• Registrarse
  • Iniciar sesión


  • Resultados 1 al 7 de 7

    troyano Sirefef.EZ

    Saludos, recientemente por un descuido en la seguridad de mi ordenador, mi antivirus (Nod32) detecto este troyano, le di a la opcion de eliminar y me pidio reiniciar el ordenador, lo cual procedi a hacer, ...

    1. #1
      Usuario Avatar de hafp90
      Registrado
      abr 2007
      Ubicación
      Mexico
      Mensajes
      8

      Malware troyano Sirefef.EZ

      Saludos, recientemente por un descuido en la seguridad de mi ordenador, mi antivirus (Nod32) detecto este troyano, le di a la opcion de eliminar y me pidio reiniciar el ordenador, lo cual procedi a hacer, pero en cuanto accedia a windows despues de reiniciar, el troyano volvia a ser detectado y volvia a pedir reiniciar. Hice una exploracion con Nod32 y detecto la siguiente amenaza:

      Memoria operativa = C:\Windows\assembly\GAC_32\Desktop.ini - una variante de Win32/Sirefef.EZ troyano

      Ya habia hecho la exploracion anteriormente y me pide reiniciar, pero este no es eliminado. Mi ordenador empezo a sentirse mas lento y en google chrome me aparece lo siguiente:

      El certificado de seguridad del servidor está revocado.
      Intentaste acceder a www.google.com.mx, pero el emisor anuló el certificado que presentó el servidor. Esto significa que no se debe confiar en absoluto en las credenciales de seguridad que presentó el servidor. Te puedes estar comunicando con un atacante.
      No puedes continuar porque el operador del sitio web ha solicitado mayores medidas de seguridad para este dominio.

      No se si sea coincidencia (no creo) o sea a causa del troyano, como ya dije antes eh notado mucho cambio en mi ordenador y presiento que solo es la punta del iceberg. Espero atentamente que me puedan ayudar con mi problema muchas gracias de antemano .

    2. #2
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      re: troyano Sirefef.EZ

      Hola hafp90 :

      Descarga,actualiza y realiza un escaneo completo con el malwarebytes:Manual de Malwarebytes Anti-Malware 2

      -Instala el programa con idioma español.
      -Vete a la pestaña actualizar y actualizas a la ultima version
      -Vete a la pestaña Escáner y realizas un Ánalisis completo.
      -Una vez finalizado, pulsa sobre "Mostrar los Resultados " y "Eliminar Seleccionadas" como se demuestra en esta foto
      -En el caso de que te pida reiniciar,reinicia.
      -Peganos el reporte del escaneo del malwarebytes despues de reiniciar,esta en la pestaña Registros.

      Descarga Ccleaner:Manual de CCleaner

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad

      Descarga TDSSKiller.zip a tu escritorio.
      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip
      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón

        .
      • TDSSKiller comenzara a analizar el equipo.
      • Si el equipo no está infectado:
      • Mostrara
      • No threats found.
      • Presiona clic sobre el botón "Close"
      • Si el equipo está infectado:
      • Mostrara:
      • Threats detected.
      • Select action for found objects:

      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".
      • Suspicious object, medium risk. Usa siempre la opción "Skip"
      • El programa selecciona de forma automática la acción a tomar.
      • Presiona clic sobre el botón "Continue"
      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.
      • Presiona clic sobre el botón

      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de hafp90
      Registrado
      abr 2007
      Ubicación
      Mexico
      Mensajes
      8

      re: troyano Sirefef.EZ

      Saludos gracias por la atencion. Aqui estan ambos reportes:

      Reporte del escaneo del malwarebytes

      Malwarebytes Anti-Malware (Versión de Prueba) 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.03.30.08

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Andres :: IRX99 [administrador]

      Protección: Habilitado

      2013/03/30 06:13:35 p.m.
      mbam-log-2013-03-30 (18-13-35).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 754072
      Tiempo transcurrido: 3 hora(s), 43 minuto(s), 45 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 2
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TNODUP.EXE (Trojan.Agent.CK) -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINST-TNOD.EXE (Trojan.Agent.CK) -> En cuarentena y eliminado con éxito.

      Valores del Registro Detectados: 2
      HKCU\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|Tabs (Trojan.StartPage) -> datos: Search -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|Tabs (Trojan.StartPage) -> datos: Search -> En cuarentena y eliminado con éxito.

      Elementos de Datos del Registro Detectados: 2
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Malo: (Search) Bueno: (Google) -> En cuarentena y reparado con éxito.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Malo: (Search) Bueno: (Google) -> En cuarentena y reparado con éxito.

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 25
      C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Trojan.Agent.CK) -> En cuarentena y eliminado con éxito.
      C:\Program Files\ESET\TNod User & Password Finder\uninst-tnod.exe (Trojan.Agent.CK) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\Beat Hazard Ultra\TDU.exe (Packer.ModifiedUPX) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\Blocks That Matter\TDU.exe (Packer.ModifiedUPX) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\DAEMON Tools Pro\autoloader_dt_loader_0.4.exe (Trojan.Swisyn) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\DAEMON Tools Pro\ind.dll (RiskWare.Tool.CK) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\Defense Grid - The Awakening\TDU2k.exe (Packer.ModifiedUPX) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\Limbo\TDU.exe (Packer.ModifiedUPX) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\Mark of the Ninja\TDU3k.exe (Packer.ModifiedUPX) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\NFU2\SetupReg.exe (Trojan.Nuker) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\NFU2\Keys\rld-nu2k.exe (Trojan.Downloader) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\Readiris Corporate 12\patch_readiris_corporate_v12.0.exe (RiskWare.Tool.CK) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\Sonic the Hedgehog 4 - Episode 1\TDU1k.exe (Packer.ModifiedUPX) -> En cuarentena y eliminado con éxito.
      C:\Program Files (x86)\VictorVal\Alien Breed Gold Repack\Alien Breed 3 Descent\Binaries\AlienBreed3Launcher.exe (Trojan.Agent.H) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\77ce5bf5-72b1418f (Trojan.Dropper) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\AppData\Roaming\MCommon\MTool_new.exe (Trojan.MSIL) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\Desktop\Escritorio\NsN.-BEHA170611.-PC\NFOviewer.exe (Malware.Packer.Krunchy) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\Downloads\vChew-WGA v0.9.eXe (Hacktool.ChewWGA) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\Downloads\EA Games Generic Multi Keygen v214 - FFF By ChattChitto\EA Games Generic Multi Keygen 214 - By FFF.exe (RiskWare.Tool.CK) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\Downloads\KeyGen EA\Keygen Para Juegos De EA.exe (RiskWare.Tool.CK) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\Downloads\Regular Show\RemoveWAT_2.2.6\RemoveWAT 2.2.6 [luiskano.net]\RemoveWAT 2.2.6.exe (HackTool.Wpakill) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\Downloads\TNod.1.4.2.b4.Setup\TNod-1.4.2.0-beta4-setup.exe (Trojan.Agent.CK) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\Downloads\TU_12_F_K_masterkreatif.com\2nu12masterkreatif.com key\2nu12masterkreatif.com key.exe (Malware.Packer) -> En cuarentena y eliminado con éxito.
      C:\Users\Andres\My Stuff\Programas\Readiris_Corporate_12.0.5702\patch\patch_readiris_corporate_v12.0.exe (RiskWare.Tool.CK) -> En cuarentena y eliminado con éxito.
      C:\Windows\Installer\{cd46d54a-18eb-16f2-d81d-a754e77e5ea6}\U\000000cb.@ (Rootkit.0Access) -> En cuarentena y eliminado con éxito.

