] NO
      OPTION [Protect Process] NO
      OPTION [Protect Raw Disk] NO
      Using language: "English"
      Available instances: 6
      Instances used: 6
      Platform: Windows XP Professional x86 (Build 2600), Service Pack 3
      API Version: 2.2
      Scanning Engine version: 8.0.2.12140
      Virus Finding Engine version: 7.0.4.9250
      Total 97 virus bases are loaded from c:\documents and settings\lgemm\local settings\temp\D0E6B37A-5E44232A-46EFD422-6CA91ABE
      xp5bttxo 7.0 7db83f77819a609c1f9fd11bd7155bcf78fd0d91 2013/02/16 1028 2594 records - OK
      gc6fqfk1 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OK
      w7577hh0 7.0 a15b78acb6c44dd6305186b1031c2dfb52d3a080 2013/02/15 13:02:49 10476 records - OK
      zbncibc5 7.0 cbe8774953ae403e49370d552b522a5839aa9fdb 2013/02/10 21:06:00 18805 records - OK
      wkp9c0sv 7.0 fb6865c02a3680338e4ee0603579107227313b2b 2013/02/03 21:06:01 32488 records - OK
      f8ce9ycf 7.0 95fcd2e24cd9b2ec2610656ffa70b8bf46e86a8b 2013/01/27 21:04:52 15470 records - OK
      32c9faek 7.0 3d710b3dd4580a7eca8c74d2c886d48f5b8b5172 2013/01/20 21:06:27 30093 records - OK
      fm25bdre 7.0 bddde0b5426b7e5bebd61e1239ca529c87ae6e36 2013/01/13 21:04:41 16158 records - OK
      14iajne7 7.0 bc40bd9330301e8d7796f489d03357fb711b3121 2013/01/06 21:04:45 19597 records - OK
      lwasgkg6 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 21:05:41 18184 records - OK
      sc8fm8sq 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OK
      b2mpnr80 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OK
      eakiovo8 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OK
      zpz0ln1z 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OK
      z0obodrm 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OK
      ba94fwnt 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK
      nxxkdvq2 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OK
      n6nsigsy 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK
      6k0u3rbe 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 21:06:37 30226 records - OK
      bvs8rc7g 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OK
      0uponfqk 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OK
      i0e9m9rw 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OK
      42pzndyj 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OK
      uo64omd5 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK
      tlqwfh82 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OK
      xru3faw4 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK
      0u3o4g9f 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK
      8nkbdv25 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OK
      x2lydz4e 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK
      2re5wty8 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OK
      n3q1jwrh 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK
      dsxjntpl 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK
      u7yahb56 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OK
      gz15ryeo 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OK
      18y7um4g 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OK
      idtutn8w 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OK
      uqt8dcn5 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OK
      htux812v 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OK
      os2taac7 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OK
      ngtl7edq 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OK
      jmg7vvwc 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OK
      ois3srfr 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OK
      k206dwy5 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OK
      2fxbbp7h 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OK
      yp7dt5vr 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OK
      6oqy1zye 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK
      v2gm9lcj 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK
      sq47xrjd 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK
      ldi340b4 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OK
      xo42v7al 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 21:04:43 19126 records - OK
      7aj160k3 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 21:03:23 14920 records - OK
      e4i0uzsa 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 21:03:25 19017 records - OK
      ff3ovx47 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OK
      rfq1lp3n 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OK
      1xgo2teg 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK
      11njdyzc 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OK
      ca1vynsp 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK
      ql61cu6o 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OK
      hy8y6i3n 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OK
      itjobt8l 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OK
      4rs8lwpt 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK
      u4inuat0 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OK
      7vqpo2zr 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OK
      jpp3dty1 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OK
      o50800gk 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OK
      wsrr9wej 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK
      lbtv37ov 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK
      m2go3wef 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OK
      mp7elfgy 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK
      s21n5pjw 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OK
      wos7fpwf 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK
      p94yls8o 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OK
      5659d0m5 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 19:00:00 353582 records - OK
      hbj5tdbh 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 18:00:00 852776 records - OK
      btk3srx9 7.0 d5596df2be9fa701e94d5a142d87e88e6ca707a8 2013/02/16 1053 216 records - OK
      w1jbj1wv 7.0 6cb68b8fab821702ef054f864ff44917414e50fa 2013/02/03 21:13:43 2078 records - OK
      eo0cbf1r 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 21:14:14 1725 records - OK
      gbvys38c 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 21:12:52 2050 records - OK
      8xwnlpef 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 22:13:14 1456 records - OK
      y2q8pgrx 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 22:12:36 1421 records - OK
      17z8j8dw 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 21:12:30 1385 records - OK
      vnd6hh2m 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 22:56:09 1653 records - OK
      trptyql8 7.0 d36184c528497e53b6f69e84c0e5bf421df1d6be 2013/02/16 1045 821 records - OK
      80pjxxrf 7.0 8893c0d254eb40c78b5c78ea17fbc3be60ea6304 2013/01/20 21:24:33 2016 records - OK
      ehz29x1p 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 21:23:23 1620 records - OK
      l0d9ondj 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 21:23:16 1658 records - OK
      mf0fa1c4 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 22:23:20 1465 records - OK
      x7k0dfnf 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 22:23:14 1588 records - OK
      yyn19zqt 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 22:22:36 1702 records - OK
      x375hrxt 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 22:22:36 1659 records - OK
      o4sylfqu 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 22:22:34 1670 records - OK
      iynzlgb1 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 21:22:28 1729 records - OK
      odshsqwu 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 21:23:00 1523 records - OK
      o1fuvnf5 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 21:22:29 1805 records - OK
      8mu55j6q 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 17:00:00 26456 records - OK
      gkfmqgfn 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 16:00:00 74279 records - OK
      yvm9g0t7 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 15:00:00 1 record - OK
      Total records count: 3671066
      Anti-rootkit module version (API 5.00 / 5.00)