      fin)

    4. #4
      Usuario Avatar de hafp90
      Registrado
      abr 2007
      Ubicación
      Mexico
      Mensajes
      8

      re: troyano Sirefef.EZ

      Reporte de TDSSKiller (hay 3, este es el mas reciente)

      22:41:06.0006 3528 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
      22:41:08.0018 3528 ============================================================
      22:41:08.0018 3528 Current date / time: 2013/03/30 22:41:08.0018
      22:41:08.0018 3528 SystemInfo:
      22:41:08.0018 3528
      22:41:08.0018 3528 OS Version: 6.1.7601 ServicePack: 1.0
      22:41:08.0018 3528 Product type: Workstation
      22:41:08.0018 3528 ComputerName: IRX99
      22:41:08.0018 3528 UserName: Andres
      22:41:08.0018 3528 Windows directory: C:\Windows
      22:41:08.0018 3528 System windows directory: C:\Windows
      22:41:08.0018 3528 Running under WOW64
      22:41:08.0018 3528 Processor architecture: Intel x64
      22:41:08.0018 3528 Number of processors: 4
      22:41:08.0018 3528 Page size: 0x1000
      22:41:08.0018 3528 Boot type: Normal boot
      22:41:08.0018 3528 ============================================================
      22:41:09.0812 3528 BG loaded
      22:41:11.0528 3528 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      22:41:11.0544 3528 ============================================================
      22:41:11.0544 3528 \Device\Harddisk0\DR0:
      22:41:11.0544 3528 MBR partitions:
      22:41:11.0544 3528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0x47D5E1FB
      22:41:11.0544 3528 ============================================================
      22:41:11.0622 3528 C: <-> \Device\Harddisk0\DR0\Partition1
      22:41:11.0637 3528 ============================================================
      22:41:11.0637 3528 Initialize success
      22:41:11.0637 3528 ============================================================
      22:41:23.0493 2764 ============================================================
      22:41:23.0493 2764 Scan started
      22:41:23.0493 2764 Mode: Manual;
      22:41:23.0493 2764 ============================================================
      22:41:23.0946 2764 ================ Scan system memory ========================
      22:41:23.0946 2764 System memory - ok
      22:41:23.0946 2764 ================ Scan services =============================
      22:41:24.0398 2764 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
      22:41:24.0398 2764 1394ohci - ok
      22:41:24.0616 2764 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
      22:41:24.0648 2764 ACPI - ok
      22:41:24.0710 2764 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
      22:41:24.0710 2764 AcpiPmi - ok
      22:41:25.0022 2764 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      22:41:25.0038 2764 AdobeARMservice - ok
      22:41:25.0428 2764 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      22:41:25.0443 2764 AdobeFlashPlayerUpdateSvc - ok
      22:41:25.0490 2764 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
      22:41:25.0506 2764 adp94xx - ok
      22:41:25.0833 2764 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
      22:41:25.0849 2764 adpahci - ok
      22:41:25.0896 2764 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
      22:41:25.0896 2764 adpu320 - ok
      22:41:25.0942 2764 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      22:41:25.0942 2764 AeLookupSvc - ok
      22:41:25.0974 2764 [ 079CBA3C5C9AB11B2B4E6BD729A860F2 ] AFBAgent C:\Windows\system32\FBAgent.exe
      22:41:26.0005 2764 AFBAgent - ok
      22:41:26.0083 2764 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
      22:41:26.0083 2764 AFD - ok
      22:41:26.0145 2764 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
      22:41:26.0145 2764 agp440 - ok
      22:41:26.0161 2764 AIDA64Driver - ok
      22:41:26.0208 2764 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
      22:41:26.0223 2764 ALG - ok
      22:41:26.0270 2764 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
      22:41:26.0286 2764 aliide - ok
      22:41:26.0301 2764 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
      22:41:26.0317 2764 amdide - ok
      22:41:26.0410 2764 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
      22:41:26.0426 2764 AmdK8 - ok
      22:41:26.0473 2764 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
      22:41:26.0473 2764 AmdPPM - ok
      22:41:26.0520 2764 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
      22:41:26.0535 2764 amdsata - ok
      22:41:26.0551 2764 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
      22:41:26.0566 2764 amdsbs - ok
      22:41:26.0566 2764 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      22:41:26.0582 2764 amdxata - ok
      22:41:26.0613 2764 [ 9C7F164B49CADC658D1B3C575782F346 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
      22:41:26.0613 2764 AmUStor - ok
      22:41:26.0660 2764 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
      22:41:26.0676 2764 AppID - ok
      22:41:26.0707 2764 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      22:41:26.0707 2764 AppIDSvc - ok
      22:41:26.0738 2764 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
      22:41:26.0754 2764 Appinfo - ok
      22:41:26.0878 2764 [ F315F08142E39E969D785CE409AD61CE ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
      22:41:26.0878 2764 Application Updater - ok
      22:41:26.0972 2764 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
      22:41:26.0972 2764 AppMgmt - ok
      22:41:27.0019 2764 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
      22:41:27.0019 2764 arc - ok
      22:41:27.0034 2764 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
      22:41:27.0050 2764 arcsas - ok
      22:41:27.0112 2764 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
      22:41:27.0112 2764 ASLDRService - ok
      22:41:27.0128 2764 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
      22:41:27.0128 2764 ASMMAP64 - ok
      22:41:27.0346 2764 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
      22:41:27.0440 2764 aspnet_state - ok
      22:41:27.0456 2764 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      22:41:27.0456 2764 AsyncMac - ok
      22:41:27.0502 2764 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
      22:41:27.0502 2764 atapi - ok
      22:41:27.0830 2764 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
      22:41:27.0892 2764 athr - ok
      22:41:27.0908 2764 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
      22:41:27.0924 2764 ATKGFNEXSrv - ok
      22:41:28.0048 2764 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      22:41:28.0064 2764 AudioEndpointBuilder - ok
      22:41:28.0142 2764 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
      22:41:28.0158 2764 AudioSrv - ok
      22:41:28.0204 2764 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
      22:41:28.0204 2764 AxInstSV - ok
      22:41:28.0251 2764 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
      22:41:28.0267 2764 b06bdrv - ok
      22:41:28.0329 2764 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
      22:41:28.0345 2764 b57nd60a - ok
      22:41:28.0454 2764 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
      22:41:28.0470 2764 BDESVC - ok
      22:41:28.0485 2764 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
      22:41:28.0501 2764 Beep - ok
      22:41:28.0532 2764 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
      22:41:28.0532 2764 blbdrive - ok
      22:41:28.0563 2764 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      22:41:28.0579 2764 bowser - ok
      22:41:28.0626 2764 [ F46DD257FAD7D2D097EF32E72220A06C ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys
      22:41:28.0626 2764 bpenum - ok
      22:41:28.0704 2764 [ E82060AED0F28ED8909F2B07FA276185 ] bpmp C:\Windows\system32\DRIVERS\bpmp.sys
      22:41:28.0704 2764 bpmp - ok
      22:41:28.0750 2764 [ FC6313A5A45C1AE53D0491F0057D5A4D ] bpusb C:\Windows\system32\Drivers\bpusb.sys
      22:41:28.0750 2764 bpusb - ok
      22:41:28.0906 2764 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
      22:41:28.0906 2764 BrFiltLo - ok
      22:41:28.0969 2764 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
      22:41:28.0984 2764 BrFiltUp - ok
      22:41:29.0047 2764 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
      22:41:29.0047 2764 Browser - ok
      22:41:29.0078 2764 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      22:41:29.0078 2764 Brserid - ok
      22:41:29.0125 2764 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      22:41:29.0125 2764 BrSerWdm - ok
      22:41:29.0187 2764 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      22:41:29.0203 2764 BrUsbMdm - ok
      22:41:29.0250 2764 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      22:41:29.0250 2764 BrUsbSer - ok
      22:41:29.0281 2764 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
      22:41:29.0296 2764 BTHMODEM - ok
      22:41:29.0343 2764 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
      22:41:29.0343 2764 bthserv - ok
      22:41:29.0374 2764 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      22:41:29.0390 2764 cdfs - ok
      22:41:29.0437 2764 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      22:41:29.0437 2764 cdrom - ok
      22:41:29.0515 2764 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
      22:41:29.0530 2764 CertPropSvc - ok
      22:41:29.0577 2764 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
      22:41:29.0577 2764 circlass - ok
      22:41:29.0686 2764 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
      22:41:29.0702 2764 CLFS - ok
      22:41:29.0827 2764 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      22:41:29.0858 2764 clr_optimization_v2.0.50727_32 - ok
      22:41:29.0936 2764 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      22:41:29.0952 2764 clr_optimization_v2.0.50727_64 - ok
      22:41:30.0201 2764 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      22:41:30.0544 2764 clr_optimization_v4.0.30319_32 - ok
      22:41:30.0576 2764 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      22:41:30.0622 2764 clr_optimization_v4.0.30319_64 - ok
      22:41:30.0700 2764 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      22:41:30.0700 2764 CmBatt - ok
      22:41:30.0747 2764 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
      22:41:30.0747 2764 cmdide - ok
      22:41:30.0825 2764 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
      22:41:30.0856 2764 CNG - ok
      22:41:30.0888 2764 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      22:41:30.0888 2764 Compbatt - ok
      22:41:30.0981 2764 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
      22:41:30.0981 2764 CompositeBus - ok
      22:41:30.0981 2764 COMSysApp - ok
      22:41:31.0044 2764 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
      22:41:31.0044 2764 crcdisk - ok
      22:41:31.0137 2764 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
      22:41:31.0137 2764 CryptSvc - ok
      22:41:31.0371 2764 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
      22:41:31.0418 2764 CSC - ok
      22:41:31.0636 2764 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
      22:41:31.0746 2764 CscService - ok
      22:41:31.0792 2764 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
      22:41:31.0808 2764 DcomLaunch - ok
      22:41:31.0855 2764 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
      22:41:31.0870 2764 defragsvc - ok
      22:41:31.0964 2764 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      22:41:31.0980 2764 DfsC - ok
      22:41:32.0120 2764 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
      22:41:32.0120 2764 Dhcp - ok
      22:41:32.0292 2764 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
      22:41:32.0292 2764 discache - ok
      22:41:32.0354 2764 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
      22:41:32.0370 2764 Disk - ok
      22:41:32.0526 2764 [ C4AEBBEB530706B45B7916161A1F525D ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
      22:41:32.0604 2764 DMAgent - ok
      22:41:32.0650 2764 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      22:41:32.0650 2764 Dnscache - ok
      22:41:32.0697 2764 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
      22:41:32.0713 2764 dot3svc - ok
      22:41:32.0744 2764 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
      22:41:32.0760 2764 Dot4 - ok
      22:41:32.0791 2764 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
      22:41:32.0791 2764 Dot4Print - ok
      22:41:32.0822 2764 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
      22:41:32.0822 2764 dot4usb - ok
      22:41:32.0869 2764 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
      22:41:32.0884 2764 DPS - ok
      22:41:32.0931 2764 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      22:41:32.0931 2764 drmkaud - ok
      22:41:33.0072 2764 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      22:41:33.0087 2764 DXGKrnl - ok
      22:41:33.0212 2764 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
      22:41:33.0212 2764 eamonm - ok
      22:41:33.0259 2764 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
      22:41:33.0259 2764 EapHost - ok
      22:41:34.0226 2764 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
      22:41:34.0335 2764 ebdrv - ok
      22:41:34.0413 2764 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
      22:41:34.0429 2764 EFS - ok
      22:41:34.0616 2764 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
      22:41:34.0616 2764 ehdrv - ok
      22:41:34.0850 2764 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      22:41:37.0689 2764 ehRecvr - ok
      22:41:37.0830 2764 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
      22:41:37.0845 2764 ehSched - ok
      22:41:37.0861 2764 EIO64 - ok
      22:41:38.0188 2764 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
      22:41:38.0204 2764 ekrn - ok
      22:41:38.0313 2764 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
      22:41:38.0360 2764 elxstor - ok
      22:41:38.0454 2764 [ 587F0F4145A1536A6E37EFD769B7665F ] epfw C:\Windows\system32\DRIVERS\epfw.sys
      22:41:38.0454 2764 epfw - ok
      22:41:38.0516 2764 [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
      22:41:38.0516 2764 EpfwLWF - ok
      22:41:38.0578 2764 [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
      22:41:38.0578 2764 epfwwfp - ok
      22:41:38.0625 2764 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
      22:41:38.0625 2764 ErrDev - ok
      22:41:38.0672 2764 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
      22:41:38.0672 2764 ETD - ok
      22:41:38.0937 2764 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
      22:41:38.0953 2764 EventSystem - ok
      22:41:39.0078 2764 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      22:41:39.0140 2764 EvtEng - ok
      22:41:39.0187 2764 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
      22:41:39.0187 2764 exfat - ok
      22:41:39.0218 2764 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
      22:41:39.0234 2764 fastfat - ok
      22:41:39.0296 2764 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
      22:41:39.0312 2764 Fax - ok
      22:41:39.0343 2764 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      22:41:39.0343 2764 fdc - ok
      22:41:39.0390 2764 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
      22:41:39.0390 2764 fdPHost - ok
      22:41:39.0499 2764 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
      22:41:39.0499 2764 FDResPub - ok
      22:41:39.0561 2764 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      22:41:39.0561 2764 FileInfo - ok
      22:41:39.0624 2764 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      22:41:39.0624 2764 Filetrace - ok
      22:41:39.0702 2764 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      22:41:39.0748 2764 FLEXnet Licensing Service - ok
      22:41:39.0811 2764 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      22:41:39.0826 2764 flpydisk - ok
      22:41:39.0873 2764 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      22:41:39.0873 2764 FltMgr - ok
      22:41:39.0951 2764 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
      22:41:39.0998 2764 FontCache - ok
      22:41:40.0092 2764 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      22:41:40.0092 2764 FontCache3.0.0.0 - ok
      22:41:40.0138 2764 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      22:41:40.0154 2764 FsDepends - ok
      22:41:40.0185 2764 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
      22:41:40.0201 2764 fssfltr - ok
      22:41:40.0513 2764 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
      22:41:40.0591 2764 fsssvc - ok
      22:41:40.0825 2764 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      22:41:40.0825 2764 Fs_Rec - ok
      22:41:40.0965 2764 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      22:41:40.0965 2764 fvevol - ok
      22:41:41.0028 2764 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
      22:41:41.0028 2764 gagp30kx - ok
      22:41:41.0168 2764 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
      22:41:41.0184 2764 gpsvc - ok
      22:41:41.0293 2764 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
      22:41:41.0293 2764 hamachi - ok
      22:41:41.0776 2764 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
      22:41:41.0823 2764 Hamachi2Svc - ok
      22:41:41.0886 2764 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      22:41:41.0901 2764 hcw85cir - ok
      22:41:41.0995 2764 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      22:41:42.0010 2764 HdAudAddService - ok
      22:41:42.0073 2764 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
      22:41:42.0073 2764 HDAudBus - ok
      22:41:42.0120 2764 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
      22:41:42.0120 2764 HECIx64 - ok
      22:41:42.0151 2764 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
      22:41:42.0166 2764 HidBatt - ok
      22:41:42.0182 2764 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
      22:41:42.0198 2764 HidBth - ok
      22:41:42.0213 2764 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
      22:41:42.0229 2764 HidIr - ok
      22:41:42.0276 2764 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
      22:41:42.0276 2764 hidserv - ok
      22:41:42.0307 2764 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      22:41:42.0307 2764 HidUsb - ok
      22:41:42.0338 2764 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
      22:41:42.0354 2764 hkmsvc - ok
      22:41:42.0400 2764 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      22:41:42.0416 2764 HomeGroupListener - ok
      22:41:42.0510 2764 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      22:41:42.0510 2764 HomeGroupProvider - ok
      22:41:42.0556 2764 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
      22:41:42.0572 2764 HpSAMD - ok
      22:41:42.0744 2764 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
      22:41:42.0790 2764 HPSLPSVC - ok
      22:41:42.0900 2764 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      22:41:42.0915 2764 HTTP - ok
      22:41:43.0024 2764 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      22:41:43.0024 2764 hwpolicy - ok
      22:41:43.0071 2764 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
      22:41:43.0071 2764 i8042prt - ok
      22:41:43.0118 2764 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
      22:41:43.0134 2764 iaStor - ok
      22:41:43.0212 2764 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      22:41:43.0227 2764 iaStorV - ok