      Using c:\documents and settings\lgemm\local settings\temp\D0E6B37A-5E44232A-46EFD422-6CA91ABE\88af6ks4.key as Dr.Web (R) Key file
      This Dr.Web (R) Key is for 1 computer (A User)
      -----------------------------------------------------------------------------
      Start scanning
      -----------------------------------------------------------------------------
      Command line used:-rpcep:\pipe\528D1C934 -rpcpr:np /protmode

      Object(s) to scan:
      - Scan processes in memory
      - Scan boot sectors
      - Scan startup directory
      - Scan system restore points
      - Scanning for rootkits
      - C:\.rnd
      - C:\ArchivosRelojes v5.14.5.zip
      - C:\AUTOEXEC.BAT
      - C:\boot.ini
      - C:\boot_old.ini
      - C:\CONFIG.SYS
      - C:\eset-online-scanner.htm
      - C:\eula.1028.txt
      - C:\eula.1031.txt
      - C:\eula.1033.txt
      - C:\eula.1036.txt
      - C:\eula.1040.txt
      - C:\eula.1041.txt
      - C:\eula.1042.txt
      - C:\eula.2052.txt
      - C:\eula.3082.txt
      - C:\globdata.ini
      - C:\install.exe
      - C:\install.ini
      - C:\install.res.1028.dll
      - C:\install.res.1031.dll
      - C:\install.res.1033.dll
      - C:\install.res.1036.dll
      - C:\install.res.1040.dll
      - C:\install.res.1041.dll
      - C:\install.res.1042.dll
      - C:\install.res.2052.dll
      - C:\install.res.3082.dll
      - C:\IO.SYS
      - C:\LGEAD.log
      - C:\MESYNC.exe
      - C:\MSDE2kLog.txt
      - C:\MSDOS.SYS
      - C:\NTDETECT.COM
      - C:\ntldr
      - C:\pagefile.sys
      - C:\REDETH-00223574-0042.EXE
      - C:\Semaforo.BLD
      - C:\SpybotSD2.exe
      - C:\TDSSKiller.2.8.16.0_16.02.2013_10.50.38_log.txt
      - C:\TDSSKiller.2.8.16.0_16.02.2013_11.47.35_log.txt
      - C:\TDSSKiller.2.8.16.0_16.02.2013_11.48.51_log.txt
      - C:\Update_UsbFix.exe
      - C:\UsbFix [Clean 1] MM-MF10-NE0392.txt
      - C:\vcredist.bmp
      - C:\WindowsDefender.msi
      - C:\WINDOWS\system32\
      - C:\Documents and Settings\lgemm\My Documents\
      - C:\WINDOWS\TEMP\
      - C:\DOCUME~1\lgemm\LOCALS~1\Temp\