      22:41:43.0321 2764 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      22:41:43.0321 2764 IDriverT - ok
      22:41:43.0633 2764 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      22:41:43.0711 2764 idsvc - ok
      22:41:44.0584 2764 [ 174BCAC474DE13B2650E444CF124828E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
      22:41:44.0818 2764 igfx - ok
      22:41:44.0865 2764 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
      22:41:44.0865 2764 iirsp - ok
      22:41:44.0990 2764 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
      22:41:45.0021 2764 IKEEXT - ok
      22:41:45.0052 2764 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
      22:41:45.0052 2764 Impcd - ok
      22:41:45.0380 2764 [ 03076F51AF9F78A272CCCDE03E9340CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
      22:41:45.0427 2764 IntcAzAudAddService - ok
      22:41:45.0489 2764 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
      22:41:45.0489 2764 IntcDAud - ok
      22:41:45.0536 2764 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
      22:41:45.0536 2764 intelide - ok
      22:41:45.0583 2764 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      22:41:45.0583 2764 intelppm - ok
      22:41:45.0614 2764 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      22:41:45.0614 2764 IPBusEnum - ok
      22:41:45.0676 2764 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      22:41:45.0676 2764 IpFilterDriver - ok
      22:41:45.0723 2764 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
      22:41:45.0723 2764 IPMIDRV - ok
      22:41:45.0754 2764 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      22:41:45.0754 2764 IPNAT - ok
      22:41:45.0770 2764 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      22:41:45.0770 2764 IRENUM - ok
      22:41:45.0848 2764 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      22:41:45.0848 2764 isapnp - ok
      22:41:45.0973 2764 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
      22:41:46.0051 2764 iScsiPrt - ok
      22:41:46.0113 2764 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
      22:41:46.0113 2764 kbdclass - ok
      22:41:46.0254 2764 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
      22:41:46.0254 2764 kbdhid - ok
      22:41:46.0332 2764 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
      22:41:46.0332 2764 kbfiltr - ok
      22:41:46.0378 2764 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
      22:41:46.0378 2764 KeyIso - ok
      22:41:46.0394 2764 KMService - ok
      22:41:46.0472 2764 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      22:41:46.0472 2764 KSecDD - ok
      22:41:46.0550 2764 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      22:41:46.0566 2764 KSecPkg - ok
      22:41:46.0644 2764 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
      22:41:46.0644 2764 ksthunk - ok
      22:41:47.0018 2764 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
      22:41:47.0034 2764 KtmRm - ok
      22:41:47.0112 2764 [ 48686C29856F46443952A831424F8D6F ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
      22:41:47.0112 2764 L1C - ok
      22:41:47.0158 2764 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
      22:41:47.0174 2764 LanmanServer - ok
      22:41:47.0205 2764 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      22:41:47.0221 2764 LanmanWorkstation - ok
      22:41:47.0268 2764 lirsgt - ok
      22:41:47.0299 2764 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      22:41:47.0299 2764 lltdio - ok
      22:41:47.0346 2764 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
      22:41:47.0361 2764 lltdsvc - ok
      22:41:47.0377 2764 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
      22:41:47.0377 2764 lmhosts - ok
      22:41:47.0439 2764 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      22:41:47.0439 2764 LMS - ok
      22:41:47.0502 2764 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
      22:41:47.0517 2764 LSI_FC - ok
      22:41:47.0564 2764 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
      22:41:47.0564 2764 LSI_SAS - ok
      22:41:47.0595 2764 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
      22:41:47.0595 2764 LSI_SAS2 - ok
      22:41:47.0673 2764 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
      22:41:47.0673 2764 LSI_SCSI - ok
      22:41:47.0704 2764 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
      22:41:47.0704 2764 luafv - ok
      22:41:47.0767 2764 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
      22:41:47.0767 2764 MBAMProtector - ok
      22:41:47.0970 2764 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      22:41:47.0970 2764 MBAMScheduler - ok
      22:41:48.0126 2764 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      22:41:48.0126 2764 MBAMService - ok
      22:41:48.0188 2764 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      22:41:48.0204 2764 Mcx2Svc - ok
      22:41:48.0235 2764 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
      22:41:48.0250 2764 megasas - ok
      22:41:48.0328 2764 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
      22:41:48.0375 2764 MegaSR - ok
      22:41:48.0547 2764 Microsoft SharePoint Workspace Audit Service - ok
      22:41:48.0594 2764 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
      22:41:48.0594 2764 MMCSS - ok
      22:41:48.0625 2764 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
      22:41:48.0625 2764 Modem - ok
      22:41:48.0672 2764 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      22:41:48.0672 2764 monitor - ok
      22:41:48.0687 2764 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      22:41:48.0687 2764 mouclass - ok
      22:41:48.0718 2764 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      22:41:48.0734 2764 mouhid - ok
      22:41:48.0781 2764 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      22:41:48.0796 2764 mountmgr - ok
      22:41:48.0921 2764 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      22:41:48.0937 2764 MozillaMaintenance - ok
      22:41:48.0984 2764 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
      22:41:48.0999 2764 mpio - ok
      22:41:49.0030 2764 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      22:41:49.0030 2764 mpsdrv - ok
      22:41:49.0077 2764 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      22:41:49.0077 2764 MRxDAV - ok
      22:41:49.0124 2764 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      22:41:49.0124 2764 mrxsmb - ok
      22:41:49.0140 2764 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      22:41:49.0155 2764 mrxsmb10 - ok
      22:41:49.0171 2764 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      22:41:49.0171 2764 mrxsmb20 - ok
      22:41:49.0186 2764 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
      22:41:49.0186 2764 msahci - ok
      22:41:49.0233 2764 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      22:41:49.0233 2764 msdsm - ok
      22:41:49.0264 2764 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
      22:41:49.0264 2764 MSDTC - ok
      22:41:49.0311 2764 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      22:41:49.0311 2764 Msfs - ok
      22:41:49.0327 2764 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      22:41:49.0342 2764 mshidkmdf - ok
      22:41:49.0374 2764 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      22:41:49.0374 2764 msisadrv - ok
      22:41:49.0420 2764 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      22:41:49.0436 2764 MSiSCSI - ok
      22:41:49.0452 2764 msiserver - ok
      22:41:49.0483 2764 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      22:41:49.0498 2764 MSKSSRV - ok
      22:41:49.0545 2764 [ 103B3BBE23AB774B009D182276EC6786 ] msloop C:\Windows\system32\DRIVERS\loop.sys
      22:41:49.0545 2764 msloop - ok
      22:41:49.0561 2764 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      22:41:49.0576 2764 MSPCLOCK - ok
      22:41:49.0654 2764 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      22:41:49.0654 2764 MSPQM - ok
      22:41:49.0717 2764 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      22:41:49.0732 2764 MsRPC - ok
      22:41:49.0810 2764 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
      22:41:49.0810 2764 mssmbios - ok
      22:41:49.0873 2764 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      22:41:49.0888 2764 MSTEE - ok
      22:41:49.0935 2764 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
      22:41:49.0951 2764 MTConfig - ok
      22:41:49.0982 2764 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
      22:41:49.0982 2764 MTsensor - ok
      22:41:50.0013 2764 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
      22:41:50.0029 2764 Mup - ok
      22:41:50.0200 2764 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
      22:41:50.0216 2764 MyWiFiDHCPDNS - ok
      22:41:50.0325 2764 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
      22:41:50.0341 2764 napagent - ok
      22:41:50.0450 2764 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      22:41:50.0450 2764 NativeWifiP - ok
      22:41:50.0762 2764 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
      22:41:50.0793 2764 NDIS - ok
      22:41:50.0856 2764 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      22:41:50.0856 2764 NdisCap - ok
      22:41:50.0871 2764 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      22:41:50.0871 2764 NdisTapi - ok
      22:41:50.0918 2764 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      22:41:50.0918 2764 Ndisuio - ok
      22:41:50.0965 2764 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      22:41:50.0980 2764 NdisWan - ok
      22:41:51.0012 2764 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      22:41:51.0027 2764 NDProxy - ok
      22:41:51.0058 2764 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
      22:41:51.0058 2764 Net Driver HPZ12 - ok
      22:41:51.0090 2764 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      22:41:51.0090 2764 NetBIOS - ok
      22:41:51.0152 2764 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      22:41:51.0152 2764 NetBT - ok
      22:41:51.0183 2764 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
      22:41:51.0183 2764 Netlogon - ok
      22:41:51.0230 2764 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
      22:41:51.0230 2764 Netman - ok
      22:41:51.0277 2764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      22:41:51.0324 2764 NetMsmqActivator - ok
      22:41:51.0370 2764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      22:41:51.0386 2764 NetPipeActivator - ok
      22:41:51.0480 2764 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
      22:41:51.0495 2764 netprofm - ok
      22:41:51.0542 2764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      22:41:51.0542 2764 NetTcpActivator - ok
      22:41:51.0558 2764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      22:41:51.0558 2764 NetTcpPortSharing - ok
      22:41:52.0275 2764 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
      22:41:52.0416 2764 NETw5s64 - ok
      22:41:52.0540 2764 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
      22:41:52.0540 2764 nfrd960 - ok
      22:41:52.0634 2764 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
      22:41:52.0650 2764 NlaSvc - ok
      22:41:52.0743 2764 [ 4903177FC90E77ABEB19021451E9475E ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
      22:41:52.0759 2764 nmwcd - ok
      22:41:52.0884 2764 [ E6844A4C97E5409BBE24BB4ED000320D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
      22:41:52.0884 2764 nmwcdc - ok
      22:41:52.0946 2764 [ F59F8CF59F7905622686637177E2A828 ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
      22:41:52.0946 2764 nmwcdnsucx64 - ok
      22:41:52.0993 2764 [ A0E7F80157AF77B1CEAA8ADD3A3E7D85 ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
      22:41:52.0993 2764 nmwcdnsux64 - ok
      22:41:53.0040 2764 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      22:41:53.0040 2764 Npfs - ok
      22:41:53.0071 2764 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
      22:41:53.0071 2764 nsi - ok
      22:41:53.0118 2764 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      22:41:53.0118 2764 nsiproxy - ok
      22:41:53.0352 2764 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      22:41:53.0430 2764 Ntfs - ok
      22:41:53.0523 2764 nTuneService - ok
      22:41:53.0554 2764 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
      22:41:53.0554 2764 Null - ok
      22:41:54.0522 2764 [ 4EE399576F76D38C04745DB739BBC8C7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
      22:41:54.0709 2764 nvlddmkm - ok
      22:41:54.0787 2764 [ 8C1D181480796D7D3366A9381FD7782D ] nvoclk64 C:\Windows\system32\DRIVERS\nvoclk64.sys
      22:41:54.0787 2764 nvoclk64 - ok
      22:41:54.0849 2764 [ 7067753FA8B75A3BDBA5633B4D2A5D0A ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
      22:41:54.0865 2764 nvpciflt - ok
      22:41:54.0943 2764 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
      22:41:54.0958 2764 nvraid - ok
      22:41:55.0083 2764 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
      22:41:55.0099 2764 nvstor - ok
      22:41:55.0239 2764 [ 7335C3D78A7746D76D37F6722CC4A466 ] nvsvc C:\Windows\system32\nvvsvc.exe
      22:41:55.0255 2764 nvsvc - ok
      22:41:56.0269 2764 [ B7C53DA1C73FF39F4A6248643EFD979A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      22:41:56.0363 2764 nvUpdatusService - ok
      22:41:56.0441 2764 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      22:41:56.0456 2764 nv_agp - ok
      22:41:56.0519 2764 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
      22:41:56.0534 2764 ohci1394 - ok
      22:41:56.0597 2764 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      22:41:56.0612 2764 ose - ok
      22:41:57.0065 2764 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      22:41:57.0283 2764 osppsvc - ok
      22:41:57.0392 2764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      22:41:57.0423 2764 p2pimsvc - ok
      22:41:57.0486 2764 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
      22:41:57.0501 2764 p2psvc - ok
      22:41:57.0548 2764 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
      22:41:57.0548 2764 Parport - ok
      22:41:57.0579 2764 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
      22:41:57.0595 2764 partmgr - ok
      22:41:57.0626 2764 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
      22:41:57.0642 2764 PcaSvc - ok
      22:41:57.0673 2764 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
      22:41:57.0689 2764 pccsmcfd - ok
      22:41:57.0735 2764 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
      22:41:57.0751 2764 pci - ok
      22:41:57.0782 2764 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
      22:41:57.0782 2764 pciide - ok
      22:41:57.0876 2764 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
      22:41:57.0876 2764 pcmcia - ok
      22:41:57.0907 2764 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
      22:41:57.0907 2764 pcw - ok
      22:41:58.0032 2764 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      22:41:58.0047 2764 PEAUTH - ok
      22:41:58.0281 2764 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
      22:41:58.0328 2764 PeerDistSvc - ok
      22:41:59.0202 2764 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
      22:41:59.0217 2764 PerfHost - ok
      22:41:59.0623 2764 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
      22:41:59.0685 2764 pla - ok
      22:41:59.0795 2764 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      22:41:59.0810 2764 PlugPlay - ok
      22:41:59.0841 2764 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
      22:41:59.0841 2764 Pml Driver HPZ12 - ok
      22:41:59.0904 2764 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      22:41:59.0904 2764 PNRPAutoReg - ok
      22:41:59.0997 2764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      22:42:00.0013 2764 PNRPsvc - ok
      22:42:00.0044 2764 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
      22:42:00.0060 2764 Point64 - ok
      22:42:00.0185 2764 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      22:42:00.0216 2764 PolicyAgent - ok
      22:42:00.0325 2764 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
      22:42:00.0325 2764 Power - ok
      22:42:00.0372 2764 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      22:42:00.0372 2764 PptpMiniport - ok
      22:42:00.0450 2764 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
      22:42:00.0450 2764 Processor - ok
      22:42:00.0512 2764 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
      22:42:00.0528 2764 ProfSvc - ok
      22:42:00.0559 2764 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
      22:42:00.0559 2764 ProtectedStorage - ok
      22:42:00.0590 2764 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      22:42:00.0590 2764 Psched - ok
      22:42:00.0824 2764 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
      22:42:00.0887 2764 ql2300 - ok
      22:42:00.0933 2764 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
      22:42:00.0933 2764 ql40xx - ok
      22:42:00.0980 2764 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
      22:42:00.0980 2764 QWAVE - ok
      22:42:01.0058 2764 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      22:42:01.0058 2764 QWAVEdrv - ok
      22:42:01.0089 2764 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      22:42:01.0105 2764 RasAcd - ok
      22:42:01.0136 2764 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      22:42:01.0136 2764 RasAgileVpn - ok
      22:42:01.0199 2764 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
      22:42:01.0214 2764 RasAuto - ok
      22:42:01.0292 2764 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      22:42:01.0292 2764 Rasl2tp - ok
      22:42:01.0370 2764 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
      22:42:01.0386 2764 RasMan - ok
      22:42:01.0417 2764 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      22:42:01.0417 2764 RasPppoe - ok
      22:42:01.0433 2764 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      22:42:01.0433 2764 RasSstp - ok
      22:42:01.0542 2764 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      22:42:01.0542 2764 rdbss - ok
      22:42:01.0589 2764 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
      22:42:01.0589 2764 rdpbus - ok
      22:42:01.0620 2764 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      22:42:01.0620 2764 RDPCDD - ok
      22:42:01.0698 2764 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
      22:42:01.0698 2764 RDPDR - ok
      22:42:01.0745 2764 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      22:42:01.0745 2764 RDPENCDD - ok
      22:42:01.0791 2764 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      22:42:01.0791 2764 RDPREFMP - ok
      22:42:01.0869 2764 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
      22:42:01.0869 2764 RdpVideoMiniport - ok
      22:42:01.0932 2764 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      22:42:01.0932 2764 RDPWD - ok
      22:42:02.0057 2764 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      22:42:02.0057 2764 rdyboost - ok
      22:42:02.0259 2764 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      22:42:02.0275 2764 RegSrvc - ok
      22:42:02.0369 2764 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
      22:42:02.0369 2764 RemoteAccess - ok
      22:42:02.0431 2764 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      22:42:02.0447 2764 RemoteRegistry - ok
      22:42:02.0478 2764 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      22:42:02.0478 2764 RpcEptMapper - ok