      vndwori.sys - file not found
      c:\documents and settings\lgemm\local settings\temp\4fb409af0.sys - file not found
      c:\documents and settings\lgemm\local settings\temp\52d53bb02.sys - file not found
      c:\windows\system32\drivers\dump_atapi.sys - file not found
      c:\windows\system32\drivers\dump_wmilib.sys - file not found
      System Process - file not found
      c:\program files\tightvnc\tvnserver.exe - is riskware program Program.VNCRemote.1
      c:\program files\tightvnc\tvnserver.exe - infected
      c:\program files\markany\document safer\websaferv4ie9.dll - probably infected with DLOADER.Trojan
      c:\program files\markany\document safer\websaferv4ie9.dll - infected
      c:\program files\markany\document safer\websaferv4ie8.dll - probably infected with DLOADER.Trojan
      c:\program files\markany\document safer\websaferv4ie8.dll - infected
      Process :0 - read error
      Process WwcNT.exe:3592 - read error
      c:\program files\markany\document safer\websaferv4ie8.dll - probably infected with DLOADER.Trojan
      c:\program files\markany\document safer\websaferv4ie9.dll - probably infected with DLOADER.Trojan
      c:\program files\tightvnc\tvnserver.exe - is riskware program Program.VNCRemote.1
      C:\pagefile.sys - read error
      C:\WINDOWS\system32\CatRoot2\edb.log - read error
      C:\WINDOWS\system32\CatRoot2\tmp.edb - read error
      C:\WINDOWS\system32\config\default - read error
      C:\WINDOWS\system32\config\default.LOG - read error
      C:\WINDOWS\system32\config\SAM - read error
      C:\WINDOWS\system32\config\SAM.LOG - read error
      C:\WINDOWS\system32\config\SECURITY - read error
      C:\WINDOWS\system32\config\SECURITY.LOG - read error
      C:\WINDOWS\system32\config\software.LOG - read error
      C:\WINDOWS\system32\config\system - read error
      C:\WINDOWS\system32\config\system.LOG - read error
      C:\WINDOWS\system32\config\software - read error
      C:\Documents and Settings\lgemm\My Documents\APP\klmcodec434.exe - container, password protected
      C:\Documents and Settings\lgemm\My Documents\APP\WinToFlash-2011-06-21\WinToFlash.exe - infected with Trojan.NtRootKit.15405
      C:\Documents and Settings\lgemm\My Documents\APP\WinToFlash-2011-06-21\WinToFlash.exe - infected

      Total 25841792525 bytes in 20526 files scanned (40925 objects)
      Total 20503 files (40609 objects) are clean
      Total 2 files (3 objects) are infected
      Total 2 files (4 objects) are suspicious
      Total 22 files (309 objects) are raised error condition
      Scan time is 00:20:51.067

      -----------------------------------------------------------------------------
      Start curing
      -----------------------------------------------------------------------------
      c:\program files\tightvnc\tvnserver.exe - quarantined, reboot required
      c:\program files\markany\document safer\websaferv4ie9.dll - quarantined, reboot required
      c:\program files\markany\document safer\websaferv4ie8.dll - quarantined, reboot required
      C:\Documents and Settings\lgemm\My Documents\APP\WinToFlash-2011-06-21\WinToFlash.exe - deleted