      22:42:02.0525 2764 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
      22:42:02.0525 2764 RpcLocator - ok
      22:42:02.0603 2764 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
      22:42:02.0618 2764 RpcSs - ok
      22:42:02.0665 2764 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      22:42:02.0665 2764 rspndr - ok
      22:42:02.0712 2764 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
      22:42:02.0712 2764 SamSs - ok
      22:42:02.0790 2764 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      22:42:02.0790 2764 sbp2port - ok
      22:42:02.0852 2764 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
      22:42:02.0852 2764 SCardSvr - ok
      22:42:02.0993 2764 [ C81EB41E9FFC35560E5025891DC01A6E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
      22:42:02.0993 2764 SCDEmu - ok
      22:42:03.0055 2764 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      22:42:03.0055 2764 scfilter - ok
      22:42:03.0195 2764 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
      22:42:03.0211 2764 Schedule - ok
      22:42:03.0289 2764 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
      22:42:03.0289 2764 SCPolicySvc - ok
      22:42:03.0336 2764 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      22:42:03.0351 2764 SDRSVC - ok
      22:42:03.0398 2764 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      22:42:03.0398 2764 secdrv - ok
      22:42:03.0429 2764 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
      22:42:03.0445 2764 seclogon - ok
      22:42:03.0492 2764 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
      22:42:03.0507 2764 SENS - ok
      22:42:03.0539 2764 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
      22:42:03.0554 2764 SensrSvc - ok
      22:42:03.0601 2764 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
      22:42:03.0601 2764 Serenum - ok
      22:42:03.0648 2764 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
      22:42:03.0648 2764 Serial - ok
      22:42:03.0710 2764 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
      22:42:03.0726 2764 sermouse - ok
      22:42:03.0897 2764 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
      22:42:03.0913 2764 ServiceLayer - ok
      22:42:03.0991 2764 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
      22:42:04.0007 2764 SessionEnv - ok
      22:42:04.0241 2764 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      22:42:04.0319 2764 sffdisk - ok
      22:42:04.0397 2764 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      22:42:04.0397 2764 sffp_mmc - ok
      22:42:04.0490 2764 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      22:42:04.0506 2764 sffp_sd - ok
      22:42:04.0553 2764 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
      22:42:04.0568 2764 sfloppy - ok
      22:42:04.0787 2764 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      22:42:04.0802 2764 ShellHWDetection - ok
      22:42:04.0849 2764 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
      22:42:04.0849 2764 SiSGbeLH - ok
      22:42:04.0927 2764 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
      22:42:04.0927 2764 SiSRaid2 - ok
      22:42:04.0974 2764 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
      22:42:04.0974 2764 SiSRaid4 - ok
      22:42:05.0021 2764 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      22:42:05.0021 2764 Smb - ok
      22:42:05.0177 2764 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      22:42:05.0192 2764 SNMPTRAP - ok
      22:42:05.0520 2764 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
      22:42:05.0535 2764 SNP2UVC - ok
      22:42:05.0598 2764 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
      22:42:05.0613 2764 speedfan - ok
      22:42:05.0691 2764 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
      22:42:05.0707 2764 spldr - ok
      22:42:05.0847 2764 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
      22:42:05.0863 2764 Spooler - ok
      22:42:06.0425 2764 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
      22:42:06.0487 2764 sppsvc - ok
      22:42:06.0596 2764 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      22:42:06.0612 2764 sppuinotify - ok
      22:42:06.0721 2764 [ 88E5162E58C8919CC873F5D8946197CF ] sptd C:\Windows\system32\Drivers\sptd.sys
      22:42:06.0737 2764 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88E5162E58C8919CC873F5D8946197CF
      22:42:06.0737 2764 sptd ( LockedFile.Multi.Generic ) - warning
      22:42:06.0737 2764 sptd - detected LockedFile.Multi.Generic (1)
      22:42:06.0846 2764 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
      22:42:06.0861 2764 srv - ok
      22:42:06.0986 2764 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      22:42:07.0002 2764 srv2 - ok
      22:42:07.0080 2764 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      22:42:07.0080 2764 srvnet - ok
      22:42:07.0189 2764 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      22:42:07.0205 2764 SSDPSRV - ok
      22:42:07.0267 2764 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
      22:42:07.0267 2764 SstpSvc - ok
      22:42:07.0329 2764 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
      22:42:07.0329 2764 stexstor - ok
      22:42:07.0485 2764 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
      22:42:07.0501 2764 stisvc - ok
      22:42:07.0548 2764 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
      22:42:07.0548 2764 swenum - ok
      22:42:07.0641 2764 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
      22:42:07.0688 2764 swprv - ok
      22:42:07.0829 2764 Synth3dVsc - ok
      22:42:08.0234 2764 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
      22:42:08.0265 2764 SysMain - ok
      22:42:08.0343 2764 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
      22:42:08.0343 2764 TabletInputService - ok
      22:42:08.0453 2764 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
      22:42:08.0453 2764 TapiSrv - ok
      22:42:08.0515 2764 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
      22:42:08.0531 2764 TBS - ok
      22:42:08.0936 2764 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      22:42:09.0014 2764 Tcpip - ok
      22:42:09.0326 2764 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      22:42:09.0373 2764 TCPIP6 - ok
      22:42:09.0435 2764 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      22:42:09.0451 2764 tcpipreg - ok
      22:42:09.0529 2764 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      22:42:09.0529 2764 TDPIPE - ok
      22:42:09.0576 2764 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      22:42:09.0576 2764 TDTCP - ok
      22:42:09.0623 2764 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      22:42:09.0623 2764 tdx - ok
      22:42:09.0701 2764 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
      22:42:09.0701 2764 TermDD - ok
      22:42:09.0872 2764 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
      22:42:09.0888 2764 TermService - ok
      22:42:09.0935 2764 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
      22:42:09.0950 2764 Themes - ok
      22:42:09.0997 2764 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
      22:42:09.0997 2764 THREADORDER - ok
      22:42:10.0059 2764 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
      22:42:10.0059 2764 TrkWks - ok
      22:42:10.0309 2764 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      22:42:10.0309 2764 TrustedInstaller - ok
      22:42:10.0371 2764 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      22:42:10.0387 2764 tssecsrv - ok
      22:42:10.0434 2764 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
      22:42:10.0434 2764 TsUsbFlt - ok
      22:42:10.0465 2764 tsusbhub - ok
      22:42:10.0746 2764 [ 19F752CB14805929782CB0E6BA6866CB ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
      22:42:10.0777 2764 TuneUp.UtilitiesSvc - ok
      22:42:10.0855 2764 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
      22:42:10.0855 2764 TuneUpUtilitiesDrv - ok
      22:42:10.0933 2764 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      22:42:10.0949 2764 tunnel - ok
      22:42:10.0980 2764 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
      22:42:10.0980 2764 uagp35 - ok
      22:42:11.0073 2764 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      22:42:11.0120 2764 udfs - ok
      22:42:11.0214 2764 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      22:42:11.0214 2764 UI0Detect - ok
      22:42:11.0276 2764 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      22:42:11.0276 2764 uliagpkx - ok
      22:42:11.0339 2764 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
      22:42:11.0354 2764 umbus - ok
      22:42:11.0401 2764 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
      22:42:11.0417 2764 UmPass - ok
      22:42:11.0495 2764 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
      22:42:11.0495 2764 UmRdpService - ok
      22:42:12.0212 2764 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      22:42:12.0353 2764 UNS - ok
      22:42:12.0493 2764 UpdateCenterService - ok
      22:42:12.0602 2764 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
      22:42:12.0649 2764 upnphost - ok
      22:42:12.0743 2764 [ 907F50B8695DAA65A9445D27AD306E65 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
      22:42:12.0743 2764 upperdev - ok
      22:42:12.0852 2764 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
      22:42:12.0852 2764 USBAAPL64 - ok
      22:42:12.0945 2764 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
      22:42:12.0961 2764 usbaudio - ok
      22:42:13.0055 2764 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      22:42:13.0055 2764 usbccgp - ok
      22:42:13.0133 2764 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      22:42:13.0133 2764 usbcir - ok
      22:42:13.0179 2764 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
      22:42:13.0179 2764 usbehci - ok
      22:42:13.0226 2764 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      22:42:13.0242 2764 usbhub - ok
      22:42:13.0335 2764 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
      22:42:13.0335 2764 usbohci - ok
      22:42:13.0445 2764 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      22:42:13.0445 2764 usbprint - ok
      22:42:13.0523 2764 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
      22:42:13.0523 2764 usbscan - ok
      22:42:13.0601 2764 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
      22:42:13.0616 2764 usbser - ok
      22:42:13.0679 2764 [ 3F7498527B48657091C355F683BEB0DD ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
      22:42:13.0679 2764 UsbserFilt - ok
      22:42:13.0772 2764 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      22:42:13.0788 2764 USBSTOR - ok
      22:42:13.0819 2764 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
      22:42:13.0835 2764 usbuhci - ok
      22:42:13.0897 2764 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
      22:42:13.0897 2764 usbvideo - ok
      22:42:13.0944 2764 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
      22:42:13.0959 2764 UxSms - ok
      22:42:14.0022 2764 [ 0BFC218C804C9B4CE4487079829D3D13 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
      22:42:14.0022 2764 UxTuneUp - ok
      22:42:14.0069 2764 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
      22:42:14.0084 2764 VaultSvc - ok
      22:42:14.0147 2764 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
      22:42:14.0162 2764 vdrvroot - ok
      22:42:14.0287 2764 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
      22:42:14.0334 2764 vds - ok
      22:42:14.0474 2764 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      22:42:14.0521 2764 vga - ok
      22:42:14.0599 2764 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
      22:42:14.0599 2764 VgaSave - ok
      22:42:14.0630 2764 VGPU - ok
      22:42:14.0802 2764 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
      22:42:14.0833 2764 vhdmp - ok
      22:42:14.0880 2764 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
      22:42:14.0880 2764 viaide - ok
      22:42:14.0958 2764 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      22:42:14.0958 2764 volmgr - ok
      22:42:15.0051 2764 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      22:42:15.0051 2764 volmgrx - ok
      22:42:15.0161 2764 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      22:42:15.0176 2764 volsnap - ok
      22:42:15.0239 2764 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
      22:42:15.0239 2764 vsmraid - ok
      22:42:15.0317 2764 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
      22:42:15.0363 2764 VSS - ok
      22:42:15.0410 2764 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
      22:42:15.0426 2764 vwifibus - ok
      22:42:15.0457 2764 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
      22:42:15.0457 2764 vwififlt - ok
      22:42:15.0488 2764 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
      22:42:15.0488 2764 vwifimp - ok
      22:42:15.0551 2764 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
      22:42:15.0566 2764 W32Time - ok
      22:42:15.0629 2764 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
      22:42:15.0629 2764 WacomPen - ok
      22:42:15.0675 2764 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      22:42:15.0675 2764 WANARP - ok
      22:42:15.0691 2764 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      22:42:15.0691 2764 Wanarpv6 - ok
      22:42:15.0816 2764 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
      22:42:15.0863 2764 WatAdminSvc - ok
      22:42:16.0003 2764 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
      22:42:16.0081 2764 wbengine - ok
      22:42:16.0143 2764 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      22:42:16.0143 2764 WbioSrvc - ok
      22:42:16.0268 2764 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
      22:42:16.0284 2764 wcncsvc - ok
      22:42:16.0346 2764 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      22:42:16.0346 2764 WcsPlugInService - ok
      22:42:16.0409 2764 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
      22:42:16.0409 2764 Wd - ok
      22:42:16.0471 2764 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      22:42:16.0533 2764 Wdf01000 - ok
      22:42:16.0596 2764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
      22:42:16.0596 2764 WdiServiceHost - ok
      22:42:16.0627 2764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
      22:42:16.0627 2764 WdiSystemHost - ok
      22:42:16.0705 2764 [ FE31110E39A0B11ABAE1BA43A2DC94F9 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
      22:42:16.0705 2764 wdkmd - ok
      22:42:16.0767 2764 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
      22:42:16.0767 2764 WebClient - ok
      22:42:16.0861 2764 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
      22:42:16.0877 2764 Wecsvc - ok
      22:42:16.0923 2764 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      22:42:16.0923 2764 wercplsupport - ok
      22:42:16.0986 2764 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
      22:42:16.0986 2764 WerSvc - ok
      22:42:17.0048 2764 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      22:42:17.0048 2764 WfpLwf - ok
      22:42:17.0376 2764 [ F3C522691316A24328A7B58B0A86028D ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
      22:42:17.0423 2764 WiMAXAppSrv - ok
      22:42:17.0485 2764 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
      22:42:17.0485 2764 WimFltr - ok
      22:42:17.0532 2764 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      22:42:17.0532 2764 WIMMount - ok
      22:42:17.0641 2764 WinHttpAutoProxySvc - ok
      22:42:17.0891 2764 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      22:42:17.0891 2764 Winmgmt - ok
      22:42:17.0984 2764 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
      22:42:18.0000 2764 WinRing0_1_2_0 - ok
      22:42:18.0109 2764 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
      22:42:18.0140 2764 WinRM - ok
      22:42:18.0249 2764 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
      22:42:18.0265 2764 WinUsb - ok
      22:42:18.0390 2764 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
      22:42:18.0405 2764 Wlansvc - ok
      22:42:18.0468 2764 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
      22:42:18.0483 2764 wlcrasvc - ok
      22:42:18.0811 2764 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      22:42:18.0842 2764 wlidsvc - ok
      22:42:18.0905 2764 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      22:42:18.0905 2764 WmiAcpi - ok
      22:42:18.0983 2764 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      22:42:19.0014 2764 wmiApSrv - ok
      22:42:19.0076 2764 WMPNetworkSvc - ok
      22:42:19.0232 2764 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
      22:42:19.0248 2764 WMZuneComm - ok
      22:42:19.0279 2764 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
      22:42:19.0295 2764 WPCSvc - ok
      22:42:19.0326 2764 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      22:42:19.0341 2764 WPDBusEnum - ok
      22:42:19.0404 2764 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      22:42:19.0404 2764 ws2ifsl - ok
      22:42:19.0435 2764 WSearch - ok
      22:42:19.0529 2764 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      22:42:19.0529 2764 WudfPf - ok
      22:42:19.0591 2764 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      22:42:19.0591 2764 WUDFRd - ok
      22:42:19.0669 2764 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      22:42:19.0669 2764 wudfsvc - ok
      22:42:19.0716 2764 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
      22:42:19.0747 2764 WwanSvc - ok
      22:42:19.0841 2764 XPADFL02 - ok
      22:42:19.0887 2764 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
      22:42:19.0903 2764 xusb21 - ok
      22:42:20.0995 2764 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
      22:42:21.0276 2764 ZuneNetworkSvc - ok
      22:42:21.0385 2764 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
      22:42:21.0401 2764 ZuneWlanCfgSvc - ok
      22:42:21.0572 2764 ================ Scan global ===============================
      22:42:21.0619 2764 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
      22:42:21.0666 2764 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
      22:42:21.0697 2764 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
      22:42:21.0759 2764 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
      22:42:21.0806 2764 [ 2F46C1760C531EB2B181F9076E552E8A ] C:\Windows\system32\services.exe
      22:42:21.0822 2764 [Global] - ok
      22:42:21.0822 2764 ================ Scan MBR ==================================
      22:42:21.0837 2764 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
      22:42:25.0519 2764 \Device\Harddisk0\DR0 - ok
      22:42:25.0519 2764 ================ Scan VBR ==================================
      22:42:25.0566 2764 [ 3BAF104A2CAE07531E586B68650FE375 ] \Device\Harddisk0\DR0\Partition1
      22:42:25.0581 2764 \Device\Harddisk0\DR0\Partition1 - ok
      22:42:25.0581 2764 ============================================================
      22:42:25.0581 2764 Scan finished
      22:42:25.0581 2764 ============================================================
      22:42:25.0597 1036 Detected object count: 1
      22:42:25.0597 1036 Actual detected object count: 1
      22:42:33.0085 1036 sptd ( LockedFile.Multi.Generic ) - skipped by user
      22:42:33.0085 1036 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
      22:42:39.0372 2220 Deinitialize success