      Total 25841792525 bytes in 20526 files scanned (40925 objects)
      Total 20503 files (40609 objects) are clean
      Total 2 files (3 objects) are infected
      Total 2 files (4 objects) are suspicious
      Total 4 files are neutralized
      Total 22 files (309 objects) are raised error condition
      Scan time is 00:20:51.067

    8. #18
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      Hola,

      Hace lo siguiente:

      Descargamos y instalamos superantispyware Superantispyware

      Abrimos Superantispyware y nos aparecerá lo siguiente :



      Pulsamos en el botón buscar actualizaciones :


      PD: Nos aparecera una imagen de las actualizaciones descargadas y le damos a "Cerrar"

      Hace click en analisar sistema y Realizas el siguiente analisis y le damos a siguiente

      Cuando el análisis se finalice, se mostrará la siguiente pantalla con las infecciones encontradas:

      Nos aparecera lo siguiente :


      PD: Cuando nos pida reiniciar el equipo le damos a si.

      Importante: Los reportes quedan guardados en la pestaña Estadística/Registro de la sección Configuración y Preferencias.

      Le damos a ver registro y nos aparecera lo siguiente :


      Y lo pegas en este mismo tema

      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #19
      Usuario Avatar de fvelazquez11
      Registrado
      feb 2013
      Ubicación
      mon
      Mensajes
      27

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      Holas aqui esta el log

      SUPERAntiSpyware Scan Log
      SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

      Generated 02/16/2013 at 02:38 PM

      Application Version : 5.6.1014

      Core Rules Database Version : 10017
      Trace Rules Database Version: 7829

      Scan type : Complete Scan
      Total Scan Time : 00:51:52

      Operating System Information
      Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
      Administrator

      Memory items scanned : 797
      Memory threats detected : 0
      Registry items scanned : 42377
      Registry threats detected : 0
      File items scanned : 54211
      File threats detected : 12

      Adware.Tracking Cookie
      C:\Documents and Settings\lgemm\Cookies\WQQIHFKM.txt [ /liveperson.net ]
      C:\Documents and Settings\lgemm\Cookies\K1ST21WJ.txt [ /liveperson.net ]
      C:\Documents and Settings\lgemm\Cookies\6QG1KY9W.txt [ /invitemedia.com ]
      C:\Documents and Settings\lgemm\Cookies\DYYGFILH.txt [ /estat.com ]
      C:\Documents and Settings\lgemm\Cookies\36YTLSXQ.txt [ /server.iad.liveperson.net ]
      C:\Documents and Settings\lgemm\Cookies\J7Y1HP1W.txt [ /imrworldwide.com ]
      C:\Documents and Settings\lgemm\Cookies\XATF1V6E.txt [ /smartadserver.com ]

      Trojan.Agent/Gen-Cryptor[Egun]
      C:\MES SOURCE\05.OTHERS PROGRAMS\SINCRONIZE TIME\2012.02.05\MESYNC.EXE
      C:\MES SOURCE\05.OTHERS PROGRAMS\SINCRONIZE TIME\2013.02.03\MESYNC.EXE
      C:\MESYNC.EXE

      Trojan.Agent/Gen-Autoit
      C:\UPDATE_USBFIX.EXE

      Adware.GAIN/Gator
      C:\WWCNT\GMT.EXE

    10. #20
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Malwarebytes deteceta Backdoor.Agent.DCGen pero no elimina

      Hola fvelazquez11 :

      Abrí Usbfix y dale a Cleanup!

      Hace lo siguiente que quiero ver unas cosas en el informe :

      • Realiza lo siguiente:
      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) By Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta la herramienta como administrador.
      • Aparecerá el Disclaimer de la herramienta.Presiona .
      • Presiona sobre la opción 1 (Buscar y Destruir)
      • La herramienta desconectará el escritorio moméntaneamente.
      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.
      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.