      Gracias, espero pronta respuesta.

    5. #5
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      re: troyano Sirefef.EZ

      Hola,

      Descarga OTM by Oltimer y lo copias al escritorio
      Dale doble clic en el icono de OTM para poder abrirlo
      Copiar el texto que se encuentra dentro del recuadrado de abajo, y pegar el texto en el marco izquierdo de OTMoveIt llamado "Paste instruccions for items to be moved ".

      Código:
      :files
      C:\Windows\Installer\{cd46d54a-18eb-16f2-d81d-a754e77e5ea6}\
      :commands
      [resethosts]
      [emptytemp]
      [createrestorepoint]
      Presiona sobre el boton Moveit! para empezar el proceso de eliminación, posiblemente se le pida reiniciar la pc tenemos que ponerle a Si! ya que es fundamental para eliminar los archivos .

      Los resultados aparecen despues del reinicio en C: \ _ OTM\MovedFiles\***_***.log (Donde sale "***_***" es la fecha y hora). Tenes que pegarme el informe de OTM en tu próxima respuesta.

      Nota: Es posible que note archivos u carpetas visibles en el escritorio y/o en otro apartado del sistema, esto es normal, al finalizar los procedimientos, todo volverá a la normalidad.
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de hafp90
      Registrado
      abr 2007
      Ubicación
      Mexico
      Mensajes
      8

      re: troyano Sirefef.EZ

      Saludos, realice lo indicado y aqui esta lo que se solicito:

      Informe de OTM

      All processes killed
      ========== FILES ==========
      C:\Windows\Installer\{cd46d54a-18eb-16f2-d81d-a754e77e5ea6}\U folder moved successfully.
      C:\Windows\Installer\{cd46d54a-18eb-16f2-d81d-a754e77e5ea6}\L folder moved successfully.
      C:\Windows\Installer\{cd46d54a-18eb-16f2-d81d-a754e77e5ea6} folder moved successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYTEMP]

      User: All Users

      User: Andres
      ->Temp folder emptied: 46292685 bytes
      ->Temporary Internet Files folder emptied: 1492073 bytes
      ->Java cache emptied: 1327844 bytes
      ->FireFox cache emptied: 93643914 bytes
      ->Google Chrome cache emptied: 111460607 bytes

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Guest
      ->Temp folder emptied: 126490 bytes
      ->Temporary Internet Files folder emptied: 143468773 bytes
      ->Java cache emptied: 0 bytes

      User: Public

      User: UpdatusUser
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 4802656 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 424484 bytes
      %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 65790533 bytes
      %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84659 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 447.00 mb

      Restore point Set: OTM Restore Point

      OTM by OldTimer - Version 3.1.21.0 log created on 04012013_185246

      Files moved on Reboot...
      C:\Users\Andres\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

      Registry entries deleted on Reboot...

      Gracias, estoy al pendiente.

    7. #7
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      re: troyano Sirefef.EZ

      Hola,

      Abri OTM y dale a Cleanup!

      Como va todo ahora?
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.